WO2017008402A1 - Method for authenticated access, base station, and terminal - Google Patents

Method for authenticated access, base station, and terminal Download PDF

Info

Publication number
WO2017008402A1
WO2017008402A1 PCT/CN2015/091348 CN2015091348W WO2017008402A1 WO 2017008402 A1 WO2017008402 A1 WO 2017008402A1 CN 2015091348 W CN2015091348 W CN 2015091348W WO 2017008402 A1 WO2017008402 A1 WO 2017008402A1
Authority
WO
WIPO (PCT)
Prior art keywords
base station
wlan
service flow
aggregated service
terminal
Prior art date
Application number
PCT/CN2015/091348
Other languages
French (fr)
Chinese (zh)
Inventor
雷艺学
李明菊
张云飞
Original Assignee
宇龙计算机通信科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 宇龙计算机通信科技(深圳)有限公司 filed Critical 宇龙计算机通信科技(深圳)有限公司
Publication of WO2017008402A1 publication Critical patent/WO2017008402A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W72/00Local resource management
    • H04W72/50Allocation or scheduling criteria for wireless resources
    • H04W72/54Allocation or scheduling criteria for wireless resources based on quality criteria
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/15Setup of multiple wireless link connections
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/20Manipulation of established connections
    • H04W76/27Transitions between radio resource control [RRC] states
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/40Connection management for selective distribution or broadcast

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to a method, a base station, and a terminal for authenticating access.
  • LTE Long Term Evolution Advanced
  • WLAN Wireless Local Area Networks
  • the existing integration technologies of WLAN and cellular networks are mainly defined in 3GPP.
  • 3GPP There are two existing solutions in 3GPP, one is integration in the core network [refer to TS 23.402], and the other is integration at the radio access network (RANRadio Access Network, RAN) [refer to TS 23.401, TS 36.304, TS 36.331] .
  • the integration at the RAN level is the RAN-assisted WLAN interworking solution defined by 3GPP Release 12. Regardless of whether it is a core network integration solution or a RAN-assisted WLAN interworking solution, the access layer (Access Stratum, AS for short) does not support aggregation of user plane data. Therefore, WLANs cannot be fully utilized for flexible and efficient traffic aggregation transmission.
  • the carrier aggregation technology in the prior art is to use a WLAN running on an unlicensed spectrum as a secondary cell (Scell) to improve throughput.
  • Scell secondary cell
  • Pcell Primary Cell
  • the technical problem to be solved by the embodiments of the present invention is to provide a method for authenticating access, and a base station And terminal.
  • the problem of authenticating the service data stream in the WLAN and LTE aggregation network is solved.
  • the first aspect of the embodiments of the present invention provides a method for authenticating access, including:
  • Radio resource control message is used to indicate that the terminal transmits the aggregated service flow by using the wireless local area network sub-cell and the base station;
  • the base station triggers the authentication based on the long term evolution network, and confirms that the aggregated service flow meets the service quality of the packet data network connection and allocates corresponding network resources to the aggregated service flow;
  • the method further includes:
  • the base station sends an offloading indication message to the terminal, where the offloading indication message is used to indicate that the base station needs to offload the aggregated service flow, and the radio resource control message carries the identifier information of the WLAN sub-cell.
  • the WLAN sub-cell is configured to offload the aggregated service flow that is offloaded by the base station.
  • the long-term evolution network-based authentication triggered by the base station includes an authentication based on a user identification module and an authentication not based on a user identification module.
  • the method further includes:
  • the base station establishes an Xw channel with the WLAN end point entity to ensure quality of service when the aggregated service flow data is transmitted.
  • a second aspect of the embodiments of the present invention provides a method for authenticating access, including:
  • the terminal sends a radio resource control message to the base station, and informs the base station that the terminal will transmit the aggregated service flow through the wireless local area network sub-cell and the base station;
  • the terminal After the base station triggers the authentication based on the long term evolution network, confirming that the aggregated service flow conforms to the quality of service of the packet data network connection and allocates corresponding network resources to the aggregated service flow, the terminal sends a wireless network LAN termination point The entity sends an indication message notifying the WLAN endpoint that the aggregated traffic flow will start transmitting, so that the WLAN endpoint entity skips the WLAN Local authentication, the transmission of the aggregated service flow is completed by the wireless local area network sub-cell and the base station.
  • the method further includes:
  • the WLAN sub-cell is configured to offload the aggregated service flow that is offloaded by the base station.
  • a third aspect of the embodiments of the present invention provides a base station, including:
  • a receiving unit configured to receive a radio resource control message sent by the terminal, where the radio resource control message is used to indicate that the terminal transmits the aggregated service flow through the wireless local area network sub-cell and the base station;
  • An authentication unit configured to trigger a long-term evolution network-based authentication, confirming that the aggregated service flow meets a service quality of a packet data network connection, and allocating a corresponding network resource to the aggregated service flow;
  • a sending unit configured to send an indication message to the WLAN end point entity, to notify the WLAN end point that the aggregated service flow starts to be transmitted, so that the WLAN end point entity skips local authentication of the WLAN,
  • the wireless local area network sub-cell and the base station complete transmission of the aggregated service flow.
  • the sending unit is further configured to:
  • the receiving unit Before the receiving unit receives the RRC message sent by the terminal, sending an offloading indication message to the terminal, where the offloading indication message is used to indicate that the base station needs to offload the aggregated service flow, where the RRC message is in the RRC message And carrying the identifier information of the WLAN sub-cell, where the WLAN sub-cell is configured to offload the aggregated service flow that is offloaded by the base station.
  • the long-term evolution network-based authentication triggered by the authentication unit includes an authentication based on a user identification module and an authentication not based on a user identification module.
  • a establishing unit configured to establish an Xw channel with the WLAN end point entity after the WLAN end point entity skips local authentication of the WLAN to ensure the number of the aggregated service flows According to the quality of service when transmitting.
  • a fourth aspect of the embodiments of the present invention provides a terminal, including:
  • a first sending unit configured to send a radio resource control message to the base station, to inform the base station that the terminal transmits the aggregated service flow through the wireless local area network sub-cell and the base station;
  • a second sending unit configured to: when the base station triggers the authentication based on the long term evolution network, confirm that the aggregated service flow meets the service quality of the packet data network connection, and allocates corresponding network resources to the aggregated service flow,
  • the WLAN endpoint entity sends an indication message informing the WLAN endpoint that the aggregated traffic flow will begin to transmit, so that the WLAN endpoint entity skips local authentication of the WLAN by the WLAN sub-cell and
  • the base station completes transmission of the aggregated service flow.
  • a receiving unit configured to receive, before the first sending unit sends the RRC message to the base station, an offload indication message sent by the base station, where the offload indication message is used to indicate that the base station needs to offload the aggregated service flow,
  • the RRC message carries the identifier information of the WLAN sub-cell, where the WLAN sub-cell is configured to offload the aggregated service stream that is unloaded by the base station.
  • a third sending unit configured to send a notification message to the WLAN end point entity when the terminal needs to transmit a non-aggregated service flow, so that the WLAN end point entity performs a local wireless local area network authentication process, where The wireless local area network sub-cell completes the transmission of the non-aggregated service flow.
  • the base station sends the RRC message to the base station to notify the base station that the service flow to be initiated by the terminal is an aggregated service flow, that is, needs to be transmitted through the WLAN sub-cell and the base station; therefore, the base station triggers the authentication based on the long-term evolution network.
  • the WLAN and the LTE aggregation network are connected to the terminal
  • the authentication ensures that the service data traffic is transmitted normally, and the aggregated service flow can be offloaded by the WLAN network for the LTE network, which reduces the bandwidth pressure of the LTE network and improves the aggregated service flow transmission. The efficiency of the user has improved the business experience.
  • FIG. 1 is a schematic flowchart of a first embodiment of a method for authenticating access according to the present invention
  • FIG. 2 is a schematic flowchart of a second embodiment of a method for authenticating access according to the present invention
  • FIG. 3 is a schematic flowchart of a third embodiment of a method for authenticating access according to the present invention.
  • FIG. 4 is a schematic flowchart of a fourth embodiment of a method for authenticating access according to the present invention.
  • Figure 5 is a schematic diagram showing the composition of a first embodiment of a base station according to the present invention.
  • FIG. 6 is a schematic diagram showing the composition of a second embodiment of a base station according to the present invention.
  • Figure 7 is a schematic diagram showing the composition of a first embodiment of the terminal of the present invention.
  • Figure 8 is a schematic diagram showing the composition of a second embodiment of the terminal of the present invention.
  • FIG. 9 is a schematic diagram of a system interaction process of a WLAN and an LTE aggregation network according to the present invention.
  • FIG. 10a is a schematic diagram of a path of an aggregated service flow transmission mentioned in the present invention.
  • Figure 10b is a schematic diagram of the path of the non-aggregated traffic flow mentioned in the present invention.
  • FIG. 1 is a schematic flowchart of a first embodiment of a method for authenticating access according to the present invention.
  • the method includes the following steps:
  • the base station receives a Radio Resource Control (RRC) message sent by the terminal.
  • RRC Radio Resource Control
  • the RRC message is used to indicate that the terminal will transmit the aggregated service flow through the WLAN sub-cell and the base station. That is, the base station is informed that the terminal initiates the service flow to be aggregated. business flow.
  • the RRC message here may be an existing RRC connection request message or a newly defined RRC message.
  • the aggregated service flow may be a service data flow that needs to be transmitted through an LTE network, such as a multimedia service, a call service, etc., which generally needs to allocate resources by the base station and has a quality of service (QoS). Certain requirements.
  • a non-aggregated traffic flow may be a traffic data flow that can be implemented only through a WLAN access point, such as simply accessing the network, downloading files, and the like.
  • the base station triggers the authentication based on the long-term evolution network, and confirms that the aggregated service flow meets the service quality of the packet data network connection and allocates corresponding network resources to the aggregated service flow.
  • the base station triggered long-term evolution network-based authentication includes a Subscriber Identity Module (SIM)-based authentication and a non-user identification module-based authentication.
  • SIM Subscriber Identity Module
  • the base station can perform security authentication on the terminal and the related aggregated service flow to ensure the transmission quality thereof.
  • the base station sends an indication message to the WLAN termination point entity to notify the WLAN end point that the aggregated service flow starts to be transmitted, so that the WLAN termination point entity skips local authentication of the WLAN.
  • the wireless local area network sub-cell and the base station complete transmission of the aggregated service flow.
  • the indication message sent by the base station to the WLAN termination point entity herein may be an explicit indication, directly indicating that the user plane data is about to be generated.
  • the indication message can also be non-explicit, ie triggered by the first data packet of the arriving user data stream.
  • the indication message may be sent by the base station, or may be sent by the terminal to the WLAN termination point entity. It is only necessary to have the WLAN endpoint entity know that the traffic stream data for the aggregation will start to be transmitted. Since the base station has performed the LTE network-based authentication, the local authentication of the WLAN can be skipped and the efficiency of the aggregated service flow transmission is improved.
  • the WLAN sub-cell in this embodiment is an LTE network authentication mechanism that has confirmed that the aggregated service flow can be carried by the WLAN sub-cell, and the acknowledgment mode can be adopted when the WLAN access point is deployed by the operator. Configuration to guarantee.
  • the WLAN termination point entity described in this embodiment may be separately set up with an access point of the WLAN, and communicate with the terminal, the access point, or the base station through its own interface; or may be integrated in the WLAN.
  • the interface of the existing access point is used to implement communication with the terminal or the base station. letter.
  • the embodiment of the invention does not impose any limitation.
  • the base station sends the RRC message to the base station to notify the base station that the service flow to be initiated by the terminal is an aggregated service flow, that is, needs to be transmitted through the WLAN sub-cell and the base station; therefore, the base station triggers the authentication based on the long-term evolution network.
  • the WLAN and the LTE aggregation network are connected to the terminal
  • the authentication ensures that the service data traffic is transmitted normally, and the aggregated service flow can be offloaded by the WLAN network for the LTE network, which reduces the bandwidth pressure of the LTE network, improves the efficiency of the aggregated service flow transmission, and improves the user service experience.
  • the aggregation of the LTE network and the WLAN network is described in detail, but those skilled in the art can understand that, in view of the low cost of the WLAN network, the same can be used with the 3G.
  • Other networks, such as 4G or 5G, are aggregated, and the aggregated service flows are transmitted in the manner described in the embodiment of the present invention.
  • steps S201-S202 are the same as S101-S102 shown in FIG. 1, and are not further described herein.
  • the method further includes:
  • the base station sends an uninstall indication message to the terminal.
  • the offloading indication message is used to indicate that the base station needs to offload the aggregated service flow
  • the radio resource control message carries the identifier information of the WLAN sub-cell
  • the WLAN sub-cell is used to offload the base station to be offloaded. Aggregated business flow.
  • the identification information here may be (Service Set Identifier, SSID for short) or Basic Service Set Identifier (BSSID).
  • SSID Service Set Identifier
  • BSSID Basic Service Set Identifier
  • the base station when the base station notifies the terminal that the aggregated service flow is to be unloaded, if all the WLAN sub-cells cooperating with the base station are in a busy state or other reasons, the unsuccessful unloading is performed, the aggregated service flow is still completed by the base station. After the base station informs the terminal that the aggregated service flow is to be unloaded, and the terminal selects a suitable WLAN sub-cell, the WLAN sub-cell diverts the part of the aggregated service flow that is unloaded by the base station, and another part that is not unloaded is aggregated.
  • the traffic of the service is still transmitted through the base station; in general, the aggregated service flow usually requires the base station as its service characteristics such as the demand for QoS With authentication transmission, but for some special aggregated traffic flows, it can even be transmitted mostly or all by the WLAN sub-cell.
  • step S202 the method further includes the steps of:
  • the base station sends an indication message to the WLAN termination point entity to notify the WLAN end point that the aggregated service flow starts to be transmitted, so that the WLAN termination point entity skips local authentication of the WLAN.
  • the base station establishes an Xw channel with the WLAN termination point entity to ensure quality of service when the aggregated service flow data is transmitted.
  • S205 Perform, by the wireless local area network sub-cell and the base station, the transmission of the aggregated service flow.
  • the step of sending an offload indication message to the terminal by the base station is added to trigger the terminal to send the RRC message; and after the WLAN local point entity skips the WLAN local authentication, the Xw channel is constructed, thereby ensuring the LTE network.
  • the quality of service carried by the data stream is added to trigger the terminal to send the RRC message; and after the WLAN local point entity skips the WLAN local authentication, the Xw channel is constructed, thereby ensuring the LTE network. The quality of service carried by the data stream.
  • FIG. 3 it is a schematic flowchart of a third embodiment of a method for authenticating access according to the present invention.
  • the method includes the following steps:
  • the terminal sends a radio resource control message to the base station, and informs the base station that the terminal transmits the aggregated service flow through the wireless local area network sub-cell and the base station.
  • the terminal sends the corresponding local network resource to the wireless local area network.
  • the endpoint entity sends an indication message notifying the WLAN endpoint that the aggregated traffic flow will begin to transmit, so that the WLAN endpoint entity skips local authentication of the WLAN by the WLAN sub-cell and the The base station completes the transmission of the aggregated service flow.
  • steps S401-S402 are the same as S301-S302 shown in FIG. 3, and details are not described herein again.
  • the method further includes:
  • the terminal receives an uninstall indication message sent by a base station.
  • the offloading indication message is used to indicate that the base station needs to offload the aggregated service flow
  • the radio resource control message carries the identifier information of the WLAN sub-cell
  • the WLAN sub-cell is used to offload the base station to be offloaded. Aggregated business flow.
  • step S402 the method further includes:
  • the notification message here can be sent through the application layer.
  • adaptive authentication can be implemented according to the type (aggregation or non-aggregation) of the service flow initiated by the terminal in the aggregation network of the WLAN network and the LTE network. Real aggregation of WLAN networks and LTE networks and efficient transmission of different service data streams.
  • the base station includes:
  • the receiving unit 100 is configured to receive a radio resource control message sent by the terminal, where the radio resource control message is used to indicate that the terminal transmits the aggregated service flow through the wireless local area network sub-cell and the base station;
  • the authentication unit 200 is configured to trigger the authentication based on the long term evolution network, confirm that the aggregated service flow meets the quality of service of the packet data network connection, and allocate corresponding network resources to the aggregated service flow;
  • the sending unit 300 is configured to send an indication message to the WLAN termination point entity, to notify the WLAN end point that the aggregated service flow starts to be transmitted, so that the WLAN termination point entity skips local authentication of the WLAN, The wireless local area network sub-cell and the base station complete transmission of the aggregated service flow.
  • the sending unit 300 is further configured to:
  • the receiving unit 100 Before the receiving unit 100 receives the RRC message sent by the terminal, sending an uninstallation indication message to the terminal, where the offload indication message is used to indicate that the base station needs to offload the aggregated service flow, the RRC message And carrying the identifier information of the WLAN sub-cell, where the WLAN sub-cell is configured to offload the aggregated service flow that is offloaded by the base station.
  • the long term evolution network based authentication triggered by the authentication unit 300 includes an authentication based on a user identification module and an authentication not based on a user identification module.
  • FIG. 6 it is a schematic diagram of a configuration of a second embodiment of a base station according to the present invention.
  • the base station in this embodiment is increased compared with the base station shown in FIG. 5 .
  • the establishing unit 400 is configured to establish an Xw channel with the WLAN end point entity after the WLAN end point entity skips the local authentication of the WLAN to ensure the quality of service of the aggregated service flow data transmission.
  • the above receiving unit 100, the authentication unit 200, the sending unit 300, and the establishing unit 400 may exist independently or may be integrated.
  • the receiving unit 100, the authentication unit 200, the sending unit 300, or the establishing unit 400 may be independent of the processing of the base station in the form of hardware.
  • the device is separately provided, and the setting form may be in the form of a microprocessor; it may also be embedded in the processor of the base station in hardware form, or may be stored in the memory of the base station in software to facilitate the processor of the base station.
  • the operations corresponding to the above receiving unit 100, the authentication unit 200, the transmitting unit 300, and the establishing unit 400 are invoked.
  • the receiving unit 100 and the sending unit 300 can also be used as an interface circuit of the base station, and can be integrated with the authentication unit 200 or the establishing unit 400, or can be independently set.
  • the authentication unit 200 may be a processor of the base station, and the functions of the receiving unit 100, the sending unit 300, and the establishing unit 400 may be embedded in the In the processor, it can also be set separately from the processor, or can be stored in the memory in the form of software, and the function is called by the processor.
  • the embodiment of the invention does not impose any limitation.
  • the above processor may be a central processing unit (CPU), a microprocessor, a single chip microcomputer, or the like.
  • FIG. 7 it is a schematic diagram of a composition of a first embodiment of a terminal according to the present invention.
  • the terminal includes:
  • the first sending unit 500 is configured to send a radio resource control message to the base station, and notify the base station that the terminal transmits the aggregated service flow through the wireless local area network sub-cell and the base station;
  • a second sending unit 600 configured to: after the base station triggers the authentication based on the long term evolution network, confirm that the aggregated service flow meets the service quality of the packet data network connection, and allocates corresponding network resources to the aggregated service flow, Sending an indication message to the WLAN termination point entity, informing the WLAN endpoint that the aggregated service flow will start transmitting, so that the WLAN termination point entity skips local authentication of the WLAN by the WLAN sub-cell And transmitting, by the base station, the aggregated service flow.
  • FIG. 8 it is a schematic diagram of a configuration of a second embodiment of a terminal according to the present invention.
  • the terminal in this embodiment is added as compared with the terminal shown in FIG. 7 :
  • the receiving unit 700 is configured to: before the first sending unit 500 sends the RRC message to the base station, receive an offload indication message sent by the base station, where the offload indication message is used to indicate that the base station needs to offload the aggregated service flow,
  • the RRC message carries the identifier information of the WLAN sub-cell, and the WLAN sub-cell is configured to offload the aggregated service stream that is offloaded by the base station.
  • the third sending unit 800 is configured to send a notification when the terminal needs to transmit a non-aggregated service flow. Sending a message to the WLAN endpoint entity, so that the WLAN end point entity performs a local WLAN authentication process, and the WLAN sub-cell completes transmission of the non-aggregated service stream.
  • the first sending unit 500, the second sending unit 600, the receiving unit 700, and the third sending unit 800 may exist independently or may be integrated, and the first sending unit 500, the second sending unit 600, the receiving unit 700, or the third sending unit
  • the unit 800 may be separately set in the form of hardware independently of the processor of the terminal, and may be in the form of a microprocessor; or may be embedded in the processor of the terminal in hardware, or may be stored in software in the form.
  • the processor of the terminal is instructed to perform operations corresponding to the above first transmitting unit 500, second transmitting unit 600, receiving unit 700, and third transmitting unit 800.
  • the first sending unit 500, the receiving unit 700, and the third sending unit 800 may also be used as an interface circuit of the terminal, may be integrated with the second sending unit 600, or may be independently set.
  • the second sending unit 600 may be a processor of the terminal, and the first sending unit 500, the receiving unit 700, and the third sending unit 800
  • the functions may be embedded in the processor, or may be set separately from the processor, or may be stored in the memory in the form of software, which is called by the processor to implement its functions.
  • the embodiment of the invention does not impose any limitation.
  • the above processor may be a central processing unit (CPU), a microprocessor, a single chip microcomputer, or the like.
  • FIG. 9 it is a schematic diagram of a system interaction process between a WLAN and an LTE aggregation network according to the present invention.
  • the system of the aggregation network includes:
  • Terminal WLAN endpoint entity, base station, and functional entity or AAA server of the core network.
  • the interaction process includes:
  • the WLAN local authentication process interacts with the core network.
  • the aggregation network can be adaptively authenticated according to the service flow type (aggregated or non-aggregated) transmitted by the terminal.
  • FIG. 10a is a schematic diagram of a path of an aggregated service flow transmission according to the present invention.
  • the lightning-shaped connection line between the terminal and the base station or the wireless local area network access point indicates that the terminal can perform wireless communication with the base station or the wireless local area network access point; and the base station passes the packet data gateway (PGW) or the service gateway (SGW) The path communication described in the solid line; the base station communicates with the wireless local area network access point through the Xw channel; the broken line indicates the path of the aggregated service flow transmission.
  • PGW packet data gateway
  • SGW service gateway
  • part of the service flow is transmitted through the path of the existing base station, the PGW/SGW, and the other part is branched to the wireless local area network access point, the Xw channel, the base station, and the PGW/SGW.
  • the path is transmitted, so that the WLAN network with lower cost is used for the purpose of offloading the LTE network.
  • FIG. 10b is a schematic diagram of the path of the non-aggregated service flow transmission according to the present invention.
  • the lightning-shaped connection line between the terminal and the base station or the wireless local area network access point indicates that the terminal can perform wireless communication with the base station or the wireless local area network access point; and the base station passes the packet data gateway (PGW) or the service gateway (SGW) The path communication described in the solid line; the base station communicates with the wireless local area network access point through the Xw channel; the broken line indicates the path of the non-aggregated service flow transmission.
  • PGW packet data gateway
  • SGW service gateway
  • the traffic is transmitted through the path of the existing wireless local area network access point, the Internet.
  • the method for authenticating access according to the first to fourth embodiments of the method for authenticating access according to the embodiment of the present invention is adopted by the aggregation network of the WLAN and the LTE network.
  • the adaptive transmission of the aggregated service flow and the non-aggregated service flow can be realized, the bandwidth cost is saved, and the user experience of the user is improved.
  • the present invention has the following advantages:
  • the base station sends the RRC message to the base station to notify the base station that the service flow to be initiated by the terminal is an aggregated service flow, that is, needs to be transmitted through the WLAN sub-cell and the base station; therefore, the base station triggers the authentication based on the long-term evolution network.
  • the WLAN and the LTE aggregation network are connected to the terminal
  • the authentication ensures that the service data traffic is transmitted normally, and the aggregated service flow can be offloaded by the WLAN network for the LTE network, which reduces the bandwidth pressure of the LTE network, improves the efficiency of the aggregated service flow transmission, and improves the user service experience.
  • the storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM).

Abstract

Disclosed are a method for authenticated access, a base station, and a terminal. The method comprises: a base station receives a radio resource control message transmitted by a terminal, where the radio resource control message is used for indicating that the terminal is going to transmit an aggregated service stream with the base station via a wireless local area network subcell; the base station triggers a long term evolution network-based authentication, determines that the aggregated service stream complies with the quality of service of a packet data network connection, and allocates a corresponding network resource for the aggregated service stream; the base station transmits an indication message to a wireless local area network endpoint entity and notifies the wireless local area network endpoint entity that the aggregated service stream is about to be transmitted, thus allowing the wireless local area network endpoint entity to skip local authentication of a wireless local area network and allowing the wireless local area network subcell and the base station to complete the transmission of the aggregated service stream. Employment of the present invention implements aggregation and authentication of a WLAN and an LTE network, thus reducing the bandwidth pressure on the LTE network.

Description

一种认证接入的方法、基站及终端Method, base station and terminal for authenticating access 技术领域Technical field
本发明涉及通信技术领域,尤其涉及一种认证接入的方法、基站及终端。The present invention relates to the field of communications technologies, and in particular, to a method, a base station, and a terminal for authenticating access.
背景技术Background technique
随着各种移动应用的发展以及移动终端用户的不断增加,现有无线通信***如***移动通信技术(the 4th Generation mobile communication technology,简称4G)***长期演进(Long Term Evolution,简称LTE)、长期演进升级版(Long Term EvolutionAdvanced,简称LTE-A)无法满足用户对高速无线接入的带宽需求。与此同时,在提高接入带宽的同时,如何降低成本也是一个非常重要的因素。利用无线局域网(Wireless Local Area Networks,简称WLAN)的低成本优势来弥补LTE及其增强技术LTE-A在带宽上的不足,成为一个非常有前景的方向。With the development of various mobile applications and the increasing number of mobile terminal users, the existing wireless communication system such as the 4th Generation mobile communication technology (4G) system Long Term Evolution (LTE) The Long Term Evolution Advanced (LTE-A) cannot meet the bandwidth requirements of users for high-speed wireless access. At the same time, while increasing access bandwidth, how to reduce costs is also a very important factor. Using the low-cost advantages of Wireless Local Area Networks (WLAN) to compensate for the lack of bandwidth of LTE and its enhanced technology LTE-A has become a very promising direction.
现有的WLAN与蜂窝网络的整合技术主要在3GPP进行定义。3GPP现有方案分两种,一种是在核心网的整合[参考TS 23.402],一种是在无线接入网(RANRadioAccessNetwork,简称RAN)层面进行整合[参考TS 23.401,TS 36.304,TS 36.331]。在RAN层面的整合是3GPP Release 12定义的RAN辅助的WLAN互通方案。不论是核心网整合方案还是RAN辅助的WLAN互通方案,都不支持在接入层(Access Stratum,简称AS)对用户面数据进行聚合。因此,尚且不能充分利用WLAN进行灵活和高效率的流量汇聚传输。而现有技术中的载波聚合技术则是将把运行在非授权频谱上的WLAN作为辅服务小区(Secondary Cell,简称Scell)来提高吞吐量。但是其只会对基站侧的主服务小区(Primary Cell,简称Pcell)进行认证,当主服务小区认证通过后便直接使用辅服务小区进行业务数据传输。The existing integration technologies of WLAN and cellular networks are mainly defined in 3GPP. There are two existing solutions in 3GPP, one is integration in the core network [refer to TS 23.402], and the other is integration at the radio access network (RANRadio Access Network, RAN) [refer to TS 23.401, TS 36.304, TS 36.331] . The integration at the RAN level is the RAN-assisted WLAN interworking solution defined by 3GPP Release 12. Regardless of whether it is a core network integration solution or a RAN-assisted WLAN interworking solution, the access layer (Access Stratum, AS for short) does not support aggregation of user plane data. Therefore, WLANs cannot be fully utilized for flexible and efficient traffic aggregation transmission. The carrier aggregation technology in the prior art is to use a WLAN running on an unlicensed spectrum as a secondary cell (Scell) to improve throughput. However, it only authenticates the primary serving cell (Primary Cell, Pcell for short) on the base station side, and directly uses the secondary serving cell to perform service data transmission after the primary serving cell is authenticated.
发明内容Summary of the invention
本发明实施例所要解决的技术问题在于,提供一种认证接入的方法、基站 及终端。以解决WLAN与LTE聚合网络中对终端进行认证确保业务数据流正常传输的问题。The technical problem to be solved by the embodiments of the present invention is to provide a method for authenticating access, and a base station And terminal. The problem of authenticating the service data stream in the WLAN and LTE aggregation network is solved.
为了解决上述技术问题,本发明实施例第一方面提供了一种认证接入的方法,包括:In order to solve the above technical problem, the first aspect of the embodiments of the present invention provides a method for authenticating access, including:
基站接收终端发送的无线资源控制消息,所述无线资源控制消息用于指示所述终端将通过无线局域网子小区和所述基站传输聚合的业务流;Receiving, by the base station, a radio resource control message sent by the terminal, where the radio resource control message is used to indicate that the terminal transmits the aggregated service flow by using the wireless local area network sub-cell and the base station;
所述基站触发基于长期演进网络的认证,确认所述聚合的业务流符合分组数据网连接的服务质量并为所述聚合的业务流分配相应的网络资源;The base station triggers the authentication based on the long term evolution network, and confirms that the aggregated service flow meets the service quality of the packet data network connection and allocates corresponding network resources to the aggregated service flow;
所述基站向无线局域网终结点实体发送指示消息,通知所述无线局域网终结点所述聚合的业务流将开始传输,以便所述无线局域网终结点实体跳过无线局域网的本地认证,由所述无线局域网子小区和所述基站完成所述聚合的业务流的传输。Sending, by the base station, an indication message to the WLAN termination point entity, informing the WLAN end point that the aggregated service flow starts to be transmitted, so that the WLAN termination point entity skips local authentication of the WLAN by the wireless The local area network sub-cell and the base station complete transmission of the aggregated service flow.
其中,在所述基站接收终端发送的无线资源控制消息之前,还包括:Before the receiving, by the base station, the radio resource control message sent by the terminal, the method further includes:
所述基站发送卸载指示消息给所述终端,所述卸载指示消息用于表明所述基站卸载聚合的业务流的需求,所述无线资源控制消息中携带所述无线局域网子小区的标识信息,所述无线局域网子小区用于分流所述基站卸载的聚合的业务流。The base station sends an offloading indication message to the terminal, where the offloading indication message is used to indicate that the base station needs to offload the aggregated service flow, and the radio resource control message carries the identifier information of the WLAN sub-cell. The WLAN sub-cell is configured to offload the aggregated service flow that is offloaded by the base station.
其中,所述基站触发的基于长期演进网络的认证包括基于用户识别模块的认证和不基于用户识别模块的认证。The long-term evolution network-based authentication triggered by the base station includes an authentication based on a user identification module and an authentication not based on a user identification module.
其中,当所述无线局域网终结点实体跳过无线局域网的本地认证之后,还包括:Wherein, after the WLAN termination entity skips the local authentication of the WLAN, the method further includes:
所述基站与所述无线局域网终结点实体建立Xw通道,确保所述聚合的业务流数据传输时的服务质量。The base station establishes an Xw channel with the WLAN end point entity to ensure quality of service when the aggregated service flow data is transmitted.
本发明实施例第二方面提供了一种认证接入的方法,包括:A second aspect of the embodiments of the present invention provides a method for authenticating access, including:
终端发送无线资源控制消息至基站,告知基站所述终端将通过无线局域网子小区和所述基站传输聚合的业务流;The terminal sends a radio resource control message to the base station, and informs the base station that the terminal will transmit the aggregated service flow through the wireless local area network sub-cell and the base station;
当所述基站触发基于长期演进网络的认证,确认所述聚合的业务流符合分组数据网连接的服务质量并为所述聚合的业务流分配相应的网络资源之后,所述终端向无线局域网终结点实体发送指示消息,通知所述无线局域网终结点所述聚合的业务流将开始传输,以便所述无线局域网终结点实体跳过无线局域网 的本地认证,由所述无线局域网子小区和所述基站完成所述聚合的业务流的传输。After the base station triggers the authentication based on the long term evolution network, confirming that the aggregated service flow conforms to the quality of service of the packet data network connection and allocates corresponding network resources to the aggregated service flow, the terminal sends a wireless network LAN termination point The entity sends an indication message notifying the WLAN endpoint that the aggregated traffic flow will start transmitting, so that the WLAN endpoint entity skips the WLAN Local authentication, the transmission of the aggregated service flow is completed by the wireless local area network sub-cell and the base station.
其中,在所述终端发送无线资源控制消息至基站之前,还包括:Before the terminal sends the RRC message to the base station, the method further includes:
所述终端接收基站发送的卸载指示消息,所述卸载指示消息用于表明所述基站卸载聚合的业务流的需求,所述无线资源控制消息中携带所述无线局域网子小区的标识信息,所述无线局域网子小区用于分流所述基站卸载的聚合的业务流。Receiving, by the terminal, an offloading indication message sent by the base station, where the offloading indication message is used to indicate that the base station is to offload the aggregated service flow, and the radio resource control message carries the identifier information of the WLAN sub-cell, The WLAN sub-cell is configured to offload the aggregated service flow that is offloaded by the base station.
其中,还包括:Among them, it also includes:
当所述终端需要传输非聚合的业务流时,发送通知消息至所述无线局域网终结点实体,以便所述无线局域网终结点实体执行本地的无线局域网认证过程,由所述无线局域网子小区完成所述非聚合的业务流的传输。Sending a notification message to the WLAN end point entity when the terminal needs to transmit a non-aggregated service flow, so that the WLAN end point entity performs a local WLAN authentication process, and the WLAN sub-cell completes The transmission of non-aggregated traffic flows.
本发明实施例第三方面提供了一种基站,包括:A third aspect of the embodiments of the present invention provides a base station, including:
接收单元,用于接收终端发送的无线资源控制消息,所述无线资源控制消息用于指示所述终端将通过无线局域网子小区和所述基站传输聚合的业务流;a receiving unit, configured to receive a radio resource control message sent by the terminal, where the radio resource control message is used to indicate that the terminal transmits the aggregated service flow through the wireless local area network sub-cell and the base station;
认证单元,用于触发基于长期演进网络的认证,确认所述聚合的业务流符合分组数据网连接的服务质量并为所述聚合的业务流分配相应的网络资源;An authentication unit, configured to trigger a long-term evolution network-based authentication, confirming that the aggregated service flow meets a service quality of a packet data network connection, and allocating a corresponding network resource to the aggregated service flow;
发送单元,用于向无线局域网终结点实体发送指示消息,通知所述无线局域网终结点所述聚合的业务流将开始传输,以便所述无线局域网终结点实体跳过无线局域网的本地认证,由所述无线局域网子小区和所述基站完成所述聚合的业务流的传输。a sending unit, configured to send an indication message to the WLAN end point entity, to notify the WLAN end point that the aggregated service flow starts to be transmitted, so that the WLAN end point entity skips local authentication of the WLAN, The wireless local area network sub-cell and the base station complete transmission of the aggregated service flow.
其中,所述发送单元还用于:The sending unit is further configured to:
在所述接收单元接收终端发送的无线资源控制消息之前,发送卸载指示消息给所述终端,所述卸载指示消息用于表明所述基站卸载聚合的业务流的需求,所述无线资源控制消息中携带所述无线局域网子小区的标识信息,所述无线局域网子小区用于分流所述基站卸载的聚合的业务流。Before the receiving unit receives the RRC message sent by the terminal, sending an offloading indication message to the terminal, where the offloading indication message is used to indicate that the base station needs to offload the aggregated service flow, where the RRC message is in the RRC message And carrying the identifier information of the WLAN sub-cell, where the WLAN sub-cell is configured to offload the aggregated service flow that is offloaded by the base station.
其中,所述认证单元触发的基于长期演进网络的认证包括基于用户识别模块的认证和不基于用户识别模块的认证。The long-term evolution network-based authentication triggered by the authentication unit includes an authentication based on a user identification module and an authentication not based on a user identification module.
其中,还包括:Among them, it also includes:
建立单元,用于当所述无线局域网终结点实体跳过无线局域网的本地认证之后,与所述无线局域网终结点实体建立Xw通道,确保所述聚合的业务流数 据传输时的服务质量。a establishing unit, configured to establish an Xw channel with the WLAN end point entity after the WLAN end point entity skips local authentication of the WLAN to ensure the number of the aggregated service flows According to the quality of service when transmitting.
本发明实施例第四方面提供了一种终端,包括:A fourth aspect of the embodiments of the present invention provides a terminal, including:
第一发送单元,用于发送无线资源控制消息至基站,告知基站所述终端将通过无线局域网子小区和所述基站传输聚合的业务流;a first sending unit, configured to send a radio resource control message to the base station, to inform the base station that the terminal transmits the aggregated service flow through the wireless local area network sub-cell and the base station;
第二发送单元,用于当所述基站触发基于长期演进网络的认证,确认所述聚合的业务流符合分组数据网连接的服务质量并为所述聚合的业务流分配相应的网络资源之后,向无线局域网终结点实体发送指示消息,通知所述无线局域网终结点所述聚合的业务流将开始传输,以便所述无线局域网终结点实体跳过无线局域网的本地认证,由所述无线局域网子小区和所述基站完成所述聚合的业务流的传输。a second sending unit, configured to: when the base station triggers the authentication based on the long term evolution network, confirm that the aggregated service flow meets the service quality of the packet data network connection, and allocates corresponding network resources to the aggregated service flow, The WLAN endpoint entity sends an indication message informing the WLAN endpoint that the aggregated traffic flow will begin to transmit, so that the WLAN endpoint entity skips local authentication of the WLAN by the WLAN sub-cell and The base station completes transmission of the aggregated service flow.
其中,还包括:Among them, it also includes:
接收单元,用于在所述第一发送单元发送无线资源控制消息至基站之前,接收基站发送的卸载指示消息,所述卸载指示消息用于表明所述基站卸载聚合的业务流的需求,所述无线资源控制消息中携带所述无线局域网子小区的标识信息,所述无线局域网子小区用于分流所述基站卸载的聚合的业务流。a receiving unit, configured to receive, before the first sending unit sends the RRC message to the base station, an offload indication message sent by the base station, where the offload indication message is used to indicate that the base station needs to offload the aggregated service flow, The RRC message carries the identifier information of the WLAN sub-cell, where the WLAN sub-cell is configured to offload the aggregated service stream that is unloaded by the base station.
其中,还包括:Among them, it also includes:
第三发送单元,用于当所述终端需要传输非聚合的业务流时,发送通知消息至所述无线局域网终结点实体,以便所述无线局域网终结点实体执行本地的无线局域网认证过程,由所述无线局域网子小区完成所述非聚合的业务流的传输。a third sending unit, configured to send a notification message to the WLAN end point entity when the terminal needs to transmit a non-aggregated service flow, so that the WLAN end point entity performs a local wireless local area network authentication process, where The wireless local area network sub-cell completes the transmission of the non-aggregated service flow.
实施本发明实施例,具有如下有益效果:Embodiments of the present invention have the following beneficial effects:
通过由终端发送无线资源控制消息给基站,告知基站所述终端将发起的业务流为聚合的业务流,即需要通过无线局域网子小区和所述基站传输;因此基站将触发基于长期演进网络的认证,确保聚合的业务流符合指定的QoS并为其分配传输的网络资源;当认证完成后,发送指示消息给无线局域网终结点实体,通知所述无线局域网终结点实体所述聚合的业务流将开始传输,使得无线局域网终结点实体跳过传统的无线局域网的本地认证,由所述无线局域网子小区和所述基站完成所述聚合的业务流的传输,从而实现了WLAN与LTE聚合网络中对终端进行认证确保业务数据流量正常传输,且对于聚合的业务流可由WLAN网络为LTE网络分流,降低了LTE网络的带宽压力,提高了聚合的业务流传输 的效率,提升了用户的业务体验。The base station sends the RRC message to the base station to notify the base station that the service flow to be initiated by the terminal is an aggregated service flow, that is, needs to be transmitted through the WLAN sub-cell and the base station; therefore, the base station triggers the authentication based on the long-term evolution network. , ensuring that the aggregated service flow conforms to the specified QoS and allocates the transmitted network resource; when the authentication is completed, sending an indication message to the WLAN termination point entity, notifying the WLAN end point entity that the aggregated service flow will start The WLAN and the LTE aggregation network are connected to the terminal The authentication ensures that the service data traffic is transmitted normally, and the aggregated service flow can be offloaded by the WLAN network for the LTE network, which reduces the bandwidth pressure of the LTE network and improves the aggregated service flow transmission. The efficiency of the user has improved the business experience.
附图说明DRAWINGS
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below. Obviously, the drawings in the following description are only It is a certain embodiment of the present invention, and other drawings can be obtained from those skilled in the art without any creative work.
图1是本发明认证接入的方法的第一实施例的流程示意图;1 is a schematic flowchart of a first embodiment of a method for authenticating access according to the present invention;
图2是本发明认证接入的方法的第二实施例的流程示意图;2 is a schematic flowchart of a second embodiment of a method for authenticating access according to the present invention;
图3是本发明认证接入的方法的第三实施例的流程示意图;3 is a schematic flowchart of a third embodiment of a method for authenticating access according to the present invention;
图4是本发明认证接入的方法的第四实施例的流程示意图;4 is a schematic flowchart of a fourth embodiment of a method for authenticating access according to the present invention;
图5是本发明基站的第一实施例的组成示意图;Figure 5 is a schematic diagram showing the composition of a first embodiment of a base station according to the present invention;
图6是本发明基站的第二实施例的组成示意图;6 is a schematic diagram showing the composition of a second embodiment of a base station according to the present invention;
图7是本发明终端的第一实施例的组成示意图;Figure 7 is a schematic diagram showing the composition of a first embodiment of the terminal of the present invention;
图8是本发明终端的第二实施例的组成示意图;Figure 8 is a schematic diagram showing the composition of a second embodiment of the terminal of the present invention;
图9是本发明WLAN与LTE聚合网络的***交互流程示意图;9 is a schematic diagram of a system interaction process of a WLAN and an LTE aggregation network according to the present invention;
图10a是本发明中提到的聚合的业务流传输的路径示意图;FIG. 10a is a schematic diagram of a path of an aggregated service flow transmission mentioned in the present invention; FIG.
图10b是本发明中提到的非聚合的业务流传输的路径示意图。Figure 10b is a schematic diagram of the path of the non-aggregated traffic flow mentioned in the present invention.
具体实施方式detailed description
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, but not all embodiments. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
请参照图1,为本发明认证接入的方法的第一实施例的流程示意图,在本实施例中,所述方法包括以下步骤:1 is a schematic flowchart of a first embodiment of a method for authenticating access according to the present invention. In this embodiment, the method includes the following steps:
S101,基站接收终端发送的无线资源控制(RadioResourceControl,简称RRC)消息。S101. The base station receives a Radio Resource Control (RRC) message sent by the terminal.
其中,所述无线资源控制消息用于指示所述终端将通过无线局域网子小区和所述基站传输聚合的业务流。即告知基站所述终端将发起的业务流为聚合的 业务流。此处的RRC消息可以是重用已有的RRC连接请求消息,也可以是新定义的RRC消息。The RRC message is used to indicate that the terminal will transmit the aggregated service flow through the WLAN sub-cell and the base station. That is, the base station is informed that the terminal initiates the service flow to be aggregated. business flow. The RRC message here may be an existing RRC connection request message or a newly defined RRC message.
可选地,所述聚合的业务流可以是一些需要通过LTE网络传输的业务数据流,如多媒体业务、通话业务等,其一般需要由基站分配资源并具备对服务质量(Quality of Service,简称QoS)的一定要求。而非聚合的业务流可以是一些仅通过WLAN接入点便可以实现的业务数据流,如简单的访问网络、下载文件等。Optionally, the aggregated service flow may be a service data flow that needs to be transmitted through an LTE network, such as a multimedia service, a call service, etc., which generally needs to allocate resources by the base station and has a quality of service (QoS). Certain requirements. A non-aggregated traffic flow may be a traffic data flow that can be implemented only through a WLAN access point, such as simply accessing the network, downloading files, and the like.
S102,所述基站触发基于长期演进网络的认证,确认所述聚合的业务流符合分组数据网连接的服务质量并为所述聚合的业务流分配相应的网络资源。S102. The base station triggers the authentication based on the long-term evolution network, and confirms that the aggregated service flow meets the service quality of the packet data network connection and allocates corresponding network resources to the aggregated service flow.
可选地,所述基站触发的基于长期演进网络的认证包括基于用户识别模块(Subscriber Identity Module,简称SIM)的认证和不基于用户识别模块的认证。Optionally, the base station triggered long-term evolution network-based authentication includes a Subscriber Identity Module (SIM)-based authentication and a non-user identification module-based authentication.
当确定终端需要发起聚合的业务流传输时,基站便可以对该终端及相关的聚合的业务流进行安全认证,确保其传输质量。When it is determined that the terminal needs to initiate the aggregated service flow transmission, the base station can perform security authentication on the terminal and the related aggregated service flow to ensure the transmission quality thereof.
S103,所述基站向无线局域网终结点实体发送指示消息,通知所述无线局域网终结点所述聚合的业务流将开始传输,以便所述无线局域网终结点实体跳过无线局域网的本地认证,由所述无线局域网子小区和所述基站完成所述聚合的业务流的传输。S103. The base station sends an indication message to the WLAN termination point entity to notify the WLAN end point that the aggregated service flow starts to be transmitted, so that the WLAN termination point entity skips local authentication of the WLAN. The wireless local area network sub-cell and the base station complete transmission of the aggregated service flow.
可选地,此处基站向无线局域网终结点实体发送的指示消息可以是显式的指示,直接标示用户面数据即将产生。当然,该指示消息也可以是非显式的,即由到达的用户数据流的第一个数据包来触发。且该指示消息可以由基站发出,也可以由终端向无线局域网终结点实体发出。只需要使得无线局域网终结点实体获知到将开始传输聚合的业务流数据即可。由于基站已进行了基于LTE网络的认证,因此WLAN的本地认证可以跳过不再执行,提高聚合的业务流传输的效率。Optionally, the indication message sent by the base station to the WLAN termination point entity herein may be an explicit indication, directly indicating that the user plane data is about to be generated. Of course, the indication message can also be non-explicit, ie triggered by the first data packet of the arriving user data stream. And the indication message may be sent by the base station, or may be sent by the terminal to the WLAN termination point entity. It is only necessary to have the WLAN endpoint entity know that the traffic stream data for the aggregation will start to be transmitted. Since the base station has performed the LTE network-based authentication, the local authentication of the WLAN can be skipped and the efficiency of the aggregated service flow transmission is improved.
需要说明的是,本实施例中的WLAN子小区为经过LTE网络认证机制已经确认了聚合的业务流是该WLAN子小区可以承载的,确认的方式可以在运营商部署WLAN接入点时通过策略配置来予以保证。It should be noted that the WLAN sub-cell in this embodiment is an LTE network authentication mechanism that has confirmed that the aggregated service flow can be carried by the WLAN sub-cell, and the acknowledgment mode can be adopted when the WLAN access point is deployed by the operator. Configuration to guarantee.
且本实施例中所述的无线局域网终结点实体,可以与无线局域网的接入点分别独立设置,通过其自身的接口实现与终端、接入点或基站的通信;也可以集成在无线局域网的接入点内,利用现有接入点的接口实现与终端或基站的通 信。本发明实施例不做任何限制。The WLAN termination point entity described in this embodiment may be separately set up with an access point of the WLAN, and communicate with the terminal, the access point, or the base station through its own interface; or may be integrated in the WLAN. In the access point, the interface of the existing access point is used to implement communication with the terminal or the base station. letter. The embodiment of the invention does not impose any limitation.
通过由终端发送无线资源控制消息给基站,告知基站所述终端将发起的业务流为聚合的业务流,即需要通过无线局域网子小区和所述基站传输;因此基站将触发基于长期演进网络的认证,确保聚合的业务流符合指定的QoS并为其分配传输的网络资源;当认证完成后,发送指示消息给无线局域网终结点实体,通知所述无线局域网终结点实体所述聚合的业务流将开始传输,使得无线局域网终结点实体跳过传统的无线局域网的本地认证,由所述无线局域网子小区和所述基站完成所述聚合的业务流的传输,从而实现了WLAN与LTE聚合网络中对终端进行认证确保业务数据流量正常传输,且对于聚合的业务流可由WLAN网络为LTE网络分流,降低了LTE网络的带宽压力,提高了聚合的业务流传输的效率,提升了用户的业务体验。The base station sends the RRC message to the base station to notify the base station that the service flow to be initiated by the terminal is an aggregated service flow, that is, needs to be transmitted through the WLAN sub-cell and the base station; therefore, the base station triggers the authentication based on the long-term evolution network. , ensuring that the aggregated service flow conforms to the specified QoS and allocates the transmitted network resource; when the authentication is completed, sending an indication message to the WLAN termination point entity, notifying the WLAN end point entity that the aggregated service flow will start The WLAN and the LTE aggregation network are connected to the terminal The authentication ensures that the service data traffic is transmitted normally, and the aggregated service flow can be offloaded by the WLAN network for the LTE network, which reduces the bandwidth pressure of the LTE network, improves the efficiency of the aggregated service flow transmission, and improves the user service experience.
此外,需要说明的是,在本发明实施例中,以LTE网络与WLAN网络的聚合进行了详细说明,但本领域技术人员可以理解的是,鉴于WLAN网络低成本的有点,其同样可以与3G、4G或5G等其他网络聚合,并采用本发明实施例所述的方式来传输聚合的业务流。In addition, it should be noted that, in the embodiment of the present invention, the aggregation of the LTE network and the WLAN network is described in detail, but those skilled in the art can understand that, in view of the low cost of the WLAN network, the same can be used with the 3G. Other networks, such as 4G or 5G, are aggregated, and the aggregated service flows are transmitted in the manner described in the embodiment of the present invention.
请参照图2,为本发明认证接入的方法的第二实施例的流程示意图,在本实施例中,步骤S201-S202与图1所示S101-S102相同,此处不再赘述,在步骤S201之前,所述方法还包括:2 is a schematic flowchart of a method for authenticating access according to a second embodiment of the present invention. In this embodiment, steps S201-S202 are the same as S101-S102 shown in FIG. 1, and are not further described herein. Before S201, the method further includes:
S200,所述基站发送卸载指示消息给所述终端。S200. The base station sends an uninstall indication message to the terminal.
所述卸载指示消息用于表明所述基站卸载聚合的业务流的需求,所述无线资源控制消息中携带所述无线局域网子小区的标识信息,所述无线局域网子小区用于分流所述基站卸载的聚合的业务流。The offloading indication message is used to indicate that the base station needs to offload the aggregated service flow, the radio resource control message carries the identifier information of the WLAN sub-cell, and the WLAN sub-cell is used to offload the base station to be offloaded. Aggregated business flow.
此处的标识信息可以是(服务集标识Service Set Identifier,简称SSID)或者基本服务集标识(Basic Service Set Identifier,简称BSSID)等。The identification information here may be (Service Set Identifier, SSID for short) or Basic Service Set Identifier (BSSID).
需要说明的是,当基站通知终端要卸载聚合的业务流时,若由于与基站配合的所有无线局网子小区均处于忙碌状态或其他原因导致卸载不成功,则仍然由基站完成聚合的业务流的传输;当基站通知终端要卸载聚合的业务流,终端选择了合适的无线局域网子小区之后,则由该无线局域网子小区分流基站卸载的这一部分聚合的业务流,而未卸载的另一部分聚合的业务流,仍通过基站传输;一般而言,聚合的业务流由于其业务特性如对QoS的需求通常需要基站参 与认证传输,但对于部分特殊的聚合的业务流,甚至可以大部分或全部由无线局域网子小区传输。It should be noted that, when the base station notifies the terminal that the aggregated service flow is to be unloaded, if all the WLAN sub-cells cooperating with the base station are in a busy state or other reasons, the unsuccessful unloading is performed, the aggregated service flow is still completed by the base station. After the base station informs the terminal that the aggregated service flow is to be unloaded, and the terminal selects a suitable WLAN sub-cell, the WLAN sub-cell diverts the part of the aggregated service flow that is unloaded by the base station, and another part that is not unloaded is aggregated. The traffic of the service is still transmitted through the base station; in general, the aggregated service flow usually requires the base station as its service characteristics such as the demand for QoS With authentication transmission, but for some special aggregated traffic flows, it can even be transmitted mostly or all by the WLAN sub-cell.
在步骤S202之后,还包括步骤:After step S202, the method further includes the steps of:
S203,所述基站向无线局域网终结点实体发送指示消息,通知所述无线局域网终结点所述聚合的业务流将开始传输,以便所述无线局域网终结点实体跳过无线局域网的本地认证。S203. The base station sends an indication message to the WLAN termination point entity to notify the WLAN end point that the aggregated service flow starts to be transmitted, so that the WLAN termination point entity skips local authentication of the WLAN.
S204,所述基站与所述无线局域网终结点实体建立Xw通道,确保所述聚合的业务流数据传输时的服务质量。S204. The base station establishes an Xw channel with the WLAN termination point entity to ensure quality of service when the aggregated service flow data is transmitted.
S205,由所述无线局域网子小区和所述基站完成所述聚合的业务流的传输。S205. Perform, by the wireless local area network sub-cell and the base station, the transmission of the aggregated service flow.
在本实施例中,增加了基站发送卸载指示消息给所述终端的步骤以触发终端发送RRC消息;而在无线局域网终结点实体跳过WLAN本地认证之后,构建Xw通道,从而可确保从LTE网络携带的数据流传输的服务质量。In this embodiment, the step of sending an offload indication message to the terminal by the base station is added to trigger the terminal to send the RRC message; and after the WLAN local point entity skips the WLAN local authentication, the Xw channel is constructed, thereby ensuring the LTE network. The quality of service carried by the data stream.
请参照图3,为本发明认证接入的方法的第三实施例的流程示意图,在本实施例中,所述方法包括以下步骤:Referring to FIG. 3, it is a schematic flowchart of a third embodiment of a method for authenticating access according to the present invention. In this embodiment, the method includes the following steps:
S301,终端发送无线资源控制消息至基站,告知基站所述终端将通过无线局域网子小区和所述基站传输聚合的业务流。S301. The terminal sends a radio resource control message to the base station, and informs the base station that the terminal transmits the aggregated service flow through the wireless local area network sub-cell and the base station.
S302,当所述基站触发基于长期演进网络的认证,确认所述聚合的业务流符合分组数据网连接的服务质量并为所述聚合的业务流分配相应的网络资源之后,所述终端向无线局域网终结点实体发送指示消息,通知所述无线局域网终结点所述聚合的业务流将开始传输,以便所述无线局域网终结点实体跳过无线局域网的本地认证,由所述无线局域网子小区和所述基站完成所述聚合的业务流的传输。S302, after the base station triggers the authentication based on the long-term evolution network, confirms that the aggregated service flow meets the service quality of the packet data network connection, and allocates corresponding network resources to the aggregated service flow, the terminal sends the corresponding local network resource to the wireless local area network. The endpoint entity sends an indication message notifying the WLAN endpoint that the aggregated traffic flow will begin to transmit, so that the WLAN endpoint entity skips local authentication of the WLAN by the WLAN sub-cell and the The base station completes the transmission of the aggregated service flow.
请参照图4,为本发明认证接入的方法的第四实施例的流程示意图,在本实施例中,步骤S401-S402与图3所示S301-S302相同,此处不再赘述,在步骤S301之前,所述方法还包括:4 is a schematic flowchart of a fourth embodiment of a method for authenticating access according to the present invention. In this embodiment, steps S401-S402 are the same as S301-S302 shown in FIG. 3, and details are not described herein again. Before S301, the method further includes:
S400,所述终端接收基站发送的卸载指示消息。S400. The terminal receives an uninstall indication message sent by a base station.
所述卸载指示消息用于表明所述基站卸载聚合的业务流的需求,所述无线资源控制消息中携带所述无线局域网子小区的标识信息,所述无线局域网子小区用于分流所述基站卸载的聚合的业务流。The offloading indication message is used to indicate that the base station needs to offload the aggregated service flow, the radio resource control message carries the identifier information of the WLAN sub-cell, and the WLAN sub-cell is used to offload the base station to be offloaded. Aggregated business flow.
在步骤S402之后,还包括: After step S402, the method further includes:
S403,当所述终端需要传输非聚合的业务流时,发送通知消息至所述无线局域网终结点实体,以便所述无线局域网终结点实体执行本地的无线局域网认证过程,由所述无线局域网子小区完成所述非聚合的业务流的传输。S403. When the terminal needs to transmit a non-aggregated service flow, send a notification message to the WLAN termination point entity, so that the WLAN termination point entity performs a local WLAN authentication process by the WLAN sub-cell. The transmission of the non-aggregated traffic flow is completed.
可选地,此处的通知消息可以通过应用层进行发送。Optionally, the notification message here can be sent through the application layer.
通过步骤S403和步骤S400-S402的结合,便可以实现在WLAN网络和LTE网络的聚合网络中,根据终端发起的传输的业务流的类型(聚合或非聚合)来实现自适应的认证,实现了WLAN网络和LTE网络的真正聚合及不同业务数据流的高效率传输。Through the combination of step S403 and steps S400-S402, adaptive authentication can be implemented according to the type (aggregation or non-aggregation) of the service flow initiated by the terminal in the aggregation network of the WLAN network and the LTE network. Real aggregation of WLAN networks and LTE networks and efficient transmission of different service data streams.
请参照图5,为本发明基站的第一实施例的组成示意图,在本实施例中,所述基站包括:5 is a schematic diagram of a composition of a first embodiment of a base station according to the present invention. In this embodiment, the base station includes:
接收单元100,用于接收终端发送的无线资源控制消息,所述无线资源控制消息用于指示所述终端将通过无线局域网子小区和所述基站传输聚合的业务流;The receiving unit 100 is configured to receive a radio resource control message sent by the terminal, where the radio resource control message is used to indicate that the terminal transmits the aggregated service flow through the wireless local area network sub-cell and the base station;
认证单元200,用于触发基于长期演进网络的认证,确认所述聚合的业务流符合分组数据网连接的服务质量并为所述聚合的业务流分配相应的网络资源;The authentication unit 200 is configured to trigger the authentication based on the long term evolution network, confirm that the aggregated service flow meets the quality of service of the packet data network connection, and allocate corresponding network resources to the aggregated service flow;
发送单元300,用于向无线局域网终结点实体发送指示消息,通知所述无线局域网终结点所述聚合的业务流将开始传输,以便所述无线局域网终结点实体跳过无线局域网的本地认证,由所述无线局域网子小区和所述基站完成所述聚合的业务流的传输。The sending unit 300 is configured to send an indication message to the WLAN termination point entity, to notify the WLAN end point that the aggregated service flow starts to be transmitted, so that the WLAN termination point entity skips local authentication of the WLAN, The wireless local area network sub-cell and the base station complete transmission of the aggregated service flow.
可选地,所述发送单元300还用于:Optionally, the sending unit 300 is further configured to:
在所述接收单元100接收终端发送的无线资源控制消息之前,发送卸载指示消息给所述终端,所述卸载指示消息用于表明所述基站卸载聚合的业务流的需求,所述无线资源控制消息中携带所述无线局域网子小区的标识信息,所述无线局域网子小区用于分流所述基站卸载的聚合的业务流。Before the receiving unit 100 receives the RRC message sent by the terminal, sending an uninstallation indication message to the terminal, where the offload indication message is used to indicate that the base station needs to offload the aggregated service flow, the RRC message And carrying the identifier information of the WLAN sub-cell, where the WLAN sub-cell is configured to offload the aggregated service flow that is offloaded by the base station.
可选地,所述认证单元300触发的基于长期演进网络的认证包括基于用户识别模块的认证和不基于用户识别模块的认证。Optionally, the long term evolution network based authentication triggered by the authentication unit 300 includes an authentication based on a user identification module and an authentication not based on a user identification module.
请参照图6,为本发明基站的第二实施例的组成示意图,在本实施例中,与图5所示的基站相比,本实施例中的基站增加了:Referring to FIG. 6 , it is a schematic diagram of a configuration of a second embodiment of a base station according to the present invention. In this embodiment, the base station in this embodiment is increased compared with the base station shown in FIG. 5 .
建立单元400,用于当所述无线局域网终结点实体跳过无线局域网的本地认证之后,与所述无线局域网终结点实体建立Xw通道,确保所述聚合的业务流数据传输时的服务质量。 The establishing unit 400 is configured to establish an Xw channel with the WLAN end point entity after the WLAN end point entity skips the local authentication of the WLAN to ensure the quality of service of the aggregated service flow data transmission.
以上接收单元100、认证单元200、发送单元300和建立单元400可以独立存在,也可以集成设置,接收单元100、认证单元200、发送单元300或建立单元400可以以硬件的形式独立于基站的处理器单独设置,且设置形式可以是微处理器的形式;也可以以硬件形式内嵌于该基站的处理器中,还可以以软件形式存储于该基站的存储器中,以便于该基站的处理器调用执行以上接收单元100、认证单元200、发送单元300和建立单元400对应的操作。The above receiving unit 100, the authentication unit 200, the sending unit 300, and the establishing unit 400 may exist independently or may be integrated. The receiving unit 100, the authentication unit 200, the sending unit 300, or the establishing unit 400 may be independent of the processing of the base station in the form of hardware. The device is separately provided, and the setting form may be in the form of a microprocessor; it may also be embedded in the processor of the base station in hardware form, or may be stored in the memory of the base station in software to facilitate the processor of the base station. The operations corresponding to the above receiving unit 100, the authentication unit 200, the transmitting unit 300, and the establishing unit 400 are invoked.
当然,接收单元100和发送单元300也可以作为该基站的接口电路,可以与认证单元200或建立单元400集成,也可以独立设置。Of course, the receiving unit 100 and the sending unit 300 can also be used as an interface circuit of the base station, and can be integrated with the authentication unit 200 or the establishing unit 400, or can be independently set.
例如,在本发明基站的实施例(图6所示的实施例)中,认证单元200可以为该基站的处理器,而接收单元100、发送单元300和建立单元400的功能可以内嵌于该处理器中,也可以独立于处理器单独设置,也可以以软件的形式存储于存储器中,由处理器调用实现其功能。本发明实施例不做任何限制。以上处理器可以为中央处理单元(CPU)、微处理器、单片机等。For example, in the embodiment of the base station of the present invention (the embodiment shown in FIG. 6), the authentication unit 200 may be a processor of the base station, and the functions of the receiving unit 100, the sending unit 300, and the establishing unit 400 may be embedded in the In the processor, it can also be set separately from the processor, or can be stored in the memory in the form of software, and the function is called by the processor. The embodiment of the invention does not impose any limitation. The above processor may be a central processing unit (CPU), a microprocessor, a single chip microcomputer, or the like.
请参照图7,为本发明终端的第一实施例的组成示意图,在本实施例中,所述终端包括:Referring to FIG. 7 , it is a schematic diagram of a composition of a first embodiment of a terminal according to the present invention. In this embodiment, the terminal includes:
第一发送单元500,用于发送无线资源控制消息至基站,告知基站所述终端将通过无线局域网子小区和所述基站传输聚合的业务流;The first sending unit 500 is configured to send a radio resource control message to the base station, and notify the base station that the terminal transmits the aggregated service flow through the wireless local area network sub-cell and the base station;
第二发送单元600,用于当所述基站触发基于长期演进网络的认证,确认所述聚合的业务流符合分组数据网连接的服务质量并为所述聚合的业务流分配相应的网络资源之后,向无线局域网终结点实体发送指示消息,通知所述无线局域网终结点所述聚合的业务流将开始传输,以便所述无线局域网终结点实体跳过无线局域网的本地认证,由所述无线局域网子小区和所述基站完成所述聚合的业务流的传输。a second sending unit 600, configured to: after the base station triggers the authentication based on the long term evolution network, confirm that the aggregated service flow meets the service quality of the packet data network connection, and allocates corresponding network resources to the aggregated service flow, Sending an indication message to the WLAN termination point entity, informing the WLAN endpoint that the aggregated service flow will start transmitting, so that the WLAN termination point entity skips local authentication of the WLAN by the WLAN sub-cell And transmitting, by the base station, the aggregated service flow.
请参照图8,为本发明终端的第二实施例的组成示意图,在本实施例中,与图7所示的终端相比,本实施例中的终端增加了:Referring to FIG. 8 , it is a schematic diagram of a configuration of a second embodiment of a terminal according to the present invention. In this embodiment, the terminal in this embodiment is added as compared with the terminal shown in FIG. 7 :
接收单元700,用于在所述第一发送单元500发送无线资源控制消息至基站之前,接收基站发送的卸载指示消息,所述卸载指示消息用于表明所述基站卸载聚合的业务流的需求,所述无线资源控制消息中携带所述无线局域网子小区的标识信息,所述无线局域网子小区用于分流所述基站卸载的聚合的业务流。The receiving unit 700 is configured to: before the first sending unit 500 sends the RRC message to the base station, receive an offload indication message sent by the base station, where the offload indication message is used to indicate that the base station needs to offload the aggregated service flow, The RRC message carries the identifier information of the WLAN sub-cell, and the WLAN sub-cell is configured to offload the aggregated service stream that is offloaded by the base station.
第三发送单元800,用于当所述终端需要传输非聚合的业务流时,发送通知 消息至所述无线局域网终结点实体,以便所述无线局域网终结点实体执行本地的无线局域网认证过程,由所述无线局域网子小区完成所述非聚合的业务流的传输。The third sending unit 800 is configured to send a notification when the terminal needs to transmit a non-aggregated service flow. Sending a message to the WLAN endpoint entity, so that the WLAN end point entity performs a local WLAN authentication process, and the WLAN sub-cell completes transmission of the non-aggregated service stream.
以上第一发送单元500、第二发送单元600、接收单元700和第三发送单元800可以独立存在,也可以集成设置,第一发送单元500、第二发送单元600、接收单元700或第三发送单元800可以以硬件的形式独立于终端的处理器单独设置,且设置形式可以是微处理器的形式;也可以以硬件形式内嵌于该终端的处理器中,还可以以软件形式存储于该终端的存储器中,以便于该终端的处理器调用执行以上第一发送单元500、第二发送单元600、接收单元700和第三发送单元800对应的操作。The first sending unit 500, the second sending unit 600, the receiving unit 700, and the third sending unit 800 may exist independently or may be integrated, and the first sending unit 500, the second sending unit 600, the receiving unit 700, or the third sending unit The unit 800 may be separately set in the form of hardware independently of the processor of the terminal, and may be in the form of a microprocessor; or may be embedded in the processor of the terminal in hardware, or may be stored in software in the form. In the memory of the terminal, the processor of the terminal is instructed to perform operations corresponding to the above first transmitting unit 500, second transmitting unit 600, receiving unit 700, and third transmitting unit 800.
当然,第一发送单元500、接收单元700和第三发送单元800也可以作为该终端的接口电路,可以与第二发送单元600集成,也可以独立设置。Certainly, the first sending unit 500, the receiving unit 700, and the third sending unit 800 may also be used as an interface circuit of the terminal, may be integrated with the second sending unit 600, or may be independently set.
例如,在本发明基站的实施例(图8所示的实施例)中,第二发送单元600可以为该终端的处理器,而第一发送单元500、接收单元700和第三发送单元800的功能可以内嵌于该处理器中,也可以独立于处理器单独设置,也可以以软件的形式存储于存储器中,由处理器调用实现其功能。本发明实施例不做任何限制。以上处理器可以为中央处理单元(CPU)、微处理器、单片机等。For example, in the embodiment of the base station of the present invention (the embodiment shown in FIG. 8), the second sending unit 600 may be a processor of the terminal, and the first sending unit 500, the receiving unit 700, and the third sending unit 800 The functions may be embedded in the processor, or may be set separately from the processor, or may be stored in the memory in the form of software, which is called by the processor to implement its functions. The embodiment of the invention does not impose any limitation. The above processor may be a central processing unit (CPU), a microprocessor, a single chip microcomputer, or the like.
请参照图9,为本发明WLAN与LTE聚合网络的***交互流程示意图;在本实施例中,该聚合网络的***包括:Referring to FIG. 9 , it is a schematic diagram of a system interaction process between a WLAN and an LTE aggregation network according to the present invention. In this embodiment, the system of the aggregation network includes:
终端、无线局域网终结点实体、基站以及核心网的功能实体或AAA服务器。Terminal, WLAN endpoint entity, base station, and functional entity or AAA server of the core network.
其交互流程包括:The interaction process includes:
1.发送RRC消息,指示需要传输聚合的业务流。1. Send an RRC message indicating that the aggregated service flow needs to be transmitted.
2.触发基于LTE网络的安全认证。2. Trigger security authentication based on LTE network.
3.完成安全认证。3. Complete safety certification.
4.发送指示消息,指示聚合的业务流将开始传输。4. Send an indication message indicating that the aggregated traffic flow will begin transmission.
5.跳过WLAN的本地认证。5. Skip the local authentication of the WLAN.
6.建立Xw通道传输聚合的业务流。6. Establish a traffic flow for Xw channel transport aggregation.
7.发送通知消息,标示UE需要通过WLAN来传输非聚合的业务流。7. Send a notification message indicating that the UE needs to transmit the non-aggregated traffic flow through the WLAN.
8.执行WLAN本地认证。8. Perform WLAN local authentication.
9.若有需要,WLAN本地认证过程与核心网交互。 9. If necessary, the WLAN local authentication process interacts with the core network.
10.WLAN本地认证结束,传输非聚合的业务流。10. The WLAN local authentication ends, and the non-aggregated service flow is transmitted.
其中,交互过程中的具体细节可参照图1至图4所述的方法实施例。通过上述的交互流程便可以实现聚合网络根据终端传输的业务流类型(聚合或非聚合)进行自适应的认证。For specific details in the interaction process, reference may be made to the method embodiments described in FIG. 1 to FIG. Through the above interaction process, the aggregation network can be adaptively authenticated according to the service flow type (aggregated or non-aggregated) transmitted by the terminal.
请参照图10a,为本发明聚合的业务流传输的路径示意图。Please refer to FIG. 10a, which is a schematic diagram of a path of an aggregated service flow transmission according to the present invention.
其中,终端与基站或无线局域网接入点之间的闪电形连接线表示终端可以与基站或无线局域网接入点进行无线通信;基站与分组数据网关(PGW)或服务网关(SGW)之间通过实线所述的通路通信;基站与无线局域网接入点之间通过Xw通道通信;虚线表示聚合的业务流传输的路径。Wherein, the lightning-shaped connection line between the terminal and the base station or the wireless local area network access point indicates that the terminal can perform wireless communication with the base station or the wireless local area network access point; and the base station passes the packet data gateway (PGW) or the service gateway (SGW) The path communication described in the solid line; the base station communicates with the wireless local area network access point through the Xw channel; the broken line indicates the path of the aggregated service flow transmission.
当终端发起聚合的业务流传输时,一部分业务流通过现有的基站——PGW/SGW的路径进行传输,另一部分则分流至无线局域网接入点——Xw通道——基站——PGW/SGW的路径进行传输,从而实现成本较低的WLAN网络为LTE网络分流的目的。When the terminal initiates the aggregated service flow transmission, part of the service flow is transmitted through the path of the existing base station, the PGW/SGW, and the other part is branched to the wireless local area network access point, the Xw channel, the base station, and the PGW/SGW. The path is transmitted, so that the WLAN network with lower cost is used for the purpose of offloading the LTE network.
而对于非聚合的业务流的传输,请参照图10b,为本发明非聚合的业务流传输的路径示意图。For the transmission of the non-aggregated service flow, please refer to FIG. 10b, which is a schematic diagram of the path of the non-aggregated service flow transmission according to the present invention.
其中,终端与基站或无线局域网接入点之间的闪电形连接线表示终端可以与基站或无线局域网接入点进行无线通信;基站与分组数据网关(PGW)或服务网关(SGW)之间通过实线所述的通路通信;基站与无线局域网接入点之间通过Xw通道通信;虚线表示非聚合的业务流传输的路径。Wherein, the lightning-shaped connection line between the terminal and the base station or the wireless local area network access point indicates that the terminal can perform wireless communication with the base station or the wireless local area network access point; and the base station passes the packet data gateway (PGW) or the service gateway (SGW) The path communication described in the solid line; the base station communicates with the wireless local area network access point through the Xw channel; the broken line indicates the path of the non-aggregated service flow transmission.
当终端发起非聚合的业务流传输时,业务流通过现有无线局域网接入点——因特网的路径进行传输。When the terminal initiates a non-aggregated traffic flow, the traffic is transmitted through the path of the existing wireless local area network access point, the Internet.
结合图10a和图10b,由于网络结构一致,因此采用WLAN与LTE网络的聚合网络,结合本发明实施例认证接入的方法的第一至第四实施例中所述的认证接入的方法,便可以实现聚合的业务流以及非聚合的业务流的自适应传输,节省了带宽成本,提高了用户的业务使用体验。With reference to FIG. 10a and FIG. 10b, the method for authenticating access according to the first to fourth embodiments of the method for authenticating access according to the embodiment of the present invention is adopted by the aggregation network of the WLAN and the LTE network. The adaptive transmission of the aggregated service flow and the non-aggregated service flow can be realized, the bandwidth cost is saved, and the user experience of the user is improved.
需要说明的是,本说明书中的各个实施例均采用递进的方式描述,每个实施例重点说明的都是与其它实施例的不同之处,各个实施例之间相同相似的部分互相参见即可。对于装置实施例而言,由于其与方法实施例基本相似,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。It should be noted that the various embodiments in the present specification are described in a progressive manner, and each embodiment focuses on differences from other embodiments, and the same similar parts between the various embodiments are mutually referred to. can. For the device embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and the relevant parts can be referred to the description of the method embodiment.
通过上述实施例的描述,本发明具有以下优点: Through the description of the above embodiments, the present invention has the following advantages:
通过由终端发送无线资源控制消息给基站,告知基站所述终端将发起的业务流为聚合的业务流,即需要通过无线局域网子小区和所述基站传输;因此基站将触发基于长期演进网络的认证,确保聚合的业务流符合指定的QoS并为其分配传输的网络资源;当认证完成后,发送指示消息给无线局域网终结点实体,通知所述无线局域网终结点实体所述聚合的业务流将开始传输,使得无线局域网终结点实体跳过传统的无线局域网的本地认证,由所述无线局域网子小区和所述基站完成所述聚合的业务流的传输,从而实现了WLAN与LTE聚合网络中对终端进行认证确保业务数据流量正常传输,且对于聚合的业务流可由WLAN网络为LTE网络分流,降低了LTE网络的带宽压力,提高了聚合的业务流传输的效率,提升了用户的业务体验。The base station sends the RRC message to the base station to notify the base station that the service flow to be initiated by the terminal is an aggregated service flow, that is, needs to be transmitted through the WLAN sub-cell and the base station; therefore, the base station triggers the authentication based on the long-term evolution network. , ensuring that the aggregated service flow conforms to the specified QoS and allocates the transmitted network resource; when the authentication is completed, sending an indication message to the WLAN termination point entity, notifying the WLAN end point entity that the aggregated service flow will start The WLAN and the LTE aggregation network are connected to the terminal The authentication ensures that the service data traffic is transmitted normally, and the aggregated service flow can be offloaded by the WLAN network for the LTE network, which reduces the bandwidth pressure of the LTE network, improves the efficiency of the aggregated service flow transmission, and improves the user service experience.
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机程序来指令相关的硬件来完成,所述的程序可存储于一计算机可读取存储介质中,该程序在执行时,可包括如上述各方法的实施例的流程。其中,所述的存储介质可为磁碟、光盘、只读存储记忆体(Read-Only Memory,简称ROM)或随机存储记忆体(Random Access Memory,简称RAM)等。One of ordinary skill in the art can understand that all or part of the process of implementing the foregoing embodiments can be completed by a computer program to instruct related hardware, and the program can be stored in a computer readable storage medium. When executed, the flow of an embodiment of the methods as described above may be included. The storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM).
以上所揭露的仅为本发明较佳实施例而已,当然不能以此来限定本发明之权利范围,因此依本发明权利要求所作的等同变化,仍属本发明所涵盖的范围。 The above is only the preferred embodiment of the present invention, and the scope of the present invention is not limited thereto, and thus equivalent changes made in the claims of the present invention are still within the scope of the present invention.

Claims (13)

  1. 一种认证接入的方法、基站及终端,其特征在于,包括:A method, a base station and a terminal for authenticating access, comprising:
    基站接收终端发送的无线资源控制消息,所述无线资源控制消息用于指示所述终端将通过无线局域网子小区和所述基站传输聚合的业务流;Receiving, by the base station, a radio resource control message sent by the terminal, where the radio resource control message is used to indicate that the terminal transmits the aggregated service flow by using the wireless local area network sub-cell and the base station;
    所述基站触发基于长期演进网络的认证,确认所述聚合的业务流符合分组数据网连接的服务质量并为所述聚合的业务流分配相应的网络资源;The base station triggers the authentication based on the long term evolution network, and confirms that the aggregated service flow meets the service quality of the packet data network connection and allocates corresponding network resources to the aggregated service flow;
    所述基站向无线局域网终结点实体发送指示消息,通知所述无线局域网终结点实体所述聚合的业务流将开始传输,以便所述无线局域网终结点实体跳过无线局域网的本地认证,由所述无线局域网子小区和所述基站完成所述聚合的业务流的传输。Sending, by the base station, an indication message to the wireless local area network termination point entity, informing the wireless local area network termination point entity that the aggregated service flow starts to be transmitted, so that the wireless local area network termination point entity skips local authentication of the wireless local area network, The wireless local area network sub-cell and the base station complete transmission of the aggregated service flow.
  2. 如权利要求所述1的方法,其特征在于,在所述基站接收终端发送的无线资源控制消息之前,还包括:The method according to claim 1, wherein before the receiving, by the base station, the radio resource control message sent by the terminal, the method further includes:
    所述基站发送卸载指示消息给所述终端,所述卸载指示消息用于表明所述基站卸载聚合的业务流的需求,所述无线资源控制消息中携带所述无线局域网子小区的标识信息,所述无线局域网子小区用于分流所述基站卸载的聚合的业务流。The base station sends an offloading indication message to the terminal, where the offloading indication message is used to indicate that the base station needs to offload the aggregated service flow, and the radio resource control message carries the identifier information of the WLAN sub-cell. The WLAN sub-cell is configured to offload the aggregated service flow that is offloaded by the base station.
  3. 如权利要求1所述的方法,其特征在于,所述基站触发的基于长期演进网络的认证包括基于用户识别模块的认证和不基于用户识别模块的认证。The method of claim 1, wherein the base station triggered long term evolution network based authentication comprises authentication based on a subscriber identity module and authentication not based on a subscriber identity module.
  4. 如权利要求1-3任一项所述的方法,当所述无线局域网终结点实体跳过无线局域网的本地认证之后,还包括:The method of any one of claims 1-3, after the wireless local area network endpoint entity skips local authentication of the wireless local area network, the method further includes:
    所述基站与所述无线局域网终结点实体建立Xw通道,确保所述聚合的业务流数据传输时的服务质量。The base station establishes an Xw channel with the WLAN end point entity to ensure quality of service when the aggregated service flow data is transmitted.
  5. 一种认证接入的方法,其特征在于,包括:A method for authenticating access, characterized in that it comprises:
    终端发送无线资源控制消息至基站,告知基站所述终端将通过无线局域网子小区和所述基站传输聚合的业务流; The terminal sends a radio resource control message to the base station, and informs the base station that the terminal will transmit the aggregated service flow through the wireless local area network sub-cell and the base station;
    当所述基站触发基于长期演进网络的认证,确认所述聚合的业务流符合分组数据网连接的服务质量并为所述聚合的业务流分配相应的网络资源之后,所述终端向无线局域网终结点实体发送指示消息,通知所述无线局域网终结点所述聚合的业务流将开始传输,以便所述无线局域网终结点实体跳过无线局域网的本地认证,由所述无线局域网子小区和所述基站完成所述聚合的业务流的传输。After the base station triggers the authentication based on the long term evolution network, confirming that the aggregated service flow conforms to the quality of service of the packet data network connection and allocates corresponding network resources to the aggregated service flow, the terminal sends a wireless network LAN termination point The entity sends an indication message to notify the WLAN endpoint that the aggregated service flow will start transmission, so that the WLAN termination entity skips local authentication of the WLAN, and is completed by the WLAN sub-cell and the base station. The transmission of the aggregated traffic flow.
  6. 如权利要求所述5的方法,其特征在于,在所述终端发送无线资源控制消息至基站之前,还包括:The method of claim 5, wherein before the terminal sends the RRC message to the base station, the method further includes:
    所述终端接收基站发送的卸载指示消息,所述卸载指示消息用于表明所述基站卸载聚合的业务流的需求,所述无线资源控制消息中携带所述无线局域网子小区的标识信息,所述无线局域网子小区用于分流所述基站卸载的聚合的业务流。Receiving, by the terminal, an offloading indication message sent by the base station, where the offloading indication message is used to indicate that the base station is to offload the aggregated service flow, and the radio resource control message carries the identifier information of the WLAN sub-cell, The WLAN sub-cell is configured to offload the aggregated service flow that is offloaded by the base station.
  7. 如权利要求5或6所述的方法,其特征在于,还包括:The method of claim 5 or claim 6, further comprising:
    当所述终端需要传输非聚合的业务流时,发送通知消息至所述无线局域网终结点实体,以便所述无线局域网终结点实体执行本地的无线局域网认证过程,由所述无线局域网子小区完成所述非聚合的业务流的传输。Sending a notification message to the WLAN end point entity when the terminal needs to transmit a non-aggregated service flow, so that the WLAN end point entity performs a local WLAN authentication process, and the WLAN sub-cell completes The transmission of non-aggregated traffic flows.
  8. 一种基站,其特征在于,包括:A base station, comprising:
    接收单元,用于接收终端发送的无线资源控制消息,所述无线资源控制消息用于指示所述终端将通过无线局域网子小区和所述基站传输聚合的业务流;a receiving unit, configured to receive a radio resource control message sent by the terminal, where the radio resource control message is used to indicate that the terminal transmits the aggregated service flow through the wireless local area network sub-cell and the base station;
    认证单元,用于触发基于长期演进网络的认证,确认所述聚合的业务流符合分组数据网连接的服务质量并为所述聚合的业务流分配相应的网络资源;An authentication unit, configured to trigger a long-term evolution network-based authentication, confirming that the aggregated service flow meets a service quality of a packet data network connection, and allocating a corresponding network resource to the aggregated service flow;
    发送单元,用于向无线局域网终结点实体发送指示消息,通知所述无线局域网终结点所述聚合的业务流将开始传输,以便所述无线局域网终结点实体跳过无线局域网的本地认证,由所述无线局域网子小区和所述基站完成所述聚合的业务流的传输。a sending unit, configured to send an indication message to the WLAN end point entity, to notify the WLAN end point that the aggregated service flow starts to be transmitted, so that the WLAN end point entity skips local authentication of the WLAN, The wireless local area network sub-cell and the base station complete transmission of the aggregated service flow.
  9. 如权利要求8所述的基站,其特征在于,所述发送单元还用于: The base station according to claim 8, wherein the sending unit is further configured to:
    在所述接收单元接收终端发送的无线资源控制消息之前,发送卸载指示消息给所述终端,所述卸载指示消息用于表明所述基站卸载聚合的业务流的需求,所述无线资源控制消息中携带所述无线局域网子小区的标识信息,所述无线局域网子小区用于分流所述基站卸载的聚合的业务流。Before the receiving unit receives the RRC message sent by the terminal, sending an offloading indication message to the terminal, where the offloading indication message is used to indicate that the base station needs to offload the aggregated service flow, where the RRC message is in the RRC message And carrying the identifier information of the WLAN sub-cell, where the WLAN sub-cell is configured to offload the aggregated service flow that is offloaded by the base station.
  10. 如权利要求8或9所述的基站,其特征在于,还包括:The base station according to claim 8 or 9, further comprising:
    建立单元,用于当所述无线局域网终结点实体跳过无线局域网的本地认证之后,与所述无线局域网终结点实体建立Xw通道,确保所述聚合的业务流数据传输时的服务质量。And a establishing unit, configured to establish an Xw channel with the WLAN end point entity after the WLAN end point entity skips the local authentication of the WLAN to ensure the quality of service of the aggregated service flow data transmission.
  11. 一种终端,其特征在于,包括:A terminal, comprising:
    第一发送单元,用于发送无线资源控制消息至基站,告知基站所述终端将通过无线局域网子小区和所述基站传输聚合的业务流;a first sending unit, configured to send a radio resource control message to the base station, to inform the base station that the terminal transmits the aggregated service flow through the wireless local area network sub-cell and the base station;
    第二发送单元,用于当所述基站触发基于长期演进网络的认证,确认所述聚合的业务流符合分组数据网连接的服务质量并为所述聚合的业务流分配相应的网络资源之后,向无线局域网终结点实体发送指示消息,通知所述无线局域网终结点所述聚合的业务流将开始传输,以便所述无线局域网终结点实体跳过无线局域网的本地认证,由所述无线局域网子小区和所述基站完成所述聚合的业务流的传输。a second sending unit, configured to: when the base station triggers the authentication based on the long term evolution network, confirm that the aggregated service flow meets the service quality of the packet data network connection, and allocates corresponding network resources to the aggregated service flow, The WLAN endpoint entity sends an indication message informing the WLAN endpoint that the aggregated traffic flow will begin to transmit, so that the WLAN endpoint entity skips local authentication of the WLAN by the WLAN sub-cell and The base station completes transmission of the aggregated service flow.
  12. 如权利要求11所述的终端,其特征在于,还包括:The terminal according to claim 11, further comprising:
    接收单元,用于在所述第一发送单元发送无线资源控制消息至基站之前,接收基站发送的卸载指示消息,所述卸载指示消息用于表明所述基站卸载聚合的业务流的需求,所述无线资源控制消息中携带所述无线局域网子小区的标识信息,所述无线局域网子小区用于分流所述基站卸载的聚合的业务流。a receiving unit, configured to receive, before the first sending unit sends the RRC message to the base station, an offload indication message sent by the base station, where the offload indication message is used to indicate that the base station needs to offload the aggregated service flow, The RRC message carries the identifier information of the WLAN sub-cell, where the WLAN sub-cell is configured to offload the aggregated service stream that is unloaded by the base station.
  13. 如权利要求11或12所述的终端,其特征在于,还包括:The terminal according to claim 11 or 12, further comprising:
    第三发送单元,用于当所述终端需要传输非聚合的业务流时,发送通知消息至所述无线局域网终结点实体,以便所述无线局域网终结点实体执行本地的无线局域网认证过程,由所述无线局域网子小区完成所述非聚合的业务流的传 输。 a third sending unit, configured to send a notification message to the WLAN end point entity when the terminal needs to transmit a non-aggregated service flow, so that the WLAN end point entity performs a local wireless local area network authentication process, where The wireless local area network sub-cell completes the transmission of the non-aggregated service flow lose.
PCT/CN2015/091348 2015-07-15 2015-09-30 Method for authenticated access, base station, and terminal WO2017008402A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510417268.XA CN105072612B (en) 2015-07-15 2015-07-15 A kind of method, base station and the terminal of certification access
CN201510417268.X 2015-07-15

Publications (1)

Publication Number Publication Date
WO2017008402A1 true WO2017008402A1 (en) 2017-01-19

Family

ID=54501864

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/091348 WO2017008402A1 (en) 2015-07-15 2015-09-30 Method for authenticated access, base station, and terminal

Country Status (2)

Country Link
CN (1) CN105072612B (en)
WO (1) WO2017008402A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112566185A (en) * 2020-12-18 2021-03-26 京信网络***股份有限公司 Base station service data distribution method, device, storage medium and base station

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11234120B2 (en) * 2016-02-05 2022-01-25 Telefonaktiebolaget Lm Ericsson (Publ) Systems and methods for triggering connection status reporting for a wireless local area network
GB2552825B (en) * 2016-08-11 2018-07-25 Tcl Communication Ltd Security enhancements for LTE WLAN aggregation
US10327280B2 (en) * 2017-02-02 2019-06-18 Htc Corporation Device and method of handling a state mismatch in a wireless communication system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011157152A2 (en) * 2011-05-31 2011-12-22 华为技术有限公司 System, device for convergence transmission and method for data distribution convergence
CN103220786A (en) * 2012-01-18 2013-07-24 ***通信集团公司 Method, base station, terminal and system for cooperative work of wireless local area network (WLAN) and cellular network
CN103906056A (en) * 2012-12-26 2014-07-02 中国电信股份有限公司 Unified certification method under hybrid networking and system thereof
US20150181514A1 (en) * 2013-12-23 2015-06-25 Apple Inc. Virtual WLAN Interface for Cellular Data Offloading in a Wireless Device

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102625377B (en) * 2011-01-31 2014-06-18 电信科学技术研究院 Method for establishing radio bearer, access point equipment, user equipment and system
CN102821483B (en) * 2011-06-08 2015-07-08 华为技术有限公司 Interoperation method for wireless local area network and wireless wide area network, user equipment and base station
CN102892143B (en) * 2011-07-20 2015-11-25 华为技术有限公司 The method of data distribution and subscriber equipment
CN102625361B (en) * 2012-03-08 2015-12-09 华为技术有限公司 data distribution method and base station, data distribution access device
CN102612067A (en) * 2012-03-13 2012-07-25 华为技术有限公司 Data flow distribution control method and equipment as well as user equipment
CN104581816A (en) * 2014-12-18 2015-04-29 上海华为技术有限公司 Method, apparatus, anchor point and system for data multi-streaming transmission
CN104735728A (en) * 2015-04-10 2015-06-24 宇龙计算机通信科技(深圳)有限公司 Service data flow transmission method and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011157152A2 (en) * 2011-05-31 2011-12-22 华为技术有限公司 System, device for convergence transmission and method for data distribution convergence
CN103220786A (en) * 2012-01-18 2013-07-24 ***通信集团公司 Method, base station, terminal and system for cooperative work of wireless local area network (WLAN) and cellular network
CN103906056A (en) * 2012-12-26 2014-07-02 中国电信股份有限公司 Unified certification method under hybrid networking and system thereof
US20150181514A1 (en) * 2013-12-23 2015-06-25 Apple Inc. Virtual WLAN Interface for Cellular Data Offloading in a Wireless Device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112566185A (en) * 2020-12-18 2021-03-26 京信网络***股份有限公司 Base station service data distribution method, device, storage medium and base station
CN112566185B (en) * 2020-12-18 2023-11-21 京信网络***股份有限公司 Base station service data distribution method, device, storage medium and base station

Also Published As

Publication number Publication date
CN105072612A (en) 2015-11-18
CN105072612B (en) 2019-06-11

Similar Documents

Publication Publication Date Title
CN110249597B (en) Communication processing method and device
TWI735837B (en) Wireless transmit/receive unit (wtru) and methods for protocol enhancements in 5g nas
JP7263234B2 (en) Methods, apparatus, systems, terminals and access network devices for communications
US11337197B2 (en) Method and apparatus for simultaneous use of both licensed and unlicensed wireless spectrum
US11510268B2 (en) Method and apparatus for discarding buffered data while keeping connection in CP-UP separation
CA2903169C (en) Method and apparatus for authenticating a network entity using unlicensed wireless spectrum
EP3048845B1 (en) Device and method for data transmission
US11553546B2 (en) Methods and systems for radio access network aggregation and uniform control of multi-RAT networks
KR101879969B1 (en) Data transmission method and device
CN115553058A (en) Establishment and configuration of device-to-device relay connections
EP3001758A1 (en) Method and apparatus to determine a pseudo-grant size for data to be transmitted
WO2013010420A1 (en) Wireless broadband communication method, device, and system
CN113056937B (en) Informing upper layers of restriction mitigation for multiple access categories
US11202338B2 (en) Session establishment method and apparatus
TW201637500A (en) Method and communication node for traffic aggregation
WO2017008402A1 (en) Method for authenticated access, base station, and terminal
WO2014071881A1 (en) Method and device for managing backhaul network bearing
US20240129794A1 (en) Network Congestion Control
WO2023174150A1 (en) Access control method and apparatus
US9253706B2 (en) Method, apparatus, and system for local routing authorization
WO2014000611A1 (en) Method and device for transmitting data
US11265777B2 (en) WLAN termination U-plane relocation without C-plane relocation
WO2019196842A1 (en) Signaling processing method and apparatus

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15898129

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15898129

Country of ref document: EP

Kind code of ref document: A1