CN114173333A - Access network, network selection method, device and communication equipment - Google Patents
Access network, network selection method, device and communication equipment Download PDFInfo
- Publication number
- CN114173333A CN114173333A CN202011281217.6A CN202011281217A CN114173333A CN 114173333 A CN114173333 A CN 114173333A CN 202011281217 A CN202011281217 A CN 202011281217A CN 114173333 A CN114173333 A CN 114173333A
- Authority
- CN
- China
- Prior art keywords
- network
- certificate
- mode
- terminal
- plane type
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004891 communication Methods 0.000 title claims abstract description 176
- 238000010187 selection method Methods 0.000 title claims abstract description 7
- 238000000034 method Methods 0.000 claims abstract description 347
- 238000004590 computer program Methods 0.000 claims description 11
- 230000006870 function Effects 0.000 description 15
- 238000010586 diagram Methods 0.000 description 9
- 230000009286 beneficial effect Effects 0.000 description 5
- 238000007726 management method Methods 0.000 description 4
- 230000011664 signaling Effects 0.000 description 4
- 230000000694 effects Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 2
- 238000013523 data management Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000009795 derivation Methods 0.000 description 1
- 239000011521 glass Substances 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/18—Selecting a network or a communication service
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the application provides an access network, a network selection method, a network selection device and communication equipment, wherein the network access method comprises the following steps: executing a first operation according to the first information; the first operation includes any one of: determining information of an access mode requested by a terminal, wherein the information of the access mode requested by the terminal comprises one of the following: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type; determining a certificate downloading mode of a control plane type supported by the terminal, or determining a certificate downloading mode of a control plane type not supported by the terminal, and determining a certificate downloading mode of a user plane type supported by the terminal; determining a first access mode of a control plane type supported by a terminal; the first access method includes: access means for accessing a first network for downloading credentials for accessing a second network. According to the embodiment, the terminal can be supported to determine the certificate downloading mode.
Description
Technical Field
The embodiment of the application relates to the technical field of wireless communication, in particular to an access network, a network selection method, a network selection device and communication equipment.
Background
Currently, a mode in which a terminal accesses another Network in order to download a certificate for accessing an independent Non-public Network (SNPN) may be a control plane type or a user plane type. However, in this case, there is no relevant method for supporting the way in which the terminal determines the downloading of the certificate, such as using the control plane type or the user plane type.
Disclosure of Invention
The embodiment of the application provides an access network, a network selection method, a network selection device and communication equipment, which are used for solving the problem of how to support a terminal to determine a certificate downloading mode.
In order to solve the technical problem, the present application is implemented as follows:
in a first aspect, an embodiment of the present application provides a method for accessing a network, which is applied to a first communication device, and includes:
executing a first operation according to the first information;
wherein the first information is used to indicate at least one of: a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate; the terminal has the capability of the user plane or the terminal does not have the capability of the user plane; the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode; the terminal supports the certificate downloading mode of the user plane type or the terminal does not support the certificate downloading mode of the user plane type; the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type; the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type;
wherein the first operation comprises any one of:
determining information of an access mode requested by a terminal, wherein the information of the access mode requested by the terminal comprises one of the following: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
determining type information of a certificate downloading mode requested by a terminal, wherein the type information of the certificate downloading mode requested by the terminal comprises one of the following information: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
determining that the terminal supports the control plane type certificate downloading mode or determining that the terminal does not support the control plane type certificate downloading mode,
determining a certificate downloading mode of a user plane type supported by the terminal or determining a certificate downloading mode of a user plane type not supported by the terminal;
determining that the terminal supports the first access mode of the control plane type, or determining that the terminal does not support the first access mode of the control plane type;
determining a first access mode of a user plane type supported by the terminal or determining a first access mode of a user plane type not supported by the terminal;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
In a second aspect, an embodiment of the present application provides a method for accessing a network, which is applied to a second communication device, and includes:
acquiring second information and/or fifth information; wherein the second information comprises at least one of: information of an access mode requested by a terminal, type information of a certificate downloading mode requested by the terminal, and capability information of the terminal; the fifth information includes at least one of: information of a terminal access mode requested by sixth communication equipment, type information of a terminal certificate download mode requested by sixth communication equipment, information of a preconfigured terminal access mode, and type information of a preconfigured terminal certificate download mode;
executing a second operation according to the second information and/or the fifth information;
wherein the second operation comprises at least one of:
determining a type of a first access mode, wherein the type of the first access mode comprises one of the following: a first access mode of a control plane type and a first access mode of a user plane type;
determining the type of a certificate downloading mode, wherein the type of the certificate downloading mode comprises one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
executing the first access mode of the determined type;
executing the determined type of certificate downloading mode;
sending type information of the determined first access mode, wherein the type information of the first access mode is used for indicating one of the following modes: a first access mode of a control plane type and a first access mode of a user plane type;
sending the type information of the determined certificate downloading mode, wherein the type information of the certificate downloading mode is used for indicating one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
determining first indication information, wherein the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type;
sending first indication information, wherein the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type;
determining second indication information, the second indication information indicating one of: a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted;
sending second indication information, wherein the second indication information is used for indicating one of the following: a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted;
wherein the access mode information requested by the terminal includes one of: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
wherein the capability information of the terminal is used for indicating at least one of the following:
the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode;
the terminal supports the certificate downloading mode of the user plane type or the terminal does not support the certificate downloading mode of the user plane type;
the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type;
the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type;
the terminal has the capability of the user plane or the terminal does not have the capability of the user plane;
a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
In a third aspect, an embodiment of the present application provides a method for accessing a network, which is applied to a third communication device, and includes:
receiving third information and/or an access acceptance message; wherein the third information comprises at least one of: the type information of the first access mode, the type information of the certificate downloading mode, the first indication information and the second indication information; wherein the type information of the first access mode is used for indicating one of the following: a first access mode of a control plane type and a first access mode of a user plane type; the type information of the certificate downloading mode is used for indicating one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode; the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type; the second indication information is used for indicating one of the following: a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted;
determining whether to execute a third operation according to the third information and/or the access acceptance message;
wherein the third operation comprises:
requesting a first network to establish a data channel, wherein the data channel is used for downloading a certificate for accessing a second network;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
In a fourth aspect, an embodiment of the present application provides a method for network selection, which is applied to a fourth communication device, and includes:
transmitting or broadcasting the fourth indication information;
wherein the fourth indication information is used for indicating any one of the following items:
the network supports the certificate downloading mode of the control surface type or the network does not support the certificate downloading mode of the control surface type;
the network supports the certificate downloading mode of the user plane type or the network does not support the certificate downloading mode of the user plane type;
the network supports the first access mode of the control plane type or the network does not support the first access mode of the control plane type;
the network supports the first access mode of the user plane type or the network does not support the first access mode of the user plane type;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
In a fifth aspect, an embodiment of the present application provides a method for network selection, which is applied to a fifth communication device, and includes:
acquiring fourth indication information;
according to the fourth information, the operation of network selection is executed;
wherein the fourth information comprises at least one of: fourth indication information, capability information of the terminal, information of an access mode requested by the terminal, and type information of a certificate download mode requested by the terminal;
wherein the fourth indication information is used for indicating any one of the following items: the network supports the certificate downloading mode of the control surface type or the network does not support the certificate downloading mode of the control surface type; the network supports the certificate downloading mode of the user plane type, or the network does not support the certificate downloading mode of the user plane type; the network supports the first access mode of the control plane type or the network does not support the first access mode of the control plane type; the network supports the first access mode of the user plane type, or the network does not support the first access mode of the user plane type;
wherein the capability information of the terminal is used for indicating at least one of the following: the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode; the terminal supports the user plane type certificate downloading party or the terminal does not support the user plane type certificate downloading mode; the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type; the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type; the terminal has the capability of the user plane or the terminal does not have the capability of the user plane; a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate;
wherein, the information of the access mode requested by the terminal comprises one of the following: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
wherein the type information of the certificate downloading mode requested by the terminal comprises one of the following information: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
In a sixth aspect, an embodiment of the present application provides an apparatus for accessing a network, where the apparatus is applied to a first communication device, and the apparatus includes:
the first execution module is used for executing a first operation according to the first information;
wherein the first information is used to indicate at least one of: a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate; the terminal has the capability of the user plane or the terminal does not have the capability of the user plane; the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode; the terminal supports the certificate downloading mode of the user plane type or the terminal does not support the certificate downloading mode of the user plane type; the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type; the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type;
wherein the first operation comprises any one of:
determining information of an access mode requested by a terminal, wherein the information of the access mode requested by the terminal comprises one of the following: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
determining type information of a certificate downloading mode requested by a terminal, wherein the type information of the certificate downloading mode requested by the terminal comprises one of the following information: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
determining that the terminal supports the control plane type certificate downloading mode or determining that the terminal does not support the control plane type certificate downloading mode,
determining a certificate downloading mode of a user plane type supported by the terminal or determining a certificate downloading mode of a user plane type not supported by the terminal;
determining that the terminal supports the first access mode of the control plane type, or determining that the terminal does not support the first access mode of the control plane type;
determining a first access mode of a user plane type supported by the terminal or determining a first access mode of a user plane type not supported by the terminal;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
In a seventh aspect, an embodiment of the present application provides a network access apparatus, which is applied to a second communication device, and includes:
the first acquisition module is used for acquiring the second information and/or the fifth information; wherein the second information comprises at least one of: information of an access mode requested by a terminal, type information of a certificate downloading mode requested by the terminal, and capability information of the terminal; the fifth information includes at least one of: information of a terminal access mode requested by sixth communication equipment, type information of a terminal certificate download mode requested by sixth communication equipment, information of a preconfigured terminal access mode, and type information of a preconfigured terminal certificate download mode;
the second execution module is used for executing a second operation according to the second information and/or the fifth information;
wherein the second operation comprises at least one of:
determining a type of a first access mode, wherein the type of the first access mode comprises one of the following: a first access mode of a control plane type and a first access mode of a user plane type;
determining the type of a certificate downloading mode, wherein the type of the certificate downloading mode comprises one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
executing the first access mode of the determined type;
executing the determined type of certificate downloading mode;
sending type information of the determined first access mode, wherein the type information of the first access mode is used for indicating one of the following modes: a first access mode of a control plane type and a first access mode of a user plane type;
sending the type information of the determined certificate downloading mode, wherein the type information of the certificate downloading mode is used for indicating one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
determining first indication information, wherein the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type;
sending first indication information, wherein the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type;
determining second indication information, the second indication information indicating one of: a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted;
sending second indication information, wherein the second indication information is used for indicating one of the following: a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted;
wherein the access mode information requested by the terminal includes one of: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
wherein the capability information of the terminal is used for indicating at least one of the following:
the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode;
the terminal supports the certificate downloading mode of the user plane type or the terminal does not support the certificate downloading mode of the user plane type;
the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type;
the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type;
the terminal has the capability of the user plane or the terminal does not have the capability of the user plane;
a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
In an eighth aspect, an embodiment of the present application provides an apparatus for accessing a network, which is applied to a third communications device, and includes:
the second receiving module is used for receiving the third information and/or the access acceptance message; wherein the third information comprises at least one of: the type information of the first access mode, the type information of the certificate downloading mode, the first indication information and the second indication information; wherein the type information of the first access mode is used for indicating one of the following: a first access mode of a control plane type and a first access mode of a user plane type; the type information of the certificate downloading mode is used for indicating one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode; the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type; the second indication information is used for indicating one of the following: a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted;
a third executing module, configured to determine whether to execute a third operation according to the third information and/or the access accept message;
wherein the third operation comprises:
requesting a first network to establish a data channel, wherein the data channel is used for downloading a certificate for accessing a second network;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
In a ninth aspect, an embodiment of the present application provides an apparatus for network selection, which is applied to a fourth communication device, and includes:
the third sending module is used for sending or broadcasting the fourth indication information;
wherein the fourth indication information is used for indicating any one of the following items:
the network supports the certificate downloading mode of the control surface type or the network does not support the certificate downloading mode of the control surface type;
the network supports the certificate downloading mode of the user plane type or the network does not support the certificate downloading mode of the user plane type;
the network supports the first access mode of the control plane type or the network does not support the first access mode of the control plane type;
the network supports the first access mode of the user plane type or the network does not support the first access mode of the user plane type;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
In a tenth aspect, an embodiment of the present application provides an apparatus for network selection, which is applied to a fifth communication device, and includes:
the second acquisition module is used for acquiring fourth indication information;
the fourth execution module is used for executing the operation of network selection according to the fourth information;
wherein the fourth information comprises at least one of: fourth indication information, capability information of the terminal, information of an access mode requested by the terminal, and type information of a certificate download mode requested by the terminal;
wherein the fourth indication information is used for indicating any one of the following items: the network supports the certificate downloading mode of the control surface type or the network does not support the certificate downloading mode of the control surface type; the network supports the certificate downloading mode of the user plane type, or the network does not support the certificate downloading mode of the user plane type; the network supports the first access mode of the control plane type or the network does not support the first access mode of the control plane type; the network supports the first access mode of the user plane type, or the network does not support the first access mode of the user plane type;
wherein the capability information of the terminal is used for indicating at least one of the following: the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode; the terminal supports the user plane type certificate downloading party or the terminal does not support the user plane type certificate downloading mode; the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type; the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type; the terminal has the capability of the user plane or the terminal does not have the capability of the user plane; a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate;
wherein, the information of the access mode requested by the terminal comprises one of the following: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
wherein the type information of the certificate downloading mode requested by the terminal comprises one of the following information: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
In an eleventh aspect, the present application provides a communication device, including a processor, a memory, and a computer program stored on the memory and executable on the processor, where the computer program, when executed by the processor, implements the steps of the method for accessing a network provided in the first aspect, or implements the steps of the method for accessing a network provided in the second aspect, or implements the steps of the method for accessing a network provided in the third aspect, or implements the steps of the method for selecting a network provided in the fourth aspect, or implements the steps of the method for selecting a network provided in the fifth aspect.
In a twelfth aspect, the present application provides a computer-readable storage medium, on which a computer program is stored, which when executed by a processor implements the steps of the method for accessing a network provided in the first aspect, or implements the steps of the method for accessing a network provided in the second aspect, or implements the steps of the method for accessing a network provided in the third aspect, or implements the steps of the method for network selection provided in the fourth aspect, or implements the steps of the method for network selection provided in the fifth aspect.
It is understood that, by the embodiment of the application, the terminal can be supported to determine the certificate downloading mode and select the network which accords with the self capability for access.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the application. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
fig. 1 is a schematic architecture diagram of a wireless communication system according to an embodiment of the present application;
fig. 2 is a flowchart illustrating a method for accessing a network according to an embodiment of the present application;
fig. 3 is a flowchart illustrating a method for accessing a network according to another embodiment of the present application;
fig. 4 is a flowchart illustrating a method for accessing a network according to another embodiment of the present application;
fig. 5 is a flowchart illustrating a method of network selection according to another embodiment of the present application;
fig. 6 is a flowchart illustrating a method of network selection according to another embodiment of the present application;
fig. 7 is a flowchart illustrating a method for accessing a network according to embodiment 1 of the present application;
fig. 8 is a flowchart illustrating a network selection method according to embodiment 1 of the present application;
fig. 9 is a schematic structural diagram of an apparatus for accessing a network according to the present application;
fig. 10 is a schematic structural diagram of another apparatus for accessing a network provided in the present application;
fig. 11 is a schematic structural diagram of another apparatus for accessing a network provided in the present application;
fig. 12 is a schematic structural diagram of a network selection apparatus provided in the present application;
fig. 13 is a schematic structural diagram of another network selection apparatus provided in the present application;
fig. 14 is a block diagram of a communication device provided in the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some, but not all, embodiments of the present application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The terms first, second and the like in the description and in the claims of the present application are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It should be understood that the data so used are interchangeable under appropriate circumstances such that embodiments of the application can be practiced in sequences other than those illustrated or described herein, and the terms "first" and "second" used herein generally do not denote any order, nor do they denote any order, for example, the first object may be one or more. In addition, "and/or" in the specification and the claims means at least one of connected objects, and a character "/" generally means that a preceding and succeeding related objects are in an "or" relationship.
Fig. 1 shows a block diagram of a wireless communication system to which embodiments of the present application are applicable. The wireless communication system includes a terminal 11 and a network-side device 12. Wherein, the terminal 11 may include a relay supporting the terminal function and/or a terminal supporting the relay function, the terminal 11 may also be referred to as a terminal Device or a User Equipment (UE), the terminal 11 may be a Mobile phone, a Tablet Personal Computer (Tablet Personal Computer), a Laptop Computer (Laptop Computer) or a notebook Computer, a Personal Digital Assistant (PDA), a Mobile Internet Device (MID), a palmtop Computer, a netbook, a super Mobile Personal Computer (ultra-Mobile Personal Computer, UMPC), a Mobile Internet Device (MID), a Wearable Device (Wearable Device) or a Vehicle-mounted Device (Vehicle User Equipment, e), a terminal (Pedestrian User Equipment, PUE), and other terminal devices, and the Wearable Device includes: bracelets, earphones, glasses and the like. It should be noted that the embodiment of the present application does not limit the specific type of the terminal 11. The network-side device 12 may be a Base Station or a core network, where the Base Station may be referred to as a node B, an evolved node B, an access Point, a Base Transceiver Station (BTS), a radio Base Station, a radio Transceiver, a Basic Service Set (BSS), an Extended Service Set (ESS), a node B, an evolved node B (eNB), a home node B, a WLAN access Point, a WiFi node, a Transmit Receiving Point (TRP), or some other suitable terminology in the field, as long as the same technical effect is achieved, the Base Station is not limited to a specific technical vocabulary, and it should be noted that, in the embodiment of the present application, only the Base Station in the NR system is taken as an example, but a specific type of the Base Station is not limited.
In some communication scenarios, there are scenarios where a communication device does not have the credentials of a network but needs to access the network, for example: at the time of Standalone Non-public Network (SNPN) deployment, the UE may not have the credentials and UE identity that can be used to access the SNPN. Such as factory deployed SNPN and terminals just purchased in the market, or SNPN and viewer terminals deployed at the concert venue.
In order for this type of UE to obtain credentials and UE identity for accessing SNPN, the UE may access a certain network (subsequently referred to as a first network) and download the credentials for accessing SNPN. The first network may be the SNPN.
The way in which the first network is accessed in order to download credentials for accessing the second network may be referred to as onkeying. The first network and the second network may be the same network.
Optionally, the first access method includes: access means for accessing a first network for downloading credentials for accessing a second network.
For example, the manner of downloading the certificate may include: 1) a Control Plane (CP) type certificate downloading mode, in which a first network downloads a certificate to a certificate configuration server for a UE and sends the certificate to the UE through Control Plane signaling; 2) a User Plane (UP) type certificate downloading mode, a mode that a terminal establishes a data channel to a first network and downloads a certificate to a certificate configuration server through the data channel.
For the control plane type certificate download approach, both the UE and the first network need additional capabilities:
1) the first network is capable of interacting with a provisioning Server (provisioning Server) and downloading on behalf of the UE to the provisioning Server a credential to be sent to the UE under protection of a key of a default credential, e.g., the credential is sent to the UE in a Non-Access Stratum (NAS) message; while the NAS message is encrypted and/or integrity protected.
2) In addition to enabling authentication between the UE and a Default Credential authentication Server (DCS), it is also possible to enable derivation of a key, such as a derived K, for communication between the UE and the first networkSEAF. So that the first network and the UE can derive KSEAFThe method is used for encryption and/or integrity protection to protect NAS information, otherwise, a control plane type certificate downloading mode cannot be adopted.
3) The UE is to be able to support receiving credentials from NAS messages.
For the user plane type certificate downloading mode, the user plane type certificate downloading mode may be a default mode:
1) the network may not require additional capabilities; the network only needs to configure the policy and restricts the established data channel (e.g. PDU Session) to be connected to the provisioning Server only.
2) The capability of the UE to interact with the provisioning Server may be self-setting and may not need to inform the network because the UE interacts with the first network only by setting up a data channel (PDU Session).
Optionally, the network may default to a certificate download mode that supports user plane types.
Optionally, the UE may support the control plane type certificate downloading party and/or the user plane type certificate downloading manner.
Optionally, when the UE indicates that the first access mode may imply the first access mode supporting the user plane type, and/or a System Information Block (SIB) of the network broadcasts the first access mode may imply the first access mode supporting the user plane type. The network may determine whether to adopt the first access mode of the control plane type according to the capability of the certificate download mode of the control plane type of the UE, and/or the network may determine whether to adopt the first access mode of the control plane type according to the capability of the certificate download mode of the control plane type of the network and policy configuration.
Optionally, for the UE having both the capability of the control plane type certificate downloading manner and the capability of the user plane manner, the UE needs to obtain an indication of the control plane type certificate downloading manner from the network to determine whether to initiate a data channel (e.g., a PDU session) to establish a download certificate. For example, when the indication of the control plane type certificate downloading mode is not obtained, a data channel is initiated to the first network to establish a downloading certificate; when the indication of the control plane type certificate downloading manner is obtained, the first network may wait for the UE to download the certificate.
In this embodiment of the present application, optionally, obtaining may be understood as obtaining from configuration, receiving after a request, obtaining by self-learning, deriving from unreceived information, or obtaining after processing received information, which may be determined according to actual needs, and this is not limited in this embodiment of the present application. For example, when a certain capability indication sent by the device is not received, it can be deduced that the device does not support the capability.
Optionally, the sending may include broadcasting, broadcasting in a system message, and returning after responding to the request.
In an alternative embodiment of the present application, the first network may comprise one of: non-public networks (e.g., SNPN, or PNI-SNPN), public networks (PLMN).
In an alternative embodiment of the present application, the second network may comprise one of: non-public networks (e.g., SNPN, or PNI-SNPN), public networks (PLMN).
In an optional embodiment of the present application, the control plane type certificate downloading manner is a manner in which a network element of the first network interacts with a certificate configuration server and sends the certificate to the terminal through a control plane signaling (e.g., NAS signaling).
In an optional embodiment of the present application, the user plane type certificate downloading manner is a manner in which the terminal requests the first network to establish a data channel (e.g., a PDU session), and the terminal and a configuration server of the certificate interactively download the certificate through the data channel. The interaction between the terminal and the configuration server of the certificate is user plane data for the first network, and is therefore referred to as a user plane type certificate download mode.
In an optional embodiment of the present application, the user plane capability of the terminal includes at least one of: support functions for requesting the establishment of a data channel (e.g., a PDU session) from the network, session management, and the like.
In an optional embodiment of the present application, the certificate for accessing the second network includes: a certificate of the second network.
In one embodiment of the present application, the non-public network is an abbreviation of non-public network. The non-public network may be referred to as one of the following: a non-public communication network. The non-public network may include at least one of the following deployment modes: physical non-public networks, virtual non-public networks, non-public networks implemented on public networks. In one embodiment, the non-public network is a Closed Access Group (CAG). A CAG may consist of a group of terminals.
In one embodiment of the present application, the non-public network service is an abbreviation of non-public network service. The non-public network service may also be referred to as one of the following: a network service of a non-public network, a non-public communication service, a non-public network communication service, a network service of a non-public network, or other nomenclature. It should be noted that the naming method in the embodiment of the present invention is not particularly limited. In one embodiment, the non-public network is a closed access group, and in this case, the non-public network service is a network service of the closed access group.
In one embodiment of the present application, the non-public network may comprise or be referred to as a private network. The private network may be referred to as one of the following: a private communication network, a private network, a Local Area Network (LAN), a Private Virtual Network (PVN), an isolated communication network, a private communication network, or other nomenclature. It should be noted that the naming method in the embodiment of the present invention is not particularly limited.
In one embodiment of the present application, the public network is abbreviated as a public network. The public network may be referred to as one of the following: public communication networks or other nomenclature. It should be noted that the naming method in the embodiment of the present invention is not particularly limited.
In an alternative embodiment of the present application, the authentication service includes an authentication server (such as DCS, or home AUSF) initiating an authentication request for the terminal. The authentication service network element may be an authentication agent providing authentication services for the terminal. Optionally, the authentication service network element may include, but is not limited to, one of the following: AUSF, AAA proxy.
In an optional embodiment of the present application, the communication device may comprise at least one of: a communication network element and a terminal.
In an embodiment of the present application, the communication network element may include at least one of: a core network element and a radio access network element.
In the embodiment of the present application, the core network element (CN element) may include, but is not limited to, at least one of the following: core network equipment, core network nodes, core network functions, core network elements, Mobility Management Entity (MME), Access Mobility Management Function (AMF), Session Management Function (SMF), User Plane Function (UPF), a Serving GW (SGW), a PDN Gateway (PDN Gateway), a Policy Control Function (Policy Control Function, PCF), a Policy and Charging Rules Function (Policy and Charging Rules Function, PCRF), a GPRS service Support Node (Serving GPRS Support Node, SGSN), a Gateway GPRS Support Node (Gateway GPRS Support Node, GGSN), a Unified Data Management (UDM), a Unified Data storage (UDR), a Home Subscriber Server (Home Subscriber Server, HSS) and an Application Function (Application Function, AF).
In the embodiment of the present application, the RAN network element may include, but is not limited to, at least one of the following: radio Access Network equipment, Radio Access Network nodes, Radio Access Network functions, Radio Access Network units, 3GPP Radio Access Networks, Non-3GPP Radio Access Networks, Centralized Units (CUs), Distributed Units (DU), base stations, evolved Node bs (eNB), 5G base stations (gNB), Radio Network Controllers (RNC), base stations (NodeB), Non-3GPP Inter Working functions (N3 IWF), Access Control (AC) nodes, Access Point (Access Point, AP) devices or Wireless Local Area Networks (WLAN) nodes, N3 IWF.
The following provides a detailed description of examples of the present application.
Referring to fig. 2, an embodiment of the present application provides a method for accessing a network, which is applied to a first communication device; the first communication device includes but is not limited to: a UE; the method comprises the following steps:
step 21: according to the first information, a first operation is performed.
Optionally, the first information is used to indicate at least one of: a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate; the terminal has the capability of the user plane or the terminal does not have the capability of the user plane; the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode; the terminal supports the certificate downloading mode of the user plane type or the terminal does not support the certificate downloading mode of the user plane type; the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type; the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type.
Optionally, the key for communication between the terminal and the first network includes, but is not limited to, at least one of the following: kSEAF,KAUSF,KAMFEncryption key, integrity protection key. The key for communication between the terminal and the first network may derive an encryption key and/or an integrity protection key for data communicated between the terminal and the first network.
Optionally, the first access method includes: access means for accessing a first network for downloading credentials for accessing a second network.
Optionally, the first access method of the control plane type includes: the access method of accessing the first network in order to download the certificate for accessing the second network is a control plane type certificate download method.
Optionally, the first access method of the user plane type includes: the access method of accessing the first network for downloading the certificate for accessing the second network is a user plane type certificate download method.
Optionally, the first network and the second network are the same network or different networks.
Optionally, the first operation includes any one of:
determining information of an access mode requested by a terminal, wherein the information of the access mode requested by the terminal comprises one of the following: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
determining type information of a certificate downloading mode requested by a terminal, wherein the type information of the certificate downloading mode requested by the terminal comprises one of the following information: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
determining that the terminal supports the control plane type certificate downloading mode or determining that the terminal does not support the control plane type certificate downloading mode,
determining a certificate downloading mode of a user plane type supported by the terminal or determining a certificate downloading mode of a user plane type not supported by the terminal;
determining that the terminal supports the first access mode of the control plane type, or determining that the terminal does not support the first access mode of the control plane type;
and determining that the terminal supports the first access mode of the user plane type or determining that the terminal does not support the first access mode of the user plane type.
In this embodiment of the application, optionally, the executing the first operation according to the first information may include: determining that the information of the access mode requested by the terminal is a first access mode of the user plane type under the condition of meeting at least one of the following conditions:
the first information indicates that a key for communication between the terminal and the first network cannot be derived from a default certificate;
the first information indicates that the terminal does not support a certificate downloading mode of a control plane type;
the first information indicates that the terminal does not support a first access mode of a control plane type;
the first information indicates that the terminal has the capability of a user plane;
the first information indicates a certificate downloading mode of a user plane type supported by the terminal;
the first information indicates that the terminal supports a first access mode of a user plane type.
And/or, the performing the first operation according to the first information may include: and when the first condition is met, determining that the terminal does not support the certificate downloading mode of the control plane type or determining that the terminal does not support the first access mode of the control plane type.
Wherein the first condition comprises at least one of:
the first information indicates that a key for communication between the terminal and the first network cannot be derived from a default certificate;
the first information indicates that the terminal does not support a certificate downloading mode of a control plane type;
the first information indicates that the terminal does not support a first access mode of a control plane type.
In this embodiment of the application, optionally, the executing the first operation according to the first information may include:
determining that the information of the access mode requested by the terminal is a first access mode of a control plane type under the condition of meeting at least one of the following conditions:
the first information indicates that the terminal does not have the capability of a user plane;
the first information indicates that the terminal does not support a certificate downloading mode of a user plane type;
the first information indicates that the terminal does not support a first access mode of a user plane type;
the first information indicates that a key for communication between the terminal and the first network can be derived from a default certificate;
the first information indicates that the terminal supports a certificate downloading mode of a control plane type;
the first information indicates that the terminal supports a first access mode of a control plane type.
And/or, the performing the first operation according to the first information may include: and when the second condition is met, determining that the terminal does not support the certificate downloading mode of the user plane type or determining that the terminal does not support the first access mode of the user plane type.
Wherein the second condition comprises at least one of:
the first information indicates that the terminal does not have the capability of a user plane;
the first information indicates that the terminal does not support a certificate downloading mode of a user plane type;
the first information indicates that the terminal does not support a first access mode of a user plane type.
In this embodiment of the present application, optionally, the method may further include:
sending the second information; wherein the second information comprises at least one of: information of an access mode requested by the terminal, capability information of the terminal, and type information of a certificate download mode requested by the terminal.
Optionally, the access mode information requested by the terminal includes one of: a first access mode, a first access mode of a control plane type, and a first access mode of a user plane type.
Optionally, the type information of the certificate downloading manner requested by the terminal includes one of the following: control plane type certificate downloading mode and user plane type certificate downloading mode.
Optionally, the capability information of the terminal is used to indicate at least one of the following:
the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode;
the terminal supports the certificate downloading mode of the user plane type or the terminal does not support the certificate downloading mode of the user plane type;
the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type;
the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type;
the terminal has the capability of the user plane or the terminal does not have the capability of the user plane;
a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate.
Further, after the sending the second information, the method may further include:
receiving third information and/or an access acceptance message;
and determining whether to execute a third operation according to the third information and/or the access acceptance message.
Optionally, the third information includes at least one of: the type information of the first access mode, the type information of the certificate downloading mode, the first indication information and the second indication information; wherein the type information of the first access mode is used for indicating one of the following: a first access mode of a control plane type and a first access mode of a user plane type; the type information of the certificate downloading mode is used for indicating one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode; the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type; the second indication information is used for indicating one of the following: and a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted.
In one embodiment, the access accept message is an access accept message obtained after the terminal accesses the first network, and includes, but is not limited to, a registration accept message.
Optionally, the third operation includes: requesting the first network to establish a data channel for downloading credentials for accessing the second network.
Further, the determining whether to perform the third operation according to the third information may include: in a case where a fifth condition is satisfied, the third operation is performed.
Wherein the fifth condition comprises at least one of:
the third information comprises type information of a first access mode, and the type information of the first access mode indicates the first access mode of the user plane type;
the third information comprises type information of a certificate downloading mode, and the type information of the certificate downloading mode indicates the certificate downloading mode of the user plane type;
the third information comprises first indication information, and the first indication information indicates that a first access mode of a control plane type is not adopted;
the third information comprises second indication information, and the second indication information indicates that a control surface type certificate downloading mode is not adopted;
only the access acceptance information is received, or the third information is not acquired.
In one embodiment, when the terminal and/or the first network support the first access mode, the terminal and/or the first network may support the first access mode of the user plane type by default.
In one embodiment, when the terminal and/or the first network support the first access mode, the terminal and/or the first network may support a user plane type certificate downloading mode by default.
Further, the determining whether to perform the third operation according to the third information may include: in a case where a sixth condition is satisfied, the third operation is not performed.
Wherein the sixth condition comprises at least one of:
the third information comprises type information of a first access mode, and the type information of the first access mode indicates the first access mode of the control plane type;
the third information comprises type information of a certificate downloading mode, and the type information of the certificate downloading mode indicates the certificate downloading mode of the control surface type;
the third information comprises first indication information, and the first indication information indicates that a first access mode of a control plane type is adopted;
the third information comprises second indication information, and the second indication information indicates that a control surface type certificate downloading mode is adopted.
In an optional application scenario, both the UE and the network default to support the first access mode of the user plane type or the certificate downloading mode of the user plane type, and may optionally support the first access mode of the control plane type or the certificate downloading party of the control plane type.
Optionally, when the UE indicates that the first access mode may imply the first access mode supporting the user plane type, and/or a System Information Block (SIB) of the network broadcasts the first access mode may imply the first access mode supporting the user plane type. The network may determine whether to adopt the first access mode of the control plane type according to the capability of the certificate download mode of the control plane type of the UE, and/or the network may determine whether to adopt the first access mode of the control plane type according to the capability of the certificate download mode of the control plane type of the network and policy configuration.
Optionally, for a terminal having both the capability of the control plane type certificate downloading manner and the capability of the user plane type certificate downloading manner, the terminal needs to obtain an indication of the control plane type certificate downloading manner from the network to determine whether to initiate a data channel (e.g., a PDU session) to establish a download certificate. For example, when the indication of the control plane type certificate downloading mode is not obtained, a data channel is initiated to the first network to establish a downloading certificate; when the indication of the control plane type certificate downloading manner is obtained, the first network may wait for the UE to download the certificate.
It is understood that, with the present embodiment, the terminal may be supported to determine the manner of downloading the certificate.
Referring to fig. 3, an embodiment of the present application provides a method for accessing a network, which is applied to a second communication device; the second communication device includes but is not limited to: CN network elements (e.g., AMF); the CN network element may be a communication device in the first network. The method comprises the following steps:
step 31: and acquiring the second information and/or the fifth information.
Optionally, the second information includes at least one of: information of an access mode requested by the terminal, type information of a certificate download mode requested by the terminal, and capability information of the terminal.
Optionally, the fifth information includes at least one of: information of a terminal access mode requested by the sixth communication device, type information of a terminal certificate download mode requested by the sixth communication device, information of a preconfigured terminal access mode, and type information of a preconfigured terminal certificate download mode.
In one embodiment, the sixth communication device includes, but is not limited to, one of: AF, UDM, PCF, SMF, AUSF, DCS, configuration server (e.g., PS). In another embodiment, the sixth communication device is a communication device in the certificate owner. In one embodiment, the configuration server configures the certificate for the terminal. The DCS may verify and/or authenticate a terminal accessing the network through the first access means.
Optionally, the type information of the terminal certificate downloading manner requested by the sixth communication device includes one of: control plane type certificate downloading mode and user plane type certificate downloading mode.
Optionally, the information of the terminal access mode requested by the sixth communication device includes one of: the first access mode is a control plane type, and the first access mode is a user plane type.
Optionally, the information of the preconfigured terminal access mode includes one of the following: the first access mode is a control plane type, and the first access mode is a user plane type.
Optionally, the type information of the preconfigured terminal certificate downloading manner includes one of the following: control plane type certificate downloading mode and user plane type certificate downloading mode.
Optionally, the access mode information requested by the terminal includes one of: the first access mode is a control plane type, and the first access mode is a user plane type.
Optionally, the type information of the terminal certificate downloading manner requested by the terminal includes one of the following: control plane type certificate downloading mode and user plane type certificate downloading mode.
Optionally, the capability information of the terminal may be used to indicate at least one of the following:
the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode;
the terminal supports the certificate downloading mode of the user plane type or the terminal does not support the certificate downloading mode of the user plane type;
the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type;
the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type;
the terminal has the capability of the user plane or the terminal does not have the capability of the user plane;
a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate.
Optionally, the key for communication between the terminal and the first network includes, but is not limited to, at least one of the following: kSEAF,KAUSF,KAMFEncryption keys and/or integrity protection keys. The key for communication between the terminal and the first network may derive an encryption key and/or an integrity protection key for data communicated between the terminal and the first network.
It is to be understood that when a key for communication between the terminal and the first network cannot be derived from the default certificate, the first access mode of the control plane type or the certificate download mode of the control plane type cannot be employed, because the certificate is not encrypted or integrity protected in the control plane signaling, and is not secure enough. At this time, a first access mode of the user plane type or a certificate download mode of the user plane type may be adopted. Since the user plane type can be encrypted at the application level of the terminal and the configuration server configuring the certificate.
Optionally, the first access method includes: access means for accessing a first network for downloading credentials for accessing a second network.
Optionally, the first access method of the control plane type includes: the access method of accessing the first network in order to download the certificate for accessing the second network is a control plane type certificate download method.
Optionally, the first access method of the user plane type includes: the access method of accessing the first network for downloading the certificate for accessing the second network is a user plane type certificate download method.
Optionally, the first network and the second network are the same network or different networks.
Step 32: and executing a second operation according to the second information and/or the fifth information.
Optionally, the second operation includes at least one of:
determining a type of a first access mode, wherein the type of the first access mode comprises one of the following: a first access mode of a control plane type and a first access mode of a user plane type;
determining the type of a certificate downloading mode, wherein the type of the certificate downloading mode comprises one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
executing the first access mode of the determined type;
executing the determined type of certificate downloading mode;
sending type information of the determined first access mode, wherein the type information of the first access mode is used for indicating one of the following modes: a first access mode of a control plane type and a first access mode of a user plane type;
sending the type information of the determined certificate downloading mode, wherein the type information of the certificate downloading mode is used for indicating one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
determining first indication information, wherein the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type;
sending first indication information, wherein the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type;
determining second indication information, the second indication information indicating one of: a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted;
sending second indication information, wherein the second indication information is used for indicating one of the following: and a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted.
Optionally, the performing the second operation according to the second information and/or the fifth information may include: in the case where the third condition is satisfied, performing at least one of: determining that the type of the first access mode is a control plane type first access mode, determining that the type of the certificate download mode is a control plane type certificate download mode, determining that the first indication information indicates that the control plane type first access mode is adopted, and determining that the second indication information indicates that the control plane type certificate download mode is adopted.
Wherein the third condition comprises at least one of:
the access mode information requested by the terminal comprises one of the following: a first access mode, a control plane type first access mode;
the information of the terminal access method requested by the sixth communication device includes one of: a first access mode, a control plane type first access mode;
the type information of the terminal certificate download mode requested by the sixth communication device includes: control plane type certificate downloading mode;
the information of the preconfigured terminal access mode comprises one of the following: a first access mode, a control plane type first access mode;
the type information of the preconfigured terminal certificate downloading mode comprises the following steps: control plane type certificate downloading mode;
the capability information of the terminal indicates at least one of: the terminal supports a certificate downloading mode of a control plane type, the terminal supports a first access mode of the control plane type, the terminal does not support a certificate downloading mode of a user plane type, the terminal does not support the first access mode of the user plane type, the terminal does not have the capability of the user plane, and a secret key for communication between the terminal and a first network can be derived according to a default certificate;
the first network supports a certificate downloading mode of a control plane type;
the first network supports a first access mode of a control plane type;
the first network does not support a user plane type certificate downloading mode;
the first network does not support a first access mode of a user plane type.
Optionally, the performing the second operation according to the second information and/or the fifth information may include: in a case where the fourth condition is satisfied, performing at least one of: determining that the type of the first access mode is a first access mode of a user plane type, determining that the type of the certificate download mode is the certificate download mode of the user plane type, determining that the first indication information indicates that the first access mode of the control plane type is not adopted, determining that the second indication information indicates that the certificate download mode of the control plane type is not adopted, sending address information of a configuration server to the terminal, sending slice information to the terminal, and sending a Data Network Name (DNN) to the terminal.
In one embodiment, the configuration server may be a server that configures the certificate for the terminal. In one embodiment, the address information of the configuration server may include information for indexing the address of the configuration server.
In one embodiment, the slice information may be slice information for establishing a channel for a user plane. In another embodiment, the slice information is slice information for the first access scheme or slice information for the first access scheme of the user plane type.
The DNN may be a DNN for establishing a channel for a user plane. The user plane channel may be a channel of a user plane for downloading credentials. In another embodiment, the DNN is a DNN for the first access scheme or a DNN for the user plane type first access scheme.
Wherein the fourth condition comprises at least one of:
the access mode information requested by the terminal comprises one of the following: a first access mode, a first access mode of a user plane type;
the terminal access mode information requested by the sixth communication device includes one of: a first access mode, a first access mode of a user plane type;
the type information of the terminal certificate download mode requested by the sixth communication device includes: a user plane type certificate download mode;
the information of the preconfigured terminal access mode comprises one of the following: a first access mode, a first access mode of a user plane type;
the type information of the preconfigured terminal certificate downloading mode comprises the following steps: a user plane type certificate download mode;
the capability information of the terminal indicates at least one of: the terminal supports a first access mode of a user plane type, the terminal supports a certificate downloading mode of the user plane type, the terminal does not support a certificate downloading mode of a control plane type, the terminal does not support the first access mode of the control plane type, the terminal has the capability of the user plane, and a secret key for communication between the terminal and a first network cannot be derived according to a default certificate;
the first network supports a user plane type certificate downloading mode;
the first network supports a first access mode of a user plane type;
the first network does not support a control plane type certificate downloading mode;
the first network does not support the first access mode of the control plane type.
Optionally, the operation of sending the first indication information and/or sending the second indication information may include:
when the type of the first access mode is determined to be a control plane type first access mode or the type of the certificate downloading mode is determined to be a control plane type certificate downloading mode, sending first indication information and/or sending second indication information; the first indication information indicates a first access mode of a control plane type; the second indication information indicates that a control surface type certificate downloading mode is adopted;
and/or the presence of a gas in the gas,
when the type of the first access mode is determined to be the first access mode of the user plane type or the type of the certificate downloading mode is determined to be the certificate downloading mode of the user plane type, sending first indication information and/or sending second indication information; the first indication information indicates that a first access mode of a control plane type is not adopted; the second indication information indicates that the control plane type certificate downloading mode is not adopted.
In one embodiment, a first network supports a first access mode of a user plane type or a certificate downloading mode of the user plane type by default; the first network can optionally support a first access mode of a control plane type or a certificate downloading mode of the control plane type. At this time, the first indication information or the second indication information may be transmitted.
Further, when it is determined that the type of the first access mode is the control plane type first access mode or that the type of the certificate download mode is the control plane type certificate download mode, the first indication information may indicate that the control plane type first access mode is used, and the second indication information may indicate that the control plane type certificate download mode is used.
Further, when it is determined that the type of the first access manner is the first access manner of the user plane type or it is determined that the type of the certificate download manner is the certificate download manner of the user plane type, the first indication information may indicate that the first access manner of the control plane type is not used, and the second indication information may indicate that the certificate download manner of the control plane type is not used.
In another embodiment, the first network may optionally support a first access mode of a user plane type and/or a first access mode of a control plane type. Alternatively, the first network may optionally support a user plane type certificate downloading manner and/or a control plane type certificate downloading manner. At this time, the type information of the determined first access method may be sent, and the type information of the first access method is used to indicate one of the following: a first access mode of a control plane type and a first access mode of a user plane type; and/or sending the type information of the determined certificate downloading mode, wherein the type information of the certificate downloading mode is used for indicating one of the following modes: control plane type certificate downloading mode and user plane type certificate downloading mode.
It is understood that, with the present embodiment, the terminal may be supported to determine the manner of downloading the certificate.
Referring to fig. 4, an embodiment of the present application provides a method for accessing a network, which is applied to a third communication device; the third communication device includes but is not limited to: a UE; the method comprises the following steps:
step 41: third information and/or access acceptance information is received.
Optionally, the third information includes at least one of: the type information of the first access mode, the type information of the certificate downloading mode, the first indication information and the second indication information; wherein the type information of the first access mode is used for indicating one of the following: a first access mode of a control plane type and a first access mode of a user plane type; the type information of the certificate downloading mode is used for indicating one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode; the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type; the second indication information is used for indicating one of the following: and a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted.
In one embodiment, only the access accept message may be received without receiving the third message. In another embodiment, the third information and the access acceptance information may be received. In another embodiment, only the third information may be received without receiving the access acceptance information.
In one embodiment, the access accept message is an access accept message obtained after the terminal accesses the first network, and includes, but is not limited to, a registration accept message.
Optionally, the first access method includes: access means for accessing a first network for downloading credentials for accessing a second network.
Optionally, the first access method of the control plane type includes: the access method of accessing the first network in order to download the certificate for accessing the second network is a control plane type certificate download method.
Optionally, the first access method of the user plane type includes: the access method of accessing the first network for downloading the certificate for accessing the second network is a user plane type certificate download method.
Optionally, the first network and the second network are the same network or different networks.
Step 42: and determining whether to execute a third operation according to the third information and/or the access acceptance information.
Optionally, the third operation includes: requesting the first network to establish a data channel for downloading credentials for accessing the second network.
Optionally, the access acceptance information is information that the terminal is accepted by the first network. The access acceptance information can be embodied by a registration acceptance message and a service acceptance message.
Further, the determining whether to perform the third operation according to the third information and/or the access acceptance information may include: in a case where a fifth condition is satisfied, the third operation is performed.
Wherein the fifth condition comprises at least one of:
the third information comprises type information of a first access mode, and the type information of the first access mode indicates the first access mode of the user plane type;
the third information comprises type information of a certificate downloading mode, and the type information of the certificate downloading mode indicates the certificate downloading mode of the user plane type;
the third information comprises first indication information, and the first indication information indicates that a first access mode of a control plane type is not adopted;
the third information comprises second indication information, and the second indication information indicates that a control surface type certificate downloading mode is not adopted;
receiving only access acceptance information, and/or not receiving the third information.
In one embodiment, when the terminal and/or the first network support the first access mode, the terminal and/or the first network may support the first access mode of the user plane type by default.
In one embodiment, when the terminal and/or the first network support the first access mode, the terminal and/or the first network may support a user plane type certificate downloading mode by default.
Further, the determining whether to perform the third operation according to the third information may include: in a case where a sixth condition is satisfied, the third operation is not performed.
Wherein the sixth condition comprises at least one of:
the third information comprises type information of a first access mode, and the type information of the first access mode indicates the first access mode of the control plane type;
the third information comprises type information of a certificate downloading mode, and the type information of the certificate downloading mode indicates the certificate downloading mode of the control surface type;
the third information comprises first indication information, and the first indication information indicates that a first access mode of a control plane type is adopted;
the third information comprises second indication information, and the second indication information indicates that a control surface type certificate downloading mode is adopted.
In this embodiment of the application, optionally, before receiving the third information, the method may further include:
sending the second information; wherein the second information comprises at least one of: information of the access mode requested by the terminal, and capability information of the terminal.
Optionally, the access mode information requested by the terminal includes one of: a first access mode, a first access mode of a control plane type, and a first access mode of a user plane type.
Optionally, the capability information of the terminal is used to indicate at least one of the following:
the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode;
the terminal supports the certificate downloading mode of the user plane type or the terminal does not support the certificate downloading mode of the user plane type;
the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type;
the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type;
the terminal has the capability of the user plane or the terminal does not have the capability of the user plane;
a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate.
Optionally, the key for communication between the terminal and the first network includes, but is not limited to, at least one of the followingItem (1): kSEAF,KAUSF,KAMFEncryption key, integrity protection key. The key for communication between the terminal and the first network may derive an encryption key and/or an integrity protection key for data communicated between the terminal and the first network.
It is understood that, with the present embodiment, the terminal may be supported to determine the manner of downloading the certificate.
Referring to fig. 5, an embodiment of the present application provides a method for network selection, which is applied to a fourth communication device; the fourth communication device includes but is not limited to: a RAN network element; the RAN network element may be a RAN network element in the first network. The method comprises the following steps:
step 51: and transmitting or broadcasting the fourth indication information.
Optionally, the fourth indication information is used to indicate any one of the following items:
the network supports the certificate downloading mode of the control surface type or the network does not support the certificate downloading mode of the control surface type;
the network supports the certificate downloading mode of the user plane type, or the network does not support the certificate downloading mode of the user plane type;
the network supports the first access mode of the control plane type or the network does not support the first access mode of the control plane type;
the network supports the first access mode of the user plane type, or the network does not support the first access mode of the user plane type.
Optionally, the first access method includes: access means for accessing a first network for downloading credentials for accessing a second network.
Optionally, the first access method of the control plane type includes: the access method of accessing the first network in order to download the certificate for accessing the second network is a control plane type certificate download method.
Optionally, the first access method of the user plane type includes: the access method of accessing the first network for downloading the certificate for accessing the second network is a user plane type certificate download method.
Optionally, the first network and the second network are the same network or different networks.
It is understood that, with the present embodiment, the terminal can be supported to select a network that meets its own capability for access.
Referring to fig. 6, an embodiment of the present application further provides a method for network selection, which is applied to a fifth communication device; the fifth communication device includes but is not limited to: a UE; the method comprises the following steps:
step 61: and acquiring fourth indication information.
Optionally, the fourth indication information is used to indicate any one of the following items:
the network supports the certificate downloading mode of the control surface type or the network does not support the certificate downloading mode of the control surface type;
the network supports the certificate downloading mode of the user plane type, or the network does not support the certificate downloading mode of the user plane type;
the network supports the first access mode of the control plane type or the network does not support the first access mode of the control plane type;
the network supports the first access mode of the user plane type, or the network does not support the first access mode of the user plane type.
Optionally, the first access method includes: access means for accessing a first network for downloading credentials for accessing a second network.
Optionally, the first access method of the control plane type includes: the access method of accessing the first network in order to download the certificate for accessing the second network is a control plane type certificate download method.
Optionally, the first access method of the user plane type includes: the access method of accessing the first network for downloading the certificate for accessing the second network is a user plane type certificate download method.
Optionally, the first network and the second network are the same network or different networks.
Step 62: and according to the fourth information, performing the operation of network selection.
Optionally, the fourth information may include at least one of: the fourth indication information, the capability information of the terminal, the information of the access mode requested by the terminal, and the type information of the certificate download mode requested by the terminal.
In one embodiment, the fourth communication device is configured to obtain at least one of the following: information of an access mode requested by the terminal, and type information of a certificate download mode requested by the terminal.
Optionally, the capability information of the terminal is used to indicate at least one of the following: the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode; the terminal supports the user plane type certificate downloading party or the terminal does not support the user plane type certificate downloading mode; the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type; the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type; the terminal has the capability of the user plane or the terminal does not have the capability of the user plane; a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate.
Optionally, the information of the access mode requested by the terminal includes one of the following: a first access mode, a first access mode of a control plane type, and a first access mode of a user plane type.
Optionally, the type information of the certificate downloading manner requested by the terminal includes one of the following: control plane type certificate downloading mode and user plane type certificate downloading mode.
Optionally, the key for communication between the terminal and the first network includes, but is not limited to, at least one of the following: kSEAF,KAUSF,KAMFEncryption key, integrity protection key. The terminal andthe key for the first inter-network communication may derive an encryption key and/or an integrity protection key for data communicated between the terminal and the first network.
Optionally, the operation of performing network selection according to the fourth information may include at least one of:
selecting a network, wherein the fourth indication information of the selected network conforms to the capability information of the terminal;
selecting a network, wherein the fourth indication information of the selected network conforms to the information of the access mode requested by the terminal;
and selecting a network, wherein the fourth indication information of the selected network conforms to the type information of the certificate downloading mode requested by the terminal.
Further, the fourth indication information of the selected network conforming to the terminal capability information may include at least one of:
1) the fourth indication information indicates any one of: the network supports a certificate downloading mode of a control plane type, the network does not support a certificate downloading mode of a user plane type, the network supports a first access mode of the control plane type, and the network does not support the first access mode of the user plane type; and, the capability information of the terminal indicates any one of: the terminal supports a control plane type certificate downloading mode, the terminal does not support a user plane type certificate downloading mode, the terminal supports a control plane type first access mode, the terminal does not support a user plane type first access mode, the terminal does not have the user plane capability, and a secret key for communication between the terminal and a first network can be derived according to a default certificate.
Therefore, it is understood that, in the case that the network only supports the control plane type certificate downloading method, only the terminal supporting the control plane type certificate downloading method, or both the control plane type certificate downloading method and/or the user plane type terminal, will select the network.
2) The fourth indication information indicates any one of: the network does not support a certificate downloading mode through a control plane type; the network supports a certificate downloading mode through a user plane type; the network does not support a first access mode of a control plane type; the network supports a first access mode of a user plane type; and, the capability information of the terminal indicates at least one of: the terminal does not support a control plane type certificate downloading mode, the terminal supports a user plane type certificate downloading mode, the terminal does not support a control plane type first access mode, the terminal supports a user plane type first access mode, the terminal has a user plane capability, and a secret key for communication between the terminal and a first network cannot be derived according to a default certificate.
Therefore, it is understood that, in the case that the network only supports the user plane type certificate downloading method, only the terminal supporting the user plane type certificate downloading method, or the terminal supporting the control plane type certificate downloading method and/or the user plane type certificate downloading method at the same time, the network is selected.
3) The fourth indication information indicates any one of: the network supports a certificate downloading mode through a control plane type, the network supports a certificate downloading mode through a user plane type, the network supports a first access mode of the control plane type, and the network supports a first access mode of the user plane type.
Therefore, it is understood that, when the network supports both the control plane type certificate download mode and the user plane type certificate download mode, the network can be selected for the control plane type certificate download mode and/or the user plane type terminal.
4) The capability information of the terminal indicates at least one of: the terminal supports a control plane type certificate downloading mode, the terminal supports a user plane type certificate downloading mode, the terminal supports a control plane type first access mode, the terminal supports a user plane type first access mode, the terminal has a user plane capability, and a secret key for communication between the terminal and a first network can be derived according to a default certificate.
Therefore, it is understood that, when the terminal supports both the control plane type certificate downloading mode and the user plane type certificate downloading mode, the selected network supports the control plane type certificate downloading mode and/or the user plane type certificate downloading mode.
Further, the information that the fourth indication information of the selected network conforms to the access mode requested by the terminal may include at least one of the following:
1) the fourth indication information indicates any one of: the network supports a certificate downloading mode of a control plane type, the network does not support a certificate downloading mode of a user plane type, the network supports a first access mode of the control plane type, and the network does not support the first access mode of the user plane type; and, the information of the access mode requested by the terminal includes any one of: a first access mode, a first access mode of a control plane type.
2) The fourth indication information indicates any one of: the network does not support a certificate downloading mode through a control plane type; the network supports a certificate downloading mode through a user plane type; the network does not support a first access mode of a control plane type; the network supports a first access mode of a user plane type; and, the information of the access mode requested by the terminal includes any one of: a first access mode, a first access mode of user plane type.
Further, the fourth indication information of the selected network may include at least one of the following types of information that the certificate downloading method requested by the terminal is satisfied:
1) the fourth indication information indicates any one of: the network supports a certificate downloading mode of a control plane type, the network does not support a certificate downloading mode of a user plane type, the network supports a first access mode of the control plane type, and the network does not support the first access mode of the user plane type; and the type information of the certificate downloading mode requested by the terminal comprises any one of the following items: control plane type certificate download mode.
2) The fourth indication information indicates any one of: the network does not support a certificate downloading mode through a control plane type; the network supports a certificate downloading mode through a user plane type; the network does not support a first access mode of a control plane type; the network supports a first access mode of a user plane type; and, the type information of the certificate downloading mode requested by the terminal includes: and (4) a certificate downloading mode of the user plane class.
Optionally, the operation of performing network selection according to the fourth information may include at least one of:
(1) when the terminal supports both the control plane type certificate downloading mode and the user plane type certificate downloading mode, the selected network supports the control plane type certificate downloading mode and/or the user plane type certificate downloading mode;
(2) when the terminal only supports the certificate downloading mode of the control plane type, the selected network at least supports the certificate downloading mode of the control plane type;
(3) when the terminal only supports the certificate downloading mode of the user plane type, the selected network at least supports the certificate downloading mode of the user plane type;
(4) when the terminal supports the first access mode of the control plane type and the first access mode of the user plane type at the same time, the selected network supports the first access mode of the control plane type and/or the first access mode of the user plane type;
(5) when the terminal only supports the first access mode of the control plane type, the selected network at least supports the first access mode of the control plane type;
(6) and when the terminal only supports the first access mode of the user plane type, the selected network at least supports the first access mode of the user plane type.
In one embodiment, the certificate downloading method at least supporting the control plane type includes: the method supports a control plane type certificate downloading mode, a control plane type certificate downloading mode and a user plane type certificate downloading mode.
In one embodiment, the certificate downloading method at least supporting the user plane type includes: the method comprises a certificate downloading mode supporting a user plane type, a certificate downloading mode supporting a control plane type and a certificate downloading mode supporting a user plane type.
In one embodiment, the first access method supporting at least the control plane type includes: the first access mode supporting the control plane type, the first access mode supporting the control plane type and the first access mode supporting the user plane type.
In one embodiment, a first access method supporting at least a user plane type includes: the first access mode supporting the user plane type, the first access mode supporting the control plane type and the first access mode supporting the user plane type.
It is understood that, with the present embodiment, the terminal can be supported to select a network that meets its own capability for access.
The method provided by the present application is described below with reference to specific examples.
Example 1
In this embodiment 1, as shown in fig. 7, a corresponding method procedure for accessing a network may include:
step 71: the UE initiates a registration request message to the first network, where the registration request message includes second information, and the second information is as described in the embodiment of fig. 2.
Step 72: and the CN network element in the first network, such as the AMF, performs a second operation according to the second information and/or the fifth information, such as sending a registration acceptance message to the UE. This second operation is as described in the embodiment of fig. 3.
Optionally, when the UE supports the user plane type certificate downloading manner by default, the second information may include a control plane capability of the terminal, for example, the terminal supports the control plane type certificate downloading manner, or the terminal does not support the control plane type certificate downloading manner. The registration acceptance message includes type information of a certificate downloading mode, and the type information of the certificate downloading mode is used for indicating a certificate downloading mode of a control plane type or a certificate downloading mode of a user plane type.
In one embodiment, the registration accept message includes third information. This third information is as described in the embodiment of fig. 3.
In another embodiment, the registration accept message does not include the third information.
Step 73: and the UE executes a third operation according to the third information and/or the registration acceptance message. This third operation is as described in the embodiment of fig. 4.
For example, the UE may establish a PDU session for downloading the credentials for accessing the second network according to the indication of the credential downloading manner of the user plane type or a case without the indication of the credential downloading manner of the control plane type.
Example 2
In this embodiment 2, as shown in fig. 8, the corresponding network selection process may include:
step 81: the RAN network element, e.g. a RAN network element in the first network, broadcasts the fourth indication information, which is described in the embodiment of fig. 5.
Step 82: and the UE performs the operation of network selection according to the fourth information. Optionally, the fourth information may include at least one of: fourth indication information and capability information of the terminal. The capability information of the terminal is as described in the embodiment of fig. 5.
For example, SIB broadcasting of the RAN network element supports a user plane type certificate downloading method and/or a control plane type certificate downloading method. The UE performs the operation of network selection according to the SIB broadcast content and the capability information of the terminal that the UE has (as described in the embodiment of fig. 6), for example, the capability of the control plane type certificate downloading manner and/or the capability of the user plane type certificate downloading manner, which is specifically described in the embodiment of fig. 6 and is not described herein again.
Referring to fig. 9, an apparatus for accessing a network according to an embodiment of the present application is applied to a first communication device, and as shown in fig. 9, the apparatus 90 for accessing a network includes:
a first executing module 91, configured to execute a first operation according to the first information;
wherein the first information is used to indicate at least one of: a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate; the terminal has the capability of the user plane or the terminal does not have the capability of the user plane; the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode; the terminal supports the certificate downloading mode of the user plane type or the terminal does not support the certificate downloading mode of the user plane type; the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type; the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type;
wherein the first operation comprises any one of:
determining information of an access mode requested by a terminal, wherein the information of the access mode requested by the terminal comprises one of the following: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
determining type information of a certificate downloading mode requested by a terminal, wherein the type information of the certificate downloading mode requested by the terminal comprises one of the following information: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
determining that the terminal supports the control plane type certificate downloading mode or determining that the terminal does not support the control plane type certificate downloading mode,
determining a certificate downloading mode of a user plane type supported by the terminal or determining a certificate downloading mode of a user plane type not supported by the terminal;
determining that the terminal supports the first access mode of the control plane type, or determining that the terminal does not support the first access mode of the control plane type;
determining a first access mode of a user plane type supported by the terminal or determining a first access mode of a user plane type not supported by the terminal;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
Optionally, the first executing module 91 is specifically configured to: determining that the information of the access mode requested by the terminal is a first access mode of the user plane type under the condition of meeting at least one of the following conditions:
the first information indicates that a key for communication between the terminal and the first network cannot be derived from a default certificate;
the first information indicates that the terminal does not support a certificate downloading mode of a control plane type;
the first information indicates that the terminal does not support a first access mode of a control plane type;
the first information indicates that the terminal has the capability of a user plane;
the first information indicates a certificate downloading mode of a user plane type supported by the terminal;
the first information indicates that the terminal supports a first access mode of a user plane type.
And/or, the first executing module 91 is specifically configured to: when the first condition is met, determining that the terminal does not support a certificate downloading mode of the control plane type or determining that the terminal does not support a first access mode of the control plane type;
wherein the first condition comprises at least one of:
the first information indicates that a key for communication between the terminal and the first network cannot be derived from a default certificate;
the first information indicates that the terminal does not support a certificate downloading mode of a control plane type;
the first information indicates that the terminal does not support a first access mode of a control plane type.
Optionally, the first executing module 91 is specifically configured to: determining that the information of the access mode requested by the terminal is a first access mode of a control plane type under the condition of meeting at least one of the following conditions:
the first information indicates that the terminal does not have the capability of a user plane;
the first information indicates that the terminal does not support a certificate downloading mode of a user plane type;
the first information indicates that the terminal does not support a first access mode of a user plane type;
the first information indicates that a key for communication between the terminal and the first network can be derived from a default certificate;
the first information indicates that the terminal supports a certificate downloading mode of a control plane type;
the first information indicates that the terminal supports a first access mode of a control plane type.
And/or, the first executing module 91 is specifically configured to: when the second condition is met, determining that the terminal does not support a certificate downloading mode of the user plane type or determining that the terminal does not support a first access mode of the user plane type;
wherein the second condition comprises at least one of:
the first information indicates that the terminal does not have the capability of a user plane;
the first information indicates that the terminal does not support a certificate downloading mode of a user plane type;
the first information indicates that the terminal does not support a first access mode of a user plane type.
Optionally, the apparatus 90 for accessing a network further includes:
the first sending module is used for sending second information;
wherein the second information comprises at least one of: information of an access mode requested by the terminal, capability information of the terminal, and type information of a certificate download mode requested by the terminal.
Wherein the access mode information requested by the terminal includes one of: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
wherein the type information of the certificate downloading mode requested by the terminal comprises one of the following information: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
wherein the capability information of the terminal is used for indicating at least one of the following:
the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode;
the terminal supports the certificate downloading mode of the user plane type or the terminal does not support the certificate downloading mode of the user plane type;
the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type;
the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type;
the terminal has the capability of the user plane or the terminal does not have the capability of the user plane;
a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate.
Optionally, the apparatus 90 for accessing a network further includes:
the first receiving module is used for receiving the third information and/or the access acceptance message; wherein the third information comprises at least one of: the type information of the first access mode, the type information of the certificate downloading mode, the first indication information and the second indication information; wherein the type information of the first access mode is used for indicating one of the following: a first access mode of a control plane type and a first access mode of a user plane type; the type information of the certificate downloading mode is used for indicating one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode; the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type; the second indication information is used for indicating one of the following: a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted;
the first execution module 91 is further configured to: determining whether to execute a third operation according to the third information and/or the access acceptance message;
wherein the third operation comprises: requesting the first network to establish a data channel for downloading credentials for accessing the second network.
Optionally, the first executing module 91 is specifically configured to:
executing the third operation when a fifth condition is satisfied;
wherein the fifth condition comprises at least one of:
the third information comprises type information of a first access mode, and the type information of the first access mode indicates the first access mode of the user plane type;
the third information comprises type information of a certificate downloading mode, and the type information of the certificate downloading mode indicates the certificate downloading mode of the user plane type;
the third information comprises first indication information, and the first indication information indicates that a first access mode of a control plane type is not adopted;
the third information comprises second indication information, and the second indication information indicates that a control surface type certificate downloading mode is not adopted;
receiving only access acceptance information, and/or not receiving the third information.
Optionally, the first executing module 91 is specifically configured to:
in a case where a sixth condition is satisfied, the third operation is not performed;
wherein the sixth condition comprises at least one of:
the third information comprises type information of a first access mode, and the type information of the first access mode indicates the first access mode of the control plane type;
the third information comprises type information of a certificate downloading mode, and the type information of the certificate downloading mode indicates the certificate downloading mode of the control surface type;
the third information comprises first indication information, and the first indication information indicates that a first access mode of a control plane type is adopted;
the third information comprises second indication information, and the second indication information indicates that a control surface type certificate downloading mode is adopted.
In this embodiment, the network access device 90 can implement each process implemented in the method embodiment shown in fig. 2 of the present application, and achieve the same beneficial effects, and for avoiding repetition, details are not described here again.
Referring to fig. 10, an apparatus for accessing a network according to an embodiment of the present application is applied to a second communication device, and as shown in fig. 10, the apparatus 100 for accessing a network includes:
a first obtaining module 101, configured to obtain second information and/or fifth information; wherein the second information comprises at least one of: information of an access mode requested by a terminal, type information of a certificate downloading mode requested by the terminal, and capability information of the terminal; the fifth information includes at least one of: information of a terminal access mode requested by sixth communication equipment, type information of a terminal certificate download mode requested by sixth communication equipment, information of a preconfigured terminal access mode, and type information of a preconfigured terminal certificate download mode;
a second executing module 102, configured to execute a second operation according to the second information and/or fifth information;
wherein the second operation comprises at least one of:
determining a type of a first access mode, wherein the type of the first access mode comprises one of the following: a first access mode of a control plane type and a first access mode of a user plane type;
determining the type of a certificate downloading mode, wherein the type of the certificate downloading mode comprises one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
executing the first access mode of the determined type;
executing the determined type of certificate downloading mode;
sending type information of the determined first access mode, wherein the type information of the first access mode is used for indicating one of the following modes: a first access mode of a control plane type and a first access mode of a user plane type;
sending the type information of the determined certificate downloading mode, wherein the type information of the certificate downloading mode is used for indicating one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
determining first indication information, wherein the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type;
sending first indication information, wherein the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type;
determining second indication information, the second indication information indicating one of: a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted;
sending second indication information, wherein the second indication information is used for indicating one of the following: a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted;
wherein the access mode information requested by the terminal includes one of: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
wherein the capability information of the terminal is used for indicating at least one of the following:
the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode;
the terminal supports the certificate downloading mode of the user plane type or the terminal does not support the certificate downloading mode of the user plane type;
the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type;
the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type;
the terminal has the capability of the user plane or the terminal does not have the capability of the user plane;
a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
Optionally, the second executing module 102 is specifically configured to:
in the case where the third condition is satisfied, performing at least one of: determining that the type of the first access mode is a control plane type first access mode, determining that the type of the certificate download mode is a control plane type certificate download mode, determining that the first indication information indicates that the control plane type first access mode is adopted, and determining that the second indication information indicates that the control plane type certificate download mode is adopted;
wherein the third condition comprises at least one of:
the access mode information requested by the terminal comprises one of the following: a first access mode, a control plane type first access mode;
the information of the terminal access method requested by the sixth communication device includes one of: a first access mode, a control plane type first access mode;
the type information of the terminal certificate download mode requested by the sixth communication device includes: control plane type certificate downloading mode;
the information of the preconfigured terminal access mode comprises one of the following: a first access mode, a control plane type first access mode;
the type information of the preconfigured terminal certificate downloading mode comprises the following steps: control plane type certificate downloading mode;
the capability information of the terminal indicates at least one of: the terminal supports a certificate downloading mode of a control plane type, the terminal supports a first access mode of the control plane type, the terminal does not support a certificate downloading mode of a user plane type, the terminal does not support the first access mode of the user plane type, the terminal does not have the capability of the user plane, and a secret key for communication between the terminal and a first network can be derived according to a default certificate;
the first network supports a certificate downloading mode of a control plane type;
the first network supports a first access mode of a control plane type;
the first network does not support a user plane type certificate downloading mode;
the first network does not support a first access mode of a user plane type.
Optionally, the second executing module 102 is specifically configured to:
in a case where the fourth condition is satisfied, performing at least one of: determining a first access mode of which the type of the first access mode is a user plane type, determining a certificate download mode of which the type is the user plane type, determining a first access mode of which the first indication information indicates that a control plane type is not adopted, determining a second access mode of which the second indication information indicates that the control plane type is not adopted, sending address information of a configuration server to a terminal, sending slicing information to the terminal, and sending DNN to the terminal;
wherein the fourth condition comprises at least one of:
the access mode information requested by the terminal comprises one of the following: a first access mode, a first access mode of a user plane type;
the terminal access mode information requested by the sixth communication device includes one of: a first access mode, a first access mode of a user plane type;
the type information of the terminal certificate download mode requested by the sixth communication device includes: a user plane type certificate download mode;
the information of the preconfigured terminal access mode comprises one of the following: a first access mode, a first access mode of a user plane type;
the type information of the preconfigured terminal certificate downloading mode comprises the following steps: a user plane type certificate download mode;
the capability information of the terminal indicates at least one of: the terminal supports a first access mode of a user plane type, the terminal supports a certificate downloading mode of the user plane type, the terminal does not support a certificate downloading mode of a control plane type, the terminal does not support the first access mode of the control plane type, the terminal has the capability of the user plane, and a secret key for communication between the terminal and a first network cannot be derived according to a default certificate;
the first network supports a user plane type certificate downloading mode;
the first network supports a first access mode of a user plane type;
the first network does not support a control plane type certificate downloading mode;
the first network does not support the first access mode of the control plane type.
Optionally, the second executing module 102 is specifically configured to:
when the type of the first access mode is determined to be a control plane type first access mode or the type of the certificate downloading mode is determined to be a control plane type certificate downloading mode, sending first indication information and/or sending second indication information; the first indication information indicates a first access mode of a control plane type; the second indication information indicates that a control surface type certificate downloading mode is adopted;
and/or sending first indication information and/or sending second indication information when the type of the first access mode is determined to be the first access mode of the user plane type or the type of the certificate downloading mode is determined to be the certificate downloading mode of the user plane type; the first indication information indicates that a first access mode of a control plane type is not adopted; the second indication information indicates that the control plane type certificate downloading mode is not adopted.
In this embodiment, the network access apparatus 100 can implement each process implemented in the method embodiment shown in fig. 3 of the present application, and achieve the same beneficial effects, and for avoiding repetition, details are not described here again.
Referring to fig. 11, an apparatus 110 of an access network according to an embodiment of the present application is applied to a third communication device, and as shown in fig. 11, the apparatus of an access network includes:
a second receiving module 111, configured to receive the third information and/or the access accept message; wherein the third information comprises at least one of: the type information of the first access mode, the type information of the certificate downloading mode, the first indication information and the second indication information; wherein the type information of the first access mode is used for indicating one of the following: a first access mode of a control plane type and a first access mode of a user plane type; the type information of the certificate downloading mode is used for indicating one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode; the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type; the second indication information is used for indicating one of the following: a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted;
a third executing module 112, configured to determine whether to execute a third operation according to the third information and/or the access accept message;
wherein the third operation comprises: requesting a first network to establish a data channel, wherein the data channel is used for downloading a certificate for accessing a second network;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
Optionally, the third executing module 112 is specifically configured to:
executing the third operation when a fifth condition is satisfied;
wherein the fifth condition comprises at least one of:
the third information comprises type information of a first access mode, and the type information of the first access mode indicates the first access mode of the user plane type;
the third information comprises type information of a certificate downloading mode, and the type information of the certificate downloading mode indicates the certificate downloading mode of the user plane type;
the third information comprises first indication information, and the first indication information indicates that a first access mode of a control plane type is not adopted;
the third information comprises second indication information, and the second indication information indicates that a control surface type certificate downloading mode is not adopted;
receiving only the access acceptance information, and/or not receiving the third information.
Optionally, the third executing module 112 is specifically configured to:
in a case where a sixth condition is satisfied, the third operation is not performed;
wherein the sixth condition comprises at least one of:
the third information comprises type information of a first access mode, and the type information of the first access mode indicates the first access mode of the control plane type;
the third information comprises type information of a certificate downloading mode, and the type information of the certificate downloading mode indicates the certificate downloading mode of the control surface type;
the third information comprises first indication information, and the first indication information indicates that a first access mode of a control plane type is adopted;
the third information comprises second indication information, and the second indication information indicates that a control surface type certificate downloading mode is adopted.
Optionally, the network access apparatus 110 further includes:
the second sending module is used for sending second information; wherein the second information comprises at least one of: information of the access mode requested by the terminal, and capability information of the terminal.
Wherein the access mode information requested by the terminal includes one of: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
wherein the capability information of the terminal is used for indicating at least one of the following:
the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode;
the terminal supports the certificate downloading mode of the user plane type or the terminal does not support the certificate downloading mode of the user plane type;
the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type;
the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type;
the terminal has the capability of the user plane or the terminal does not have the capability of the user plane;
the key for communication between the terminal and the first network can be derived from the default certificate or the key for communication between the terminal and the first network cannot be derived from the default certificate.
In this embodiment, the device 110 accessing the network can implement each process implemented in the method embodiment shown in fig. 4 of the present application, and achieve the same beneficial effects, and for avoiding repetition, details are not described here again.
Referring to fig. 12, an embodiment of the present application provides a network selection apparatus, which is applied to a fourth communication device, and as shown in fig. 12, the network selection apparatus 120 includes:
a third sending module 121, configured to send or broadcast the fourth indication information;
wherein the fourth indication information is used for indicating any one of the following items:
the network supports the certificate downloading mode of the control surface type or the network does not support the certificate downloading mode of the control surface type;
the network supports the certificate downloading mode of the user plane type or the network does not support the certificate downloading mode of the user plane type;
the network supports the first access mode of the control plane type or the network does not support the first access mode of the control plane type;
the network supports the first access mode of the user plane type or the network does not support the first access mode of the user plane type;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
In this embodiment, the network selecting apparatus 120 can implement each process implemented in the method embodiment shown in fig. 5 of the present application, and achieve the same beneficial effects, and for avoiding repetition, details are not described here again.
Referring to fig. 13, an embodiment of the present application provides a network selection apparatus, which is applied to a fifth communication device, and as shown in fig. 13, the network selection apparatus 130 includes:
a second obtaining module 131, configured to obtain fourth indication information;
a fourth executing module 132, configured to execute the network selecting operation according to the fourth information;
wherein the fourth information comprises at least one of: fourth indication information, capability information of the terminal, information of an access mode requested by the terminal, and type information of a certificate download mode requested by the terminal;
wherein the fourth indication information is used for indicating any one of the following items: the network supports the certificate downloading mode of the control surface type or the network does not support the certificate downloading mode of the control surface type; the network supports the certificate downloading mode of the user plane type, or the network does not support the certificate downloading mode of the user plane type; the network supports the first access mode of the control plane type or the network does not support the first access mode of the control plane type; the network supports the first access mode of the user plane type, or the network does not support the first access mode of the user plane type;
wherein the capability information of the terminal is used for indicating at least one of the following: the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode; the terminal supports the user plane type certificate downloading party or the terminal does not support the user plane type certificate downloading mode; the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type; the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type; the terminal has the capability of the user plane or the terminal does not have the capability of the user plane; a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate;
wherein, the information of the access mode requested by the terminal comprises one of the following: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
wherein the type information of the certificate downloading mode requested by the terminal comprises one of the following information: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
Optionally, the fourth executing module 132 is specifically configured to execute at least one of the following:
selecting a network, wherein the fourth indication information of the selected network conforms to the capability information of the terminal;
selecting a network, wherein the fourth indication information of the selected network conforms to the information of the access mode requested by the terminal;
and selecting a network, wherein the fourth indication information of the selected network conforms to the type information of the certificate downloading mode requested by the terminal.
Optionally, the fourth indication information of the selected network meeting the terminal capability information includes at least one of:
the fourth indication information indicates any one of: the network supports a certificate downloading mode of a control plane type, the network does not support a certificate downloading mode of a user plane type, the network supports a first access mode of the control plane type, and the network does not support the first access mode of the user plane type; and, the capability information of the terminal indicates any one of: the terminal supports a control plane type certificate downloading mode, the terminal does not support a user plane type certificate downloading mode, the terminal supports a control plane type first access mode, the terminal does not support a user plane type first access mode, the terminal does not have the user plane capability, and a secret key for communication between the terminal and a first network can be derived according to a default certificate;
the fourth indication information indicates any one of: the network does not support a certificate downloading mode through a control plane type; the network supports a certificate downloading mode through a user plane type; the network does not support a first access mode of a control plane type; the network supports a first access mode of a user plane type; and, the capability information of the terminal indicates at least one of: the terminal does not support a control plane type certificate downloading mode, the terminal supports a user plane type certificate downloading mode, the terminal does not support a control plane type first access mode, the terminal supports a user plane type first access mode, the terminal has a user plane capability, and a secret key for communication between the terminal and a first network cannot be derived according to a default certificate;
the fourth indication information indicates any one of: the network supports a certificate downloading mode of a control plane type, the network supports a certificate downloading mode of a user plane type, the network supports a first access mode of a control plane type, and the network supports a first access mode of a user plane type;
the capability information of the terminal indicates at least one of: the terminal supports a control plane type certificate downloading mode, the terminal supports a user plane type certificate downloading mode, the terminal supports a control plane type first access mode, the terminal supports a user plane type first access mode, the terminal has a user plane capability, and a secret key for communication between the terminal and a first network can be derived according to a default certificate.
Optionally, the fourth executing module 132 is specifically configured to at least one of:
when the terminal supports both the control plane type certificate downloading mode and the user plane type certificate downloading mode, the selected network supports the control plane type certificate downloading mode and/or the user plane type certificate downloading mode;
when the terminal only supports the certificate downloading mode of the control plane type, the selected network at least supports the certificate downloading mode of the control plane type;
when the terminal only supports the certificate downloading mode of the user plane type, the selected network at least supports the certificate downloading mode of the user plane type;
when the terminal supports the first access mode of the control plane type and the first access mode of the user plane type at the same time, the selected network supports the first access mode of the control plane type and/or the first access mode of the user plane type;
when the terminal only supports the first access mode of the control plane type, the selected network at least supports the first access mode of the control plane type;
and when the terminal only supports the first access mode of the user plane type, the selected network at least supports the first access mode of the user plane type.
In this embodiment, the communication device 130 can implement each process implemented in the method embodiment shown in fig. 6 of the present application, and achieve the same beneficial effects, and for avoiding repetition, details are not described here again.
Referring to fig. 14, fig. 14 is a schematic structural diagram of another communication device provided in the embodiment of the present application, and as shown in fig. 14, the communication device 140 includes: a processor 141, a memory 142, and a computer program stored in the memory 142 and capable of running on the processor, where components in the communication device 140 are coupled together through a bus interface 143, and when executed by the processor 141, the computer program may implement each process implemented in the method embodiment shown in fig. 2, or implement each process implemented in the method embodiment shown in fig. 3, or implement each process implemented in the method embodiment shown in fig. 4, or implement each process implemented in the method embodiment shown in fig. 5, or implement each process implemented in the method embodiment shown in fig. 6, and may achieve the same technical effect, and in order to avoid repetition, details are not repeated herein.
An embodiment of the present application further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when executed by a processor, the computer program implements each process implemented in the method embodiment shown in fig. 5, or implements each process implemented in the method embodiment shown in fig. 6, or implements each process implemented in the method embodiment shown in fig. 7, or implements each process implemented in the method embodiment shown in fig. 8, or implements each process implemented in the method embodiment shown in fig. 9, and may achieve the same technical effect, and in order to avoid repetition, details are not repeated here. The computer-readable storage medium may be a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present application may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present application.
While the present embodiments have been described with reference to the accompanying drawings, it is to be understood that the invention is not limited to the precise embodiments described above, which are meant to be illustrative and not restrictive, and that various changes may be made therein by those skilled in the art without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (27)
1. A method for accessing a network, applied to a first communication device, includes:
executing a first operation according to the first information;
wherein the first information is used to indicate at least one of: a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate; the terminal has the capability of the user plane or the terminal does not have the capability of the user plane; the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode; the terminal supports the certificate downloading mode of the user plane type or the terminal does not support the certificate downloading mode of the user plane type; the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type; the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type;
wherein the first operation comprises any one of:
determining information of an access mode requested by a terminal, wherein the information of the access mode requested by the terminal comprises one of the following: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
determining type information of a certificate downloading mode requested by a terminal, wherein the type information of the certificate downloading mode requested by the terminal comprises one of the following information: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
determining that the terminal supports the control plane type certificate downloading mode or determining that the terminal does not support the control plane type certificate downloading mode,
determining a certificate downloading mode of a user plane type supported by the terminal or determining a certificate downloading mode of a user plane type not supported by the terminal;
determining that the terminal supports the first access mode of the control plane type, or determining that the terminal does not support the first access mode of the control plane type;
determining a first access mode of a user plane type supported by the terminal or determining a first access mode of a user plane type not supported by the terminal;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
2. The method of claim 1, wherein the performing a first operation based on the first information comprises:
determining that the information of the access mode requested by the terminal is a first access mode of the user plane type under the condition of meeting at least one of the following conditions:
the first information indicates that a key for communication between the terminal and the first network cannot be derived from a default certificate;
the first information indicates that the terminal does not support a certificate downloading mode of a control plane type;
the first information indicates that the terminal does not support a first access mode of a control plane type;
the first information indicates that the terminal has the capability of a user plane;
the first information indicates a certificate downloading mode of a user plane type supported by the terminal;
the first information indicates that the terminal supports a first access mode of a user plane type;
and/or the presence of a gas in the gas,
when the first condition is met, determining that the terminal does not support a certificate downloading mode of the control plane type or determining that the terminal does not support a first access mode of the control plane type;
wherein the first condition comprises at least one of:
the first information indicates that a key for communication between the terminal and the first network cannot be derived from a default certificate;
the first information indicates that the terminal does not support a certificate downloading mode of a control plane type;
the first information indicates that the terminal does not support a first access mode of a control plane type.
3. The method of claim 1, wherein the performing a first operation based on the first information comprises:
determining that the information of the access mode requested by the terminal is a first access mode of a control plane type under the condition of meeting at least one of the following conditions:
the first information indicates that the terminal does not have the capability of a user plane;
the first information indicates that the terminal does not support a certificate downloading mode of a user plane type;
the first information indicates that the terminal does not support a first access mode of a user plane type;
the first information indicates that a key for communication between the terminal and the first network can be derived from a default certificate;
the first information indicates that the terminal supports a certificate downloading mode of a control plane type;
the first information indicates that the terminal supports a first access mode of a control plane type;
and/or the presence of a gas in the gas,
when the second condition is met, determining that the terminal does not support a certificate downloading mode of the user plane type or determining that the terminal does not support a first access mode of the user plane type;
wherein the second condition comprises at least one of:
the first information indicates that the terminal does not have the capability of a user plane;
the first information indicates that the terminal does not support a certificate downloading mode of a user plane type;
the first information indicates that the terminal does not support a first access mode of a user plane type.
4. The method of claim 1, further comprising:
sending the second information;
wherein the second information comprises at least one of: information of an access mode requested by the terminal, capability information of the terminal, and type information of a certificate downloading mode requested by the terminal;
wherein the access mode information requested by the terminal includes one of: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
wherein the type information of the certificate downloading mode requested by the terminal comprises one of the following information: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
wherein the capability information of the terminal is used for indicating at least one of the following:
the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode;
the terminal supports the certificate downloading mode of the user plane type or the terminal does not support the certificate downloading mode of the user plane type;
the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type;
the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type;
the terminal has the capability of the user plane or the terminal does not have the capability of the user plane;
a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate.
5. The method of claim 4, wherein after the step of sending the second information, the method further comprises:
receiving third information and/or an access acceptance message; wherein the third information comprises at least one of: the type information of the first access mode, the type information of the certificate downloading mode, the first indication information and the second indication information; wherein the type information of the first access mode is used for indicating one of the following: a first access mode of a control plane type and a first access mode of a user plane type; the type information of the certificate downloading mode is used for indicating one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode; the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type; the second indication information is used for indicating one of the following: a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted;
determining whether to execute a third operation according to the third information and/or the access acceptance message;
wherein the third operation comprises:
requesting the first network to establish a data channel for downloading credentials for accessing the second network.
6. The method of claim 5, wherein the determining whether to perform a third operation according to the third information comprises:
executing the third operation when a fifth condition is satisfied;
wherein the fifth condition comprises at least one of:
the third information comprises type information of a first access mode, and the type information of the first access mode indicates the first access mode of the user plane type;
the third information comprises type information of a certificate downloading mode, and the type information of the certificate downloading mode indicates the certificate downloading mode of the user plane type;
the third information comprises first indication information, and the first indication information indicates that a first access mode of a control plane type is not adopted;
the third information comprises second indication information, and the second indication information indicates that a control surface type certificate downloading mode is not adopted;
receiving only access acceptance information, and/or not receiving the third information.
7. The method of claim 5, wherein the determining whether to perform a third operation according to the third information comprises:
in a case where a sixth condition is satisfied, the third operation is not performed;
wherein the sixth condition comprises at least one of:
the third information comprises type information of a first access mode, and the type information of the first access mode indicates the first access mode of the control plane type;
the third information comprises type information of a certificate downloading mode, and the type information of the certificate downloading mode indicates the certificate downloading mode of the control surface type;
the third information comprises first indication information, and the first indication information indicates that a first access mode of a control plane type is adopted;
the third information comprises second indication information, and the second indication information indicates that a control surface type certificate downloading mode is adopted.
8. A method for accessing a network, applied to a second communication device, includes:
acquiring second information and/or fifth information; wherein the second information comprises at least one of: information of an access mode requested by a terminal, type information of a certificate downloading mode requested by the terminal, and capability information of the terminal; the fifth information includes at least one of: information of a terminal access mode requested by sixth communication equipment, type information of a terminal certificate download mode requested by sixth communication equipment, information of a preconfigured terminal access mode, and type information of a preconfigured terminal certificate download mode;
executing a second operation according to the second information and/or the fifth information;
wherein the second operation comprises at least one of:
determining a type of a first access mode, wherein the type of the first access mode comprises one of the following: a first access mode of a control plane type and a first access mode of a user plane type;
determining the type of a certificate downloading mode, wherein the type of the certificate downloading mode comprises one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
executing the first access mode of the determined type;
executing the determined type of certificate downloading mode;
sending type information of the determined first access mode, wherein the type information of the first access mode is used for indicating one of the following modes: a first access mode of a control plane type and a first access mode of a user plane type;
sending the type information of the determined certificate downloading mode, wherein the type information of the certificate downloading mode is used for indicating one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
determining first indication information, wherein the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type;
sending first indication information, wherein the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type;
determining second indication information, the second indication information indicating one of: a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted;
sending second indication information, wherein the second indication information is used for indicating one of the following: a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted;
wherein the access mode information requested by the terminal includes one of: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
wherein the capability information of the terminal is used for indicating at least one of the following:
the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode;
the terminal supports the certificate downloading mode of the user plane type or the terminal does not support the certificate downloading mode of the user plane type;
the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type;
the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type;
the terminal has the capability of the user plane or the terminal does not have the capability of the user plane;
a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
9. The method according to claim 8, wherein the performing a second operation according to the second information and/or fifth information comprises:
in the case where the third condition is satisfied, performing at least one of: determining that the type of the first access mode is a control plane type first access mode, determining that the type of the certificate download mode is a control plane type certificate download mode, determining that the first indication information indicates that the control plane type first access mode is adopted, and determining that the second indication information indicates that the control plane type certificate download mode is adopted;
wherein the third condition comprises at least one of:
the access mode information requested by the terminal comprises one of the following: a first access mode, a control plane type first access mode;
the information of the terminal access method requested by the sixth communication device includes one of: a first access mode, a control plane type first access mode;
the type information of the terminal certificate download mode requested by the sixth communication device includes: control plane type certificate downloading mode;
the information of the preconfigured terminal access mode comprises one of the following: a first access mode, a control plane type first access mode;
the type information of the preconfigured terminal certificate downloading mode comprises the following steps: control plane type certificate downloading mode;
the capability information of the terminal indicates at least one of: the terminal supports a certificate downloading mode of a control plane type, the terminal supports a first access mode of the control plane type, the terminal does not support a certificate downloading mode of a user plane type, the terminal does not support the first access mode of the user plane type, the terminal does not have the capability of the user plane, and a secret key for communication between the terminal and a first network can be derived according to a default certificate;
the first network supports a certificate downloading mode of a control plane type;
the first network supports a first access mode of a control plane type;
the first network does not support a user plane type certificate downloading mode;
the first network does not support a first access mode of a user plane type.
10. The method according to claim 8, wherein the performing a second operation according to the second information and/or fifth information comprises:
in a case where the fourth condition is satisfied, performing at least one of: determining a first access mode of which the type of the first access mode is a user plane type, determining a certificate download mode of which the type is the user plane type, determining a first access mode of which the first indication information indicates that a control plane type is not adopted, determining a second access mode of which the second indication information indicates that the control plane type is not adopted, sending address information of a configuration server to a terminal, sending slicing information to the terminal, and sending a data network name DNN to the terminal;
wherein the fourth condition comprises at least one of:
the access mode information requested by the terminal comprises one of the following: a first access mode, a first access mode of a user plane type;
the terminal access mode information requested by the sixth communication device includes one of: a first access mode, a first access mode of a user plane type;
the type information of the terminal certificate download mode requested by the sixth communication device includes: a user plane type certificate download mode;
the information of the preconfigured terminal access mode comprises one of the following: a first access mode, a first access mode of a user plane type;
the type information of the preconfigured terminal certificate downloading mode comprises the following steps: a user plane type certificate download mode;
the capability information of the terminal indicates at least one of: the terminal supports a first access mode of a user plane type, the terminal supports a certificate downloading mode of the user plane type, the terminal does not support a certificate downloading mode of a control plane type, the terminal does not support the first access mode of the control plane type, the terminal has the capability of the user plane, and a secret key for communication between the terminal and a first network cannot be derived according to a default certificate;
the first network supports a user plane type certificate downloading mode;
the first network supports a first access mode of a user plane type;
the first network does not support a control plane type certificate downloading mode;
the first network does not support the first access mode of the control plane type.
11. The method of claim 8, wherein the operation of sending the first indication information and/or sending the second indication information comprises:
when the type of the first access mode is determined to be a control plane type first access mode or the type of the certificate downloading mode is determined to be a control plane type certificate downloading mode, sending first indication information and/or sending second indication information; the first indication information indicates a first access mode of a control plane type; the second indication information indicates that a control surface type certificate downloading mode is adopted;
and/or the presence of a gas in the gas,
when the type of the first access mode is determined to be the first access mode of the user plane type or the type of the certificate downloading mode is determined to be the certificate downloading mode of the user plane type, sending first indication information and/or sending second indication information; the first indication information indicates that a first access mode of a control plane type is not adopted; the second indication information indicates that the control plane type certificate downloading mode is not adopted.
12. A method for accessing a network, applied to a third communication device, includes:
receiving third information and/or an access acceptance message; wherein the third information comprises at least one of: the type information of the first access mode, the type information of the certificate downloading mode, the first indication information and the second indication information; wherein the type information of the first access mode is used for indicating one of the following: a first access mode of a control plane type and a first access mode of a user plane type; the type information of the certificate downloading mode is used for indicating one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode; the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type; the second indication information is used for indicating one of the following: a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted;
determining whether to execute a third operation according to the third information and/or the access acceptance message;
wherein the third operation comprises: requesting a first network to establish a data channel, wherein the data channel is used for downloading a certificate for accessing a second network;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
13. The method of claim 12, wherein the determining whether to perform the third operation according to the third information and/or the access accept message comprises:
executing the third operation when a fifth condition is satisfied;
wherein the fifth condition comprises at least one of:
the third information comprises type information of a first access mode, and the type information of the first access mode indicates the first access mode of the user plane type;
the third information comprises type information of a certificate downloading mode, and the type information of the certificate downloading mode indicates the certificate downloading mode of the user plane type;
the third information comprises first indication information, and the first indication information indicates that a first access mode of a control plane type is not adopted;
the third information comprises second indication information, and the second indication information indicates that a control surface type certificate downloading mode is not adopted;
receiving only the access acceptance information, and/or not receiving the third information.
14. The method of claim 12, wherein determining whether to perform a third operation according to the third information comprises:
in a case where a sixth condition is satisfied, the third operation is not performed;
wherein the sixth condition comprises at least one of:
the third information comprises type information of a first access mode, and the type information of the first access mode indicates the first access mode of the control plane type;
the third information comprises type information of a certificate downloading mode, and the type information of the certificate downloading mode indicates the certificate downloading mode of the control surface type;
the third information comprises first indication information, and the first indication information indicates that a first access mode of a control plane type is adopted;
the third information comprises second indication information, and the second indication information indicates that a control surface type certificate downloading mode is adopted.
15. The method of claim 12, wherein the step of receiving the third information is preceded by the method further comprising:
sending the second information;
wherein the second information comprises at least one of: information of access modes requested by the terminal and capability information of the terminal;
wherein the access mode information requested by the terminal includes one of: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
wherein the capability information of the terminal is used for indicating at least one of the following:
the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode;
the terminal supports the certificate downloading mode of the user plane type or the terminal does not support the certificate downloading mode of the user plane type;
the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type;
the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type;
the terminal has the capability of the user plane or the terminal does not have the capability of the user plane;
the key for communication between the terminal and the first network can be derived from the default certificate or the key for communication between the terminal and the first network cannot be derived from the default certificate.
16. A network selection method is applied to a fourth communication device, and is characterized by comprising the following steps:
transmitting or broadcasting the fourth indication information;
wherein the fourth indication information is used for indicating any one of the following items:
the network supports the certificate downloading mode of the control surface type or the network does not support the certificate downloading mode of the control surface type;
the network supports the certificate downloading mode of the user plane type or the network does not support the certificate downloading mode of the user plane type;
the network supports the first access mode of the control plane type or the network does not support the first access mode of the control plane type;
the network supports the first access mode of the user plane type or the network does not support the first access mode of the user plane type;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
17. A method of network selection, applied to a fifth communication device, the method comprising:
acquiring fourth indication information;
according to the fourth information, the operation of network selection is executed;
wherein the fourth information comprises at least one of: fourth indication information, capability information of the terminal, information of an access mode requested by the terminal, and type information of a certificate download mode requested by the terminal;
wherein the fourth indication information is used for indicating any one of the following items: the network supports the certificate downloading mode of the control surface type or the network does not support the certificate downloading mode of the control surface type; the network supports the certificate downloading mode of the user plane type or the network does not support the certificate downloading mode of the user plane type; the network supports the first access mode of the control plane type or the network does not support the first access mode of the control plane type; the network supports the first access mode of the user plane type or the network does not support the first access mode of the user plane type;
wherein the capability information of the terminal is used for indicating at least one of the following: the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode; the terminal supports the user plane type certificate downloading party or the terminal does not support the user plane type certificate downloading mode; the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type; the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type; the terminal has the capability of the user plane or the terminal does not have the capability of the user plane; a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate;
wherein, the information of the access mode requested by the terminal comprises one of the following: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
wherein the type information of the certificate downloading mode requested by the terminal comprises one of the following information: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
18. The method of claim 17, wherein the performing network selection according to the fourth information comprises at least one of:
selecting a network, wherein the fourth indication information of the selected network conforms to the capability information of the terminal;
selecting a network, wherein the fourth indication information of the selected network conforms to the information of the access mode requested by the terminal;
and selecting a network, wherein the fourth indication information of the selected network conforms to the type information of the certificate downloading mode requested by the terminal.
19. The method of claim 18, wherein the fourth indication information of the selected network being in accordance with terminal capability information comprises at least one of:
the fourth indication information indicates any one of: the network supports a certificate downloading mode of a control plane type, the network does not support a certificate downloading mode of a user plane type, the network supports a first access mode of the control plane type, and the network does not support the first access mode of the user plane type; and, the capability information of the terminal indicates any one of: the terminal supports a control plane type certificate downloading mode, the terminal does not support a user plane type certificate downloading mode, the terminal supports a control plane type first access mode, the terminal does not support a user plane type first access mode, the terminal does not have the user plane capability, and a secret key for communication between the terminal and a first network can be derived according to a default certificate;
the fourth indication information indicates any one of: the network does not support a certificate downloading mode through a control plane type; the network supports a certificate downloading mode through a user plane type; the network does not support a first access mode of a control plane type; the network supports a first access mode of a user plane type; and, the capability information of the terminal indicates at least one of: the terminal does not support a control plane type certificate downloading mode, the terminal supports a user plane type certificate downloading mode, the terminal does not support a control plane type first access mode, the terminal supports a user plane type first access mode, the terminal has a user plane capability, and a secret key for communication between the terminal and a first network cannot be derived according to a default certificate;
the fourth indication information indicates any one of: the network supports a certificate downloading mode of a control plane type, the network supports a certificate downloading mode of a user plane type, the network supports a first access mode of a control plane type, and the network supports a first access mode of a user plane type;
the capability information of the terminal indicates at least one of: the terminal supports a control plane type certificate downloading mode, the terminal supports a user plane type certificate downloading mode, the terminal supports a control plane type first access mode, the terminal supports a user plane type first access mode, the terminal has a user plane capability, and a secret key for communication between the terminal and a first network can be derived according to a default certificate.
20. The method of claim 17, wherein the performing network selection according to the fourth information comprises at least one of:
when the terminal supports both the control plane type certificate downloading mode and the user plane type certificate downloading mode, the selected network supports the control plane type certificate downloading mode and/or the user plane type certificate downloading mode;
when the terminal only supports the certificate downloading mode of the control plane type, the selected network at least supports the certificate downloading mode of the control plane type;
when the terminal only supports the certificate downloading mode of the user plane type, the selected network at least supports the certificate downloading mode of the user plane type;
when the terminal supports the first access mode of the control plane type and the first access mode of the user plane type at the same time, the selected network supports the first access mode of the control plane type and/or the first access mode of the user plane type;
when the terminal only supports the first access mode of the control plane type, the selected network at least supports the first access mode of the control plane type;
and when the terminal only supports the first access mode of the user plane type, the selected network at least supports the first access mode of the user plane type.
21. An apparatus for accessing a network, applied to a first communication device, comprising:
the first execution module is used for executing a first operation according to the first information;
wherein the first information is used to indicate at least one of: a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate; the terminal has the capability of the user plane or the terminal does not have the capability of the user plane; the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode; the terminal supports the certificate downloading mode of the user plane type or the terminal does not support the certificate downloading mode of the user plane type; the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type; the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type;
wherein the first operation comprises any one of:
determining information of an access mode requested by a terminal, wherein the information of the access mode requested by the terminal comprises one of the following: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
determining type information of a certificate downloading mode requested by a terminal, wherein the type information of the certificate downloading mode requested by the terminal comprises one of the following information: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
determining that the terminal supports the control plane type certificate downloading mode or determining that the terminal does not support the control plane type certificate downloading mode,
determining a certificate downloading mode of a user plane type supported by the terminal or determining a certificate downloading mode of a user plane type not supported by the terminal;
determining that the terminal supports the first access mode of the control plane type, or determining that the terminal does not support the first access mode of the control plane type;
determining a first access mode of a user plane type supported by the terminal or determining a first access mode of a user plane type not supported by the terminal;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
22. An apparatus for accessing a network, applied to a second communication device, comprising:
the first acquisition module is used for acquiring the second information and/or the fifth information; wherein the second information comprises at least one of: information of an access mode requested by a terminal, type information of a certificate downloading mode requested by the terminal, and capability information of the terminal; the fifth information includes at least one of: information of a terminal access mode requested by sixth communication equipment, type information of a terminal certificate download mode requested by sixth communication equipment, information of a preconfigured terminal access mode, and type information of a preconfigured terminal certificate download mode;
the second execution module is used for executing a second operation according to the second information and/or the fifth information;
wherein the second operation comprises at least one of:
determining a type of a first access mode, wherein the type of the first access mode comprises one of the following: a first access mode of a control plane type and a first access mode of a user plane type;
determining the type of a certificate downloading mode, wherein the type of the certificate downloading mode comprises one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
executing the first access mode of the determined type;
executing the determined type of certificate downloading mode;
sending type information of the determined first access mode, wherein the type information of the first access mode is used for indicating one of the following modes: a first access mode of a control plane type and a first access mode of a user plane type;
sending the type information of the determined certificate downloading mode, wherein the type information of the certificate downloading mode is used for indicating one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
determining first indication information, wherein the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type;
sending first indication information, wherein the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type;
determining second indication information, the second indication information indicating one of: a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted;
sending second indication information, wherein the second indication information is used for indicating one of the following: a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted;
wherein the access mode information requested by the terminal includes one of: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
wherein the capability information of the terminal is used for indicating at least one of the following:
the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode;
the terminal supports the certificate downloading mode of the user plane type or the terminal does not support the certificate downloading mode of the user plane type;
the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type;
the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type;
the terminal has the capability of the user plane or the terminal does not have the capability of the user plane;
a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
23. An apparatus for accessing a network, applied to a third communication device, comprising:
the second receiving module is used for receiving the third information and/or the access acceptance message; wherein the third information comprises at least one of: the type information of the first access mode, the type information of the certificate downloading mode, the first indication information and the second indication information; wherein the type information of the first access mode is used for indicating one of the following: a first access mode of a control plane type and a first access mode of a user plane type; the type information of the certificate downloading mode is used for indicating one of the following modes: a control plane type certificate downloading mode and a user plane type certificate downloading mode; the first indication information is used for indicating one of the following: adopting a first access mode of a control surface type, and not adopting the first access mode of the control surface type; the second indication information is used for indicating one of the following: a control surface type certificate downloading mode is adopted, and a control surface type certificate downloading mode is not adopted;
a third executing module, configured to determine whether to execute a third operation according to the third information and/or the access accept message;
wherein the third operation comprises:
requesting a first network to establish a data channel, wherein the data channel is used for downloading a certificate for accessing a second network;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
24. A network selection apparatus, applied to a fourth communication device, comprising:
the third sending module is used for sending or broadcasting the fourth indication information;
wherein the fourth indication information is used for indicating any one of the following items:
the network supports the certificate downloading mode of the control surface type or the network does not support the certificate downloading mode of the control surface type;
the network supports the certificate downloading mode of the user plane type or the network does not support the certificate downloading mode of the user plane type;
the network supports the first access mode of the control plane type or the network does not support the first access mode of the control plane type;
the network supports the first access mode of the user plane type or the network does not support the first access mode of the user plane type;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
25. An apparatus for network selection, applied to a fifth communication device, comprising:
the second acquisition module is used for acquiring fourth indication information;
the fourth execution module is used for executing the operation of network selection according to the fourth information;
wherein the fourth information comprises at least one of: fourth indication information, capability information of the terminal, information of an access mode requested by the terminal, and type information of a certificate download mode requested by the terminal;
wherein the fourth indication information is used for indicating any one of the following items: the network supports the certificate downloading mode of the control surface type or the network does not support the certificate downloading mode of the control surface type; the network supports the certificate downloading mode of the user plane type, or the network does not support the certificate downloading mode of the user plane type; the network supports the first access mode of the control plane type or the network does not support the first access mode of the control plane type; the network supports the first access mode of the user plane type, or the network does not support the first access mode of the user plane type;
wherein the capability information of the terminal is used for indicating at least one of the following: the terminal supports a control plane type certificate downloading mode or does not support the control plane type certificate downloading mode; the terminal supports the user plane type certificate downloading party or the terminal does not support the user plane type certificate downloading mode; the terminal supports the first access mode of the control plane type or the terminal does not support the first access mode of the control plane type; the terminal supports the first access mode of the user plane type or the terminal does not support the first access mode of the user plane type; the terminal has the capability of the user plane or the terminal does not have the capability of the user plane; a key for communication between the terminal and the first network can be derived from the default certificate or a key for communication between the terminal and the first network cannot be derived from the default certificate;
wherein, the information of the access mode requested by the terminal comprises one of the following: a first access mode, a first access mode of a control plane type and a first access mode of a user plane type;
wherein the type information of the certificate downloading mode requested by the terminal comprises one of the following information: a control plane type certificate downloading mode and a user plane type certificate downloading mode;
wherein the first access method comprises: an access means for accessing the first network in order to download a certificate for accessing the second network; the first access mode of the control plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, wherein the method of downloading the certificate for accessing the second network is a control plane type certificate download method; the first access mode of the user plane type comprises the following steps: an access method of accessing the first network in order to download a certificate for accessing the second network, and a method of downloading the certificate for accessing the second network is a user plane type certificate download method; the first network and the second network are the same network or different networks.
26. A communication device comprising a processor, a memory and a computer program stored on the memory and executable on the processor, the computer program, when executed by the processor, implementing the steps of the method of accessing a network according to any one of claims 1 to 7, or implementing the steps of the method of accessing a network according to any one of claims 8 to 11, or implementing the steps of the method of accessing a network according to any one of claims 12 to 15, or implementing the steps of the method of network selection according to claim 16, or implementing the steps of the method of network selection according to any one of claims 17 to 20.
27. A computer readable storage medium, characterized in that a computer program is stored thereon, which computer program, when being executed by a processor, carries out the steps of the method of accessing a network according to one of the claims 1 to 7, or the steps of the method of accessing a network according to one of the claims 8 to 11, or the steps of the method of accessing a network according to one of the claims 12 to 15, or the steps of the method of network selection according to claim 16, or the steps of the method of network selection according to one of the claims 17 to 20.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2021/113248 WO2022037611A1 (en) | 2020-08-19 | 2021-08-18 | Network access method and apparatus, network selection method and apparatus, and communication device |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2020108399123 | 2020-08-19 | ||
CN202010839912 | 2020-08-19 |
Publications (1)
Publication Number | Publication Date |
---|---|
CN114173333A true CN114173333A (en) | 2022-03-11 |
Family
ID=80476116
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011281217.6A Pending CN114173333A (en) | 2020-08-19 | 2020-11-16 | Access network, network selection method, device and communication equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114173333A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113556746A (en) * | 2020-04-17 | 2021-10-26 | 维沃移动通信有限公司 | Access control method and communication equipment |
WO2023220893A1 (en) * | 2022-05-16 | 2023-11-23 | 北京小米移动软件有限公司 | Relay communication method and apparatus, communication device, and storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017028288A1 (en) * | 2015-08-20 | 2017-02-23 | 华为技术有限公司 | Wireless communications access method, communications device, wireless terminal and system |
CN110636506A (en) * | 2018-06-22 | 2019-12-31 | 维沃移动通信有限公司 | Network access method, terminal and network side network element |
CN110753346A (en) * | 2019-10-30 | 2020-02-04 | 北京微智信业科技有限公司 | Private mobile communication network key generation method, private mobile communication network key generation device and controller |
WO2020068765A1 (en) * | 2018-09-27 | 2020-04-02 | Convida Wireless, Llc | 3gpp private lans |
US20200245235A1 (en) * | 2019-01-24 | 2020-07-30 | Lg Electronics Inc. | Method for selecting non-public network in wireless communication system and apparatus thereof |
-
2020
- 2020-11-16 CN CN202011281217.6A patent/CN114173333A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017028288A1 (en) * | 2015-08-20 | 2017-02-23 | 华为技术有限公司 | Wireless communications access method, communications device, wireless terminal and system |
CN110636506A (en) * | 2018-06-22 | 2019-12-31 | 维沃移动通信有限公司 | Network access method, terminal and network side network element |
WO2020068765A1 (en) * | 2018-09-27 | 2020-04-02 | Convida Wireless, Llc | 3gpp private lans |
US20200245235A1 (en) * | 2019-01-24 | 2020-07-30 | Lg Electronics Inc. | Method for selecting non-public network in wireless communication system and apparatus thereof |
CN110753346A (en) * | 2019-10-30 | 2020-02-04 | 北京微智信业科技有限公司 | Private mobile communication network key generation method, private mobile communication network key generation device and controller |
Non-Patent Citations (2)
Title |
---|
""3GPP TR 23.700-07 V0.4.0 Technical Specification Group Services and System Aspects; Study on enhanced support of non-public networks (Release 17) "", 3GPP SPECS\\ARCHIVE, pages 35 - 47 * |
HUAWEI, HISILICON: ""S2-2005624 - pCR KI#4, update the UP or CP decision - final"", 3GPP TSG_SA\\WG2_ARCH, pages 1 - 10 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113556746A (en) * | 2020-04-17 | 2021-10-26 | 维沃移动通信有限公司 | Access control method and communication equipment |
WO2023220893A1 (en) * | 2022-05-16 | 2023-11-23 | 北京小米移动软件有限公司 | Relay communication method and apparatus, communication device, and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108574969B (en) | Connection processing method and device in multi-access scene | |
US11871223B2 (en) | Authentication method and apparatus and device | |
US20220060883A1 (en) | Information Configuration Method and Apparatus | |
CN113260016B (en) | Multi-mode terminal access control method and device, electronic equipment and storage medium | |
CN114342549B (en) | Method and apparatus for connecting networks | |
CN113382468B (en) | Address allocation method for local network device, electronic device, and storage medium | |
US20240276200A1 (en) | Network capability exposure method, apparatus, and system | |
CN113676904B (en) | Slice authentication method and device | |
CN114173333A (en) | Access network, network selection method, device and communication equipment | |
EP4037383B1 (en) | Base station providing virtual wireless router | |
CN111277997B (en) | Method for supporting UE association and communication equipment | |
CN111447546A (en) | Control method and communication unit for location service | |
CN115484582A (en) | Communication method and communication device | |
CN114071465B (en) | Access control method, device and communication equipment | |
WO2022022738A1 (en) | Information configuration method and apparatus, and communication device | |
WO2022037611A1 (en) | Network access method and apparatus, network selection method and apparatus, and communication device | |
CN111800889B (en) | Method for processing protocol data unit session, terminal equipment and network equipment | |
CN114363975A (en) | Data communication method, device, electronic equipment and storage medium | |
CN114885382A (en) | Service session management method, device and storage medium | |
US20230179597A1 (en) | Access control method, access control apparatus, and communications device | |
CN113498055B (en) | Access control method and communication equipment | |
EP4290900A1 (en) | Information processing method and apparatus, communication device, and readable storage medium | |
CN114827923B (en) | Charging method and related device | |
CN113556746A (en) | Access control method and communication equipment | |
CN116349326A (en) | Wireless communication method, device and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |