WO2012051890A1 - Terminal access limit method and system - Google Patents

Terminal access limit method and system Download PDF

Info

Publication number
WO2012051890A1
WO2012051890A1 PCT/CN2011/079758 CN2011079758W WO2012051890A1 WO 2012051890 A1 WO2012051890 A1 WO 2012051890A1 CN 2011079758 W CN2011079758 W CN 2011079758W WO 2012051890 A1 WO2012051890 A1 WO 2012051890A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
access
network
pcrf
information
Prior art date
Application number
PCT/CN2011/079758
Other languages
French (fr)
Chinese (zh)
Inventor
谢宝国
吴瑟
李志军
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2012051890A1 publication Critical patent/WO2012051890A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/02Access restriction performed under specific conditions
    • H04W48/04Access restriction performed under specific conditions based on user or terminal location or mobility data, e.g. moving direction, speed

Definitions

  • the present invention relates to a technology for terminal access restriction, and more particularly to a machine-to-machine (M2M) machine-to-machine (M2M) machine-type communication (MTC) for a mobile device type (User Equipment) Method and system for access restrictions.
  • M2M machine-to-machine
  • M2M machine-to-machine
  • MTC machine-type communication
  • User Equipment User Equipment
  • M2M service providers use existing wireless networks such as General Packet Radio Service (GPRS) networks, and Packet Switching (EPS) networks such as Evolved Packet System (EPS) networks to carry out M2M services.
  • GPRS General Packet Radio Service
  • EPS Packet Switching
  • EPS Evolved Packet System
  • the GPRS network is a second-generation mobile communication network based on data exchange.
  • GPRS evolves into a Universal Mobile Telecommunication System Packet Switch (UMTS PS) domain.
  • UMTS PS Universal Mobile Telecommunication System Packet Switch
  • 1 is a schematic diagram of a GPRS network system architecture in the prior art. As shown in FIG. 1 , it is a network architecture of a UMTS PS.
  • the network architecture includes the following network elements:
  • a Radio Network System which includes a NodeB and a Radio Network Controller (RNC), wherein the NodeB provides an air interface connection for the terminal; the RNC is mainly used to manage radio resources and control the NodeB.
  • the RNC and the NodeB are connected through the Iub port, and the terminal accesses the UMTS packet domain core network through the RNS (Packet Core );
  • SGSN Serving GPRS Support Node
  • Gateway GPRS Support Node which is used to allocate the IP address of the terminal and the gateway function to the external network, and is internally connected to the SGSN through the Gn port;
  • the home location register (HLR) is used to store the user's subscription data and the current SGSN address, and is connected to the SGSN through the Gr port and connected to the GGSN through the Gc port.
  • a packet data network (PDN) is used to provide a packet-based service network for users, and is connected to the GGSN through a Gi port.
  • the Machine Type Communication (MTC) UE needs to establish a bearer in the GPRS network and transmit data information to the MTC Server through the GPRS network.
  • 3GPP is committed to the study of System Architecture Evolution (SAE), which aims to enable EPC (Evolved Packet Core) to provide higher transmission rates. , shorter transmission delays, optimized packet and mobility management between UTRAN (E-UTRAN, Evolved UTRAN), UTRAN, WLAN (Wireless Local Area Network) and other non-3GPP access networks .
  • SAE System Architecture Evolution
  • Evolved Radio Access Network Evolved Radio Access Network
  • eNodeB Evolved NodeB
  • PDN Packet Data Network
  • EPC provides lower latency and allows more access to the wireless access system, including the following network elements:
  • the MME Mobility Management Entity
  • UE User Equipment
  • the security parameter, etc. allocates a temporary identifier to the user, and is responsible for authenticating the user when the UE is camped on the tracking area or the network.
  • the Serving Gateway is a user plane entity responsible for user plane data routing processing and terminating downlink data of UEs in an idle (ECM_IDLE) state. Manage and store the SAE bearer context of the UE, such as IP bearer service parameters and network internal routing information.
  • the SGW is the anchor point of the internal user plane of the 3GPP system. A user can only have one SGW at a time.
  • the packet data network gateway (PGW, PDN Gateway) is the gateway responsible for the UE accessing the PDN, and is responsible for allocating the user IP address. It is also the mobility anchor of the 3GPP and non-3GPP access systems.
  • the function of the PGW also includes policy implementation and charging. stand by. Users can access multiple PGWs at the same time.
  • PCEF Policy and Charging Enforcement Function
  • the Policy and Charging Rules Function is responsible for providing policy control and charging rules to the PCEF.
  • Subscription profile repository SPR, Subscription Profile Repository
  • PCC Policy and Charging Control
  • the Home Subscriber Server (HSS) is responsible for permanently storing user subscription data.
  • the content stored in the HSS includes the UE's International Mobile Subscriber Identification (IMSI) and the IP address of the PGW.
  • IMSI International Mobile Subscriber Identification
  • MTC Server Machine Type Communication Server
  • MTC Server Machine Type Communication Server
  • the machine type communication device is similar to the UE. It is usually responsible for collecting information of several collectors and accessing the core network through a Radio Access Network (RAN) node and interacting with the MTC Server. data.
  • RAN Radio Access Network
  • FIG. 3 is a flow chart of the MTC UE accessing the EPS network and performing network attachment and IP bearer establishment in the prior art. As shown in Figure 3, the following steps are specifically included:
  • Step 301 The UE initiates a network attach request to the eNodeB in order to access the SAE network, where the attach request carries an International Mobile Subscriber Identity (IMSI), a network access capability of the UE, and an access point name (APN, Access Point Name ) and other information.
  • IMSI International Mobile Subscriber Identity
  • APN Access Point Name
  • the eNodeB selects an MME for the UE to serve, and forwards the attach request to the MME;
  • Step 302 The MME sends an authentication data request message (including IMSI) to the HSS, and the HSS finds the subscription data corresponding to the IMSI, and returns an authentication data response message (including an authentication vector) to the MME.
  • IMSI authentication data request message
  • HSS finds the subscription data corresponding to the IMSI
  • an authentication data response message including an authentication vector
  • the MME performs an authentication process to verify the legitimacy of the terminal IMSI and enforces a secure mode flow to enable secure connections.
  • Step 303 The MME sends a location update request message to the HSS of the home network, where the message carries the identifier of the MME and the identifier of the UE, to notify the UE of the currently accessed area.
  • the HSS searches for the subscriber data of the UE according to the identifier of the UE, and sends the data to the MME.
  • the MME receives the user data, checks whether the UE is allowed to access the network, and returns a receiving user response to the HSS. If the MME finds that the UE has the problem of area restriction, roaming restriction or access restriction, the MME will prohibit the UE from attaching and notify the HSS.
  • Step 304 The MME selects a PDN GW according to the APN, selects an SGW for the UE, and then sends a default bearer request to the PDN GW. Ask for news.
  • the request message carries the address information of the SGW/PDN GW, the default bandwidth information, and the like;
  • Step 306 The PDN GW establishes a default bearer according to the policy and charging decision information returned by the PCRF, and returns a bearer setup response to the SGW, and the SGW sends a default bearer setup response to the MME.
  • Step 307 The MME sends an attach response to the eNodeB, indicating that the UE's request to attach to the network has been received.
  • Step 308 The eNodeB sends a radio bearer setup request to the UE, requesting the UE to save important information about the bearer establishment, and open the corresponding port.
  • the message carries the IP address of the UE, the bandwidth information, and the like, and the UE sends a radio bearer setup response to the eNodeB to establish a radio bearer.
  • Step 309 the eNodeB notifies the MME that the attach process is completed.
  • Step 310 The MME sends an update bearer request to the SGW to notify the identifier and address of the eNodeB served by the UE, and the SGW sends an update response to the MME.
  • FIG. 4 is a flow chart of the UE accessing the GPRS network, performing network attachment, and establishing a packet data protocol (PDP) context connection. As shown in FIG. 4, the following steps are specifically included:
  • Step 401 The user initiates an attach request to the SGSN through the RNS for the first time, and the attach request carries parameters such as an attachment type and an IMSI.
  • the RNS routes the request to the SGSN according to its own load condition, using the user's IMSI as the request identifier;
  • Step 402 The SGSN requests the HLR to authenticate the IMSI, and the HLR downloads the authentication authentication parameter according to the IMSI, and the SGSN authenticates and authenticates the UE.
  • Step 403 The SGSN sends a location update request to the HLR, where the location update request carries parameters such as an SGSN number and an address, and an IMSI.
  • the HLR downloads the subscription data corresponding to the IMSI to the SGSN, and the SGSN performs an access control check on the UE to check whether the UE has an area restriction or connection. Enter the limit and then notify the HLR;
  • Step 404 The SGSN allocates a packet-Temporate Mobile Subscriber Identity (P-TMSI) to the UE, and then sends an attach accept message to the UE, where the attach accept message carries the P-TMSI allocated for the UE, and the like.
  • P-TMSI packet-Temporate Mobile Subscriber Identity
  • Step 405 If the MTC UE needs to perform service interaction, firstly, a PDP context connection needs to be established in the network.
  • the MTC UE applies for PDP context activation and creates a GPRS Tunneling Protocol (GTP) bearer.
  • GTP GPRS Tunneling Protocol
  • the UE sends an activation PDP context request to the SGSN, and carries information such as a PDP type, a PDP address, and an APN.
  • Step 406 The SGSN finds the address of the GGSN according to the APN, and creates a GTP tunnel identifier (TEID, Tunnel Endpoint Identifier) for the PDP context, and then sends the PDP context request to the GGSN.
  • TEID GTP tunnel identifier
  • Step 407 The GGSN requests, for the PCRF/SPR, the policy and charging rules and decision information configured by the UE.
  • Step 408 The GGSN establishes a PDP context according to the policy and charging decision information returned by the PCRF, and sends a PDP context establishment success response to the SGSN.
  • Step 409 The SGSN sends a PDP context success activation response to the MTC UE through the RNS, and the radio bearer is established between the MTC UE and the RAN, and the PDP context is successfully established.
  • M2M service is a networked application and service based on intelligent interaction of machine terminals. It uses intelligent machine terminals to transmit information over the wireless network, providing customers with information solutions to meet customer information needs for monitoring, command and dispatch, data acquisition and measurement.
  • the communication object of M2M is machine-to-machine, which can be communication between people and machines, communication between machines and servers, and communication between different intelligent terminals.
  • Different applications of MTC devices have different characteristics, such as elevators and other elevator devices have low mobility, PS only attributes, while monitoring and alarm devices have low mobility and high availability in addition to low mobility, PS only. Therefore, it is necessary to perform different system optimizations for MTC devices of different applications in order to effectively Manage, monitor, and pay for MTC equipment.
  • the M2M terminal has a combination of various characteristics, of which low mobility is an important feature.
  • the M2M terminal has two types of low mobility characteristics, the first type is not moving, and the second type is moving in a certain area. If the terminal subscribes to the low mobility feature, the operator will optimize the network process, such as extending the location update time, paging area, preferential rates, and so on. Therefore, it is necessary to monitor the mobility of the terminal with low mobility, and if its behavior does not satisfy the low mobility characteristics, the necessary restrictions are required.
  • the existing GPRS and LTE networks currently only support corresponding restrictions on specific areas, such as restrictions on roaming areas, and the like, and the ability to limit low mobility areas.
  • the industry is also discussing that low mobility restrictions are enforced by the SGSN/MME, but the drawback is that all network elements need to be optimized, and the initial maintenance costs of the network are high.
  • the operator only optimizes some network elements during network planning. For example, China Mobile plans only to construct the M2M private network for GGSN/PDN GW/HLR/HSS. Therefore, it is necessary to solve the problem of low mobility management using GGSN/PDN GW to meet the requirements. Different needs of operators for network planning. Summary of the invention
  • the main object of the present invention is to provide a method and system for limiting access of a terminal, which can implement access restriction on the location of the terminal of the MTC terminal with low mobility characteristics, and realize effective management of the MTC terminal. .
  • a method for terminal access restriction includes:
  • the method further includes:
  • the subscription information of the location area information that allows the network access is set for the terminal; wherein the subscription information of the location area information that allows the network access is stored in the SPR or configured in the PCRF.
  • the method further includes:
  • the PCRF configures the same or different PCC policies for different location areas where the terminal allows network access.
  • the PCRF notifies the network side when the terminal is not within the allowed location area:
  • the PCRF determines, according to the location information of the terminal, whether the terminal is located in a location area where the terminal is allowed to access the network, based on the SPR-based subscription information or the location area information that the terminal configured by the PCRF allows the network to access.
  • the terminal area restriction indication is added in the PCC policy request response sent to the network side.
  • the method further includes:
  • the network side After receiving the PCC policy request response carrying the indication of the terminal area restriction, the network side deletes the bearer that has been established by the terminal.
  • the network side is a user plane network element.
  • the terminal is an MTC terminal; the method further includes:
  • the user plane network element After receiving the PCC policy request response carrying the indication of the terminal area restriction, the user plane network element notifies the control plane network element; the control plane network element performs detachment on the terminal.
  • the method further includes:
  • the control plane network element is identified as an MTC terminal according to the type indication of the terminal or a dedicated APN, and selects a user plane network element that provides the M2M service for the terminal.
  • the method further includes:
  • a terminal access restriction system includes a receiving unit, a requesting unit, and an access limiting unit, which are disposed on a network side; and a determining unit and a notification unit, which are disposed in the PCRF;
  • a receiving unit configured to receive an access request of the terminal
  • a requesting unit configured to request a PCC policy from the PCRF, where the PCC policy request carries the location information of the terminal;
  • a determining unit configured to determine, according to the location information of the terminal, whether the terminal is within an allowed location area, and trigger a notification unit when the terminal is not within the allowed location area;
  • a notification unit configured to notify the network side
  • An access restriction unit configured to limit access by the terminal.
  • the system further comprises:
  • a setting unit configured to set, for the terminal, the subscription information of the location area information that allows the network access; wherein the subscription information of the location area information that allows the network access is stored in the SPR or configured in the PCRF.
  • the system further comprises:
  • a configuration unit configured in the PCRF, configured to configure the same or different PCC policies for different location areas where the terminal allows network access.
  • the determining unit further determines, according to the location information of the terminal, the SPR-based subscription information or the location area information that the PCRF locally configures the network to allow the network to access, whether the terminal is located in the terminal and allows the network to be connected. And a location area, and when the terminal is not located in the location area where the terminal allows network access, add an indication of the terminal area restriction in the PCC policy request response sent by the PCRF to the network side.
  • the system further comprises:
  • the deleting unit is set on the network side, and is configured to delete the bearer that has been established by the terminal after receiving the PCC policy request response carrying the indication of the terminal area restriction.
  • the network side is a user plane network element.
  • the network side when the network side receives the access request of the MTC terminal, the network side carries the request for the PCC policy to the MTC terminal.
  • the PCRF With the current location information of the MTC terminal, the PCRF further determines whether the MTC terminal is located in a location area that allows network access in the SPR or the local. When the MTC terminal is currently located in a location area that does not allow network access, the corresponding information is sent to the network side.
  • the network side rejects the access of the MTC terminal, and deletes the established bearer, and performs access restriction on the terminal; and when the MTC terminal is in the location area that is allowed to access, the corresponding PCC policy is formulated for the MTC terminal. And performing network access to the MTC terminal according to the PCC policy.
  • different PCC policies may be set according to the location area where the MTC terminal is located, and determining the location area where the MTC terminal is located is a location allowing network access. In the area, the corresponding PCC policy is further determined according to the specific location area where the MTC terminal is currently located. And realize the access control of the MTC terminal.
  • the invention implements access restriction management on the low mobility terminal by the user plane network element, avoids the problem of mobility management and charging confusion caused by abnormal mobility of the terminal with low mobility characteristics, and can report the location information of the terminal to the terminal in time.
  • the MTC Server processes the terminal movement exception events in time by the MTC Server.
  • FIG. 1 is a schematic diagram of a GPRS network system architecture in the prior art
  • FIG. 2 is a schematic diagram of an EPS network system architecture in the prior art
  • FIG. 3 is a flow chart of performing MCE UE access to an EPS network and performing network attachment and IP bearer establishment in the prior art
  • FIG. 4 is a flow chart of a UE accessing a GPRS network, performing network attachment, and establishing a PDP context connection;
  • FIG. 5 is a flowchart of attaching an MTC UE with low mobility characteristics to an EPS network in the present invention
  • FIG. 6 is a location update of an MTC UE with low mobility characteristics in the present invention in an EPS network.
  • FIG. 7 is a flow chart of the MTC UE with low mobility characteristics attached to the GPRS network in the present invention
  • FIG. 8 is a flow chart of the location update of the MTC UE with low mobility characteristics in the present invention to the GPRS network
  • FIG. 9 is a schematic diagram of a first component structure of a system for limiting access of a terminal according to the present invention.
  • FIG. 10 is a schematic diagram of a second component structure of a system for limiting access of a terminal according to the present invention.
  • FIG. 11 is a schematic diagram of a third component structure of a system for limiting access of a terminal according to the present invention.
  • FIG. 12 is a schematic diagram of a fourth component structure of a system for terminal access restriction according to the present invention.
  • the basic idea of the present invention is that, by setting the subscription information of the location area information allowing the network access in the SPR or the PCRF, after the network side receives the access request of the MTC terminal, the PCC performs the PCC for the MTC terminal to the PCRF.
  • the request of the policy carries the current location information of the MTC terminal, and the PCRF further determines whether the MTC terminal is located in a location area that allows network access in the SPR or the local.
  • the corresponding indication is sent to the network side, and the network side rejects the access of the MTC terminal, and deletes the established bearer, and performs access restriction on the terminal; and when the MTC terminal is in the location area that is allowed to access, it is MTC.
  • the terminal develops a corresponding PCC policy, and performs network access to the MTC terminal according to the PCC policy.
  • different PCC policies may be set according to the location area where the MTC terminal is located, and when determining the location area where the MTC terminal is located, When the location area of the network access is allowed, further according to the specific bit currently located by the MTC terminal PCC policy develop appropriate region, and enable access to the control of the MTC terminal can be realized.
  • the present invention needs to solve the problem that the mobile communication network performs access restriction on a low mobility characteristic terminal such as an MTC terminal when the non-allowed mobile area is accessed.
  • the invention utilizes the user plane network element to perform access restriction when the M2M terminal moves to the non-permitted mobile area.
  • the MTC UE requests When the bearer is set up or the location is updated, the location information of the terminal needs to be carried, and the control plane network element carries the location information of the terminal in the message that the user plane is notified to the bearer to create or modify the bearer.
  • the user plane network element applies the location information of the terminal as one of the input parameters to apply for a PCC policy to the PCRF.
  • the PCRF compares the location area restriction parameter signed by the terminal downloaded from the SPR, or the terminal location area restriction parameter statically configured in the PCRF, and compares with the location area information where the terminal is located, if the terminal is in the allowed location area
  • the PCRF downloads the PCC policy corresponding to the location area to the user plane network element, allowing the establishment or modification of the bearer, and the user plane network element does not restrict access of the terminal; if the terminal is not in the allowed location area, The location area of the allowed mobile has been removed, and the PCRF rejects the PCC policy request and carries the reason value of the "location area limited" to notify the user of the network element that the terminal location area is restricted.
  • the user plane network element rejects the establishment or modification of the bearer to the area-restricted terminal, and deletes the established bearer, and restricts the terminal from accessing the network.
  • the control plane network element needs to identify that the terminal is an M2M terminal, and the identification method may be based on an M2M terminal type indication in the message or an M2M-specific APN, and then the M2M terminal.
  • the user plane network element Initiating a bearer setup or modification request to the user plane network element with the M2M support capability, the user plane network element identifying that it is an M2M terminal, and carrying the location information of the terminal in the policy request, when receiving the policy request rejection message of the PCRF
  • the user plane network element needs to identify the cause value of the "area restriction" in the PCRF policy request response message, return the cause value to the control plane network element and the terminal, and then initiate release of all bearers related to the terminal, and limit the terminal to the network. Access in.
  • the location information of the terminal may be cell identity information of a cell currently accessed by the terminal, such as a physical cell identity (PCI, Physical Cell Identity) or a cell global identity (CGI, Cell Global Identity), or a terminal access cell.
  • PCI physical cell identity
  • CGI cell global identity
  • the provided location information can be identified by the PCRF, or as long as it is stored in the SPR or PCRF to allow network access.
  • the domain is consistent, that is, as long as the location information of the terminal can be matched by the PCRF.
  • the terminal When the terminal is attached to the EPS network for the first time, it carries the location information of the terminal, and the MME (Control Plane Network Element) selects the PDN GW (User Area Network Element) serving the M2M, and initiates a default bearer request to the PDN GW.
  • the PDN GW initiates a policy request to the PCRF, and the corresponding policy request message carries the location information of the terminal.
  • the PCRF can learn the low mobility characteristics of the subscription from the SPR, and download the allowed access area information of the terminal corresponding to the differentiated PCC of different areas.
  • FIG. 5 is a flow chart of the MTC UE with low mobility characteristics attached to the EPS network in the present invention. As shown in Figure 5, the attachment of the MTC UE with low mobility characteristics to the EPS network in this example includes the following steps:
  • step 501 the operator signs the information related to the characteristics of the M2M terminal in the SPR database, and the SPR can sign the low mobility characteristic of the terminal, and can simultaneously sign the location area information that the terminal is allowed to access, and the differentiated PCC policy corresponding to the different area information. Parameter information.
  • the parameter information such as the location area information that the terminal is allowed to access and the differentiated PCC policy corresponding to the different area information can also be statically configured locally in the PCRF.
  • Step 502 The UE accesses the SAE network, and initiates a network attach request to the eNodeB.
  • the corresponding attach request message carries information such as the IMSI, the network access capability of the UE, and the APN. If the terminal has the M2M enhanced capability, the UE may also carry the M2M. Terminal type indication parameters.
  • the eNodeB selects an MME for the UE to serve and forwards the attach request to the MME.
  • Step 503 The MME is instructed according to the M2M terminal type of the terminal, or carried by the terminal.
  • the APN is an APN dedicated to the M2M to identify that it is an M2M terminal, selects a PGW serving the M2M terminal for the terminal, and selects an SGW to send a default bearer request to the SGW/PGW, and the corresponding default bearer request message carries the SGW.
  • Step 504 After receiving the bearer request, the PDN GW requests the PCRF/SPR to request the policy and charging rules and decision information of the UE, and carries the parameters such as the IMSI and the location information of the terminal.
  • Step 505 The PCRF requests the subscription data from the SPR according to the IMSI and the location information of the terminal, and the SPR downloads the low mobility characteristic subscription, the allowed location area information, and the differentiated PCC policy corresponding to the different area information to the PCRF, where the allowed location
  • the differentiated PCC policy in which the area information corresponds to different area information can be contracted in the SPR or statically configured in the PCRF, and one of the modes is determined according to the operator policy.
  • the PCRF can report the location information of the terminal to the MTC server in time according to the carrier's policy.
  • Step 506 The PCRF compares the location information of the terminal with the "permitted location area information" to determine whether the location area where the terminal is currently located is restricted. That is, it is determined whether the current location of the terminal is in the "allowed location area", and if not, it is located in the restricted area.
  • Step 507 The PCRF finds that the location of the terminal is not in the allowed location area, rejects the PDN GW policy request, and carries the "terminal area limited" cause value in the reject message.
  • Step 508 The PDN GW, according to the reject message returned by the PCRF, determines that the terminal area is restricted, and returns a bearer setup reject response to the SGW, and carries a cause value of the "terminal area limited", and the SGW returns a bearer setup reject message to the MME.
  • Step 509 After receiving the default bearer setup reject message, the MME sends an attach to the eNodeB. Rejecting the response, rejecting the UE attaching to the network, the reject message carries the "terminal area limited" cause value, and the UE is restricted from accessing the network.
  • FIG. 6 is a flowchart of a location update to an EPS network by an MTC UE with low mobility in the present invention.
  • the location update of the MTC UE with low mobility characteristics in the present example includes the following steps:
  • Steps 601 to 605 are the same as steps 501 to 505, respectively.
  • Step 606 The PCRF compares the location information of the terminal with the "permitted location area information" to determine whether the location area where the terminal is currently located is restricted.
  • Step 607 The PCRF finds that the location of the terminal is in the allowed location area, and the location area is not limited, and returns a policy request response message of the PDN GW to the PDN GW, and carries the differentiated PCC matching the location in the response message. Strategy.
  • Step 608 The PDN GW establishes a default bearer according to the policy and charging decision information returned by the PCRF, and returns a bearer setup response message to the SGW, and the SGW sends a response message of the default bearer setup to the MME.
  • Step 609 The MME sends an attach response message to the eNodeB, indicating that the UE's request to attach to the network has been received.
  • the radio bearer setup request message carries the IP address, bandwidth information, and the like of the UE, and the UE sends a radio bearer setup response message to the eNodeB to establish a radio bearer.
  • Step 611 The eNodeB notifies the MME that the attach process is complete, and the MME notifies the SGW of the update of the ingress address, and the MTC UE successfully attaches to the network.
  • Step 612 When the MTC UE moves, the location area changes, and the MTC UE needs to initiate a location update request to the MME, where the corresponding location update request message carries the location information, the APN, the terminal identifier, and the like.
  • Step 613 The MME determines to be a location update request initiated by the M2M terminal according to the M2M terminal type or the M2M-specific APN, and initiates a bearer modification request to the SGW, where the corresponding bearer modification request message carries parameters such as the terminal identifier, the APN, and the location information. .
  • the SGW initiates a bearer modification request to the PDN GW.
  • Step 614 After receiving the bearer modification request message, the PDN GW requests the PCRF/SPR to update the configured policy and charging rule, the decision information, and the parameters such as the IMSI and the location information of the carrying terminal.
  • Step 615 The PCRF requests the subscription data from the SPR according to the IMSI and the location information of the terminal, and the SPR downloads the allowed location area information and the differentiated PCC policy corresponding to the different area information to the PCRF, "allowed location area information, corresponding different area information.
  • the differentiated PCC policy can be contracted in the SPR or statically configured in the PCRF, and one of the methods is determined according to the operator's strategy.
  • the PCRF can report the updated location information of the terminal to the MTC server in time according to the carrier policy.
  • Step 616 the PCRF is based on the location information of the terminal and the "allowed location area information" For comparison, it is determined whether the location area where the terminal is currently located is limited.
  • Step 617 The PCRF finds that the location of the terminal is not in the allowed location area, rejects the PDN GW policy update request, and carries the "terminal area limited" cause value in the reject message.
  • Step 618 The PDN GW returns a bearer modification reject response message to the SGW according to the reject message returned by the PCRF, and returns a bearer modification reject response message to the SGW, and carries a "terminal area limited" cause value, and the SGW returns a bearer modification reject message to the MME. .
  • Step 619 After receiving the bearer modification establishment rejection message, if the MME does not have the M2M support capability, the MME rejects the location update request of the terminal. If the MME supports the M2M capability, it will identify that the terminal area is restricted, and the process such as Detach of the terminal may be initiated to attach the terminal.
  • Step 620 After determining that the terminal area is restricted, the PDN GW actively performs an access restriction on the MTC UE, and initiates a PDN connection deletion process. The PDN GW initiates a PDN connection deletion request, and the corresponding PDN connection deletion request message is sent to the MME via the SGW.
  • step 621a the MME performs PDN connection deletion. If the last default bearer is deleted, Detach is initiated according to the prior art.
  • Step 621b corresponding to the PDN connection deleted by the core network, and deleting the radio bearer configuration corresponding to the core network bearer on the wireless network side;
  • Step 622 After the PDN connection is successfully deleted, the MME returns a PDN connection deletion response message to the SGW/PGW.
  • the MTC UE is restricted by the PDN GW for access restrictions.
  • the terminal is considered to be an MTC UE.
  • the SGSN selects the GGSN serving the M2M for it and initiates a PDP context request to the GGSN.
  • the GGSN initiates a policy request to the PCRF, and the corresponding policy request message carries the location information of the terminal.
  • the PCRF can learn the low mobility characteristics of the subscription from the SPR, and download the allowed access area information of the terminal corresponding to the differentiated PCC policy of different areas (also can be statically configured in the PCRF), and the PCRF finds that its location is outside the allowable location area. Rejecting the policy request and carrying the area-restricted cause value.
  • FIG. 7 is a flowchart of attaching a low mobility characteristic MTC UE to a GPRS network according to the present invention. As shown in FIG. 7, the MTC UE with low mobility characteristics attached to the GPRS network in this example specifically includes the following steps:
  • Step 701 The operator signs the information related to the M2M terminal characteristics in the SPR database, and the SPR can sign the low mobility characteristic of the terminal, and can simultaneously sign the location area information that the terminal is allowed to access, and the differentiated PCC policy corresponding to the different area information. Parameter information.
  • the parameter information such as the location area information that the terminal is allowed to access and the differentiated PCC policy corresponding to the different area information can also be statically configured locally in the PCRF.
  • Step 702 The user initiates an attach request to the SGSN through the RNS, and the corresponding attach request message carries parameters such as an attachment type and an IMSI. Based on its load, the RNS routes the message to the SGSN with the user's IMSI as the request identifier.
  • Step 703 The SGSN authenticates the MTC UE, and then the SGSN sends a location update request to the HLR, carrying the SGSN number and address, IMSI and other parameters.
  • the HLR downloads the subscription data corresponding to the IMSI to the SGSN, and the SGSN performs an access control check on the UE, checks whether the UE has an area restriction or an access restriction, and then notifies the HLR.
  • Step 704 The SGSN allocates a packet-Temporate Mobile Subscriber Identity (P-TMSI) to the UE, and then sends an attach accept message to the UE, where the attach accept message carries the P-TMSI allocated to the UE. information.
  • Step 705 If the MTC UE needs to perform service interaction, firstly, a PDP context connection needs to be established in the network. The MTC UE applies for PDP context activation to create a GTP bearer. The UE sends an activation PDP context request to the SGSN, and carries parameters such as a PDP type, a PDP address, an APN, and location information. If the terminal has the M2M enhanced capability, the M2M terminal type indication parameter may also be carried in the message.
  • P-TMSI Packet Transfer Protocol
  • Step 706 The SGSN is configured according to the M2M terminal type indication of the terminal, or the APN carried by the terminal is an M2M-specific APN to identify that it is an M2M terminal, select a GGSN serving as the M2M terminal for the terminal, and create a GTP tunnel for the PDP context.
  • the TEID (Tunnel Endpoint Identifier) is sent to the GGSN, and the PDP Context Request message carries the SGSN address, location information and other parameters.
  • Step 707 After receiving the PDP context creation request, the GGSN requests the PCRF/SPR to request the policy and the charging rule and the decision information, and the message carries the terminal identifier, the location information, and the like.
  • Step 708 The PCRF requests the subscription data from the SPR according to the IMSI and the location information of the terminal, and the SPR downloads the low mobility feature subscription, the allowed location area information, and the differentiated PCC policy corresponding to the different area information to the PCRF, where the allowed location area is
  • the information and the differentiated PCC policy corresponding to different area information can be contracted in the SPR or statically configured in the PCRF, and one of the modes is determined according to the operator's policy.
  • the PCRF can report the location information of the terminal to the MTC server in time according to the carrier's policy.
  • Step 709 The PCRF compares the location information of the terminal with the "permitted location area information" to determine whether the location area where the terminal is currently located is restricted.
  • Step 710 The GGSN determines that the terminal area is restricted according to the reject message returned by the PCRF, and returns a PDP context creation rejection response message to the SGSN, and carries a "terminal area limited” cause value.
  • Step 711 After receiving the PDP context establishment reject message, the SGSN sends a PDP context activation reject response message to the RNS, and refuses to establish a PDP context carrying channel for the UE on the network side, and the reject response message carries a "terminal area limited" cause value. The UE is restricted from accessing the network.
  • the location of the terminal needs to be initiated, and the location update request is required to carry the location information of the terminal.
  • the SGSN notifies the GGSN of the location information updated by the terminal through the PDP context modification request.
  • the GGSN initiates a policy request to the PCRF, and carries the location information updated by the terminal.
  • the PCRF finds that its location is outside the allowed location area, the PCRF rejects the policy request and carries the area-restricted cause value.
  • the GGSN receives the policy request rejection message. Delete all PDP context connections of the terminal and restrict access of the terminal to the network.
  • the MTC UE of the present low mobility feature performs the location update to the GPRS network, and specifically includes the following steps:
  • Step 801 When the MTC UE moves, the location area changes, and the MTC UE needs to initiate a location update request to the SGSN, where the corresponding location update request message carries the location information, APN, terminal identifier and other parameters of the area where the terminal is located, if the terminal With the M2M enhancement capability, the M2M terminal type indication parameter can also be carried in the message.
  • Step 802 The SGSN, according to the M2M terminal type or the M2M-dedicated APN, determines that the location update request is initiated by the M2M terminal, and initiates a PDP context modification request to the GGSN, where the corresponding PDP context modification request message carries the terminal identifier, the APN, and the location information. And other parameters.
  • Step 803 After receiving the PDP context modification request, the GGSN requests the PCRF/SPR to update the configured policy and charging rule, the decision information, and the parameters such as the IMSI and the location information of the terminal.
  • the PCRF requests the subscription data from the SPR according to the IMSI and the location information of the terminal, and the SPR downloads the allowed location area information and the differentiated PCC policy corresponding to the different area information to the PCRF, "allowed location area information, corresponding different area information.
  • the differentiated PCC policy can be contracted in the SPR or statically configured in the PCRF, and one of the methods is adopted according to the operator's policy.
  • the PCRF can report the updated location information of the terminal to the MTC server in time according to the carrier policy.
  • Step 805 The PCRF compares the location information of the terminal with the "permitted location area information" to determine whether the location area where the terminal is currently located is restricted.
  • Step 806 The PCRF finds that the location of the terminal is in the allowed location area, and the location area is not limited, and returns a policy request response message to the GGSN, and carries a differentiated PCC policy matching the location in the policy request response message.
  • Step 807 The GGSN modifies the PDP context bearer according to the policy and charging decision information returned by the PCRF, and returns a PDP context modification response message to the SGSN, and the SGSN performs a subsequent location update process.
  • Step 808 The PCRF compares the location information of the terminal with the "permitted location area information", and determines that the terminal area of the location area where the terminal is currently located is restricted.
  • Step 809 The PCRF finds that the location of the terminal is not in the allowed location area, rejects the GGSN policy update request, and carries the "terminal area limited" cause value in the sent reject message.
  • Step 810 The GGSN, according to the reject message returned by the PCRF, determines that the terminal area is restricted, and returns a PDP context modification reject response message to the SGSN, and carries a "terminal area limited" cause value.
  • Step 811 After the SGSN receives the PDP context modification reject message, if the SGSN does not have The M2M supports the capability, and the SGSN rejects the location update request of the terminal. If the SGSN supports the M2M capability, it will recognize that the terminal area is restricted, and can initiate the terminal's Detach process to attach the terminal.
  • Step 812 After determining that the terminal area is restricted, the GGSN actively performs access restriction on the MTC UE, and initiates a PDP context connection deletion process. The GGSN initiates a PDP context deletion request to the SGSN to apply for deleting the PDP context connection of the terminal.
  • Step 813 The SGSN performs a PDP context connection deletion, and deletes all PDP context connections.
  • the SGSN initiates a PDP context deactivation process to the MTC UE through the RNS, and deletes the radio related PDP context resource configuration.
  • Step 814 After the PDP context connection is successfully deleted, the SGSN returns a PDP context connection deletion response to the GGSN.
  • the MTC UE is restricted by the GGSN for access restrictions due to regional restrictions.
  • FIG. 9 is a schematic diagram of a first component structure of a system for access restriction of a terminal according to the present invention.
  • the system for access restriction of the terminal includes a receiving unit 90, a requesting unit 91, and an access limiting unit. 92; and a determining unit 93 and a notification unit 94 provided in the PCRF; wherein
  • the receiving unit 90 is configured to receive an access request of the terminal.
  • the requesting unit 91 is configured to request a PCC policy from the PCRF, where the PCC policy request carries the location information of the terminal;
  • a determining unit 93 configured to determine, according to location information of the terminal, whether the terminal is within an allowed location area, and trigger a notification unit when the terminal is not within the allowed location area;
  • a notification unit 94 configured to notify the network side
  • the access restriction unit 92 is configured to limit access by the terminal.
  • FIG. 10 is a schematic diagram of a second component structure of a terminal access restriction system according to the present invention. As shown in FIG. 10, based on the terminal access restriction system shown in FIG. 9, the terminal access restriction of the example terminal is The system also includes:
  • the setting unit 95 is configured to set, for the terminal, the subscription information of the location area information that allows the network to access.
  • the subscription information of the location area information that allows the network access is stored in the SPR or configured in the PCRF.
  • FIG. 11 is a schematic diagram of a third component structure of a terminal access restriction system according to the present invention. As shown in FIG. 11, on the basis of the terminal access restriction system shown in FIG.
  • the configuration unit 96 is configured to be configured in the PCRF to configure the same or different PCC policies for different location areas where the terminal allows network access.
  • the determining unit 93 further determines, according to the location information of the terminal, whether the terminal is located at a location where the terminal allows network access, based on the subscription information of the SPR or the location area information that the terminal configured by the PCRF allows the network to access. The area, and when the terminal is not located in the location area where the terminal allows network access, add an indication of the terminal area restriction in the PCC policy request response sent by the PCRF to the network side.
  • FIG. 12 is a schematic diagram of a fourth component structure of a terminal access restriction system according to the present invention. As shown in FIG. 12, based on the terminal access restriction system shown in FIG.
  • the deleting unit 97 is disposed on the network side, and is configured to delete the bearer that has been established by the terminal after receiving the PCC policy request response that carries the indication of the terminal area restriction.
  • the network side is the user plane network element.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A terminal access limit method is disclosed in the present invention, which includes the following steps: when the network side requests a Policy and Charging Control (PCC) policy from a Policy and Charging Rules Function (PCRF) after receiving an access request from a terminal, location information of said terminal is carried; said PCRF determines whether said terminal is in a permitted location area according to the location information of said terminal, and notifies said network side when said terminal is not in the permitted location area, then said network side limits said terminal access. A terminal access limit system for implementing said method is also disclosed in the present invention. In the present invention, through access limit management for low mobility terminals by a user plane network element, the problem of disordered mobility management and charging brought by the abnormal move of low mobility terminals is avoided, and the location information of the terminal can be reported to a Machine Type Communication (MTC) Server in time, and abnormal events of the terminal move are processed by the MTC Server in time.

Description

终端接入限制的方法及*** 技术领域  Method and system for terminal access restriction
本发明涉及终端接入限制的技术, 尤其涉及一种机器到机器 (M2M, Machine to Machine ) 间的通信业务中针对低移动特性的机器类型通信 ( MTC, Machine Type Communication )终端 ( User Equipment ) 的接入限 制的方法及***。 背景技术  The present invention relates to a technology for terminal access restriction, and more particularly to a machine-to-machine (M2M) machine-to-machine (M2M) machine-type communication (MTC) for a mobile device type (User Equipment) Method and system for access restrictions. Background technique
近年来, M2M间的通信业务主要应用于物流***、 远程抄表、 智能家 居等场合。 M2M服务商使用现有的无线网络如通用分组无线业务(GPRS, General Packet Radio service ) 网络、 演进分组***(EPS, Evolved Packet System ) 网络等分组交换(PS, Packet Switching )网络开展 M2M业务。 因 为 M2M业务与人与人 ( H2H, Human to Human )之间的通信业务有着明显 的差异性, 因此需要对现有的网络进行必要的优化, 以获得最佳的网络管 理与网络通信质量。  In recent years, communication services between M2M have been mainly used in logistics systems, remote meter reading, and smart homes. M2M service providers use existing wireless networks such as General Packet Radio Service (GPRS) networks, and Packet Switching (EPS) networks such as Evolved Packet System (EPS) networks to carry out M2M services. Because the communication services between M2M business and human to human (H2H, Human to Human) are obviously different, it is necessary to optimize the existing network to obtain the best network management and network communication quality.
GPRS 网络是基于数据交换的第二代移动通信网络, 到了第三代移动 通信***, GPRS 演进为通用移动通信***分组交换(UMTS PS, Universal Mobile Telecommunication system Packet Switch )域。 图 1是现有技术中 GPRS网络***架构示意图, 如图 1 所示, 为 UMTS PS 的网络架构, 该网 络架构中包含如下网元:  The GPRS network is a second-generation mobile communication network based on data exchange. To the third generation mobile communication system, GPRS evolves into a Universal Mobile Telecommunication System Packet Switch (UMTS PS) domain. 1 is a schematic diagram of a GPRS network system architecture in the prior art. As shown in FIG. 1 , it is a network architecture of a UMTS PS. The network architecture includes the following network elements:
无线网络***( RNS , Radio Network system ) , 其包含 NodeB与无线 网络控制器(RNC, Radio Network Controller ), 其中, NodeB为终端提供 空口连接; RNC主要用于管理无线资源以及控制 NodeB。 RNC与 NodeB之 间通过 Iub 口连接, 终端通过 RNS接入 UMTS 的分组域核心网 (Packet Core ); A Radio Network System (RNS), which includes a NodeB and a Radio Network Controller (RNC), wherein the NodeB provides an air interface connection for the terminal; the RNC is mainly used to manage radio resources and control the NodeB. The RNC and the NodeB are connected through the Iub port, and the terminal accesses the UMTS packet domain core network through the RNS (Packet Core );
服务 GPRS 支持节点(SGSN, Serving GPRS Support Node ), 用于保 存用户的路由区位置信息, 负责安全和接入控制; SGSN通过 Iu 口与 RNS 相连;  Serving GPRS Support Node (SGSN), used to store the location information of the user's routing area, responsible for security and access control; SGSN is connected to the RNS through the Iu port;
网关 GPRS 支持节点 (GGSN, Gateway GPRS Support Node ), 用于 负责分配终端的 IP地址和到外部网络的网关功能, 在内部通过 Gn 口与 SGSN相连;  Gateway GPRS Support Node (GGSN), which is used to allocate the IP address of the terminal and the gateway function to the external network, and is internally connected to the SGSN through the Gn port;
归属位置寄存器( HLR, Home Location Register ), 用于保存用户的签 约数据和当前所在的 SGSN地址,通过 Gr口与 SGSN相连,通过 Gc口与 GGSN相连;  The home location register (HLR) is used to store the user's subscription data and the current SGSN address, and is connected to the SGSN through the Gr port and connected to the GGSN through the Gc port.
分组数据网络(PDN, Packet Data Network )用于为用户提供基于分 组的业务网, 通过 Gi口与 GGSN相连。  A packet data network (PDN) is used to provide a packet-based service network for users, and is connected to the GGSN through a Gi port.
在图 1 中, 机器类型通信(MTC, Machine Type Communication ) UE 需要在 GPRS网络建立承载,通过 GPRS网络向 MTC Server传输数据信息。  In Figure 1, the Machine Type Communication (MTC) UE needs to establish a bearer in the GPRS network and transmit data information to the MTC Server through the GPRS network.
随着无线宽带技术的发展, 业务层对传输层的带宽、 时延等性能要求 越来越高。 为提高其网络性能, 降低网络建设及运营成本, 3GPP致力于系 统架构演进(SAE, System Architecture Evolution ) 的研究, 目的是使得演 进的分组网 (EPC, Evolved Packet Core )可提供更高的传输速率、 更短的 传输延时、优化分组及支持演进的 UTRAN ( E-UTRAN, Evolved UTRAN )、 UTRAN,无线局域网( WLAN, Wireless Local Area Network )及其他非 3GPP 的接入网络之间的移动性管理。  With the development of wireless broadband technology, the performance requirements of the service layer for the bandwidth and delay of the transport layer are getting higher and higher. In order to improve its network performance and reduce network construction and operation costs, 3GPP is committed to the study of System Architecture Evolution (SAE), which aims to enable EPC (Evolved Packet Core) to provide higher transmission rates. , shorter transmission delays, optimized packet and mobility management between UTRAN (E-UTRAN, Evolved UTRAN), UTRAN, WLAN (Wireless Local Area Network) and other non-3GPP access networks .
图 2是现有技术中 EPS网络***架构示意图, 目前 SAE的架构如图 2 所示, 其中, 演进的无线接入网 (E-RAN, Evolved Radio Access Network ) 中包含的网元是演进节点 B ( eNodeB, Evolved NodeB ), 用于为用户的接 入提供无线资源; 分组数据网 (PDN, Packet Data Network )是为用户提供 业务的网络; EPC提供了更低的延迟, 并允许更多的无线接入***接入, 其包括如下网元: 2 is a schematic diagram of an architecture of an EPS network system in the prior art. The architecture of the SAE is as shown in FIG. 2, where the network element included in the Evolved Radio Access Network (E-RAN) is an evolved Node B. (eNodeB, Evolved NodeB), used to provide wireless resources for user access; Packet Data Network (PDN) is provided for users The network of services; EPC provides lower latency and allows more access to the wireless access system, including the following network elements:
移动管理实体( MME , Mobility Management Entity ) , 是控制面功能实 体, 是临时存储用户数据的服务器, 负责管理和存储用户设备(UE, User Equipment )的上下文(比如用户标识、移动性管理状态、用户安全参数等), 为用户分配临时标识, 当 UE驻扎在该跟踪区域或者该网络时, 负责对该用 户进行鉴权。  The MME (Mobility Management Entity) is a control plane function entity. It is a server that temporarily stores user data. It is responsible for managing and storing the context of user equipment (UE, User Equipment) (such as user ID, mobility management status, and user). The security parameter, etc., allocates a temporary identifier to the user, and is responsible for authenticating the user when the UE is camped on the tracking area or the network.
服务网关(SGW, Serving Gateway ), 是用户面实体, 负责用户面数据 路由处理, 终结处于空闲(ECM— IDLE )状态的 UE的下行数据。 管理和存 储 UE的 SAE承载( bearer )上下文, 比如 IP承载业务参数和网络内部路 由信息等。 SGW是 3GPP***内部用户面的锚点, 一个用户在一个时刻只 能有一个 SGW。  The Serving Gateway (SGW) is a user plane entity responsible for user plane data routing processing and terminating downlink data of UEs in an idle (ECM_IDLE) state. Manage and store the SAE bearer context of the UE, such as IP bearer service parameters and network internal routing information. The SGW is the anchor point of the internal user plane of the 3GPP system. A user can only have one SGW at a time.
分组数据网网关( PGW, PDN Gateway ),是负责 UE接入 PDN的网关, 负责分配用户 IP地址,也是 3GPP和非 3GPP接入***的移动性锚点, PGW 的功能还包括策略实施、 计费支持。 用户在同一时刻能够接入多个 PGW。 策略与计费实施功能实体( PCEF , Policy and Charging Enforcement Function ) 也位于 PGW中。  The packet data network gateway (PGW, PDN Gateway) is the gateway responsible for the UE accessing the PDN, and is responsible for allocating the user IP address. It is also the mobility anchor of the 3GPP and non-3GPP access systems. The function of the PGW also includes policy implementation and charging. stand by. Users can access multiple PGWs at the same time. The Policy and Charging Enforcement Function (PCEF) is also located in the PGW.
策略与计费规则功能实体( PCRF , Policy and Charging Rules Function ), 负责向 PCEF提供策略控制与计费规则。用户签约数据库( SPR, Subscription Profile Repository )用于管理签约的策略和策略与计费控制( PCC, Policy and Charging Control )规贝1 J; The Policy and Charging Rules Function (PCRF) is responsible for providing policy control and charging rules to the PCEF. Subscription profile repository (SPR, Subscription Profile Repository) for managing subscription policies and policy and charging control (PCC, Policy and Charging Control) Regulation beta 1 J;
归属用户服务器(HSS, Home Subscriber Server ), 负责永久存储用户 签约数据, HSS 存储的内容包括 UE 的国际移动用户识别码 (IMSI , International Mobile Subscriber Identification )、 PGW的 IP地址。  The Home Subscriber Server (HSS) is responsible for permanently storing user subscription data. The content stored in the HSS includes the UE's International Mobile Subscriber Identification (IMSI) and the IP address of the PGW.
SGW和 PGW可合设, SGW和 PGW都是 EPC***用户面网元。 机器类通信月良务器( MTC Server, Machine Type Communication Server ), 主要负责对 MTC设备的信息采集和数据存储 /处理等工作, 并可对 MTC设 备进行必要的管理。 The SGW and the PGW can be combined, and both the SGW and the PGW are user plane network elements of the EPC system. MTC Server (Machine Type Communication Server) is mainly responsible for information collection and data storage/processing of MTC equipment, and necessary management of MTC equipment.
机器类通信设备 ( MTC UE, Machine Type Communication Device ), 与 UE类似,通常负责收集若干采集器的信息并通过无线接入网(RAN, Radio Access Network )节点接入核心网, 并与 MTC Server交互数据。  The machine type communication device (MTC) is similar to the UE. It is usually responsible for collecting information of several collectors and accessing the core network through a Radio Access Network (RAN) node and interacting with the MTC Server. data.
图 3是现有技术中 MTC UE接入到 EPS网络, 执行网络附着、 IP承载 建立的流程图, 如图 3所示, 具体包括以下步驟:  Figure 3 is a flow chart of the MTC UE accessing the EPS network and performing network attachment and IP bearer establishment in the prior art. As shown in Figure 3, the following steps are specifically included:
步驟 301 , UE为了接入到 SAE网络, 向 eNodeB发起网络附着请求, 附着请求中携带有国际移动用户标识( IMSI , International Mobile subscriber Identity ), UE的网络接入能力、 接入点名称(APN, Access Point Name ) 等信息。 eNodeB为 UE选择一个为之服务的 MME, 并将附着请求转发到 该 MME;  Step 301: The UE initiates a network attach request to the eNodeB in order to access the SAE network, where the attach request carries an International Mobile Subscriber Identity (IMSI), a network access capability of the UE, and an access point name (APN, Access Point Name ) and other information. The eNodeB selects an MME for the UE to serve, and forwards the attach request to the MME;
步驟 302, MME向 HSS发送鉴权数据请求消息(含 IMSI ), HSS找到 IMSI对应的签约数据, 并向 MME返回鉴权数据响应消息(含鉴权向量); Step 302: The MME sends an authentication data request message (including IMSI) to the HSS, and the HSS finds the subscription data corresponding to the IMSI, and returns an authentication data response message (including an authentication vector) to the MME.
MME执行鉴权流程以险证终端 IMSI的合法性, 并执行安全模式流程 以启用安全连接。 The MME performs an authentication process to verify the legitimacy of the terminal IMSI and enforces a secure mode flow to enable secure connections.
步驟 303 , MME向归属网的 HSS发送位置更新请求消息, 消息中携带 MME的标识、 UE的标识, 以告知 UE当前所接入的区域。 HSS根据 UE 的标识查找出 UE的签约用户数据, 发送给 MME。  Step 303: The MME sends a location update request message to the HSS of the home network, where the message carries the identifier of the MME and the identifier of the UE, to notify the UE of the currently accessed area. The HSS searches for the subscriber data of the UE according to the identifier of the UE, and sends the data to the MME.
MME接收到用户数据,检查 UE是否被允许接入到网络, 向 HSS返回 接收用户响应;若 MME发现 UE有区域限制、漫游限制或接入限制等问题, MME将禁止 UE附着, 并通知 HSS。  The MME receives the user data, checks whether the UE is allowed to access the network, and returns a receiving user response to the HSS. If the MME finds that the UE has the problem of area restriction, roaming restriction or access restriction, the MME will prohibit the UE from attaching and notify the HSS.
步驟 304, MME根据 APN选择 PDN GW, 并为 UE选择一个 SGW, 然后向其发送建立默认承载请求, SGW向 PDN GW发送建立默认承载的请 求消息。 请求消息中携带 SGW/PDN GW的地址信息、 缺省带宽信息等; 步驟 305 , PDN GW向 PCRF/SPR请求为该 UE所配置的策略和计费规 则、 决策信息; Step 304: The MME selects a PDN GW according to the APN, selects an SGW for the UE, and then sends a default bearer request to the PDN GW. Ask for news. The request message carries the address information of the SGW/PDN GW, the default bandwidth information, and the like; Step 305: The PDN GW requests the PCRF/SPR to be the policy and charging rule and the decision information configured by the UE.
步驟 306, PDN GW根据 PCRF返回的策略和计费决策信息,建立缺省 承载, 并向 SGW返回承载建立响应, 由 SGW向 MME发送默认承载建立 的响应;  Step 306: The PDN GW establishes a default bearer according to the policy and charging decision information returned by the PCRF, and returns a bearer setup response to the SGW, and the SGW sends a default bearer setup response to the MME.
步驟 307, MME向 eNodeB发送附着响应, 表明 UE的附着到网络的 请求已被接收;  Step 307: The MME sends an attach response to the eNodeB, indicating that the UE's request to attach to the network has been received.
步驟 308, eNodeB向 UE发送无线承载建立请求, 要求 UE保存承载 建立的重要信息, 并开放相应的端口。 消息中携带 UE的 IP地址、 带宽信 息等, UE向 eNodeB发送无线承载建立响应, 建立无线承载;  Step 308: The eNodeB sends a radio bearer setup request to the UE, requesting the UE to save important information about the bearer establishment, and open the corresponding port. The message carries the IP address of the UE, the bandwidth information, and the like, and the UE sends a radio bearer setup response to the eNodeB to establish a radio bearer.
步驟 309, eNodeB通知 MME附着过程完成;  Step 309, the eNodeB notifies the MME that the attach process is completed.
步驟 310, MME向 SGW发送更新承载请求,通知为 UE服务的 eNodeB 的标识、 地址, SGW向 MME发送更新 7|载响应。  Step 310: The MME sends an update bearer request to the SGW to notify the identifier and address of the eNodeB served by the UE, and the SGW sends an update response to the MME.
图 4是 UE接入到 GPRS 网络, 执行网络附着及建立分组数据协议 ( PDP, Packet Data Protocol )上下文连接的流程图, 如图 4所示, 具体包 括以下步驟:  FIG. 4 is a flow chart of the UE accessing the GPRS network, performing network attachment, and establishing a packet data protocol (PDP) context connection. As shown in FIG. 4, the following steps are specifically included:
步驟 401 , 用户首次通过 RNS向 SGSN发起附着请求, 附着请求中携 带有附着类型、 IMSI等参数。 RNS根据其自身的负载情况, 以用户的 IMSI 为请求标识将该请求路由到 SGSN;  Step 401: The user initiates an attach request to the SGSN through the RNS for the first time, and the attach request carries parameters such as an attachment type and an IMSI. The RNS routes the request to the SGSN according to its own load condition, using the user's IMSI as the request identifier;
步驟 402, SGSN向 HLR请求对 IMSI进行鉴权, HLR根据 IMSI下载 鉴权认证参数, SGSN对 UE进行鉴权与认证;  Step 402: The SGSN requests the HLR to authenticate the IMSI, and the HLR downloads the authentication authentication parameter according to the IMSI, and the SGSN authenticates and authenticates the UE.
步驟 403 , SGSN发送位置更新请求给 HLR, 位置更新请求中携带有 SGSN号码与地址、 IMSI等参数。 HLR将与 IMSI相对应的签约数据下载 给 SGSN, SGSN对 UE进行接入控制检查, 检查 UE是否有区域限制或接 入限制, 然后通知 HLR; Step 403: The SGSN sends a location update request to the HLR, where the location update request carries parameters such as an SGSN number and an address, and an IMSI. The HLR downloads the subscription data corresponding to the IMSI to the SGSN, and the SGSN performs an access control check on the UE to check whether the UE has an area restriction or connection. Enter the limit and then notify the HLR;
步驟 404, SGSN 为该用户分配分组临时移动用户识别号码 (P-TMSI, Packet-Temporate Mobile subscriber Identify ),然后将附着接受消息发给 UE, 附着接受消息中携带有为 UE分配的 P-TMSI等信息;  Step 404: The SGSN allocates a packet-Temporate Mobile Subscriber Identity (P-TMSI) to the UE, and then sends an attach accept message to the UE, where the attach accept message carries the P-TMSI allocated for the UE, and the like. Information
步驟 405 ,若 MTC UE需要进行业务交互,首先需要在网络中建立 PDP 上下文连接。 MTC UE 申请进行 PDP上下文激活, 创建 GPRS隧道协议 ( GTP, GPRS Tunnelling Protocol )承载。 UE将激活 PDP上下文请求发给 SGSN, 携带 PDP类型、 PDP地址、 APN等信息;  Step 405: If the MTC UE needs to perform service interaction, firstly, a PDP context connection needs to be established in the network. The MTC UE applies for PDP context activation and creates a GPRS Tunneling Protocol (GTP) bearer. The UE sends an activation PDP context request to the SGSN, and carries information such as a PDP type, a PDP address, and an APN.
步驟 406, SGSN根据 APN找到 GGSN的地址, 并为此 PDP上下文创 建 GTP隧道标识(TEID, Tunnel Endpoint Identifier ), 然后将此创建 PDP 上下文请求发给 GGSN;  Step 406: The SGSN finds the address of the GGSN according to the APN, and creates a GTP tunnel identifier (TEID, Tunnel Endpoint Identifier) for the PDP context, and then sends the PDP context request to the GGSN.
步驟 407, GGSN向 PCRF/SPR请求为该 UE所配置的策略和计费规则、 决策信息;  Step 407: The GGSN requests, for the PCRF/SPR, the policy and charging rules and decision information configured by the UE.
步驟 408, GGSN根据 PCRF返回的策略和计费决策信息, 建立 PDP 上下文, 并向 SGSN发送 PDP上下文建立的创建成功响应;  Step 408: The GGSN establishes a PDP context according to the policy and charging decision information returned by the PCRF, and sends a PDP context establishment success response to the SGSN.
步驟 409, SGSN通过 RNS向 MTC UE发送 PDP上下文成功激活响应, MTC UE与 RAN之间建立起无线承载, PDP上下文成功建立。  Step 409: The SGSN sends a PDP context success activation response to the MTC UE through the RNS, and the radio bearer is established between the MTC UE and the RAN, and the PDP context is successfully established.
M2M业务是以机器终端智能交互为核心、 网络化的应用与服务。 它采 用智能机器终端, 通过无线网络传输信息, 为客户提供信息化解决方案, 用于满足客户对监控、 指挥调度、 数据采集和测量等方面的信息化需求。  M2M service is a networked application and service based on intelligent interaction of machine terminals. It uses intelligent machine terminals to transmit information over the wireless network, providing customers with information solutions to meet customer information needs for monitoring, command and dispatch, data acquisition and measurement.
M2M的通信对象为机器对机器, 可以是人与机器之间的通信, 机器与 服务器之间的通信, 不同智能终端之间的通信。 不同应用的 MTC设备具有 不同的特性, 如电梯等升降机设备具有低移动性、 PS only属性, 而监视、 警报设备除具有低移动性、 PS only外, 还具有低数据传输和高可用性等属 性。 因此需要针对不同应用的 MTC设备进行不同的***优化, 才能有效地 对 MTC设备进行管理、 监控、 付费等。 The communication object of M2M is machine-to-machine, which can be communication between people and machines, communication between machines and servers, and communication between different intelligent terminals. Different applications of MTC devices have different characteristics, such as elevators and other elevator devices have low mobility, PS only attributes, while monitoring and alarm devices have low mobility and high availability in addition to low mobility, PS only. Therefore, it is necessary to perform different system optimizations for MTC devices of different applications in order to effectively Manage, monitor, and pay for MTC equipment.
M2M 终端具有多种特性组合, 其中低移动性是其一个重要的特征, M2M终端有两类低移动特性, 第一类是不移动, 第二类是在一定区域内移 动。 如果终端签约了低移动性的特性, 运营商会进行相应网络流程的优化, 如延长位置更新时间、 定区域寻呼 (paging ), 优惠的费率等等。 因此需要 对低移动性的终端移动性进行监控, 如果其行为不满足低移动特性, 需要 进行必要的限制。  The M2M terminal has a combination of various characteristics, of which low mobility is an important feature. The M2M terminal has two types of low mobility characteristics, the first type is not moving, and the second type is moving in a certain area. If the terminal subscribes to the low mobility feature, the operator will optimize the network process, such as extending the location update time, paging area, preferential rates, and so on. Therefore, it is necessary to monitor the mobility of the terminal with low mobility, and if its behavior does not satisfy the low mobility characteristics, the necessary restrictions are required.
结合图 3与图 4的流程, 现有 GPRS与 LTE网络目前仅支持对特定区 域进行相应的限制, 如对漫游区域的限制等, 没有对低移动性区域进行限 制的能力。 业界也正在讨论低移动性限制由 SGSN/MME来执行,但由此带 来的缺陷是所有网元都需要进行优化, 网络初期的维护成本较高。 而运营 商在网络规划时只优化部分网元, 如中移动规划仅对 GGSN/PDN GW/HLR/HSS进行 M2M专网建设, 因此需要解决采用 GGSN/PDN GW进 行低移动性管理的方案, 以满足运营商对网络规划的不同需求。 发明内容  In combination with the processes of FIG. 3 and FIG. 4, the existing GPRS and LTE networks currently only support corresponding restrictions on specific areas, such as restrictions on roaming areas, and the like, and the ability to limit low mobility areas. The industry is also discussing that low mobility restrictions are enforced by the SGSN/MME, but the drawback is that all network elements need to be optimized, and the initial maintenance costs of the network are high. The operator only optimizes some network elements during network planning. For example, China Mobile plans only to construct the M2M private network for GGSN/PDN GW/HLR/HSS. Therefore, it is necessary to solve the problem of low mobility management using GGSN/PDN GW to meet the requirements. Different needs of operators for network planning. Summary of the invention
有鉴于此, 本发明的主要目的在于提供一种终端接入限制的方法及系 统, 能实现对低移动特性的 MTC 终端进行按终端所处的位置进行接入限 制, 实现对 MTC终端的有效管理。  In view of the above, the main object of the present invention is to provide a method and system for limiting access of a terminal, which can implement access restriction on the location of the terminal of the MTC terminal with low mobility characteristics, and realize effective management of the MTC terminal. .
为达到上述目的, 本发明的技术方案是这样实现的:  In order to achieve the above object, the technical solution of the present invention is achieved as follows:
一种终端接入限制的方法, 包括:  A method for terminal access restriction includes:
接收到终端的接入请求, 网络侧向 PCRF请求 PCC策略时, 携带有所 述终端的位置信息;  Receiving an access request of the terminal, and when the network side requests the PCC policy from the PCRF, carrying the location information of the terminal;
所述 PCRF根据所述终端的位置信息确定所述终端是否在允许的位置 区域范围内, 并在所述终端不在允许的位置区域范围内时通知所述网络侧, 所述网络侧限制所述终端接入。 优选地, 所述方法还包括: Determining, by the location information of the terminal, whether the terminal is within an allowed location area, and notifying the network side when the terminal is not within the allowed location area, where the network side limits the terminal Access. Preferably, the method further includes:
为终端设置允许网络接入的位置区域信息的签约信息; 其中, 所述允 许网络接入的位置区域信息的签约信息存储于 SPR中或配置于 PCRF中。  The subscription information of the location area information that allows the network access is set for the terminal; wherein the subscription information of the location area information that allows the network access is stored in the SPR or configured in the PCRF.
优选地, 所述方法还包括:  Preferably, the method further includes:
所述 PCRF 为终端允许网络接入的不同位置区域配置相同的或不同的 PCC策略。  The PCRF configures the same or different PCC policies for different location areas where the terminal allows network access.
优选地, 所述 PCRF在所述终端不在允许的位置区域范围内时通知所 述网络侧为:  Preferably, the PCRF notifies the network side when the terminal is not within the allowed location area:
所述 PCRF根据所述终端的位置信息, 基于 SPR 的签约信息或所述 PCRF本地配置的终端允许网络接入的位置区域信息,确定所述终端是否位 于所述终端允许网络接入的位置区域, 所述终端未位于所述终端允许网络 接入的位置区域时, 在发送到网络侧的 PCC策略请求响应中添加终端区域 限制的指示。  The PCRF determines, according to the location information of the terminal, whether the terminal is located in a location area where the terminal is allowed to access the network, based on the SPR-based subscription information or the location area information that the terminal configured by the PCRF allows the network to access. When the terminal is not located in the location area where the terminal allows the network to access, the terminal area restriction indication is added in the PCC policy request response sent to the network side.
优选地, 所述方法还包括:  Preferably, the method further includes:
网络侧接收到携带有终端区域限制的指示的 PCC策略请求响应后, 删 除为所述终端已建立的承载。  After receiving the PCC policy request response carrying the indication of the terminal area restriction, the network side deletes the bearer that has been established by the terminal.
优选地, 所述网络侧为用户面网元。  Preferably, the network side is a user plane network element.
优选地, 所述终端为 MTC终端; 所述方法还包括:  Preferably, the terminal is an MTC terminal; the method further includes:
所述用户面网元接收到携带有终端区域限制的指示的 PCC策略请求响 应后, 通知控制面网元; 所述控制面网元对所述终端执行去附着。  After receiving the PCC policy request response carrying the indication of the terminal area restriction, the user plane network element notifies the control plane network element; the control plane network element performs detachment on the terminal.
优选地, 所述方法还包括:  Preferably, the method further includes:
控制面网元根据所述终端的类型指示或专用 APN识别为 MTC终端, 并选择为所述终端提供 M2M服务的用户面网元。  The control plane network element is identified as an MTC terminal according to the type indication of the terminal or a dedicated APN, and selects a user plane network element that provides the M2M service for the terminal.
优选地, 所述方法还包括:  Preferably, the method further includes:
所述 PCRF将所述终端的位置信息上报给 MTC服务器。 一种终端接入限制的***, 包括设于网络侧的接收单元、 请求单元和 接入限制单元; 以及, 设于 PCRF中的确定单元和通知单元; 其中, The PCRF reports the location information of the terminal to the MTC server. A terminal access restriction system includes a receiving unit, a requesting unit, and an access limiting unit, which are disposed on a network side; and a determining unit and a notification unit, which are disposed in the PCRF;
接收单元, 用于接收终端的接入请求;  a receiving unit, configured to receive an access request of the terminal;
请求单元, 用于向 PCRF请求 PCC策略, 其中, PCC策略请求中携带 有所述终端的位置信息;  a requesting unit, configured to request a PCC policy from the PCRF, where the PCC policy request carries the location information of the terminal;
确定单元, 用于根据所述终端的位置信息确定所述终端是否在允许的 位置区域范围内, 并在所述终端不在允许的位置区域范围内时触发通知单 元;  a determining unit, configured to determine, according to the location information of the terminal, whether the terminal is within an allowed location area, and trigger a notification unit when the terminal is not within the allowed location area;
通知单元, 用于通知所述网络侧;  a notification unit, configured to notify the network side;
接入限制单元, 用于限制所述终端接入。  An access restriction unit, configured to limit access by the terminal.
优选地, 所述***还包括:  Preferably, the system further comprises:
设置单元, 用于为终端设置允许网络接入的位置区域信息的签约信息; 其中, 所述允许网络接入的位置区域信息的签约信息存储于 SPR中或配置 于 PCRF中。  And a setting unit, configured to set, for the terminal, the subscription information of the location area information that allows the network access; wherein the subscription information of the location area information that allows the network access is stored in the SPR or configured in the PCRF.
优选地, 所述***还包括:  Preferably, the system further comprises:
配置单元, 设于所述 PCRF 中, 用于为终端允许网络接入的不同位置 区域配置相同的或不同的 PCC策略。  And a configuration unit, configured in the PCRF, configured to configure the same or different PCC policies for different location areas where the terminal allows network access.
优选地, 所述确定单元进一步根据所述终端的位置信息, 基于 SPR的 签约信息或所述 PCRF 本地配置的终端允许网络接入的位置区域信息, 确 定所述终端是否位于所述终端允许网络接入的位置区域, 并在所述终端未 位于所述终端允许网络接入的位置区域时, 在所述 PCRF发送到网络侧的 PCC策略请求响应中添加终端区域限制的指示。  Preferably, the determining unit further determines, according to the location information of the terminal, the SPR-based subscription information or the location area information that the PCRF locally configures the network to allow the network to access, whether the terminal is located in the terminal and allows the network to be connected. And a location area, and when the terminal is not located in the location area where the terminal allows network access, add an indication of the terminal area restriction in the PCC policy request response sent by the PCRF to the network side.
优选地, 所述***还包括:  Preferably, the system further comprises:
删除单元,设于网络侧,用于接收到携带有终端区域限制的指示的 PCC 策略请求响应后, 删除为所述终端已建立的承载。 优选地, 所述网络侧为用户面网元。 The deleting unit is set on the network side, and is configured to delete the bearer that has been established by the terminal after receiving the PCC policy request response carrying the indication of the terminal area restriction. Preferably, the network side is a user plane network element.
本发明中, 通过在 SPR或 PCRF中设置允许网络接入的位置区域信息 的签约信息, 当网络侧接收到 MTC终端的接入请求后,在向 PCRF为 MTC 终端进行 PCC策略的请求时,携带有 MTC终端当前的位置信息, PCRF进 一步在 SPR或本地进行 MTC终端是否位于允许网络接入的位置区域的判 断, 当 MTC终端当前位于不允许网络接入的位置区域时, 将向网络侧发送 相应的指示, 由网络侧拒绝 MTC终端的接入, 并删除已经建立的承载, 对 该终端进行接入限制; 而当 MTC 终端处于允许接入的位置区域时, 则为 MTC终端制定相应的 PCC策略,并按 PCC策略执行对 MTC终端的网络接 入; 本发明中, 还可以根据 MTC终端所处的位置区域设置不同的 PCC策 略, 当确定 MTC终端所处的位置区域为允许网络接入的位置区域时, 进一 步根据 MTC终端当前所处的具***置区域制定相应的 PCC策略, 并实现 对能实现对 MTC终端的接入控制。本发明通过用户面网元对低移动性终端 进行接入限制管理, 避免了低移动特性的终端异常移动带来的移动性管理 与计费混乱的问题, 同时可将终端的位置信息及时上报给 MTC Server, 由 MTC Server及时进行终端移动异常事件的处理。 附图说明  In the present invention, by setting the subscription information of the location area information that allows the network access in the SPR or the PCRF, when the network side receives the access request of the MTC terminal, the network side carries the request for the PCC policy to the MTC terminal. With the current location information of the MTC terminal, the PCRF further determines whether the MTC terminal is located in a location area that allows network access in the SPR or the local. When the MTC terminal is currently located in a location area that does not allow network access, the corresponding information is sent to the network side. The network side rejects the access of the MTC terminal, and deletes the established bearer, and performs access restriction on the terminal; and when the MTC terminal is in the location area that is allowed to access, the corresponding PCC policy is formulated for the MTC terminal. And performing network access to the MTC terminal according to the PCC policy. In the present invention, different PCC policies may be set according to the location area where the MTC terminal is located, and determining the location area where the MTC terminal is located is a location allowing network access. In the area, the corresponding PCC policy is further determined according to the specific location area where the MTC terminal is currently located. And realize the access control of the MTC terminal. The invention implements access restriction management on the low mobility terminal by the user plane network element, avoids the problem of mobility management and charging confusion caused by abnormal mobility of the terminal with low mobility characteristics, and can report the location information of the terminal to the terminal in time. The MTC Server processes the terminal movement exception events in time by the MTC Server. DRAWINGS
图 1是现有技术中 GPRS网络***架构示意图;  1 is a schematic diagram of a GPRS network system architecture in the prior art;
图 2是现有技术中 EPS网络***架构示意图;  2 is a schematic diagram of an EPS network system architecture in the prior art;
图 3是现有技术中 MTC UE接入到 EPS网络, 执行网络附着、 IP承载 建立的流程图;  3 is a flow chart of performing MCE UE access to an EPS network and performing network attachment and IP bearer establishment in the prior art;
图 4是 UE接入到 GPRS网络, 执行网络附着及建立 PDP上下文连接 的流程图;  4 is a flow chart of a UE accessing a GPRS network, performing network attachment, and establishing a PDP context connection;
图 5是本发明中低移动特性的 MTC UE附着到 EPS网络的流程图; 图 6是本发明中低移动特性的 MTC UE在到 EPS网络进行位置更新的 流程图; 5 is a flowchart of attaching an MTC UE with low mobility characteristics to an EPS network in the present invention; FIG. 6 is a location update of an MTC UE with low mobility characteristics in the present invention in an EPS network. Flow chart
图 7是本发明中低移动特性的 MTC UE附着到 GPRS网络的流程图; 图 8是本发明中低移动特性的 MTC UE在到 GPRS网络进行位置更新 的流程图;  7 is a flow chart of the MTC UE with low mobility characteristics attached to the GPRS network in the present invention; FIG. 8 is a flow chart of the location update of the MTC UE with low mobility characteristics in the present invention to the GPRS network;
图 9为本发明终端接入限制的***第一种组成结构示意图;  9 is a schematic diagram of a first component structure of a system for limiting access of a terminal according to the present invention;
图 10为本发明终端接入限制的***第二种组成结构示意图;  10 is a schematic diagram of a second component structure of a system for limiting access of a terminal according to the present invention;
图 11为本发明终端接入限制的***第三种组成结构示意图;  11 is a schematic diagram of a third component structure of a system for limiting access of a terminal according to the present invention;
图 12为本发明终端接入限制的***第四种组成结构示意图。 具体实施方式 本发明的基本思想是, 通过在 SPR或 PCRF中设置允许网络接入的位 置区域信息的签约信息, 当网络侧接收到 MTC 终端的接入请求后, 在向 PCRF为 MTC终端进行 PCC策略的请求时, 携带有 MTC终端当前的位置 信息, PCRF进一步在 SPR或本地进行 MTC终端是否位于允许网络接入的 位置区域的判断, 当 MTC终端当前位于不允许网络接入的位置区域时, 将 向网络侧发送相应的指示, 由网络侧拒绝 MTC终端的接入, 并删除已经建 立的承载, 对该终端进行接入限制; 而当 MTC终端处于允许接入的位置区 域时, 则为 MTC终端制定相应的 PCC策略, 并按 PCC策略执行对 MTC 终端的网络接入; 本发明中, 还可以根据 MTC终端所处的位置区域设置不 同的 PCC策略, 当确定 MTC终端所处的位置区域为允许网络接入的位置 区域时, 进一步根据 MTC终端当前所处的具***置区域制定相应的 PCC 策略, 并实现对能实现对 MTC终端的接入控制。  FIG. 12 is a schematic diagram of a fourth component structure of a system for terminal access restriction according to the present invention. The basic idea of the present invention is that, by setting the subscription information of the location area information allowing the network access in the SPR or the PCRF, after the network side receives the access request of the MTC terminal, the PCC performs the PCC for the MTC terminal to the PCRF. The request of the policy carries the current location information of the MTC terminal, and the PCRF further determines whether the MTC terminal is located in a location area that allows network access in the SPR or the local. When the MTC terminal is currently located in a location area that does not allow network access, The corresponding indication is sent to the network side, and the network side rejects the access of the MTC terminal, and deletes the established bearer, and performs access restriction on the terminal; and when the MTC terminal is in the location area that is allowed to access, it is MTC. The terminal develops a corresponding PCC policy, and performs network access to the MTC terminal according to the PCC policy. In the present invention, different PCC policies may be set according to the location area where the MTC terminal is located, and when determining the location area where the MTC terminal is located, When the location area of the network access is allowed, further according to the specific bit currently located by the MTC terminal PCC policy develop appropriate region, and enable access to the control of the MTC terminal can be realized.
本发明需要解决移动通信网络对低移动特性的终端如 MTC 终端在非 允许移动区域接入时进行接入限制的问题。 本发明是利用用户面网元对所 述 M2M终端移动到非允许移动区域时进行接入限制。 当该 MTC UE请求 建立承载或进行位置更新时, 需要携带终端的位置信息, 控制面网元在通 知用户面网元进行承载创建或修改消息中, 携带有终端的位置信息。 用户 面网元以终端的位置信息作为输入参数之一,向 PCRF申请 PCC策略。 PCRF 根据从 SPR下载的终端签约的位置区域限制参数, 或是在 PCRF本地静态 配置的所述终端位置区域限制参数 , 与终端所在的位置区域信息进行比较 , 如果所述终端在允许的位置区域内, PCRF 就下载与此位置区域相对应的 PCC 策略给用户面网元, 允许所述承载的建立或修改, 用户面网元不限制 该终端的接入; 如果所述终端不在允许的位置区域内, 已经移出了所允许 移动的位置区, PCRF就拒绝 PCC策略请求, 并携带 "位置区域受限" 的 原因值通知用户面网元该终端位置区域受限。 所述用户面网元对区域受限 的终端拒绝承载的建立或修改, 并对已建立的承载进行删除, 限制该终端 在网络中接入。 The present invention needs to solve the problem that the mobile communication network performs access restriction on a low mobility characteristic terminal such as an MTC terminal when the non-allowed mobile area is accessed. The invention utilizes the user plane network element to perform access restriction when the M2M terminal moves to the non-permitted mobile area. When the MTC UE requests When the bearer is set up or the location is updated, the location information of the terminal needs to be carried, and the control plane network element carries the location information of the terminal in the message that the user plane is notified to the bearer to create or modify the bearer. The user plane network element applies the location information of the terminal as one of the input parameters to apply for a PCC policy to the PCRF. The PCRF compares the location area restriction parameter signed by the terminal downloaded from the SPR, or the terminal location area restriction parameter statically configured in the PCRF, and compares with the location area information where the terminal is located, if the terminal is in the allowed location area The PCRF downloads the PCC policy corresponding to the location area to the user plane network element, allowing the establishment or modification of the bearer, and the user plane network element does not restrict access of the terminal; if the terminal is not in the allowed location area, The location area of the allowed mobile has been removed, and the PCRF rejects the PCC policy request and carries the reason value of the "location area limited" to notify the user of the network element that the terminal location area is restricted. The user plane network element rejects the establishment or modification of the bearer to the area-restricted terminal, and deletes the established bearer, and restricts the terminal from accessing the network.
当所述终端发起附着或位置更新请求时, 控制面网元需要识别所述终 端是 M2M终端, 识别方法可以根据消息中的 M2M终端类型指示或 M2M 专用的 APN等方式, 然后为所述 M2M终端发起承载建立或修改请求给具 有 M2M支持能力的用户面网元, 用户面网元识别其是 M2M终端, 就在策 略请求中携带所述终端的位置信息, 当收到 PCRF的策略请求拒绝消息时, 用户面网元需要识别 PCRF策略请求响应消息中的 "区域限制" 的原因值, 将原因值返回给控制面网元及终端, 然后发起该终端相关的所有承载的释 放, 限制该终端在网络中的接入。  When the terminal initiates an attach or location update request, the control plane network element needs to identify that the terminal is an M2M terminal, and the identification method may be based on an M2M terminal type indication in the message or an M2M-specific APN, and then the M2M terminal. Initiating a bearer setup or modification request to the user plane network element with the M2M support capability, the user plane network element identifying that it is an M2M terminal, and carrying the location information of the terminal in the policy request, when receiving the policy request rejection message of the PCRF The user plane network element needs to identify the cause value of the "area restriction" in the PCRF policy request response message, return the cause value to the control plane network element and the terminal, and then initiate release of all bearers related to the terminal, and limit the terminal to the network. Access in.
本发明中, 终端的位置信息可以是当前终端所接入小区的小区标识信 息, 如物理小区标识( PCI, Physical Cell Identity )或小区全球标识( CGI, Cell Global Identity ), 或为终端接入小区所属的基站标识信息, 或者为对终 端进行定位后的经纬度地理位置信息。 这里, 所提供的位置信息只要能被 PCRF识别, 或者只要与在 SPR或 PCRF中存储的允许网络接入的位置区 域一致即可, 即只要能由 PCRF进行终端的位置信息的匹配即可。 In the present invention, the location information of the terminal may be cell identity information of a cell currently accessed by the terminal, such as a physical cell identity (PCI, Physical Cell Identity) or a cell global identity (CGI, Cell Global Identity), or a terminal access cell. The associated base station identification information, or the latitude and longitude geographic location information after the terminal is located. Here, the provided location information can be identified by the PCRF, or as long as it is stored in the SPR or PCRF to allow network access. The domain is consistent, that is, as long as the location information of the terminal can be matched by the PCRF.
为使本发明的目的、 技术方案和优点更加清楚明白, 以下举实施例并 参照附图, 对本发明进一步详细说明。  The present invention will be further described in detail below with reference to the accompanying drawings.
实施例一  Embodiment 1
当终端首次附着到 EPS网络时携带终端的位置信息, MME (控制面网 元 )为其选择服务于 M2M的 PDN GW (用户面网元), 并向 PDN GW发起 创建默认承载请求。 PDN GW向 PCRF发起策略请求, 相应的策略请求消 息中携带有终端的位置信息, PCRF可从 SPR获知其签约的低移动特性, 并下载该终端的允许接入区域信息对应不同区域的差异化 PCC策略(也可 在 PCRF静态配置), PCRF发现其位置在允许位置区域范围外, 就拒绝策 略请求, 并携带区域受限的原因 (cause )值, PDN GW收到策略请求拒绝 消息后, 拒绝默认^ ^载的创建, MME拒绝该终端附着到 EPS 网络。 图 5 是本发明中低移动特性的 MTC UE附着到 EPS网络的流程图,如图 5所示, 本示例中低移动特性的 MTC UE附着到 EPS网络具体包括以下步驟:  When the terminal is attached to the EPS network for the first time, it carries the location information of the terminal, and the MME (Control Plane Network Element) selects the PDN GW (User Area Network Element) serving the M2M, and initiates a default bearer request to the PDN GW. The PDN GW initiates a policy request to the PCRF, and the corresponding policy request message carries the location information of the terminal. The PCRF can learn the low mobility characteristics of the subscription from the SPR, and download the allowed access area information of the terminal corresponding to the differentiated PCC of different areas. The policy (also available in the PCRF static configuration), the PCRF finds that its location is outside the allowed location area, rejects the policy request, and carries the zone-restricted cause (cause) value. After receiving the policy request rejection message, the PDN GW rejects the default. ^ ^ Created, MME refused to attach the terminal to the EPS network. Figure 5 is a flow chart of the MTC UE with low mobility characteristics attached to the EPS network in the present invention. As shown in Figure 5, the attachment of the MTC UE with low mobility characteristics to the EPS network in this example includes the following steps:
步驟 501,运营商在 SPR数据库中签约 M2M终端特性相关的信息, SPR 可以对终端的低移动特性进行签约, 并可以同时签约终端允许接入的位置 区域信息、 对应不同区域信息的差异化 PCC策略等参数信息。  In step 501, the operator signs the information related to the characteristics of the M2M terminal in the SPR database, and the SPR can sign the low mobility characteristic of the terminal, and can simultaneously sign the location area information that the terminal is allowed to access, and the differentiated PCC policy corresponding to the different area information. Parameter information.
终端允许接入的位置区域信息、 对应不同区域信息的差异化 PCC策略 等参数信息也可以在 PCRF中进行本地静态配置。  The parameter information such as the location area information that the terminal is allowed to access and the differentiated PCC policy corresponding to the different area information can also be statically configured locally in the PCRF.
步驟 502, UE为接入到 SAE网络, 向 eNodeB发起网络附着请求, 相 应的附着请求消息中携带有 IMSI、 UE的网络接入能力, APN等信息, 若 终端具有 M2M增强能力, 也可携带 M2M终端类型指示参数。 eNodeB为 该 UE选择一个为之服务的 MME, 并将附着请求转发到该 MME。  Step 502: The UE accesses the SAE network, and initiates a network attach request to the eNodeB. The corresponding attach request message carries information such as the IMSI, the network access capability of the UE, and the APN. If the terminal has the M2M enhanced capability, the UE may also carry the M2M. Terminal type indication parameters. The eNodeB selects an MME for the UE to serve and forwards the attach request to the MME.
步驟 503 , MME根据所述终端的 M2M终端类型指示, 或终端携带的 APN是 M2M专用的 APN来识别其是 M2M终端, 为该终端选择为 M2M 终端服务的 PGW, 并选择一个 SGW, 向 SGW/PGW发送建立默认承载请 求, 相应的建立默认承载请求消息中携带有 SGW/PDN GW的地址信息、 缺省带宽信息、 位置信息等参数。 Step 503: The MME is instructed according to the M2M terminal type of the terminal, or carried by the terminal. The APN is an APN dedicated to the M2M to identify that it is an M2M terminal, selects a PGW serving the M2M terminal for the terminal, and selects an SGW to send a default bearer request to the SGW/PGW, and the corresponding default bearer request message carries the SGW. /PDN GW address information, default bandwidth information, location information and other parameters.
步驟 504 , PDN GW收到创建承载请求后, 向 PCRF/SPR请求为该 UE 所配置的策略和计费规则、 决策信息, 携带有终端的 IMSI、 位置信息等参 数。  Step 504: After receiving the bearer request, the PDN GW requests the PCRF/SPR to request the policy and charging rules and decision information of the UE, and carries the parameters such as the IMSI and the location information of the terminal.
步驟 505, PCRF根据终端的 IMSI与位置信息, 向 SPR请求签约数据, SPR将低移动特性签约、 允许的位置区域信息、 对应不同区域信息的差异 化 PCC策略下载给 PCRF, 其中, "允许的位置区域信息对应不同区域信息 的差异化 PCC策略" 既可签约在 SPR中, 也可以静态配置在 PCRF中, 根 据运营商策略决定其中方式之一。  Step 505: The PCRF requests the subscription data from the SPR according to the IMSI and the location information of the terminal, and the SPR downloads the low mobility characteristic subscription, the allowed location area information, and the differentiated PCC policy corresponding to the different area information to the PCRF, where the allowed location The differentiated PCC policy in which the area information corresponds to different area information can be contracted in the SPR or statically configured in the PCRF, and one of the modes is determined according to the operator policy.
PCRF 可以根据运营商策略, 将该终端的位置信息及时上报给 MTC Server。  The PCRF can report the location information of the terminal to the MTC server in time according to the carrier's policy.
步驟 506, PCRF根据终端所在的位置信息与 "允许的位置区域信息" 进行比较, 判断该终端当前所在的位置区域是否受限。 即确定终端当前的 位置是否处于 "允许的位置区域" 中, 若不在则位于受限区域。  Step 506: The PCRF compares the location information of the terminal with the "permitted location area information" to determine whether the location area where the terminal is currently located is restricted. That is, it is determined whether the current location of the terminal is in the "allowed location area", and if not, it is located in the restricted area.
步驟 507, PCRF发现该终端的所在位置不在允许的位置区域内, 就拒 绝 PDN GW的策略请求, 并在拒绝消息中携带 "终端区域受限" 的 cause 值。  Step 507: The PCRF finds that the location of the terminal is not in the allowed location area, rejects the PDN GW policy request, and carries the "terminal area limited" cause value in the reject message.
步驟 508 , PDN GW根据 PCRF返回的拒绝消息,判断该终端区域受限, 就向 SGW返回承载建立拒绝响应, 并携带 "终端区域受限" 的 cause值, 由 SGW向 MME返回承载建立拒绝消息。  Step 508: The PDN GW, according to the reject message returned by the PCRF, determines that the terminal area is restricted, and returns a bearer setup reject response to the SGW, and carries a cause value of the "terminal area limited", and the SGW returns a bearer setup reject message to the MME.
步驟 509, MME收到默认承载建立拒绝消息后, 向 eNodeB发送附着 拒绝响应, 拒绝 UE 附着到该网络, 拒绝消息中携带 "终端区域受限" 的 cause值, 该 UE在网络被限制接入。 Step 509: After receiving the default bearer setup reject message, the MME sends an attach to the eNodeB. Rejecting the response, rejecting the UE attaching to the network, the reject message carries the "terminal area limited" cause value, and the UE is restricted from accessing the network.
实施例二  Embodiment 2
当终端发起首次附着到 EPS网络时没有位置区域受限, 正常地附着到 了 EPS网络。 当该终端位置发生改变时, 需要发起位置更新请求, 相应的 位置更新请求消息中携带有终端的位置信息, MME通过承载修改请求将终 端更新的位置信息通知给 PDN GW。 PDN GW向 PCRF发起策略请求, 相 应的策略请求消息中携带有终端更新的位置信息, PCRF发现其位置在允许 位置区域范围外, 就拒绝策略请求, 并携带区域受限的 cause值, PDN GW 接收到策略请求拒绝消息后, 就删除该终端所有的 PDN连接, 限制该终端 在网络中的接入。 图 6是本发明中低移动特性的 MTC UE在到 EPS网络进 行位置更新的流程图, 如图 6所示, 本示例中低移动特性的 MTC UE在到 EPS网络进行位置更新具体包括以下步驟:  When the terminal initiates the first attachment to the EPS network, there is no location area limited, and it is normally attached to the EPS network. When the location of the terminal is changed, the location update request needs to be initiated, and the location update request message carries the location information of the terminal, and the MME notifies the PDN GW of the location information of the terminal update by using the bearer modification request. The PDN GW initiates a policy request to the PCRF, and the corresponding policy request message carries the location information of the terminal update. The PCRF finds that the location is outside the allowed location area, rejects the policy request, and carries the area-limited cause value, and the PDN GW receives After the policy request rejection message, all PDN connections of the terminal are deleted, and the terminal is restricted from accessing the network. FIG. 6 is a flowchart of a location update to an EPS network by an MTC UE with low mobility in the present invention. As shown in FIG. 6, the location update of the MTC UE with low mobility characteristics in the present example includes the following steps:
步驟 601 ~步驟 605, 与步驟 501 ~步驟 505分别对应相同。  Steps 601 to 605 are the same as steps 501 to 505, respectively.
步驟 606, PCRF根据终端所在的位置信息与 "允许的位置区域信息" 进行比较, 判断该终端当前所在的位置区域是否受限。  Step 606: The PCRF compares the location information of the terminal with the "permitted location area information" to determine whether the location area where the terminal is currently located is restricted.
步驟 607, PCRF发现该终端的所在位置在允许的位置区域内, 位置区 域不受限,就向 PDN GW返回 PDN GW的策略请求响应消息,并在响应消 息中携带与该位置匹配的差异化 PCC策略。  Step 607: The PCRF finds that the location of the terminal is in the allowed location area, and the location area is not limited, and returns a policy request response message of the PDN GW to the PDN GW, and carries the differentiated PCC matching the location in the response message. Strategy.
步驟 608, PDN GW根据 PCRF返回的策略和计费决策信息,建立缺省 承载, 并向 SGW返回承载建立响应消息, 由 SGW向 MME发送默认承载 建立的响应消息。  Step 608: The PDN GW establishes a default bearer according to the policy and charging decision information returned by the PCRF, and returns a bearer setup response message to the SGW, and the SGW sends a response message of the default bearer setup to the MME.
步驟 609, MME向 eNodeB发送附着响应消息, 表明 UE的附着到网 络的请求已被接收。 步驟 610, eNodeB向 UE发送无线承载建立请求消息, 要求 UE保存 承载建立的重要信息, 并开放相应的端口。 无线承载建立请求消息中携带 有 UE的 IP地址、带宽信息等, UE向 eNodeB发送无线承载建立响应消息, 建立无线 7|载。 Step 609: The MME sends an attach response message to the eNodeB, indicating that the UE's request to attach to the network has been received. Step 610: The eNodeB sends a radio bearer setup request message to the UE, requesting the UE to save the important information of the bearer setup, and opening the corresponding port. The radio bearer setup request message carries the IP address, bandwidth information, and the like of the UE, and the UE sends a radio bearer setup response message to the eNodeB to establish a radio bearer.
步驟 611 , eNodeB通知 MME附着过程完成, 由 MME向 SGW通知入 口地址的更新, MTC UE成功附着到网络。  Step 611: The eNodeB notifies the MME that the attach process is complete, and the MME notifies the SGW of the update of the ingress address, and the MTC UE successfully attaches to the network.
步驟 612, 当 MTC UE发生移动时位置区域发生了变化, MTC UE需 要向 MME发起位置更新请求,相应的位置更新请求消息中携带有所在区域 的位置信息, APN, 终端标识等参数。  Step 612: When the MTC UE moves, the location area changes, and the MTC UE needs to initiate a location update request to the MME, where the corresponding location update request message carries the location information, the APN, the terminal identifier, and the like.
步驟 613 , MME根据 M2M终端类型或 M2M专用的 APN ,判断是 M2M 终端发起的位置更新请求, 就向 SGW发起承载修改请求, 相应的承载修改 请求消息中携带有终端标识、 APN与位置信息等参数。 SGW向 PDN GW 发起承载修改请求。  Step 613: The MME determines to be a location update request initiated by the M2M terminal according to the M2M terminal type or the M2M-specific APN, and initiates a bearer modification request to the SGW, where the corresponding bearer modification request message carries parameters such as the terminal identifier, the APN, and the location information. . The SGW initiates a bearer modification request to the PDN GW.
步驟 614, PDN GW接收到承载修改请求消息后, 向 PCRF/SPR请求 为该 UE更新所配置的策略和计费规则、 决策信息, 携带终端的 IMSI、 位 置信息等参数。  Step 614: After receiving the bearer modification request message, the PDN GW requests the PCRF/SPR to update the configured policy and charging rule, the decision information, and the parameters such as the IMSI and the location information of the carrying terminal.
步驟 615, PCRF根据终端的 IMSI与位置信息, 向 SPR请求签约数据, SPR将允许的位置区域信息、 对应不同区域信息的差异化 PCC策略下载给 PCRF, "允许的位置区域信息、 对应不同区域信息的差异化 PCC策略" 既 可签约在 SPR中, 也可以静态配置在 PCRF中, 根据运营商策略决定其中 方式之一。  Step 615: The PCRF requests the subscription data from the SPR according to the IMSI and the location information of the terminal, and the SPR downloads the allowed location area information and the differentiated PCC policy corresponding to the different area information to the PCRF, "allowed location area information, corresponding different area information. The differentiated PCC policy can be contracted in the SPR or statically configured in the PCRF, and one of the methods is determined according to the operator's strategy.
PCRF可以根据运营商策略,将该终端更新的位置信息及时上报给 MTC Server。  The PCRF can report the updated location information of the terminal to the MTC server in time according to the carrier policy.
步驟 616, PCRF根据终端所在的位置信息与 "允许的位置区域信息" 进行比较, 判断该终端当前所在的位置区域是否受限。 Step 616, the PCRF is based on the location information of the terminal and the "allowed location area information" For comparison, it is determined whether the location area where the terminal is currently located is limited.
步驟 617, PCRF发现该终端的所在位置不在允许的位置区域内, 就拒 绝 PDN GW的策略更新请求,并在拒绝消息中携带 "终端区域受限"的 cause 值。  Step 617: The PCRF finds that the location of the terminal is not in the allowed location area, rejects the PDN GW policy update request, and carries the "terminal area limited" cause value in the reject message.
步驟 618 , PDN GW根据 PCRF返回的拒绝消息,判断该终端区域受限, 就向 SGW返回承载修改拒绝响应消息, 并携带 "终端区域受限" 的 cause 值, 由 SGW向 MME返回承载修改拒绝消息。  Step 618: The PDN GW returns a bearer modification reject response message to the SGW according to the reject message returned by the PCRF, and returns a bearer modification reject response message to the SGW, and carries a "terminal area limited" cause value, and the SGW returns a bearer modification reject message to the MME. .
步驟 619, MME收到承载修改建立拒绝消息后, 若 MME不具有 M2M 支持能力, MME就拒绝终端的位置更新请求。 若 MME支持 M2M能力, 就会识别终端区域受限, 可以发起终端的 Detach等流程去附着该终端。  Step 619: After receiving the bearer modification establishment rejection message, if the MME does not have the M2M support capability, the MME rejects the location update request of the terminal. If the MME supports the M2M capability, it will identify that the terminal area is restricted, and the process such as Detach of the terminal may be initiated to attach the terminal.
步驟 620, PDN GW判断终端区域受限后, 主动对该 MTC UE进行接 入限制, 发起 PDN连接删除流程。 PDN GW发起 PDN连接删除请求, 相 应的 PDN连接删除请求消息经 SGW发给 MME。  Step 620: After determining that the terminal area is restricted, the PDN GW actively performs an access restriction on the MTC UE, and initiates a PDN connection deletion process. The PDN GW initiates a PDN connection deletion request, and the corresponding PDN connection deletion request message is sent to the MME via the SGW.
步驟 621a, MME执行 PDN连接删除, 如果是最后一条默认承载被删 除, 则根据现有技术发起 Detach。  In step 621a, the MME performs PDN connection deletion. If the last default bearer is deleted, Detach is initiated according to the prior art.
步驟 621b, 所对应的, 核心网删除的 PDN连接, 在无线网络侧也删除 核心网承载对应的无线承载配置;  Step 621b, corresponding to the PDN connection deleted by the core network, and deleting the radio bearer configuration corresponding to the core network bearer on the wireless network side;
步驟 622, PDN连接成功删除后, MME向 SGW/PGW返回 PDN连接 删除响应消息。 该 MTC UE因区域限制被 PDN GW进行接入限制。  Step 622: After the PDN connection is successfully deleted, the MME returns a PDN connection deletion response message to the SGW/PGW. The MTC UE is restricted by the PDN GW for access restrictions.
本发明中, 也可以不必对终端是否是 MTC UE进行判断, 即当终端发 起的请求 PCC策略的请求中携带有终端的位置信息时,即认为终端为 MTC UE。  In the present invention, it is not necessary to determine whether the terminal is an MTC UE, that is, when the request for requesting the PCC policy initiated by the terminal carries the location information of the terminal, the terminal is considered to be an MTC UE.
实施例三  Embodiment 3
当终端附着到 GPRS网络并在激活 PDP上下文消息中携带有终端的位 置信息, SGSN为其选择服务于 M2M的 GGSN,并向 GGSN发起创建 PDP 上下文请求。 GGSN向 PCRF发起策略请求, 相应的策略请求消息中携带 有终端的位置信息。 PCRF可从 SPR获知其签约的低移动特性, 并下载该 终端的允许接入区域信息对应不同区域的差异化 PCC策略(也可在 PCRF 静态配置), PCRF发现其位置在允许位置区域范围外时, 就拒绝该策略请 求, 并携带区域受限的 cause值, GGSN接收到策略请求拒绝消息后, 就拒 绝 PDP上下文的创建, SGSN拒绝该终端在 GPRS网络中激活 PDP上下文, 限制该终端的接入。 图 7是本发明中低移动特性的 MTC UE附着到 GPRS 网络的流程图,如图 7所示,本示例中低移动特性的 MTC UE附着到 GPRS 网络具体包括以下步驟: When the terminal attaches to the GPRS network and carries the bit of the terminal in the activated PDP context message For the information, the SGSN selects the GGSN serving the M2M for it and initiates a PDP context request to the GGSN. The GGSN initiates a policy request to the PCRF, and the corresponding policy request message carries the location information of the terminal. The PCRF can learn the low mobility characteristics of the subscription from the SPR, and download the allowed access area information of the terminal corresponding to the differentiated PCC policy of different areas (also can be statically configured in the PCRF), and the PCRF finds that its location is outside the allowable location area. Rejecting the policy request and carrying the area-restricted cause value. After receiving the policy request rejection message, the GGSN rejects the creation of the PDP context, and the SGSN rejects the terminal to activate the PDP context in the GPRS network, and restricts the access of the terminal. . FIG. 7 is a flowchart of attaching a low mobility characteristic MTC UE to a GPRS network according to the present invention. As shown in FIG. 7, the MTC UE with low mobility characteristics attached to the GPRS network in this example specifically includes the following steps:
步驟 701 ,运营商在 SPR数据库中签约 M2M终端特性相关的信息, SPR 可以对终端的低移动特性进行签约, 并可以同时签约终端允许接入的位置 区域信息、 对应不同区域信息的差异化 PCC策略等参数信息。  Step 701: The operator signs the information related to the M2M terminal characteristics in the SPR database, and the SPR can sign the low mobility characteristic of the terminal, and can simultaneously sign the location area information that the terminal is allowed to access, and the differentiated PCC policy corresponding to the different area information. Parameter information.
终端允许接入的位置区域信息、 对应不同区域信息的差异化 PCC策略 等参数信息也可以在 PCRF中进行本地静态配置。  The parameter information such as the location area information that the terminal is allowed to access and the differentiated PCC policy corresponding to the different area information can also be statically configured locally in the PCRF.
步驟 702, 用户通过 RNS向 SGSN发起附着请求, 相应的附着请求消 息中携带有附着类型、 IMSI等参数。 RNS根据其负载情况,以用户的 IMSI 为请求标识将该消息路由到 SGSN。  Step 702: The user initiates an attach request to the SGSN through the RNS, and the corresponding attach request message carries parameters such as an attachment type and an IMSI. Based on its load, the RNS routes the message to the SGSN with the user's IMSI as the request identifier.
步驟 703 , SGSN对该 MTC UE进行鉴权认证, 然后 SGSN发送位置更 新请求给 HLR, 携带 SGSN号码与地址、 IMSI等参数。 HLR将与 IMSI相 对应的签约数据下载给 SGSN, SGSN对 UE进行接入控制检查, 检查 UE 是否有区域限制或接入限制, 然后通知 HLR。  Step 703: The SGSN authenticates the MTC UE, and then the SGSN sends a location update request to the HLR, carrying the SGSN number and address, IMSI and other parameters. The HLR downloads the subscription data corresponding to the IMSI to the SGSN, and the SGSN performs an access control check on the UE, checks whether the UE has an area restriction or an access restriction, and then notifies the HLR.
步驟 704, SGSN 为该用户分配分组临时移动用户识别号码(P-TMSI, Packet-Temporate Mobile subscriber Identify ),然后将附着接受消息发给 UE, 附着接受消息中携带有为 UE分配的 P-TMSI等信息。 步驟 705 ,若 MTC UE需要进行业务交互,首先需要在网络中建立 PDP 上下文连接。 MTC UE申请进行 PDP上下文激活, 创建 GTP承载。 UE将 激活 PDP上下文请求发给 SGSN, 携带有 PDP类型、 PDP地址、 APN, 位 置信息等参数。 若终端具有 M2M增强能力, 也可以在消息中携带 M2M终 端类型指示参数。 Step 704: The SGSN allocates a packet-Temporate Mobile Subscriber Identity (P-TMSI) to the UE, and then sends an attach accept message to the UE, where the attach accept message carries the P-TMSI allocated to the UE. information. Step 705: If the MTC UE needs to perform service interaction, firstly, a PDP context connection needs to be established in the network. The MTC UE applies for PDP context activation to create a GTP bearer. The UE sends an activation PDP context request to the SGSN, and carries parameters such as a PDP type, a PDP address, an APN, and location information. If the terminal has the M2M enhanced capability, the M2M terminal type indication parameter may also be carried in the message.
步驟 706, SGSN根据所述终端的 M2M终端类型指示, 或终端携带的 APN是 M2M专用的 APN来识别其是 M2M终端, 为该终端选择为 M2M 终端服务的 GGSN, 并为此 PDP上下文创建 GTP隧道标识( TEID, Tunnel Endpoint Identifier ) , 然后将此创建 PDP上下文请求消息发送给 GGSN , 创 建 PDP上下文请求消息中携带有 SGSN的地址, 位置信息等参数。  Step 706: The SGSN is configured according to the M2M terminal type indication of the terminal, or the APN carried by the terminal is an M2M-specific APN to identify that it is an M2M terminal, select a GGSN serving as the M2M terminal for the terminal, and create a GTP tunnel for the PDP context. The TEID (Tunnel Endpoint Identifier) is sent to the GGSN, and the PDP Context Request message carries the SGSN address, location information and other parameters.
步驟 707, GGSN接收到 PDP上下文创建请求后, 向 PCRF/SPR请求 为该 UE所配置的策略和计费规则、 决策信息, 消息中携带终端标识、位置 信息等参数。  Step 707: After receiving the PDP context creation request, the GGSN requests the PCRF/SPR to request the policy and the charging rule and the decision information, and the message carries the terminal identifier, the location information, and the like.
步驟 708, PCRF根据终端的 IMSI与位置信息, 向 SPR请求签约数据, SPR将低移动特性签约、 允许的位置区域信息、 对应不同区域信息的差异 化 PCC策略下载给 PCRF, 其中 "允许的位置区域信息、 对应不同区域信 息的差异化 PCC策略" 既可签约在 SPR中, 也可以静态配置在 PCRF中, 根据运营商策略决定采用其中方式之一。  Step 708: The PCRF requests the subscription data from the SPR according to the IMSI and the location information of the terminal, and the SPR downloads the low mobility feature subscription, the allowed location area information, and the differentiated PCC policy corresponding to the different area information to the PCRF, where the allowed location area is The information and the differentiated PCC policy corresponding to different area information can be contracted in the SPR or statically configured in the PCRF, and one of the modes is determined according to the operator's policy.
PCRF 可以根据运营商策略, 将该终端的位置信息及时上报给 MTC Server。  The PCRF can report the location information of the terminal to the MTC server in time according to the carrier's policy.
步驟 709, PCRF根据终端所在的位置信息与 "允许的位置区域信息" 进行比较, 判断该终端当前所在的位置区域是否受限。  Step 709: The PCRF compares the location information of the terminal with the "permitted location area information" to determine whether the location area where the terminal is currently located is restricted.
步驟 710, GGSN根据 PCRF返回的拒绝消息, 判断该终端区域受限, 就向 SGSN返回 PDP上下文创建拒绝响应消息, 并携带 "终端区域受限" 的 cause值。 步驟 711 , SGSN收到 PDP上下文建立拒绝消息后, 向 RNS发送 PDP 上下文激活拒绝响应消息, 拒绝为该 UE在网络侧建立 PDP上下文 载通 道, 拒绝响应消息中携带 "终端区域受限" 的 cause值, 该 UE在网络被限 制接入。 Step 710: The GGSN determines that the terminal area is restricted according to the reject message returned by the PCRF, and returns a PDP context creation rejection response message to the SGSN, and carries a "terminal area limited" cause value. Step 711: After receiving the PDP context establishment reject message, the SGSN sends a PDP context activation reject response message to the RNS, and refuses to establish a PDP context carrying channel for the UE on the network side, and the reject response message carries a "terminal area limited" cause value. The UE is restricted from accessing the network.
实施例四  Embodiment 4
当终端正常在 GPRS网络附着并建立 PDP上下文后, 终端位置发生改 变时, 需要发起位置更新请求, 携带有终端的位置信息, SGSN通过 PDP 上下文修改请求将终端更新的位置信息通知给 GGSN。 GGSN向 PCRF发起 策略请求, 携带终端更新的位置信息, PCRF发现其位置在允许位置区域范 围外时, 就拒绝策略请求, 并携带区域受限的 cause值, GGSN接收到策略 请求拒绝消息后, 就删除该终端所有的 PDP上下文连接, 限制该终端在网 络中的接入。 图 8是本发明中低移动特性的 MTC UE在到 GPRS网络进行 位置更新的流程图,如图 8所示,本示例低移动特性的 MTC UE在到 GPRS 网络进行位置更新具体包括以下步驟:  When the terminal is normally connected to the GPRS network and the PDP context is established, the location of the terminal needs to be initiated, and the location update request is required to carry the location information of the terminal. The SGSN notifies the GGSN of the location information updated by the terminal through the PDP context modification request. The GGSN initiates a policy request to the PCRF, and carries the location information updated by the terminal. When the PCRF finds that its location is outside the allowed location area, the PCRF rejects the policy request and carries the area-restricted cause value. After receiving the policy request rejection message, the GGSN receives the policy request rejection message. Delete all PDP context connections of the terminal and restrict access of the terminal to the network. FIG. 8 is a flowchart of the location update of the MTC UE with low mobility in the present invention to the GPRS network. As shown in FIG. 8, the MTC UE of the present low mobility feature performs the location update to the GPRS network, and specifically includes the following steps:
步驟 801 , 当 MTC UE发生移动时位置区域发生了变化, MTC UE需 要向 SGSN发起位置更新请求, 相应的位置更新请求消息中携带有终端所 在区域的位置信息, APN, 终端标识等参数, 若终端具有 M2M增强能力, 也可以在消息中携带 M2M终端类型指示参数。  Step 801: When the MTC UE moves, the location area changes, and the MTC UE needs to initiate a location update request to the SGSN, where the corresponding location update request message carries the location information, APN, terminal identifier and other parameters of the area where the terminal is located, if the terminal With the M2M enhancement capability, the M2M terminal type indication parameter can also be carried in the message.
步驟 802, SGSN根据 M2M终端类型或 M2M专用的 APN, 判断是 M2M终端发起的位置更新请求, 就向 GGSN发起 PDP上下文修改请求, 相应的 PDP上下文修改请求消息中携带有终端标识、 APN与位置信息等参 数。  Step 802: The SGSN, according to the M2M terminal type or the M2M-dedicated APN, determines that the location update request is initiated by the M2M terminal, and initiates a PDP context modification request to the GGSN, where the corresponding PDP context modification request message carries the terminal identifier, the APN, and the location information. And other parameters.
步驟 803 , GGSN收到 PDP上下文修改请求后, 向 PCRF/SPR请求为 该 UE更新所配置的策略和计费规则、 决策信息, 携带终端的 IMSI、 位置 信息等参数。 步驟 804, PCRF根据终端的 IMSI与位置信息, 向 SPR请求签约数据, SPR将允许的位置区域信息、 对应不同区域信息的差异化 PCC策略下载给 PCRF, "允许的位置区域信息、 对应不同区域信息的差异化 PCC策略" 既 可签约在 SPR中, 也可以静态配置在 PCRF中, 根据运营商策略决定采用 其中方式之一。 Step 803: After receiving the PDP context modification request, the GGSN requests the PCRF/SPR to update the configured policy and charging rule, the decision information, and the parameters such as the IMSI and the location information of the terminal. Step 804, the PCRF requests the subscription data from the SPR according to the IMSI and the location information of the terminal, and the SPR downloads the allowed location area information and the differentiated PCC policy corresponding to the different area information to the PCRF, "allowed location area information, corresponding different area information. The differentiated PCC policy can be contracted in the SPR or statically configured in the PCRF, and one of the methods is adopted according to the operator's policy.
PCRF可以根据运营商策略,将该终端更新的位置信息及时上报给 MTC Server。  The PCRF can report the updated location information of the terminal to the MTC server in time according to the carrier policy.
步驟 805 , PCRF根据终端所在的位置信息与 "允许的位置区域信息" 进行比较, 判断该终端当前所在的位置区域是否受限。  Step 805: The PCRF compares the location information of the terminal with the "permitted location area information" to determine whether the location area where the terminal is currently located is restricted.
步驟 806, PCRF发现该终端的所在位置在允许的位置区域内, 位置区 域不受限, 就向 GGSN返回策略请求响应消息, 并在策略请求响应消息中 携带有与该位置匹配的差异化 PCC策略。 步驟 807, GGSN根据 PCRF返回的策略和计费决策信息, 修改 PDP 上下文承载, 并向 SGSN返回 PDP上下文修改响应消息, SGSN进行后续 的位置更新过程。  Step 806: The PCRF finds that the location of the terminal is in the allowed location area, and the location area is not limited, and returns a policy request response message to the GGSN, and carries a differentiated PCC policy matching the location in the policy request response message. . Step 807: The GGSN modifies the PDP context bearer according to the policy and charging decision information returned by the PCRF, and returns a PDP context modification response message to the SGSN, and the SGSN performs a subsequent location update process.
步驟 808, PCRF根据终端所在的位置信息与 "允许的位置区域信息" 进行比较, 判断该终端当前所在的位置区域终端区域受限。  Step 808: The PCRF compares the location information of the terminal with the "permitted location area information", and determines that the terminal area of the location area where the terminal is currently located is restricted.
步驟 809, PCRF发现该终端的所在位置不在允许的位置区域内, 就拒 绝 GGSN的策略更新请求, 并在所发送的拒绝消息中携带 "终端区域受限" 的 cause值。  Step 809: The PCRF finds that the location of the terminal is not in the allowed location area, rejects the GGSN policy update request, and carries the "terminal area limited" cause value in the sent reject message.
步驟 810, GGSN根据 PCRF返回的拒绝消息, 判断该终端区域受限, 就向 SGSN返回 PDP上下文修改拒绝响应消息, 并携带 "终端区域受限" 的 cause值。  Step 810: The GGSN, according to the reject message returned by the PCRF, determines that the terminal area is restricted, and returns a PDP context modification reject response message to the SGSN, and carries a "terminal area limited" cause value.
步驟 811 , SGSN收到 PDP上下文修改拒绝消息后, 若 SGSN不具有 M2M支持能力, SGSN就拒绝终端的位置更新请求。 若 SGSN支持 M2M 能力, 就会识别终端区域受限, 可以发起终端的 Detach等流程去附着该终 端。 Step 811: After the SGSN receives the PDP context modification reject message, if the SGSN does not have The M2M supports the capability, and the SGSN rejects the location update request of the terminal. If the SGSN supports the M2M capability, it will recognize that the terminal area is restricted, and can initiate the terminal's Detach process to attach the terminal.
步驟 812, GGSN判断终端区域受限后, 主动对该 MTC UE进行接入 限制, 发起 PDP上下文连接删除流程。 GGSN向 SGSN发起 PDP上下文删 除请求, 申请删除该终端的 PDP上下文连接。  Step 812: After determining that the terminal area is restricted, the GGSN actively performs access restriction on the MTC UE, and initiates a PDP context connection deletion process. The GGSN initiates a PDP context deletion request to the SGSN to apply for deleting the PDP context connection of the terminal.
步驟 813 , SGSN执行 PDP上下文连接删除, 删除所有的 PDP上下文 连接。 SGSN通过 RNS向 MTC UE发起 PDP上下文去激活过程,删除无线 相关的 PDP上下文资源配置。  Step 813: The SGSN performs a PDP context connection deletion, and deletes all PDP context connections. The SGSN initiates a PDP context deactivation process to the MTC UE through the RNS, and deletes the radio related PDP context resource configuration.
步驟 814, PDP上下文连接成功删除后, SGSN向 GGSN返回 PDP上 下文连接删除响应。 该 MTC UE因区域限制被 GGSN进行接入限制。  Step 814: After the PDP context connection is successfully deleted, the SGSN returns a PDP context connection deletion response to the GGSN. The MTC UE is restricted by the GGSN for access restrictions due to regional restrictions.
图 9为本发明终端接入限制的***第一种组成结构示意图, 如图 9所 示, 本示例终端接入限制的***包括设于网络侧的接收单元 90、 请求单元 91和接入限制单元 92; 以及, 设于 PCRF中的确定单元 93和通知单元 94; 其中,  9 is a schematic diagram of a first component structure of a system for access restriction of a terminal according to the present invention. As shown in FIG. 9, the system for access restriction of the terminal includes a receiving unit 90, a requesting unit 91, and an access limiting unit. 92; and a determining unit 93 and a notification unit 94 provided in the PCRF; wherein
接收单元 90, 用于接收终端的接入请求;  The receiving unit 90 is configured to receive an access request of the terminal.
请求单元 91 , 用于向 PCRF请求 PCC策略, 其中, PCC策略请求中携 带有所述终端的位置信息;  The requesting unit 91 is configured to request a PCC policy from the PCRF, where the PCC policy request carries the location information of the terminal;
确定单元 93 , 用于根据所述终端的位置信息确定所述终端是否在允许 的位置区域范围内, 并在所述终端不在允许的位置区域范围内时触发通知 单元;  a determining unit 93, configured to determine, according to location information of the terminal, whether the terminal is within an allowed location area, and trigger a notification unit when the terminal is not within the allowed location area;
通知单元 94, 用于通知所述网络侧;  a notification unit 94, configured to notify the network side;
接入限制单元 92 , 用于限制所述终端接入。  The access restriction unit 92 is configured to limit access by the terminal.
图 10 为本发明终端接入限制的***第二种组成结构示意图, 如图 10 所示, 在图 9所示终端接入限制的***的基础上, 本示例终端接入限制的 ***还包括: FIG. 10 is a schematic diagram of a second component structure of a terminal access restriction system according to the present invention. As shown in FIG. 10, based on the terminal access restriction system shown in FIG. 9, the terminal access restriction of the example terminal is The system also includes:
设置单元 95 , 用于为终端设置允许网络接入的位置区域信息的签约信 息; 其中, 所述允许网络接入的位置区域信息的签约信息存储于 SPR中或 配置于 PCRF中。  The setting unit 95 is configured to set, for the terminal, the subscription information of the location area information that allows the network to access. The subscription information of the location area information that allows the network access is stored in the SPR or configured in the PCRF.
图 11 为本发明终端接入限制的***第三种组成结构示意图, 如图 11 所示, 在图 9所示终端接入限制的***的基础上, 本示例终端接入限制的 ***还包括:  FIG. 11 is a schematic diagram of a third component structure of a terminal access restriction system according to the present invention. As shown in FIG. 11, on the basis of the terminal access restriction system shown in FIG.
配置单元 96, 设于所述 PCRF中, 用于为终端允许网络接入的不同位 置区域配置相同的或不同的 PCC策略。  The configuration unit 96 is configured to be configured in the PCRF to configure the same or different PCC policies for different location areas where the terminal allows network access.
上述确定单元 93进一步根据所述终端的位置信息,基于 SPR的签约信 息或所述 PCRF本地配置的终端允许网络接入的位置区域信息, 确定所述 终端是否位于所述终端允许网络接入的位置区域, 并在所述终端未位于所 述终端允许网络接入的位置区域时, 在所述 PCRF发送到网络侧的 PCC策 略请求响应中添加终端区域限制的指示。  The determining unit 93 further determines, according to the location information of the terminal, whether the terminal is located at a location where the terminal allows network access, based on the subscription information of the SPR or the location area information that the terminal configured by the PCRF allows the network to access. The area, and when the terminal is not located in the location area where the terminal allows network access, add an indication of the terminal area restriction in the PCC policy request response sent by the PCRF to the network side.
图 12 为本发明终端接入限制的***第四种组成结构示意图, 如图 12 所示, 在图 9所示终端接入限制的***的基础上, 本示例终端接入限制的 ***还包括:  12 is a schematic diagram of a fourth component structure of a terminal access restriction system according to the present invention. As shown in FIG. 12, based on the terminal access restriction system shown in FIG.
删除单元 97, 设于网络侧, 用于接收到携带有终端区域限制的指示的 PCC策略请求响应后, 删除为所述终端已建立的承载。  The deleting unit 97 is disposed on the network side, and is configured to delete the bearer that has been established by the terminal after receiving the PCC policy request response that carries the indication of the terminal area restriction.
上述网络侧为用户面网元。  The network side is the user plane network element.
本领域技术人员应当理解, 本发明图 9至图 12所示的终端接入限制的 ***是为实现前述的终端接入限制的方法而设计的, 上述各处理单元的实 现功能可参照前述实施例一至实施例四的相关描述而理解。 图中的各处理 单元的功能可通过运行于处理器上的程序而实现, 也可通过具体的逻辑电 路而实现。 图 10至图 12所示的终端接入限制的***中的设置单元 95、 配 置单元 96以及删除单元 97可在图 9所示结构的基础上同时具有或具有其 中的任两个, 本发明不再——进行图示。 It should be understood by those skilled in the art that the system for limiting access restrictions shown in FIG. 9 to FIG. 12 is designed to implement the foregoing method for limiting access restrictions. For the implementation functions of the foregoing processing units, reference may be made to the foregoing embodiments. It is understood from the related description of the fourth embodiment. The functions of the various processing units in the figures may be implemented by a program running on a processor or by a specific logic circuit. Setting unit 95, in the system of terminal access restriction shown in FIG. 10 to FIG. The setting unit 96 and the deleting unit 97 may have or have any two of them on the basis of the structure shown in Fig. 9, and the present invention is no longer illustrated.
以上所述, 仅为本发明的较佳实施例而已, 并非用于限定本发明的保 护范围。  The above is only the preferred embodiment of the present invention and is not intended to limit the scope of the present invention.

Claims

权利要求书 Claim
1、 一种终端接入限制的方法, 其特征在于, 所述方法包括:  A method for limiting access of a terminal, the method comprising:
接收到终端的接入请求, 网络侧向策略与计费规则功能实体 PCRF请 求策略与计费控制 PCC策略时, 携带有所述终端的位置信息;  Receiving the access request of the terminal, the network side policy and charging rule function entity PCRF requesting the policy and charging control PCC policy, carrying the location information of the terminal;
所述 PCRF根据所述终端的位置信息确定所述终端是否在允许的位置 区域范围内, 并在所述终端不在允许的位置区域范围内时通知所述网络侧, 所述网络侧限制所述终端接入。  Determining, by the location information of the terminal, whether the terminal is within an allowed location area, and notifying the network side when the terminal is not within the allowed location area, where the network side limits the terminal Access.
2、 根据权利要求 1所述的方法, 其特征在于, 所述方法还包括: 为终端设置允许网络接入的位置区域信息的签约信息; 其中, 所述允 许网络接入的位置区域信息的签约信息存储于签约数据库 SPR中或配置于 PCRF中。  The method according to claim 1, wherein the method further comprises: setting, by the terminal, subscription information of location area information that allows network access; wherein, the signing of the location area information that allows network access The information is stored in the contract database SPR or in the PCRF.
3、 根据权利要求 1所述的方法, 其特征在于, 所述方法还包括: 所述 PCRF 为终端允许网络接入的不同位置区域配置相同的或不同的 The method according to claim 1, wherein the method further comprises: the PCRF is configured to configure the same or different different location areas of the network that the terminal allows the network to access.
PCC策略。 PCC strategy.
4、 根据权利要求 2所述的方法, 其特征在于, 所述 PCRF在所述终端 不在允许的位置区域范围内时通知所述网络侧为:  The method according to claim 2, wherein the PCRF notifies the network side when the terminal is not within the allowed location area:
所述 PCRF根据所述终端的位置信息, 基于 SPR 的签约信息或所述 PCRF本地配置的终端允许网络接入的位置区域信息,确定所述终端是否位 于所述终端允许网络接入的位置区域, 所述终端未位于所述终端允许网络 接入的位置区域时, 在发送到网络侧的 PCC策略请求响应中添加终端区域 限制的指示。  The PCRF determines, according to the location information of the terminal, whether the terminal is located in a location area where the terminal is allowed to access the network, based on the SPR-based subscription information or the location area information that the terminal configured by the PCRF allows the network to access. When the terminal is not located in the location area where the terminal allows the network to access, the terminal area restriction indication is added in the PCC policy request response sent to the network side.
5、 根据权利要求 4所述的方法, 其特征在于, 所述方法还包括: 网络侧接收到携带有终端区域限制的指示的 PCC策略请求响应后, 删 除为所述终端已建立的承载。  The method according to claim 4, wherein the method further comprises: after receiving the PCC policy request response carrying the indication of the terminal area restriction, the network side deletes the bearer that has been established by the terminal.
6、 根据权利要求 1至 5任一项所述的方法, 其特征在于, 所述网络侧 为用户面网元。 The method according to any one of claims 1 to 5, wherein the network side For the user face network element.
7、 根据权利要求 6所述的方法, 其特征在于, 所述终端为机器类通信 MTC终端; 所述方法还包括:  The method according to claim 6, wherein the terminal is a machine type communication MTC terminal; the method further includes:
所述用户面网元接收到携带有终端区域限制的指示的 PCC策略请求响 应后, 通知控制面网元; 所述控制面网元对所述终端执行去附着。  After receiving the PCC policy request response carrying the indication of the terminal area restriction, the user plane network element notifies the control plane network element; the control plane network element performs detachment on the terminal.
8、 根据权利要求 6所述的方法, 其特征在于, 所述方法还包括: 控制面网元根据所述终端的类型指示或专用接入点名称 APN识别为 The method according to claim 6, wherein the method further comprises: the control plane network element identifying, according to the type indication of the terminal or the dedicated access point name APN,
MTC终端, 并选择为所述终端提供机器到机器 M2M服务的用户面网元。 The MTC terminal, and selects a user plane network element that provides the machine to machine M2M service for the terminal.
9、 根据权利要求 1所述的方法, 其特征在于, 所述方法还包括: 所述 PCRF将所述终端的位置信息上报给 MTC服务器。  The method according to claim 1, wherein the method further comprises: the PCRF reporting the location information of the terminal to the MTC server.
10、 一种终端接入限制的***, 其特征在于, 所述***包括设于网络 侧的接收单元、 请求单元和接入限制单元; 以及, 设于 PCRF 中的确定单 元和通知单元; 其中,  A system for limiting access of a terminal, wherein the system includes a receiving unit, a requesting unit, and an access limiting unit, which are disposed on the network side; and a determining unit and a notification unit, which are disposed in the PCRF;
接收单元, 用于接收终端的接入请求;  a receiving unit, configured to receive an access request of the terminal;
请求单元, 用于向 PCRF请求 PCC策略, 其中, PCC策略请求中携带 有所述终端的位置信息;  a requesting unit, configured to request a PCC policy from the PCRF, where the PCC policy request carries the location information of the terminal;
确定单元, 用于根据所述终端的位置信息确定所述终端是否在允许的 位置区域范围内, 并在所述终端不在允许的位置区域范围内时触发通知单 元;  a determining unit, configured to determine, according to the location information of the terminal, whether the terminal is within an allowed location area, and trigger a notification unit when the terminal is not within the allowed location area;
通知单元, 用于通知所述网络侧;  a notification unit, configured to notify the network side;
接入限制单元, 用于限制所述终端接入。  An access restriction unit, configured to limit access by the terminal.
11、 根据权利要求 10所述的***, 其特征在于, 所述***还包括: 设置单元, 用于为终端设置允许网络接入的位置区域信息的签约信息; 其中, 所述允许网络接入的位置区域信息的签约信息存储于 SPR中或配置 于 PCRF中。 The system according to claim 10, wherein the system further comprises: a setting unit, configured to set, for the terminal, subscription information of location area information that allows network access; wherein, the network access is allowed The subscription information of the location area information is stored in the SPR or in the PCRF.
12、 根据权利要求 10所述的***, 其特征在于, 所述***还包括: 配置单元, 设于所述 PCRF 中, 用于为终端允许网络接入的不同位置 区域配置相同的或不同的 PCC策略。 The system according to claim 10, wherein the system further comprises: a configuration unit, configured in the PCRF, configured to configure the same or different PCCs for different location areas where the terminal allows network access Strategy.
13、 根据权利要求 11所述的***, 其特征在于, 所述确定单元进一步 根据所述终端的位置信息, 基于 SPR的签约信息或所述 PCRF本地配置的 终端允许网络接入的位置区域信息, 确定所述终端是否位于所述终端允许 网络接入的位置区域, 并在所述终端未位于所述终端允许网络接入的位置 区域时, 在所述 PCRF发送到网络侧的 PCC策略请求响应中添加终端区域 限制的指示。  The system according to claim 11, wherein the determining unit further determines, according to the location information of the terminal, the SPR-based subscription information or the location area information that the PCRF locally configured terminal allows the network to access. Determining whether the terminal is located in a location area where the terminal allows network access, and when the terminal is not located in a location area where the terminal allows network access, in the PCC policy request response sent by the PCRF to the network side Add an indication of the terminal zone limit.
14、 根据权利要求 13所述的***, 其特征在于, 所述***还包括: 删除单元,设于网络侧,用于接收到携带有终端区域限制的指示的 PCC 策略请求响应后, 删除为所述终端已建立的承载。  The system according to claim 13, wherein the system further comprises: a deleting unit, configured on the network side, configured to: after receiving the PCC policy request response carrying the indication of the terminal area limitation, deleting the The bearer that the terminal has established.
15、 根据权利要求 10至 14任一项所述的***, 其特征在于, 所述网 络侧为用户面网元。  The system according to any one of claims 10 to 14, wherein the network side is a user plane network element.
PCT/CN2011/079758 2010-10-18 2011-09-16 Terminal access limit method and system WO2012051890A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201010511386.4A CN102457938B (en) 2010-10-18 2010-10-18 The method and system of terminal access restriction
CN201010511386.4 2010-10-18

Publications (1)

Publication Number Publication Date
WO2012051890A1 true WO2012051890A1 (en) 2012-04-26

Family

ID=45974674

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2011/079758 WO2012051890A1 (en) 2010-10-18 2011-09-16 Terminal access limit method and system

Country Status (2)

Country Link
CN (1) CN102457938B (en)
WO (1) WO2012051890A1 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103024781A (en) * 2012-12-30 2013-04-03 广西深睿科技有限公司 Method for processing abnormalities in stage when mobile communication system cellphone accesses to network
WO2014015524A1 (en) * 2012-07-27 2014-01-30 Nokia Siemens Networks Oy Methods and apparatus for device monitoring
WO2014067558A1 (en) * 2012-10-30 2014-05-08 Nokia Solutions And Networks Oy User location based network registration
CN111901850A (en) * 2020-07-23 2020-11-06 北京长焜科技有限公司 Method for judging APN access limitation
WO2021092765A1 (en) * 2019-11-12 2021-05-20 华为技术有限公司 Method and apparatus for accessing network

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101621346B1 (en) * 2012-06-20 2016-05-16 후아웨이 테크놀러지 컴퍼니 리미티드 Method, node, mobile terminal and system for identifying network tethering behavior
WO2014008630A1 (en) 2012-07-10 2014-01-16 Telefonaktiebolaget L M Ericsson(Publ) Reducing signaling load caused by change of terminal location
CN103020531B (en) * 2012-12-06 2015-05-27 中国科学院信息工程研究所 Method and system for trusted control of operating environment of Android intelligent terminal
CN103052054B (en) * 2012-12-18 2016-03-30 华为技术有限公司 A kind of method, apparatus and system determining user's accessing WLAN authority
US9787484B2 (en) * 2013-02-20 2017-10-10 Nokia Solutions And Networks Oy Adapting PCC rules to user experience
CN104243406A (en) * 2013-06-09 2014-12-24 ***通信集团公司 Terminal access authentication method and device in internet of things system
EP3754504B1 (en) * 2015-03-09 2022-03-02 Telefonaktiebolaget LM Ericsson (publ) Dynamic event subscriptions for m2m communication
CN107959918B (en) 2016-10-14 2020-02-07 电信科学技术研究院 Session management method, mobility management function and session management function
CN106507350B (en) * 2016-10-21 2019-11-08 陕西理工学院 A kind of internet-of-things terminal and system of the limited triggering of low power consuming
WO2018076215A1 (en) * 2016-10-26 2018-05-03 华为技术有限公司 Policy control rule transmission method and apparatus
WO2018129665A1 (en) * 2017-01-10 2018-07-19 华为技术有限公司 Communication method, network exposure function network element, and control plane network element
WO2018205145A1 (en) * 2017-05-09 2018-11-15 Zte Corporation Method and apparatus for allocating registration area
CN109699000B (en) * 2017-10-24 2021-03-16 中国电信股份有限公司 Real-time location charging triggering method, system and MME
CN110602735B (en) 2018-06-13 2021-06-29 华为技术有限公司 Method for providing limited service and communication equipment
WO2020248182A1 (en) * 2019-06-13 2020-12-17 Qualcomm Incorporated Bike lane communications networks
EP4044683A4 (en) * 2019-10-10 2022-10-26 Huawei Technologies Co., Ltd. Service processing method, device and system
CN112867097A (en) * 2019-11-12 2021-05-28 华为技术有限公司 Network access method and communication device
CN117641241A (en) * 2022-08-09 2024-03-01 华为技术有限公司 Communication method and communication device
CN116017462B (en) * 2023-03-28 2023-05-30 前海联大(深圳)技术有限公司 SIM card authorization management method, device and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101572854A (en) * 2008-04-28 2009-11-04 华为技术有限公司 Method, system and equipment for strategy authorization
CN101729978A (en) * 2009-05-26 2010-06-09 中兴通讯股份有限公司 Method and system for realizing established service charging policy
CN101771958A (en) * 2008-12-29 2010-07-07 华为技术有限公司 Information transmitting method, charging method, charging device, forwarding device and establishing device
CN101860807A (en) * 2010-05-05 2010-10-13 工业和信息化部电信传输研究所 Managing and communication establishing method of M2M terminal device group and device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101272256B (en) * 2007-03-23 2011-07-06 华为技术有限公司 Business handling method and system, policy control and charging regulation functional entity

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101572854A (en) * 2008-04-28 2009-11-04 华为技术有限公司 Method, system and equipment for strategy authorization
CN101771958A (en) * 2008-12-29 2010-07-07 华为技术有限公司 Information transmitting method, charging method, charging device, forwarding device and establishing device
CN101729978A (en) * 2009-05-26 2010-06-09 中兴通讯股份有限公司 Method and system for realizing established service charging policy
CN101860807A (en) * 2010-05-05 2010-10-13 工业和信息化部电信传输研究所 Managing and communication establishing method of M2M terminal device group and device

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014015524A1 (en) * 2012-07-27 2014-01-30 Nokia Siemens Networks Oy Methods and apparatus for device monitoring
US9538447B2 (en) 2012-07-27 2017-01-03 Nokia Solutions And Networks Oy Methods and apparatus for device monitoring
WO2014067558A1 (en) * 2012-10-30 2014-05-08 Nokia Solutions And Networks Oy User location based network registration
CN103024781A (en) * 2012-12-30 2013-04-03 广西深睿科技有限公司 Method for processing abnormalities in stage when mobile communication system cellphone accesses to network
WO2021092765A1 (en) * 2019-11-12 2021-05-20 华为技术有限公司 Method and apparatus for accessing network
CN111901850A (en) * 2020-07-23 2020-11-06 北京长焜科技有限公司 Method for judging APN access limitation

Also Published As

Publication number Publication date
CN102457938B (en) 2016-03-30
CN102457938A (en) 2012-05-16

Similar Documents

Publication Publication Date Title
WO2012051890A1 (en) Terminal access limit method and system
CN113785634B (en) Wireless device paging over wireless networks
EP2566199B1 (en) Method and system for transmitting small data packets
JP7455138B2 (en) Core paging processing
US9077723B2 (en) Method, mobile management unit and gateway for restricting MTC device to access and communicate
US8811984B2 (en) Area-based access control method for terminals which carry out M2M communications in a wireless communication system
JP5514908B2 (en) Communication system and apparatus for status-dependent mobile services
WO2017167203A1 (en) Method and apparatus for controlling quality of service
US9374699B2 (en) Proximity-based service registration method and related apparatus
JP5866132B2 (en) Method for performing detachment procedure and terminal thereof
KR101633331B1 (en) METHOD FOR providing connection type information and METHOD FOR controlling radio resource of home (e)NodeB
WO2012094957A1 (en) Method and system for performing mobility management on mtc terminal
WO2011060673A1 (en) Public bearer establishment method, data transmission method and core network side apparatus
CN102469433B (en) A kind of method and system realizing data flow service quality and charging policy control
CN101860910B (en) Bearer establishing method, system and device of local network
WO2011050689A1 (en) Access control method and system for machine type communication terminal
WO2014166089A1 (en) Method and device for congestion control
WO2011054251A1 (en) Method, system and terminal for preventing access from illegal terminals
JP2022524165A (en) RAN paging process
WO2011157189A2 (en) Method, device and system for reporting location
WO2012024989A1 (en) Method and system for bearer release
JP5859680B2 (en) Local access connection processing method and apparatus
WO2010130126A1 (en) Method and system for access control and access side device
WO2011050688A1 (en) Method and system for obtaining machine type communication terminal information
WO2012100664A1 (en) Method and system for activating terminal

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11833796

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11833796

Country of ref document: EP

Kind code of ref document: A1