WO2008113284A1 - Method and device for managing users, measuring and reporting in restricted network - Google Patents

Method and device for managing users, measuring and reporting in restricted network Download PDF

Info

Publication number
WO2008113284A1
WO2008113284A1 PCT/CN2008/070456 CN2008070456W WO2008113284A1 WO 2008113284 A1 WO2008113284 A1 WO 2008113284A1 CN 2008070456 W CN2008070456 W CN 2008070456W WO 2008113284 A1 WO2008113284 A1 WO 2008113284A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
terminal
network
cell
measurement
Prior art date
Application number
PCT/CN2008/070456
Other languages
French (fr)
Chinese (zh)
Inventor
Yinghui Yu
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2008113284A1 publication Critical patent/WO2008113284A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/02Access restriction performed under specific conditions
    • H04W48/04Access restriction performed under specific conditions based on user or terminal location or mobility data, e.g. moving direction, speed

Definitions

  • the present invention relates to the field of wireless communications, and more particularly to a method and apparatus for managing, measuring, and over-restricting network users.
  • the restricted network may be a private network, or a network using a specific frequency layer according to a certain policy, or a network using a specific radio access technology (Radio Access Technology, hereinafter referred to as "RAT").
  • RAT Radio Access Technology
  • the private network may be a company, a mall, or a subnet covered by a family.
  • the difference between a restricted network and a public network is that a restricted network is not allowed to be hosted or accessed by all users, but only allows some users belonging to the network to camp or access. Since the users allowed to access a restricted network are subject to change, it is very important to manage the user access rights of the restricted network.
  • the user access rights of the restricted network are managed by operations similar to adding and deleting users on the public network. For example, if the private network A adds the user A that can be accessed, it needs to go to a specific management background, and perform corresponding operations on the private network A to increase the user. Similarly, if the private network A deletes the user A that can be accessed first. The user deletion operation is also required to be performed in a specific management background. When the user allowed to access the private network A changes, the corresponding addition and deletion operations are performed to implement the management of the user access authority of the private network A.
  • the main technical problem to be solved by the embodiments of the present invention is to provide a method and a device for managing, measuring, and reporting a restricted network user, so that a privileged user can directly manage user access rights of the restricted network.
  • an embodiment of the present invention provides a limited network user management method, which includes the following steps:
  • the restricted network receives an operation request from a terminal used by a user having user management authority, and the operation request carries an identifier of the operated user;
  • the restricted network notifies the terminal used by the operated user to update the access restriction identifier of the restricted network on the terminal according to the operation request.
  • An embodiment of the present invention further provides a network side device, including:
  • a receiving module configured to receive an operation request initiated by a terminal used by a user with user management authority to the restricted network, where the operation request carries an identifier of the operated user;
  • a notification module configured to notify the terminal used by the operated user to refresh an access restriction identifier of the restricted network on the terminal.
  • An embodiment of the present invention further provides a terminal device, including:
  • a sending module configured to send an operation request to the restricted network, where the operation request carries an identifier of the operated user, where the restricted network is a network that the terminal has permission to operate;
  • the second refreshing module is configured to refresh the access restriction identifier of the restricted network on the terminal according to the notification message sent by the restricted network.
  • the embodiment of the present invention further provides a method for measuring and reporting a terminal, including the following steps:: customizing cell measurement and/or measurement result reporting of the terminal according to the access restriction information; the terminal performs measurement on the cell according to the customized result. Reported.
  • An embodiment of the present invention further provides a terminal device, including: The measuring module is configured to perform measurement on the cell according to the customized cell measurement and/or the measurement result; and the reporting module is configured to report the information measured by the measurement module to the network side according to the customized cell measurement and/or the measurement result report .
  • An embodiment of the present invention further provides a network side device, including:
  • a customized module configured to customize a cell measurement and/or a measurement result report of the terminal according to the access restriction information
  • the sending module is configured to send a customized module customized result to the terminal.
  • the main effect of the embodiment of the present invention is that: the modification of the user right does not need to be performed in a specific management background, and the user access authority of the restricted network can be directly managed by the authorized user through the terminal, thereby User access rights management for restricted networks is more flexible.
  • FIG. 1 is a flowchart of a method for managing a restricted network user according to a first embodiment of the present invention
  • FIG. 2 is a flowchart of a method for managing a restricted network user according to a second embodiment of the present invention
  • FIG. 3 is a third embodiment of the present invention. Flow chart of terminal measurement and reporting methods
  • FIG. 4 is a structural diagram of a restricted network user management system according to a sixth embodiment of the present invention. detailed description
  • a first embodiment of the present invention relates to a method for managing a restricted network user.
  • management of a restricted network user is to increase management of a new user, and the restricted network may be a private network.
  • WLAN Local area network
  • Bluetooth short-distance communication network
  • This embodiment uses a restricted network as a private network as an example. The specific process is shown in Figure 1.
  • step 110 the terminal used by the user with the user management authority initiates an increase request to the private network, where the request carries the identifier of the added user, and the private network receives the request for increasing the user.
  • the authorized user in the private network first determines whether the user is allowed to access the private network, and if so, the authorized user uses the user.
  • the terminal initiates an increase in the user's request to the private network, and in the request
  • the request carries the identity of the user requesting the addition (such as the phone number used by the user).
  • the privileged user can be a user with the lowest privilege (that is, access rights), or a user with a higher administrative privilege, such as an administrator, a super administrator, and the like.
  • a privileged user of a private network can be one or more. In this embodiment, it is ensured by the authorized user whether the requested user is a user who can be allowed to access the private network, so as to ensure that the newly added user does not have an unsafe impact on the private network.
  • the core network (Core Net, referred to as "CN") performs legality authentication on the user who is requested to be added. If the authentication fails, the process proceeds to step 130. If the authentication is passed, the process proceeds to step 140. Specifically, after receiving the request of adding the user, the private network sends a request message to the CN, requesting that the user to be added (that is, the user who is requested to be added) perform legality authentication, and the message carries the user to be added. Identification (such as the phone number used by the user). The CN authenticates whether the user to be added is a legitimate user according to the identifier of the user carried in the message. If the authentication fails, that is, the user to be added is an illegal user, the process proceeds to step 130. If the authentication fails, If it is determined that the user to be added is a legitimate user, then step 140 is entered.
  • the legitimacy of the user includes two aspects, on the one hand, whether the user's joining will have an insecure impact on the private network, as mentioned in step 110, on the other hand, whether the user to join is able to access the public network. Therefore, in this step 120, the user to be authenticated is authenticated by the CN, which further ensures the legitimacy of the user to be joined, thereby making the management of the private network more accurate.
  • step 130 the CN returns the result of the authentication failure to the private network, and the private network returns a message requesting the failure to the authorized user who initiated the request, and carries the reason for the failure in the message, that is, the public network authentication fails.
  • step 140 the identifier of the user to be added by the CN is converted into a user identifier that can be identified by the private network, and the user identifier is sent to the private network.
  • the private network saves the user identifier of the user to be added from the CN, and sends the access restriction identifier of the private network to the terminal used by the user to be added through the paging message, or The access restriction identifier of the private network is sent to the terminal used by the user to be added by other downlink signaling methods. Since the user identifier of the user to be added from the CN is an identifier that the private network can recognize, if the newly added user passes the terminal used to the private If the network initiates an access request, the private network can recognize that the user is a user with access rights according to the saved user identifier, so as to perform correct processing.
  • the terminal that receives the access restriction identifier of the private network saves the access restriction identifier in the terminal, so that the user who uses the terminal, that is, the user to be added, can learn that the user has the authority. Access to the private network.
  • the user to be added returns a response command to the private network through the terminal used, and the private network considers that the operation of the newly added user is successful, and returns a message of successful request to the terminal of the authorized user who initiated the request.
  • the terminal information for initiating the user request is saved in the CN as an example. Therefore, the private network needs to request the CN to perform legality authentication and number for the user to be added. Conversion. If the terminal user who initiates the user request is an end user that only supports the private network, the end user is authenticated by the private network and the number is converted.
  • the management of the user access rights of the private network may involve the user management database of the private network, and the network side (ie, the private network and/or the core network) may have a user management database of the private network. Therefore, the network side also needs to update the user database according to the operation request initiated by the authorized user.
  • the user management database of the private network is available on the network side
  • the user having access rights may also send a query request to the network side, where the identifier or name of the private network to be queried is carried, and the network side checks the rights of the user. If the user's authority is legal, the corresponding query result is fed back.
  • the user access authority does not need to be operated in a specific management background, and the user access authority of the restricted network can be directly managed by the authorized user through the terminal, thereby User access rights management of network-limited networks is more flexible.
  • the second embodiment of the present invention relates to a method for managing a restricted network user.
  • the management of the restricted network user is to delete the management of the user, and the restricted network may be a private network or a distance communication network.
  • the present embodiment is described by taking a limited network as a private network as an example. The specific process is shown in FIG. 2 .
  • the terminal used by the authorized user initiates a request to delete the user to the private network, where the request carries the identifier of the deleted user, and the private network receives the request to delete the user.
  • the user requested to delete may be another user allowed to access the private network, or the user itself who initiated the request. For example, User 1, User 2, and User 3 are all allowed to access the private network A. If User 1 wants to delete the access rights of User 2, User 1 initiates the deletion of User 2 to Private Network A through the terminal used. The request, carrying the identity of User 2 in the request.
  • the private network determines whether the user requested to be deleted is the only user of the private network. For example, in the above case, the user 1 initiates a request to delete the user 2 to the private network A through the terminal used, and then the private network A can determine that the user 2 requested to be deleted is not the only user of the private network, the user Both 1 and User 2 are users of this private network. If only user 1 can access private network A, and user 1 initiates a request to delete user 1 to private network A through the terminal used, private network A will determine that user 1 requested to delete is the only user of the private network. . If the user requested to delete is not the only user of the private network, then step 230 is entered, otherwise, step 250 is entered.
  • the private network deletes the identifier of the user that is requested to be deleted, and sends the access restriction identifier of the private network to the terminal used by the deleted user by using a paging message, or may also pass other downlink signaling.
  • the method sends the access restriction identifier of the private network to the terminal used by the deleted user.
  • the private network A deletes the identifier of the user 2 saved in the private network according to the identifier of the user 2 carried in the request. If the user database of the private network A is stored on the network side, the network side also needs to delete the data related to the user 2 in the user database. And, the access restriction identifier of the private network A is sent to the terminal used by the deleted user 2 by a paging message or other downlink signaling manner.
  • step 230 the process proceeds to step 240, where the terminal that receives the access restriction identifier of the private network deletes the access restriction identifier in the terminal, and returns a response to the private network.
  • the terminal used by the user 2 after receiving the access restriction identifier of the private network A, deletes the access restriction identifier of the private network A in the terminal, so that the deleted user 2 can learn This user no longer has access to private network A.
  • the terminal used by the user 2 returns a response message to the private network A.
  • step 250 the private network notifies that the terminal sending the delete user request will delete the unique user of the private network, requesting confirmation of the operation of deleting the unique user. That is, if the user 1 initiates a request to delete the user 1 to the private network A through the terminal used, the private network A determines that the user 1 is the local The only user of the private network, then, in this step, the private network A notifies the user 1 that the unique user of the private network A will be deleted, requesting confirmation of the deletion operation. After that, the process proceeds to step 260.
  • the terminal that sends the delete user request confirms the request for the delete operation after receiving the notification. If the user requested to delete is the only user of the private network, the user who is requested to delete is the user who initiated the request. Therefore, after confirming to continue the deletion operation, the user deletes the terminal used by the user.
  • the access restriction identifier of the private network For the above case, after receiving the notification of the private network A, the user 1 confirms the request for the deletion operation. If the user 1 confirms to continue the deletion operation, the user 1 deletes the connection of the private network A in the terminal used by the user. Enter the limit ID.
  • the private network deletes the identity of the user requested to delete after receiving the confirmation message.
  • the private network A deletes the identifier of the user 1 saved in the private network A after receiving the confirmation message of the deletion operation by the user 1. If the user database of the private network A is stored on the network side, the network side also needs to delete the data related to the user 1 in the user database.
  • the deletion of user rights does not need to be managed by a specific management background, and the user access rights of the private network can be directly managed by the authorized user, thereby making the restricted network User access rights management is more flexible.
  • the private network since the private network receives the request for deleting the unique user of the private network, the user requesting the request needs to confirm the operation request, so as to avoid the misoperation, so that no user has the right to access the private network. Therefore, the private network can no longer be managed by the authorized user, thereby further ensuring the management accuracy of the authorized user to the private network.
  • a third embodiment of the present invention relates to a terminal measurement and a " ⁇ " method.
  • the terminal customizes the cell measurement and/or measurement result reporting of the terminal according to the access restriction information, and customizes according to the customization.
  • the result is measured and reported to the cell, where the access restriction information includes access restriction information of the restricted network, capability limitation information of the terminal (such as support for special networks, radio access technologies or frequency layers, etc.), Set the access restriction information in the terminal.
  • the specific process is shown in Figure 3.
  • the terminal customizes the information reported by the cell and/or the measurement result of the terminal according to the access restriction information. For example, the terminal prohibits measurement on a cell that does not have access rights according to the access restriction information; or, the terminal includes a cell that does not have access authority in the measured cell according to the access restriction information, but prohibits the The measurement result of the cell is reported to the network side; or, the terminal measures and reports the cell that does not have the access authority according to the access restriction information, but the measurement result is The identifier of the cell in which the terminal does not have access rights is set to a specific identifier, indicating that the terminal cannot access the cell normally; or, the cell that does not have access rights is measured and reported, but the measurement result does not have access. The measurement result of the privileged cell is placed in the lower priority reporting queue; or, the cell that does not have the access authority is measured and reported, but in the measurement result, the measurement result of the cell that does not have the access authority is added to a negative Offset amount.
  • the terminal measures and reports the cell according to the customized result.
  • the terminal carries some measurement information (such as measurement results on RACH) in some uplink signaling.
  • the terminal is idle or active, and the measurement is to be performed, the cell is measured according to the customized result, and the measurement result is reported to the network side.
  • the network side sends an indication to the terminal to measure the neighboring cell.
  • the terminal measures the cell according to the customized result, and reports the measurement result to the network side.
  • the terminal checks whether a cell with a restricted network exists in the cell to be measured, and if so, continues to determine whether the terminal has the right to access the cell of the restricted network. If yes, the cell of the restricted network is measured. If not, the cell of the restricted network is not measured according to the customized result; or, although the cell of the restricted network is measured, the reported measurement is performed.
  • the result of the measurement is not included in the result; or the cell of the restricted network is measured and reported, but the measurement result indicates that the terminal does not have the right to access the cell (for example, the identity of the cell is set to Or, the cell that does not have access rights is measured and reported, but in the measurement result, the measurement result of the cell that does not have the access permission is placed in the reporting queue with a lower priority; or, the measurement is not reported.
  • a cell with access rights, but in the measurement result, a negative offset is added to the measurement result of the cell that does not have access rights.
  • the terminal it is also possible for the terminal to measure and report a cell with no good signal quality indicated by the network side.
  • the restricted network may be a private network, or a network using a specific frequency layer, such as a network providing a RAT of a special service, and the terminal may determine whether the terminal has the terminal by determining whether the terminal supports the special service. Access to this restricted network.
  • the terminal can avoid the pair by reducing the measurement range.
  • the cell with the access permission initiates unnecessary measurement.
  • the measurement result reported in the report does not include the measurement result of the cell that does not have the access permission, or the measurement and reporting of the cell that does not have the access permission, but
  • the measurement result indicates that the terminal does not have the right to access the cell, or measures and reports the cell that does not have the access right, but in the measurement result, the measurement result of the cell that does not have the access authority is placed at a lower priority.
  • the reporting queue the cell that does not have access rights is measured and reported, but in the measurement result, a negative offset is added to the measurement result of the cell that does not have the access authority.
  • a fourth embodiment of the present invention relates to a terminal measurement and method, and the present embodiment is substantially the same as the third embodiment, and the difference is that, in the third embodiment, the terminal is the cell of the terminal according to the access restriction information.
  • the information reported by the measurement and/or the measurement result is customized.
  • the network side performs customization on the cell measurement and/or the measurement result reported by the terminal according to the access restriction information.
  • the terminal reports the access restriction information or partial access restriction information of the terminal in an exchange process such as an attach process or a tracking domain (TA) update and the network side.
  • an exchange process such as an attach process or a tracking domain (TA) update
  • the network side customizes the information of the cell measurement and/or the measurement result reported by the terminal according to the access restriction information of the terminal, and sends the customized result to the terminal during the process of interacting with the terminal, such as an attach process or a TA update. terminal.
  • the terminal uses uplink signaling (including access layer AS, non-access stratum NAS signaling, L1/L2 (layer 1/layer 2) control signaling) or other means to connect the terminal.
  • uplink signaling including access layer AS, non-access stratum NAS signaling, L1/L2 (layer 1/layer 2) control signaling) or other means to connect the terminal.
  • the incoming restriction information or part of the access restriction information is reported to the network side.
  • the network side customizes the information of the cell measurement and/or measurement result reported by the terminal according to the access restriction information of the terminal, and adopts downlink signaling (including access layer AS, non-access stratum NAS signaling, L1/L2). (layer 1 / layer 2) control signaling) or other means to deliver customized results to the terminal.
  • the terminal then measures the cell according to the received customized result, and reports the measurement result to the network side.
  • the result of the customization that is, the information reported by the cell measurement and/or the measurement result of the terminal may be that the measurement is not performed on the cell that does not have the access right; or the cell that does not have the access permission is included in the measured cell, but the cell is not allowed.
  • the measurement result of the cell to the network side; or measuring and reporting the cell that does not have the access right, but indicating in the measurement result that the terminal does not have the access right cell (if the cell identity is set to specific In the measurement result, the measurement result of the cell that does not have the access authority is placed in the reporting queue with the lower priority; Alternatively, the cell that does not have access rights is measured and reported, but in the measurement result, a negative offset is added to the measurement result of the cell that does not have the access authority.
  • the terminal access restriction information and/or the network side customization result may be transmitted between the network nodes, and when the terminal access restriction information and/or network side customization When the result changes, the terminal and/or the network side will initiate an information update to notify the other party.
  • a fifth embodiment of the present invention relates to a terminal measurement and an uplink method.
  • the present embodiment is substantially the same as the fourth embodiment.
  • the network side separately measures and/or measures the cell of each terminal.
  • the information reported by the measurement result is customized.
  • the network side customizes the policy of reporting the cell measurement and/or the measurement result of the terminal according to the access restriction information category, where the policy includes various types of access restriction information.
  • the information of the cell measurement and/or the measurement result is reported, and the customized result is sent to the terminal, and the terminal selects the information corresponding to the cell measurement and/or the measurement result according to the access restriction information category to which the terminal belongs, according to the selected cell.
  • the information reported by the measurement and/or measurement results is measured and reported to the cell.
  • the network side classifies the limiting factors of the restricted network according to the category of access restrictions (such as no access, or no service).
  • the information reported for the cell measurement and/or measurement results of each type of access restriction category is customized. For example, for the access restriction information of the private network without access, the measurement is prohibited for the cell; for the case where the service is not supported by using the specific frequency layer or the RAT, the cell that does not have the access permission is measured and reported, but In the measurement result, it is indicated that the terminal does not have the access right of the cell.
  • the network side sends the information reported by the two customized cell measurement and/or measurement results and the corresponding access restriction information category as a policy, and sends the information to the terminal by means of broadcast or downlink signaling.
  • the terminal After receiving the policy including the information reported by the two cell measurements and/or the measurement result, the terminal selects the corresponding cell measurement and/or the information reported by the measurement result according to the access restriction information of the cell, and according to the selected cell measurement and / or the information reported by the measurement result is measured on the cell, and the measurement result is reported to the network side.
  • the network side can customize the terminal separately, or can customize a policy, including the information of the cell measurement and/or the measurement result corresponding to the access restriction information, and the terminal according to the access restriction to which the terminal belongs.
  • the selection of categories of information makes the embodiments of the present invention more flexible.
  • a sixth embodiment of the present invention relates to a restricted network subscriber management system, as shown in FIG. 4, including a network side device and a terminal device.
  • the network side device includes: a receiving module, configured to receive an operation request initiated by the terminal used by the user with the user management authority to the restricted network, where the operation request carries the identifier of the operated user; And refreshing the user identifier according to the operation request received by the receiving module; and the notification module, configured to notify the terminal used by the operated user to refresh the access restriction identifier of the restricted network on the terminal.
  • the modification of the user rights does not require the management of the user in a specific management background, and the user access rights of the restricted network can be directly managed by the authorized user, thereby enabling the user access rights management of the restricted network. More flexible.
  • the first refresh module refreshes the user identifier by saving the identifier of the user that is requested to be added in the restricted network, and the notification module notifies the terminal used by the added user to save.
  • the access restriction identifier of the restricted network notifying the terminal to refresh the access restriction identifier of the restricted network on the terminal;
  • the first refresh module deletes the requested in the restricted network Deleting the identifier of the user, refreshing the user identifier, the notification module notifying the terminal used by the deleted user to delete the access restriction identifier of the restricted network, and notifying the terminal to refresh the access restriction identifier of the restricted network on the terminal .
  • the notification module may send the access restriction identifier of the restricted network to the terminal used by the user who is requested to add or delete by using a paging message or other means.
  • the restricted network can be a private network, or a network using a specific frequency layer or a network using a specific RAT (such as a short-distance communication network such as WLAN or Bluetooth technology).
  • the first refresh module includes:
  • a saving unit configured to save an identifier of a user requested to be added in the restricted network when the operation request is to increase a user's request
  • And deleting the unit when the operation request is to delete the user's request, for deleting the identifier of the user requested to delete in the restricted network.
  • the network side device may further include: an authentication module, configured to perform legality authentication on the user that is requested to be added before the first refresh module refreshes the user identifier according to the received operation request (for example, to the network) The side initiates the legality authentication of the user, and the first refreshing module refreshes the user identifier after the authentication is passed; and the database update module is configured to: after the first refreshing module refreshes the user identifier according to the received operation request, according to the operation Request to update the user database of the restricted network.
  • an authentication module configured to perform legality authentication on the user that is requested to be added before the first refresh module refreshes the user identifier according to the received operation request (for example, to the network) The side initiates the legality authentication of the user, and the first refreshing module refreshes the user identifier after the authentication is passed
  • the database update module is configured to: after the first refreshing module refreshes the user identifier according to the received operation request, according to the operation Request to update the user database of the restricted network.
  • the terminal device includes: a sending module, configured to send an operation request to the restricted network, where the operation request carries an identifier of the operated user, where the restricted network is a network that the terminal has the authority to perform the operation And a second refreshing module, configured to refresh the access restriction identifier of the restricted network on the terminal according to the notification message sent by the restricted network.
  • the operation request sent by the sending module is to increase the user's request, or delete the user's request; the second refreshing module saves or deletes the restricted network access on the local terminal according to the notification message sent by the restricted network. Restrict the identity and refresh the access restriction identifier of the restricted network.
  • a seventh embodiment of the present invention relates to a terminal device, including: a measurement module, configured to perform measurement on a cell according to a customized cell measurement and/or measurement result; and a reporting module, configured to perform cell measurement and/or measurement according to a customized As a result, the information measured by the measurement module is reported to the network side.
  • the terminal device may further include: a customization module, configured to customize a cell measurement and/or a measurement result report of the terminal according to the access restriction information, where the measurement module and the reporting module measure and report the cell according to the customized result of the customized module.
  • the terminal device further includes: a receiving module, configured to receive a cell measurement and/or a measurement result report to the terminal customized by the network side, where the measurement module and the reporting module perform the cell according to the customized result received by the receiving module. Measurement and reporting.
  • the access restriction information includes access restriction information of the restricted network, capability limitation information of the terminal (such as support restrictions for a special network, a radio access technology or a frequency layer, and the like), and an access restriction set in the terminal. information.
  • the customized result may be information reported by the cell measurement and/or measurement result of the terminal, such as prohibiting measurement on a cell that does not have access rights; or, the measured cell includes a cell that does not have access rights, but prohibiting the The measurement result of the cell is reported to the network side; or, the cell that does not have the access right is measured and reported, but the measurement result indicates that the terminal does not have the right to access the cell; or, the measurement and reporting does not have the access right a cell, but in the measurement result, the measurement result of the cell that does not have the access right is placed in the reporting queue with a lower priority; or, the cell that does not have the access authority is measured and reported, but in the measurement result, A measurement of the cell that does not have access rights adds a negative offset.
  • the customized result may
  • the cell measurement and the measurement result are reported according to the customized result, so that the terminal can reduce the measurement behavior, avoid unnecessary measurement on the cell that does not have the access right, and avoid the network side switching the terminal when performing the handover.
  • An eighth embodiment of the present invention relates to a network side device, including: a customization module, configured to customize a cell measurement and/or a measurement result report of a terminal according to the access restriction information; and a sending module, configured to send the Customized results for custom modules.
  • the access restriction information includes access restriction information of the restricted network, capability limitation information of the terminal (such as support restrictions for a special network, a radio access technology or a frequency layer, and the like), and an access restriction set in the terminal. information.
  • the customized result may be information reported by the cell measurement and/or measurement result of the terminal, such as prohibiting measurement on a cell that does not have access rights; or, the measured cell includes a cell that does not have access rights, but prohibiting the
  • the measurement result of the cell is reported to the network side; or, the cell that does not have the access right is measured and reported, but the measurement result indicates that the terminal does not have the right to access the cell; or, the measurement and reporting does not have the access right a cell, but in the measurement result, the measurement result of the cell that does not have the access right is placed in the reporting queue with a lower priority; or, the cell that does not have the access authority is measured and reported, but in the measurement result, A measurement of the cell that does not have access rights adds a negative offset.
  • the customized result may also be a policy, which includes information about cell measurement and/or measurement result corresponding to each type of access restriction information.
  • the terminal can reduce the measurement behavior, avoid unnecessary measurement on the cell that does not have access rights, and prevent the network side from switching to the cell in which the terminal does not have access rights when performing handover.
  • the access restriction information of the terminal and/or the customized result of the customization module are transmitted to other network side devices.
  • the restricted network receives an operation request from a terminal used by a user having a user management right, and the operation request carries an identifier of the operated user, and notifies the operated user.
  • the terminal used refreshes the access restriction identifier of the restricted network on the terminal.
  • the modification of the user rights does not need to be performed in a specific management background, and the user access rights of the restricted network can be directly managed by the authorized user through the terminal, thereby making the user access rights management of the restricted network more flexible.
  • the operation request initiated to the restricted network may be an increase of the user's request, or a request to delete the user, so that the authorized user can manage the access rights of the restricted network user more comprehensively and completely.
  • the restricted network first authenticates the user who is requested to increase the network through the network side, and further ensures the legality of the newly added user. Before deleting the only user with permission to access, First, the terminal that initiated the deletion operation request is confirmed, effectively preventing the user from misoperation, and ensuring the accuracy of the management of the restricted network by the authorized user.
  • the terminal performs measurement and measurement of the cell according to the information reported by the customized cell measurement and/or measurement result, or the policy including the information of the cell measurement and/or the measurement result corresponding to the access restriction information.
  • the reporting of the result can reduce the measurement behavior, avoid unnecessary measurement on the cell that does not have access rights, and prevent the network side from switching to the cell in which the terminal does not have access rights when performing handover.

Abstract

A method and a device for managing users, measuring and reporting in restricted network are provided which enable a user who has the authority to directly manage the access authority of the users in the restricted network, and belong to the field of wireless communication. In the present invention, the restricted network receives a manipulating request initiated by the terminal used by the user who has the user managing authority to add or delete users; the ID of the manipulated user is carried in the manipulating request; the restricted network notifies the terminal used by the manipulated user that an access restricting ID of the restricted network in the terminal should to be saved or deleted. Before the restricted network adds the user who has the authority to access, the validity of the user to be added is also needed to be authenticated; before the restricted network deletes the only user who has the authority to access, the terminal initiated the deleting request can be confirmed first, so as to avoid improper operation.

Description

受限网络用户管理、 测量和上报的方法及设备  Method and device for managing, measuring and reporting restricted network users
技术领域 Technical field
本发明涉及无线通信领域, 特别涉及受限网络用户管理、 测量和上"¾的方 法及设备。 背景技术  The present invention relates to the field of wireless communications, and more particularly to a method and apparatus for managing, measuring, and over-restricting network users.
随着以通信技术和计算机技术为标志的高科技的发展, 人们的生活发生了 曰新月异的巨大变化, 人与人之间的信息传递越来越密切、 方式也越来越多样 化。 蜂窝移动通信的发展给用户带来极大的便利, 目前其发展已经经历了三代, 分别是八十年代初以频分多址 ( Frequency Division Multiple Access , 简称 "FDMA" )技术为基础的第一代模拟移动通信系统,九十年代初以时分多址( Time Division Multiple Access, 简称" TDMA" )技术为基础的第二代数字蜂窝移动通 信系统, 以及目前新一代的移动和个人通信系统, 即以码分多址( Code Division Multiple Access, 简称" CDMA" )技术为基础的第三代移动和个人通信系统。  With the development of high technology marked by communication technology and computer technology, people's lives have undergone tremendous changes, and the information transmission between people has become closer and more diverse. The development of cellular mobile communication has brought great convenience to users. At present, its development has experienced three generations, which are the first in the early 1980s based on Frequency Division Multiple Access (FDMA) technology. Generation of analog mobile communication systems, the second generation of digital cellular mobile communication systems based on Time Division Multiple Access (TDMA) technology in the early 1990s, and the current generation of mobile and personal communication systems, namely Third-generation mobile and personal communication systems based on Code Division Multiple Access ("CDMA") technology.
随着移动通信网络的发展, 无线网络的应用也越来越广阔, 在满足随时随 地通信的基础上, 为了满足特殊用户群体的需求, 出现了受限网络的概念。 受 限网络可以是私有网络, 或运营商根据某种策略制定的使用特定频率层的网络, 或釆用特定无线接入技术(Radio Access Technology, 简称" RAT" ) 的网络。 其 中, 私有网络可能是一个公司, 一个商场, 也可能是一个家庭覆盖范围的子网。 受限网络和公共网络的不同之处在于, 受限网络并不是所有的用户都可以驻留 或者接入的, 而是仅允许一些属于该网络的用户进行驻留或接入。 由于一个受 限网络允许接入的用户是可能发生变化的, 所以对受限网络的用户接入权限进 行管理是十分重要的。  With the development of mobile communication networks, the application of wireless networks is becoming more and more extensive. On the basis of meeting the communication anytime and anywhere, in order to meet the needs of special user groups, the concept of restricted networks has emerged. The restricted network may be a private network, or a network using a specific frequency layer according to a certain policy, or a network using a specific radio access technology (Radio Access Technology, hereinafter referred to as "RAT"). Among them, the private network may be a company, a mall, or a subnet covered by a family. The difference between a restricted network and a public network is that a restricted network is not allowed to be hosted or accessed by all users, but only allows some users belonging to the network to camp or access. Since the users allowed to access a restricted network are subject to change, it is very important to manage the user access rights of the restricted network.
目前, 釆用类似于公网上增加和删除用户的操作, 对受限网络的用户接入 权限进行管理。 比如说, 私有网络 A增加了可以接入的用户 A, 则需要到特定 的管理后台, 对该私有网络 A执行增加用户的相应的操作, 同样, 如果私有网 络 A删除原先可以接入的用户 A,也需要到特定的管理后台进行用户删除操作, 通过在私有网络 A允许接入的用户发生变化时, 进行相应的增加和删除操作, 实现对该私有网络 A的用户接入权限的管理。  At present, the user access rights of the restricted network are managed by operations similar to adding and deleting users on the public network. For example, if the private network A adds the user A that can be accessed, it needs to go to a specific management background, and perform corresponding operations on the private network A to increase the user. Similarly, if the private network A deletes the user A that can be accessed first. The user deletion operation is also required to be performed in a specific management background. When the user allowed to access the private network A changes, the corresponding addition and deletion operations are performed to implement the management of the user access authority of the private network A.
但是, 本发明的发明人发现, 上述方案缺乏灵活性。 比如说, 私有网络 A 为家庭覆盖范围的网络, 当该家庭有客人来时, 需要从该私有网络 A接入到公 共网络, 因此, 需要到特定的管理后台为该私有网络 A增加新的用户; 当该客 人离开时, 也需要到特定的管理后台为该私有网络 A删除该用户。 由于在需要 修改私有网络 A中的用户的接入权限时, 必须到特定的管理后台进行相应的用 户的管理操作, 缺乏灵活性, 为私有网络的管理带来不便。 发明内容 However, the inventors of the present invention found that the above scheme lacks flexibility. For example, private network A For a home-covered network, when the family has a guest, it needs to access the public network from the private network A. Therefore, it is necessary to add a new user to the private network A to a specific management background; when the guest leaves , also need to go to a specific management background to delete the user for the private network A. Since the user's access rights in the private network A need to be modified, the corresponding user management operations must be performed in a specific management background, which lacks flexibility and brings inconvenience to the management of the private network. Summary of the invention
本发明实施方式要解决的主要技术问题是提供一种受限网络用户管理、 测 量和上报的方法及设备, 使得有权限的用户可以直接对受限网络的用户接入权 限进行管理。  The main technical problem to be solved by the embodiments of the present invention is to provide a method and a device for managing, measuring, and reporting a restricted network user, so that a privileged user can directly manage user access rights of the restricted network.
为解决上述技术问题, 本发明的实施方式提供了一种受限网络用户管理方 法, 包含以下步骤:  To solve the above technical problem, an embodiment of the present invention provides a limited network user management method, which includes the following steps:
受限网络接收来自有用户管理权限的用户所使用的终端的操作请求, 该操 作请求中携带被操作的用户的标识;  The restricted network receives an operation request from a terminal used by a user having user management authority, and the operation request carries an identifier of the operated user;
受限网络根据操作请求通知被操作的用户所使用的终端刷新该终端上该受 限网络的接入限制标识。  The restricted network notifies the terminal used by the operated user to update the access restriction identifier of the restricted network on the terminal according to the operation request.
本发明的实施方式还提供了一种网络侧设备, 包含:  An embodiment of the present invention further provides a network side device, including:
接收模块, 用于接收有用户管理权限的用户所使用的终端向受限网络发起 的操作请求, 该操作请求中携带被操作的用户的标识;  a receiving module, configured to receive an operation request initiated by a terminal used by a user with user management authority to the restricted network, where the operation request carries an identifier of the operated user;
通知模块, 用于通知所述被操作的用户所使用的终端刷新该终端上该受限 网络的接入限制标识。  And a notification module, configured to notify the terminal used by the operated user to refresh an access restriction identifier of the restricted network on the terminal.
本发明的实施方式还提供了一种终端设备, 包含:  An embodiment of the present invention further provides a terminal device, including:
发送模块 , 用于向受限网络发起操作请求 , 该操作请求中携带被操作的用 户的标识, 该受限网络为终端有权限进行操作的网络; 和 /或  a sending module, configured to send an operation request to the restricted network, where the operation request carries an identifier of the operated user, where the restricted network is a network that the terminal has permission to operate; and/or
第二刷新模块, 用于根据受限网络下发的通知消息, 在本终端上刷新该受 限网络的接入限制标识。  The second refreshing module is configured to refresh the access restriction identifier of the restricted network on the terminal according to the notification message sent by the restricted network.
本发明的实施方式还提供了一种终端测量和上报方法, 包含以下步骤: 根据接入限制信息对终端的小区测量和 /或测量结果上报进行定制; 终端根据定制的结果, 对小区进行测量和上报。  The embodiment of the present invention further provides a method for measuring and reporting a terminal, including the following steps:: customizing cell measurement and/or measurement result reporting of the terminal according to the access restriction information; the terminal performs measurement on the cell according to the customized result. Reported.
本发明的实施方式还提供了一种终端设备, 包含: 测量模块, 用于根据定制的小区测量和 /或测量结果上 ^艮对小区进行测量; 上报模块, 用于根据定制的小区测量和 /或测量结果上报将测量模块测量到 的信息上报给网络侧。 An embodiment of the present invention further provides a terminal device, including: The measuring module is configured to perform measurement on the cell according to the customized cell measurement and/or the measurement result; and the reporting module is configured to report the information measured by the measurement module to the network side according to the customized cell measurement and/or the measurement result report .
本发明的实施方式还提供了一种网络侧设备, 包含:  An embodiment of the present invention further provides a network side device, including:
定制模块, 用于根据接入限制信息对终端的小区测量和 /或测量结果上报进 行定制;  a customized module, configured to customize a cell measurement and/or a measurement result report of the terminal according to the access restriction information;
下发模块, 用于向终端发送定制模块定制的结果。  The sending module is configured to send a customized module customized result to the terminal.
本发明实施方式与现有技术相比, 主要效果在于: 对用户权限的修改无需 到特定的管理后台进行, 可以直接由有权限的用户通过终端对受限网络的用户 接入权限进行管理, 从而对受限网络的用户接入权限管理更为灵活。 附图说明  Compared with the prior art, the main effect of the embodiment of the present invention is that: the modification of the user right does not need to be performed in a specific management background, and the user access authority of the restricted network can be directly managed by the authorized user through the terminal, thereby User access rights management for restricted networks is more flexible. DRAWINGS
图 1是根据本发明第一实施方式的受限网络用户管理方法流程图; 图 2是根据本发明第二实施方式的受限网络用户管理方法流程图; 图 3是根据本发明第三实施方式的终端测量和上报方法流程图;  1 is a flowchart of a method for managing a restricted network user according to a first embodiment of the present invention; FIG. 2 is a flowchart of a method for managing a restricted network user according to a second embodiment of the present invention; FIG. 3 is a third embodiment of the present invention. Flow chart of terminal measurement and reporting methods;
图 4是才艮据本发明第六实施方式的受限网络用户管理系统结构图。 具体实施方式  4 is a structural diagram of a restricted network user management system according to a sixth embodiment of the present invention. detailed description
为使本发明的目的、 技术方案和优点更加清楚, 下面将结合附图对本发明 的实施方式作进一步地详细描述。  In order to make the objects, technical solutions and advantages of the present invention more comprehensible, the embodiments of the present invention will be further described in detail with reference to the accompanying drawings.
本发明的第一实施方式涉及一种受限网络用户管理方法, 在本实施方式中, 受限网络用户的管理为增加新用户的管理, 受限网络可以是私有网络, 也可以  A first embodiment of the present invention relates to a method for managing a restricted network user. In this embodiment, management of a restricted network user is to increase management of a new user, and the restricted network may be a private network.
Local Area Network, 简称" WLAN" )或蓝牙技术等短距离通信网络), 本实施方 式以受限网络为私有网络为例进行说明, 具体流程如图 1所示。 Local area network (referred to as "WLAN") or short-distance communication network such as Bluetooth technology. This embodiment uses a restricted network as a private network as an example. The specific process is shown in Figure 1.
在步骤 110 中, 有用户管理权限的用户所使用的终端向私有网络发起增加 用户的请求, 在该请求中携带被增加的用户的标识, 该私有网络接收该增加用 户的请求。 具体地说, 在私有网络增加新的用户之前, 先由该私有网络中有权 限的用户判断要增加用户是否是可以允许接入该私有网络的用户, 如果是, 则 该有权限的用户通过使用的终端向该私有网络发起增加用户的请求, 并在该请 求中携带请求增加的用户的标识(如该用户所使用的电话号码)。 其中, 有权限 的用户可以是具备最低权限(即接入权限) 的用户, 也可以是具体更高的管理 权限的用户, 如管理员、 超级管理员等。 一个私有网络的有权限的用户可以是 一个, 也可以是多个。 在本实施方式中, 通过由有权限的用户判断请求增加的 用户是否是可以允许接入该私有网络的用户, 来确保新增加的用户不会对该私 有网络产生不安全的影响。 In step 110, the terminal used by the user with the user management authority initiates an increase request to the private network, where the request carries the identifier of the added user, and the private network receives the request for increasing the user. Specifically, before adding a new user to the private network, the authorized user in the private network first determines whether the user is allowed to access the private network, and if so, the authorized user uses the user. The terminal initiates an increase in the user's request to the private network, and in the request The request carries the identity of the user requesting the addition (such as the phone number used by the user). Among them, the privileged user can be a user with the lowest privilege (that is, access rights), or a user with a higher administrative privilege, such as an administrator, a super administrator, and the like. A privileged user of a private network can be one or more. In this embodiment, it is ensured by the authorized user whether the requested user is a user who can be allowed to access the private network, so as to ensure that the newly added user does not have an unsafe impact on the private network.
接着, 进入步骤 120, 核心网 (Core Net, 简称" CN" )对被请求增加的用户 进行合法性认证, 如果认证未通过, 则进入步骤 130, 如果认证通过, 则进入步 骤 140。 具体地说, 该私有网络收到增加用户的请求后, 向 CN发送请求消息, 请求对该要增加的用户 (即请求被增加的用户)进行合法性认证, 该消息中携 带该要增加的用户的标识 (如该用户所使用的电话号码)。 CN根据携带在该消 息中的用户的标识, 对要增加的用户是否为合法用户进行认证, 如果认证未通 过, 即确定要增加的用户是非法用户, 则进入步骤 130, 如果认证未通过, 即确 定要增加的用户是合法用户, 则进入步骤 140。  Then, proceeding to step 120, the core network (Core Net, referred to as "CN") performs legality authentication on the user who is requested to be added. If the authentication fails, the process proceeds to step 130. If the authentication is passed, the process proceeds to step 140. Specifically, after receiving the request of adding the user, the private network sends a request message to the CN, requesting that the user to be added (that is, the user who is requested to be added) perform legality authentication, and the message carries the user to be added. Identification (such as the phone number used by the user). The CN authenticates whether the user to be added is a legitimate user according to the identifier of the user carried in the message. If the authentication fails, that is, the user to be added is an illegal user, the process proceeds to step 130. If the authentication fails, If it is determined that the user to be added is a legitimate user, then step 140 is entered.
由于用户的合法性包括两方面, 一方面是用户的加入是否会对私有网络产 生不安全的影响, 如步骤 110 中所涉及到的, 另一方面是要加入的用户是否为 能够接入公共网络的用户, 因此, 在本步骤 120中, 通过 CN对要加入的用户进 行认证鉴权, 进一步保证了要加入的用户的合法性, 从而使得对私有网络的管 理更具准确性。  Since the legitimacy of the user includes two aspects, on the one hand, whether the user's joining will have an insecure impact on the private network, as mentioned in step 110, on the other hand, whether the user to join is able to access the public network. Therefore, in this step 120, the user to be authenticated is authenticated by the CN, which further ensures the legitimacy of the user to be joined, thereby making the management of the private network more accurate.
在步骤 130中, CN将认证失败的结果返回该私有网络, 该私有网络向该发 起请求的有权限的用户返回请求失败的消息, 并在该消息中携带失败原因, 即 公共网络鉴权失败。  In step 130, the CN returns the result of the authentication failure to the private network, and the private network returns a message requesting the failure to the authorized user who initiated the request, and carries the reason for the failure in the message, that is, the public network authentication fails.
如果 CN对要增加的用户的合法性认证通过, 则进入步骤 140, CN将要增 加的用户的标识转换为该私有网络能够识别的用户标识, 并将该用户标识发送 给该私有网络。  If the CN passes the authentication of the user to be added, the process proceeds to step 140, where the identifier of the user to be added by the CN is converted into a user identifier that can be identified by the private network, and the user identifier is sent to the private network.
接着 ,进入步骤 150 ,该私有网络保存来自 CN的要增加的用户的用户标识 , 并通过寻呼消息将该私有网络的接入限制标识发送给要增加的用户所使用的终 端, 或者, 也可以通过其它下行信令方式将该私有网络的接入限制标识发送给 要增加的用户所使用的终端。 由于来自 CN的要增加的用户的用户标识,是该私 有网络能够识别的标识, 因此, 如果该新增加的用户通过所使用的终端向该私 有网络发起接入请求, 则该私有网络根据保存的用户标识, 能够识别出该用户 为具备接入权限的用户, 从而进行正确的处理。 Then, proceeding to step 150, the private network saves the user identifier of the user to be added from the CN, and sends the access restriction identifier of the private network to the terminal used by the user to be added through the paging message, or The access restriction identifier of the private network is sent to the terminal used by the user to be added by other downlink signaling methods. Since the user identifier of the user to be added from the CN is an identifier that the private network can recognize, if the newly added user passes the terminal used to the private If the network initiates an access request, the private network can recognize that the user is a user with access rights according to the saved user identifier, so as to perform correct processing.
接着, 进入步骤 160, 收到该私有网络的接入限制标识的终端, 将该接入限 制标识保存在本终端内, 使得使用该终端的用户, 即要增加的用户, 可以获知 本用户有权限接入该私有网络。  Then, proceeding to step 160, the terminal that receives the access restriction identifier of the private network saves the access restriction identifier in the terminal, so that the user who uses the terminal, that is, the user to be added, can learn that the user has the authority. Access to the private network.
接着, 进入步骤 170,要增加的用户通过使用的终端向该私有网络回复响应 命令, 该私有网络认为新增用户的操作成功, 向发起请求的有权限的用户的终 端返回请求成功的消息。  Then, proceeding to step 170, the user to be added returns a response command to the private network through the terminal used, and the private network considers that the operation of the newly added user is successful, and returns a message of successful request to the terminal of the authorized user who initiated the request.
需要说明的是, 在本实施方式中, 以发起增加用户请求的终端信息保存在 CN中为例进行说明, 因此, 该私有网络需要向该 CN请求对要增加的用户进行 合法性认证以及号码的转换。 如果发起增加用户请求的终端用户为只支持私有 网络的终端用户, 则由该私有网络对该终端用户进行合法性认证以及号码的转 换。  It should be noted that, in this embodiment, the terminal information for initiating the user request is saved in the CN as an example. Therefore, the private network needs to request the CN to perform legality authentication and number for the user to be added. Conversion. If the terminal user who initiates the user request is an end user that only supports the private network, the end user is authenticated by the private network and the number is converted.
另外, 值得一提的是, 对于私有网络的用户接入权限的管理可能涉及到该 私有网络的用户管理数据库, 网络侧 (即私有网络和 /或核心网)可能具有该私 有网络的用户管理数据库, 因此, 网络侧还需要根据有权限的用户发起的操作 请求更新该用户数据库。 在网络侧有该私有网络的用户管理数据库的情况下, 有接入权限的用户还可以向网络侧发送查询请求, 其中携带要查询的私有网络 的标识或名称, 网络侧检查该用户的权限, 如果用户的权限合法, 则反馈相应 的查询结果。  In addition, it is worth mentioning that the management of the user access rights of the private network may involve the user management database of the private network, and the network side (ie, the private network and/or the core network) may have a user management database of the private network. Therefore, the network side also needs to update the user database according to the operation request initiated by the authorized user. In the case that the user management database of the private network is available on the network side, the user having access rights may also send a query request to the network side, where the identifier or name of the private network to be queried is carried, and the network side checks the rights of the user. If the user's authority is legal, the corresponding query result is fed back.
由此可见, 在本实施方式中, 对用户接入权限的增加无需到特定的管理后 台进行操作, 可以直接由有权限的用户通过终端对受限网络的用户接入权限进 行管理, 从而使得受限网络的用户接入权限管理更为灵活。  Therefore, in this embodiment, the user access authority does not need to be operated in a specific management background, and the user access authority of the restricted network can be directly managed by the authorized user through the terminal, thereby User access rights management of network-limited networks is more flexible.
本发明的第二实施方式涉及一种受限网络用户管理方法, 在本实施方式中, 受限网络用户的管理为删除用户的管理, 受限网络可以是私有网络, 也可以是 距离通信网络), 本实施方式以受限网络为私有网络为例进行说明, 具体流程如 图 2所示。  The second embodiment of the present invention relates to a method for managing a restricted network user. In this embodiment, the management of the restricted network user is to delete the management of the user, and the restricted network may be a private network or a distance communication network. The present embodiment is described by taking a limited network as a private network as an example. The specific process is shown in FIG. 2 .
在步骤 210 中, 有权限的用户所使用的终端向私有网络发起删除用户的请 求, 在该请求中携带被删除的用户的标识, 该私有网络接收该删除用户的请求。 被请求删除的用户可以是允许接入该私有网络的其他用户, 也可以是发起该请 求的用户本身。 比如说, 用户 1、 用户 2、 和用户 3均被允许接入私有网络 A, 假设用户 1要删除用户 2的接入权限, 那么, 用户 1通过所使用的终端向私有 网络 A发起删除用户 2的请求, 在该请求中携带用户 2的标识。 In step 210, the terminal used by the authorized user initiates a request to delete the user to the private network, where the request carries the identifier of the deleted user, and the private network receives the request to delete the user. The user requested to delete may be another user allowed to access the private network, or the user itself who initiated the request. For example, User 1, User 2, and User 3 are all allowed to access the private network A. If User 1 wants to delete the access rights of User 2, User 1 initiates the deletion of User 2 to Private Network A through the terminal used. The request, carrying the identity of User 2 in the request.
接着, 进入步骤 220, 私有网络判断被请求删除的用户是否为本私有网络的 唯一用户。 比如说, 在上述案例中, 用户 1通过所使用的终端向私有网络 A发 起删除用户 2的请求, 那么, 私有网络 A可以判断出被请求删除的用户 2并非 为本私有网络的唯一用户, 用户 1和用户 2均是本私有网络的用户。 如果只有 用户 1可以接入私有网络 A, 并且用户 1通过所使用的终端向私有网络 A发起 删除用户 1的请求, 那么, 私有网络 A将判定被请求删除的用户 1为本私有网 络的唯一用户。 如果被请求删除的用户不是本私有网络的唯一用户, 则进入步 骤 230, 否则, 进入步骤 250。  Next, proceeding to step 220, the private network determines whether the user requested to be deleted is the only user of the private network. For example, in the above case, the user 1 initiates a request to delete the user 2 to the private network A through the terminal used, and then the private network A can determine that the user 2 requested to be deleted is not the only user of the private network, the user Both 1 and User 2 are users of this private network. If only user 1 can access private network A, and user 1 initiates a request to delete user 1 to private network A through the terminal used, private network A will determine that user 1 requested to delete is the only user of the private network. . If the user requested to delete is not the only user of the private network, then step 230 is entered, otherwise, step 250 is entered.
在步骤 230 中, 私有网络删除被请求删除的用户的标识, 并通过寻呼消息 将该私有网络的接入限制标识发送给被删除的用户所使用的终端, 或者, 也可 以通过其它下行信令方式将该私有网络的接入限制标识发送给被删除的用户所 使用的终端。 具体地说, 针对上述案例, 私有网络 A在收到用户 1的删除用户 2的请求后,根据携带在该请求中的用户 2的标识, 删除私有网络中保存的用户 2的标识。 如果在网络侧保存有该私有网络 A的用户数据库, 则网络侧还需在 该用户数据库中删除与用户 2相关的数据。 并且, 通过寻呼消息或其它下行信 令方式将该私有网络 A的接入限制标识发送给被删除的用户 2所使用的终端。  In step 230, the private network deletes the identifier of the user that is requested to be deleted, and sends the access restriction identifier of the private network to the terminal used by the deleted user by using a paging message, or may also pass other downlink signaling. The method sends the access restriction identifier of the private network to the terminal used by the deleted user. Specifically, for the above case, after receiving the request of the user 1 to delete the user 2, the private network A deletes the identifier of the user 2 saved in the private network according to the identifier of the user 2 carried in the request. If the user database of the private network A is stored on the network side, the network side also needs to delete the data related to the user 2 in the user database. And, the access restriction identifier of the private network A is sent to the terminal used by the deleted user 2 by a paging message or other downlink signaling manner.
在步骤 230之后, 进入步骤 240, 收到私有网络的接入限制标识的终端, 将 该接入限制标识在本终端中删除, 并且向该私有网络返回响应。 具体地说, 针 对上述案例, 用户 2所使用的终端在收到私有网络 A的接入限制标识后, 在本 终端内删除该私有网络 A的接入限制标识, 使得被删除的用户 2可以获知本用 户已不再具备私有网络 A的接入权限。 并且, 用户 2所使用的终端在删除该私 有网络 A的接入限制标识后, 向该私有网络 A返回响应消息。  After step 230, the process proceeds to step 240, where the terminal that receives the access restriction identifier of the private network deletes the access restriction identifier in the terminal, and returns a response to the private network. Specifically, in the above case, after receiving the access restriction identifier of the private network A, the terminal used by the user 2 deletes the access restriction identifier of the private network A in the terminal, so that the deleted user 2 can learn This user no longer has access to private network A. Moreover, after deleting the access restriction identifier of the private network A, the terminal used by the user 2 returns a response message to the private network A.
如果被请求删除的用户是该私有网络的唯一用户, 则进入步骤 250。 在步骤 250 中, 该私有网络通知发送删除用户请求的终端将删除该私有网络的唯一用 户, 请求对该删除唯一用户的操作进行确认。 也就是说, 如果用户 1 通过所使 用的终端向私有网络 A发起删除用户 1的请求, 私有网络 A判定该用户 1是本 私有网络的唯一用户, 那么, 在本步骤中, 该私有网络 A通知该用户 1将删除 私有网络 A的唯一用户, 请求对该删除操作的确认。 之后, 进入步骤 260。 If the user requested to delete is the only user of the private network, then step 250 is entered. In step 250, the private network notifies that the terminal sending the delete user request will delete the unique user of the private network, requesting confirmation of the operation of deleting the unique user. That is, if the user 1 initiates a request to delete the user 1 to the private network A through the terminal used, the private network A determines that the user 1 is the local The only user of the private network, then, in this step, the private network A notifies the user 1 that the unique user of the private network A will be deleted, requesting confirmation of the deletion operation. After that, the process proceeds to step 260.
在步骤 260 中, 发送删除用户请求的终端在收到该通知后, 对该删除操作 的请求进行确认。 如果被请求删除的用户是该私有网络的唯一用户, 则说明被 请求删除的用户是发起该请求的用户本身, 因此, 该用户在确认继续该删除操 作后, 在本用户所使用的终端内删除该私有网络的接入限制标识。 针对上述案 例, 用户 1在收到私有网络 A的通知后, 对该删除操作的请求进行确认, 如果 用户 1确认继续该删除操作, 则在本用户所使用的终端内删除该私有网络 A的 接入限制标识。  In step 260, the terminal that sends the delete user request confirms the request for the delete operation after receiving the notification. If the user requested to delete is the only user of the private network, the user who is requested to delete is the user who initiated the request. Therefore, after confirming to continue the deletion operation, the user deletes the terminal used by the user. The access restriction identifier of the private network. For the above case, after receiving the notification of the private network A, the user 1 confirms the request for the deletion operation. If the user 1 confirms to continue the deletion operation, the user 1 deletes the connection of the private network A in the terminal used by the user. Enter the limit ID.
接着, 在步骤 270 中, 私有网络在收到确认消息后, 删除被请求删除的用 户的标识。 针对上述案例, 私有网络 A在收到用户 1对该删除操作的确认消息 后, 删除私有网络 A中保存的用户 1的标识。 如果在网络侧保存有该私有网络 A的用户数据库, 则网络侧还需在该用户数据库中删除与用户 1相关的数据。  Next, in step 270, the private network deletes the identity of the user requested to delete after receiving the confirmation message. For the above case, the private network A deletes the identifier of the user 1 saved in the private network A after receiving the confirmation message of the deletion operation by the user 1. If the user database of the private network A is stored on the network side, the network side also needs to delete the data related to the user 1 in the user database.
不难发现, 在本实施方式中, 对用户权限的删除无需到特定的管理后台进 行用户的管理, 可以直接由有权限的用户对私有网络的用户接入权限进行管理, 从而使得受限网络的用户接入权限管理更为灵活。 而且, 由于当私有网络收到 对本私有网络的唯一用户进行删除的请求后, 需要向发起该请求的用户对该操 作请求进行确认, 以免发生误操作, 导致没有任何用户有权限接入该私有网络, 从而无法再通过有权限的用户对该私有网络进行管理, 进一步保证了有权限的 用户对私有网络的管理准确性。  It is not difficult to find that, in this embodiment, the deletion of user rights does not need to be managed by a specific management background, and the user access rights of the private network can be directly managed by the authorized user, thereby making the restricted network User access rights management is more flexible. Moreover, since the private network receives the request for deleting the unique user of the private network, the user requesting the request needs to confirm the operation request, so as to avoid the misoperation, so that no user has the right to access the private network. Therefore, the private network can no longer be managed by the authorized user, thereby further ensuring the management accuracy of the authorized user to the private network.
本发明的第三实施方式涉及一种终端测量和上" ^艮方法, 在本实施方式中, 由终端根据接入限制信息对该终端的小区测量和 /或测量结果上报进行定制, 并 根据定制的结果对小区进行测量和上报, 其中, 接入限制信息包含受限网络的 接入限制信息、 该终端的能力限制信息 (如对特殊网络, 无线接入技术或频率 层的支持限制等)、 设置在该终端内的接入限制信息。 具体流程如图 3所示。  A third embodiment of the present invention relates to a terminal measurement and a "^" method. In this embodiment, the terminal customizes the cell measurement and/or measurement result reporting of the terminal according to the access restriction information, and customizes according to the customization. The result is measured and reported to the cell, where the access restriction information includes access restriction information of the restricted network, capability limitation information of the terminal (such as support for special networks, radio access technologies or frequency layers, etc.), Set the access restriction information in the terminal. The specific process is shown in Figure 3.
在步骤 310中, 终端根据接入限制信息对该终端的小区测量和 /或测量结果 上报的信息进行定制。 比如说, 终端根据接入限制信息, 禁止对不具备接入权 限的小区进行测量; 或者, 终端根据接入限制信息, 在测量的小区中包含不具 备接入权限的小区, 但禁止将对该小区的测量结果上报给网络侧; 或者, 终端 根据接入限制信息, 测量并上报不具备接入权限的小区, 但在测量结果中将本 终端不具备接入权限的小区的标识, 设置为特定标识, 指示本终端无法正常接 入该小区; 或者, 测量并上报不具备接入权限的小区, 但在测量结果中, 将不 具备接入权限的小区的测量结果放到优先级低的上报队列中; 或者, 测量并上 报不具备接入权限的小区, 但在测量结果中, 将不具备接入权限的小区的测量 结果添加一个负的偏置量。 In step 310, the terminal customizes the information reported by the cell and/or the measurement result of the terminal according to the access restriction information. For example, the terminal prohibits measurement on a cell that does not have access rights according to the access restriction information; or, the terminal includes a cell that does not have access authority in the measured cell according to the access restriction information, but prohibits the The measurement result of the cell is reported to the network side; or, the terminal measures and reports the cell that does not have the access authority according to the access restriction information, but the measurement result is The identifier of the cell in which the terminal does not have access rights is set to a specific identifier, indicating that the terminal cannot access the cell normally; or, the cell that does not have access rights is measured and reported, but the measurement result does not have access. The measurement result of the privileged cell is placed in the lower priority reporting queue; or, the cell that does not have the access authority is measured and reported, but in the measurement result, the measurement result of the cell that does not have the access authority is added to a negative Offset amount.
接着, 在步骤 320 中, 终端根据定制的结果对小区进行测量和上报。 具体 地说, 终端在一些上行信令中会携带一些测量信息 (如随机接入信道的测量结 果 ( measurement results on RACH ) )。可以在 Cell update (小区更新 )消息, Initial Direct transfer (初始直接传输) 消息, Measurement control (测量控制) 消息, Measurement report (测量才艮告 )消息, RRC connection request (无线资源控制连 接请求)等消息中携带这些测量信息。 当终端处于空闲 (idle )或激活 (active ) 状态, 并要进行测量时, 根据定制的结果对小区进行测量, 并向网络侧上报测 量结果。  Next, in step 320, the terminal measures and reports the cell according to the customized result. Specifically, the terminal carries some measurement information (such as measurement results on RACH) in some uplink signaling. Can be in Cell update message, Initial Direct transfer message, Measurement control message, Measurement report message, RRC connection request, etc. Carry these measurement information. When the terminal is idle or active, and the measurement is to be performed, the cell is measured according to the customized result, and the measurement result is reported to the network side.
比如说, 在激活状态下终端需要切换时, 网络侧向该终端下发测量邻小区 的指示。 终端根据定制的结果对小区进行测量, 并向网络侧上报测量结果。 比 如说, 该终端检查下发的需要测量的小区中是否存在受限网络的小区, 如果存 在, 则继续判定本终端是否有权限接入该受限网络的小区。 如果有, 则对该受 限网络的小区进行测量, 如果没有, 则根据定制的结果不对该受限网络的小区 进行测量; 或者, 虽然对该受限网络的小区进行测量, 但在上报的测量结果中 不包含对该小区的测量结果; 或者, 对该受限网络的小区进行测量和上报, 但 在测量结果中指示本终端不具备接入该小区的权限(如将该小区的标识设置为 特定标识); 或者, 测量并上报不具备接入权限的小区, 但在测量结果中, 将不 具备接入权限的小区的测量结果放到优先级低的上报队列中; 或者, 测量并上 报不具备接入权限的小区, 但在测量结果中, 将不具备接入权限的小区的测量 结果添加一个负的偏置量。 当然, 该终端也有可能测量并上报网络侧没有指示 的但信号质量较好的小区。  For example, when the terminal needs to be switched in the active state, the network side sends an indication to the terminal to measure the neighboring cell. The terminal measures the cell according to the customized result, and reports the measurement result to the network side. For example, the terminal checks whether a cell with a restricted network exists in the cell to be measured, and if so, continues to determine whether the terminal has the right to access the cell of the restricted network. If yes, the cell of the restricted network is measured. If not, the cell of the restricted network is not measured according to the customized result; or, although the cell of the restricted network is measured, the reported measurement is performed. The result of the measurement is not included in the result; or the cell of the restricted network is measured and reported, but the measurement result indicates that the terminal does not have the right to access the cell (for example, the identity of the cell is set to Or, the cell that does not have access rights is measured and reported, but in the measurement result, the measurement result of the cell that does not have the access permission is placed in the reporting queue with a lower priority; or, the measurement is not reported. A cell with access rights, but in the measurement result, a negative offset is added to the measurement result of the cell that does not have access rights. Of course, it is also possible for the terminal to measure and report a cell with no good signal quality indicated by the network side.
在本实施方式中, 受限网络可以是私有网络, 也可以是使用特定频率层的 网络, 如提供特殊业务的 RAT的网络, 终端可以通过判断本终端是否支持该特 殊业务来判断本终端是否有接入该受限网络的权限。  In this embodiment, the restricted network may be a private network, or a network using a specific frequency layer, such as a network providing a RAT of a special service, and the terminal may determine whether the terminal has the terminal by determining whether the terminal supports the special service. Access to this restricted network.
不难发现, 在本实施方式中, 终端可以通过减小测量范围, 来避免对不具 备接入权限的小区发起无谓的测量, 也可以通过在上报的测量结果中不包含对 不具备接入权限的小区的测量结果, 或对不具备接入权限的小区进行测量和上 报, 但在测量结果中指示本终端不具备接入该小区的权限, 或测量并上报不具 备接入权限的小区, 但在测量结果中, 将不具备接入权限的小区的测量结果放 到优先级低的上报队列中, 或测量并上报不具备接入权限的小区, 但在测量结 果中, 将不具备接入权限的小区的测量结果添加一个负的偏置量。 使得网络侧 在执行切换时, 可以避免将该终端切换到该终端不具备接入权限的小区。 It is not difficult to find that in the present embodiment, the terminal can avoid the pair by reducing the measurement range. The cell with the access permission initiates unnecessary measurement. The measurement result reported in the report does not include the measurement result of the cell that does not have the access permission, or the measurement and reporting of the cell that does not have the access permission, but The measurement result indicates that the terminal does not have the right to access the cell, or measures and reports the cell that does not have the access right, but in the measurement result, the measurement result of the cell that does not have the access authority is placed at a lower priority. In the reporting queue, the cell that does not have access rights is measured and reported, but in the measurement result, a negative offset is added to the measurement result of the cell that does not have the access authority. When the network side performs the handover, the terminal can be prevented from switching to the cell in which the terminal does not have access rights.
本发明的第四实施方式涉及一种终端测量和上 方法, 本实施方式与第三 实施方式大致相同, 其区别在于, 在第三实施方式中, 由终端根据接入限制信 息对该终端的小区测量和 /或测量结果上报的信息进行定制,而在本实施方式中, 由网络侧根据接入限制信息对终端的小区测量和 /或测量结果上报的信息进行定 制。  A fourth embodiment of the present invention relates to a terminal measurement and method, and the present embodiment is substantially the same as the third embodiment, and the difference is that, in the third embodiment, the terminal is the cell of the terminal according to the access restriction information. The information reported by the measurement and/or the measurement result is customized. In the present embodiment, the network side performs customization on the cell measurement and/or the measurement result reported by the terminal according to the access restriction information.
具体地说, 如果终端处于空闲态, 则该终端在附着 (attach )过程或跟踪域 ( TA ) 更新等和网络侧的交换过程中, 把本终端的接入限制信息或部分接入限 制信息上报给网络侧。 网络侧根据该终端的接入限制信息对该终端的小区测量 和 /或测量结果上报的信息进行定制, 并在 attach过程或 TA更新等和该终端交 互的过程中, 将定制的结果发送给该终端。  Specifically, if the terminal is in an idle state, the terminal reports the access restriction information or partial access restriction information of the terminal in an exchange process such as an attach process or a tracking domain (TA) update and the network side. Give the network side. The network side customizes the information of the cell measurement and/or the measurement result reported by the terminal according to the access restriction information of the terminal, and sends the customized result to the terminal during the process of interacting with the terminal, such as an attach process or a TA update. terminal.
如果终端处于激活态, 则该终端使用上行信令(包括接入层 AS、 非接入层 NAS信令、 L1/L2 (层 1/层 2 )控制信令)或其他方式把本终端的接入限制信息 或部分接入限制信息上报给网络侧。 网络侧根据该终端的接入限制信息对该终 端的小区测量和 /或测量结果上报的信息进行定制, 并通过下行信令(包括接入 层 AS、 非接入层 NAS信令、 L1/L2 (层 1/层 2 )控制信令)或其他方式将定制 的结果下发给该终端。  If the terminal is in an active state, the terminal uses uplink signaling (including access layer AS, non-access stratum NAS signaling, L1/L2 (layer 1/layer 2) control signaling) or other means to connect the terminal. The incoming restriction information or part of the access restriction information is reported to the network side. The network side customizes the information of the cell measurement and/or measurement result reported by the terminal according to the access restriction information of the terminal, and adopts downlink signaling (including access layer AS, non-access stratum NAS signaling, L1/L2). (layer 1 / layer 2) control signaling) or other means to deliver customized results to the terminal.
终端再根据收到的定制结果对小区进行测量, 并向网络侧上报测量结果。 定制的结果, 即该终端的小区测量和 /或测量结果上报的信息可以是禁止对不具 备接入权限的小区进行测量; 或者, 在测量的小区中包含不具备接入权限的小 区, 但禁止将对该小区的测量结果上报给网络侧; 或者, 测量并上报不具备接 入权限的小区, 但在测量结果中指示本终端不具备接入权限的小区 (如将该小 区的标识设置为特定标识); 或者, 测量并上报不具备接入权限的小区, 但在测 量结果中, 将不具备接入权限的小区的测量结果放到优先级低的上报队列中; 或者, 测量并上报不具备接入权限的小区, 但在测量结果中, 将不具备接入权 限的小区的测量结果添加一个负的偏置量。 The terminal then measures the cell according to the received customized result, and reports the measurement result to the network side. The result of the customization, that is, the information reported by the cell measurement and/or the measurement result of the terminal may be that the measurement is not performed on the cell that does not have the access right; or the cell that does not have the access permission is included in the measured cell, but the cell is not allowed. Reporting the measurement result of the cell to the network side; or measuring and reporting the cell that does not have the access right, but indicating in the measurement result that the terminal does not have the access right cell (if the cell identity is set to specific In the measurement result, the measurement result of the cell that does not have the access authority is placed in the reporting queue with the lower priority; Alternatively, the cell that does not have access rights is measured and reported, but in the measurement result, a negative offset is added to the measurement result of the cell that does not have the access authority.
值得一提的是, 当终端更换网络节点时, 终端的接入限制信息和 /或网络侧 的定制结果可以在网络节点间传输, 并且, 当终端的接入限制信息和 /或网络侧 的定制结果发生变化时, 终端和 /或网络侧会发起信息更新, 通知对方。  It is worth mentioning that when the terminal replaces the network node, the terminal access restriction information and/or the network side customization result may be transmitted between the network nodes, and when the terminal access restriction information and/or network side customization When the result changes, the terminal and/or the network side will initiate an information update to notify the other party.
本发明的第五实施方式涉及一种终端测量和上 方法, 本实施方式与第四 实施方式大致相同, 其区别在于, 在第四实施方式中, 网络侧分别对各终端的 小区测量和 /或测量结果上报的信息进行定制, 而在本实施方式中, 网络侧根据 接入限制信息类别对终端的小区测量和 /或测量结果上报的策略进行定制, 该策 略中包含各类接入限制信息对应的小区测量和 /或测量结果上报的信息, 并将定 制的结果发送给终端, 终端根据自身所属的接入限制信息类别选择对应的小区 测量和 /或测量结果上报的信息, 根据所选择的小区测量和 /或测量结果上报的信 息, 对小区进行测量和上报。  A fifth embodiment of the present invention relates to a terminal measurement and an uplink method. The present embodiment is substantially the same as the fourth embodiment. The difference is that, in the fourth embodiment, the network side separately measures and/or measures the cell of each terminal. The information reported by the measurement result is customized. In the embodiment, the network side customizes the policy of reporting the cell measurement and/or the measurement result of the terminal according to the access restriction information category, where the policy includes various types of access restriction information. The information of the cell measurement and/or the measurement result is reported, and the customized result is sent to the terminal, and the terminal selects the information corresponding to the cell measurement and/or the measurement result according to the access restriction information category to which the terminal belongs, according to the selected cell. The information reported by the measurement and/or measurement results is measured and reported to the cell.
具体的说, 网络侧根据接入限制的类别 (如无权限接入, 或者不支持服务) 对受限网络的限制因素进行分类。  Specifically, the network side classifies the limiting factors of the restricted network according to the category of access restrictions (such as no access, or no service).
为每一类接入限制类别的小区测量和 /或测量结果上报的信息进行定制。 比 如说, 对于私有网络无权限接入的接入限制信息, 禁止对该类小区进行测量; 对于使用特定频率层或 RAT, 不支持服务的情况, 测量并上报不具备接入权限 的小区, 但在测量结果中指示本终端不具备该小区的接入权限。 并且, 网络侧 将这两种定制的小区测量和 /或测量结果上报的信息以及相对应的接入限制信息 类别作为一个策略, 通过广播或者下行信令的方式发送给终端。  The information reported for the cell measurement and/or measurement results of each type of access restriction category is customized. For example, for the access restriction information of the private network without access, the measurement is prohibited for the cell; for the case where the service is not supported by using the specific frequency layer or the RAT, the cell that does not have the access permission is measured and reported, but In the measurement result, it is indicated that the terminal does not have the access right of the cell. Moreover, the network side sends the information reported by the two customized cell measurement and/or measurement results and the corresponding access restriction information category as a policy, and sends the information to the terminal by means of broadcast or downlink signaling.
终端收到包含这两种小区测量和 /或测量结果上报的信息的策略后, 根据自 己的接入限制信息, 选择对应的小区测量和 /或测量结果上报的信息, 根据所选 择的小区测量和 /或测量结果上报的信息对小区进行测量, 并向网络侧上报测量 结果。  After receiving the policy including the information reported by the two cell measurements and/or the measurement result, the terminal selects the corresponding cell measurement and/or the information reported by the measurement result according to the access restriction information of the cell, and according to the selected cell measurement and / or the information reported by the measurement result is measured on the cell, and the measurement result is reported to the network side.
由此可见, 网络侧既可以为各终端分别进行定制, 也可以定制一个策略, 包含各类接入限制信息对应的小区测量和 /或测量结果上报的信息, 由终端根据 自身所属的接入限制信息类别进行选择, 使得本发明的实施方式更具灵活性。  It can be seen that the network side can customize the terminal separately, or can customize a policy, including the information of the cell measurement and/or the measurement result corresponding to the access restriction information, and the terminal according to the access restriction to which the terminal belongs. The selection of categories of information makes the embodiments of the present invention more flexible.
本发明的第六实施方式涉及受限网络用户管理系统, 如图 4 所示, 包含网 络侧设备和终端设备。 在网络侧设备中包含: 接收模块, 用于接收有用户管理权限的用户所使用 的终端向受限网络发起的操作请求, 该操作请求中携带被操作的用户的标识; 第一刷新模块, 用于根据该接收模块收到的操作请求刷新用户标识; 和通知模 块, 用于通知被操作的用户所使用的终端刷新该终端上该受限网络的接入限制 标识。 A sixth embodiment of the present invention relates to a restricted network subscriber management system, as shown in FIG. 4, including a network side device and a terminal device. The network side device includes: a receiving module, configured to receive an operation request initiated by the terminal used by the user with the user management authority to the restricted network, where the operation request carries the identifier of the operated user; And refreshing the user identifier according to the operation request received by the receiving module; and the notification module, configured to notify the terminal used by the operated user to refresh the access restriction identifier of the restricted network on the terminal.
由此可见, 对用户权限的修改无需到特定的管理后台进行用户的管理, 可 以直接由有权限的用户对受限网络的用户接入权限进行管理, 从而使得受限网 络的用户接入权限管理更为灵活。  It can be seen that the modification of the user rights does not require the management of the user in a specific management background, and the user access rights of the restricted network can be directly managed by the authorized user, thereby enabling the user access rights management of the restricted network. More flexible.
其中, 当操作请求是增加用户的请求时, 该第一刷新模块通过在受限网络 中保存被请求增加的用户的标识, 刷新用户标识, 所述通知模块通知被增加的 用户所使用的终端保存该受限网络的接入限制标识, 通知该终端刷新该终端上 该受限网络的接入限制标识; 当操作请求是删除用户的请求时, 该第一刷新模 块在受限网络中删除被请求删除的用户的标识, 刷新用户标识, 所述通知模块 通知被删除的用户所使用的终端删除该受限网络的接入限制标识, 通知该终端 刷新该终端上该受限网络的接入限制标识。 通知模块可以通过寻呼消息或其它 方式将该受限网络的接入限制标识发送给被请求增加或删除的用户所使用的终 端。受限网络可以是私有网络,也可以是使用特定频率层的网络或釆用特定 RAT 的网络(如釆用 WLAN或蓝牙技术等短距离通信网络)。  When the operation request is to increase the user's request, the first refresh module refreshes the user identifier by saving the identifier of the user that is requested to be added in the restricted network, and the notification module notifies the terminal used by the added user to save. The access restriction identifier of the restricted network, notifying the terminal to refresh the access restriction identifier of the restricted network on the terminal; when the operation request is to delete the user request, the first refresh module deletes the requested in the restricted network Deleting the identifier of the user, refreshing the user identifier, the notification module notifying the terminal used by the deleted user to delete the access restriction identifier of the restricted network, and notifying the terminal to refresh the access restriction identifier of the restricted network on the terminal . The notification module may send the access restriction identifier of the restricted network to the terminal used by the user who is requested to add or delete by using a paging message or other means. The restricted network can be a private network, or a network using a specific frequency layer or a network using a specific RAT (such as a short-distance communication network such as WLAN or Bluetooth technology).
其中, 所述第一刷新模块包括:  The first refresh module includes:
保存单元, 当所述操作请求为增加用户的请求时, 用于在所述受限网络保 存被请求增加的用户的标识;  a saving unit, configured to save an identifier of a user requested to be added in the restricted network when the operation request is to increase a user's request;
删除单元, 当所述操作请求为删除用户的请求时, 用于在所述受限网络删 除被请求删除的用户的标识。  And deleting the unit, when the operation request is to delete the user's request, for deleting the identifier of the user requested to delete in the restricted network.
另外, 值得一提的是, 该网络侧设备还可以包含: 认证模块, 用于在第一 刷新模块根据接收的操作请求刷新用户标识之前, 对被请求增加的用户进行合 法性认证(如向网络侧发起对该用户的合法性认证), 该第一刷新模块在该认证 通过后刷新用户标识; 和数据库更新模块, 用于在第一刷新模块根据接收的操 作请求刷新用户标识之后, 根据该操作请求更新受限网络的用户数据库。  In addition, it is worth mentioning that the network side device may further include: an authentication module, configured to perform legality authentication on the user that is requested to be added before the first refresh module refreshes the user identifier according to the received operation request (for example, to the network) The side initiates the legality authentication of the user, and the first refreshing module refreshes the user identifier after the authentication is passed; and the database update module is configured to: after the first refreshing module refreshes the user identifier according to the received operation request, according to the operation Request to update the user database of the restricted network.
在终端设备中包含: 发送模块, 用于向受限网络发起的操作请求, 该操作 请求中携带被操作的用户的标识, 该受限网络为本终端有权限进行该操作的网 络; 和 /或第二刷新模块, 用于根据受限网络下发的通知消息, 在本终端上刷新 受限网络的接入限制标识。 该发送模块发送的操作请求为增加用户的请求, 或 删除用户的请求; 该第二刷新模块根据该受限网络下发的通知消息, 通过在本 终端上保存或删除该受限网络的接入限制标识, 刷新该受限网络的接入限制标 识。 The terminal device includes: a sending module, configured to send an operation request to the restricted network, where the operation request carries an identifier of the operated user, where the restricted network is a network that the terminal has the authority to perform the operation And a second refreshing module, configured to refresh the access restriction identifier of the restricted network on the terminal according to the notification message sent by the restricted network. The operation request sent by the sending module is to increase the user's request, or delete the user's request; the second refreshing module saves or deletes the restricted network access on the local terminal according to the notification message sent by the restricted network. Restrict the identity and refresh the access restriction identifier of the restricted network.
本发明的第七实施方式涉及一种终端设备, 包含: 测量模块, 用于根据定 制的小区测量和 /或测量结果上报对小区进行测量; 上报模块, 用于根据定制的 小区测量和 /或测量结果上报将该测量模块测量到的信息上报给网络侧。  A seventh embodiment of the present invention relates to a terminal device, including: a measurement module, configured to perform measurement on a cell according to a customized cell measurement and/or measurement result; and a reporting module, configured to perform cell measurement and/or measurement according to a customized As a result, the information measured by the measurement module is reported to the network side.
该终端设备还可以包含: 定制模块, 用于根据接入限制信息对终端的小区 测量和 /或测量结果上报进行定制, 该测量模块和上报模块根据该定制模块定制 的结果对小区进行测量和上报; 或者, 该终端设备还包含: 接收模块, 用于接 收网络侧定制的对终端的小区测量和 /或测量结果上报, 该测量模块和上报模块 根据该接收模块收到的定制的结果对小区进行测量和上报。  The terminal device may further include: a customization module, configured to customize a cell measurement and/or a measurement result report of the terminal according to the access restriction information, where the measurement module and the reporting module measure and report the cell according to the customized result of the customized module. Or the terminal device further includes: a receiving module, configured to receive a cell measurement and/or a measurement result report to the terminal customized by the network side, where the measurement module and the reporting module perform the cell according to the customized result received by the receiving module. Measurement and reporting.
其中, 接入限制信息包含受限网络的接入限制信息、 该终端的能力限制信 息(如对特殊网络, 无线接入技术或频率层的支持限制等)、 设置在该终端内的 接入限制信息。定制的结果可以是该终端的小区测量和 /或测量结果上报的信息, 如禁止对不具备接入权限的小区进行测量; 或者, 测量的小区中包含不具备接 入权限的小区, 但禁止将该小区的测量结果上报给网络侧; 或者, 测量并上报 不具备接入权限的小区, 但在测量结果中指示本终端不具备接入该小区的权限; 或者, 测量并上报不具备接入权限的小区, 但在测量结果中, 将不具备接入权 限的小区的测量结果放到优先级低的上报队列中; 或者, 测量并上报不具备接 入权限的小区, 但在测量结果中, 将不具备接入权限的小区的测量结果添加一 个负的偏置量。 定制的结果也可以是一个策略, 该策略中包含各类接入限制信 息对应的小区测量和 /或测量结果上报的信息。  The access restriction information includes access restriction information of the restricted network, capability limitation information of the terminal (such as support restrictions for a special network, a radio access technology or a frequency layer, and the like), and an access restriction set in the terminal. information. The customized result may be information reported by the cell measurement and/or measurement result of the terminal, such as prohibiting measurement on a cell that does not have access rights; or, the measured cell includes a cell that does not have access rights, but prohibiting the The measurement result of the cell is reported to the network side; or, the cell that does not have the access right is measured and reported, but the measurement result indicates that the terminal does not have the right to access the cell; or, the measurement and reporting does not have the access right a cell, but in the measurement result, the measurement result of the cell that does not have the access right is placed in the reporting queue with a lower priority; or, the cell that does not have the access authority is measured and reported, but in the measurement result, A measurement of the cell that does not have access rights adds a negative offset. The customized result may also be a policy that includes information on cell measurements and/or measurement results corresponding to various types of access restriction information.
根据上述定制的结果进行小区测量和测量结果的上报, 使得终端可以减小 测量行为, 避免对不具备接入权限的小区发起无谓的测量, 并且避免了网络侧 在执行切换时, 将该终端切换到该终端不具备接入权限的小区。  The cell measurement and the measurement result are reported according to the customized result, so that the terminal can reduce the measurement behavior, avoid unnecessary measurement on the cell that does not have the access right, and avoid the network side switching the terminal when performing the handover. A cell that does not have access rights to the terminal.
本发明的第八实施方式涉及一种网络侧设备, 包含: 定制模块, 用于根据 接入限制信息对终端的小区测量和 /或测量结果上报进行定制; 下发模块, 用于 向终端发送该定制模块的定制结果。 其中, 接入限制信息包含受限网络的接入限制信息、 该终端的能力限制信 息(如对特殊网络, 无线接入技术或频率层的支持限制等)、 设置在该终端内的 接入限制信息。定制的结果可以是该终端的小区测量和 /或测量结果上报的信息, 如禁止对不具备接入权限的小区进行测量; 或者, 测量的小区中包含不具备接 入权限的小区, 但禁止将该小区的测量结果上报给网络侧; 或者, 测量并上报 不具备接入权限的小区, 但在测量结果中指示本终端不具备接入该小区的权限; 或者, 测量并上报不具备接入权限的小区, 但在测量结果中, 将不具备接入权 限的小区的测量结果放到优先级低的上报队列中; 或者, 测量并上报不具备接 入权限的小区, 但在测量结果中, 将不具备接入权限的小区的测量结果添加一 个负的偏置量。 定制的结果也可以是一个策略, 该策略中包含各类接入限制信 息对应的小区测量和 /或测量结果上报的信息。 使得终端可以减小测量行为, 避 免对不具备接入权限的小区发起无谓的测量, 并且避免了网络侧在执行切换时, 将该终端切换到该终端不具备接入权限的小区。 网络侧设备时, 将该终端的接入限制信息和 /或定制模块的定制结果传输给其它 网络侧设备。 An eighth embodiment of the present invention relates to a network side device, including: a customization module, configured to customize a cell measurement and/or a measurement result report of a terminal according to the access restriction information; and a sending module, configured to send the Customized results for custom modules. The access restriction information includes access restriction information of the restricted network, capability limitation information of the terminal (such as support restrictions for a special network, a radio access technology or a frequency layer, and the like), and an access restriction set in the terminal. information. The customized result may be information reported by the cell measurement and/or measurement result of the terminal, such as prohibiting measurement on a cell that does not have access rights; or, the measured cell includes a cell that does not have access rights, but prohibiting the The measurement result of the cell is reported to the network side; or, the cell that does not have the access right is measured and reported, but the measurement result indicates that the terminal does not have the right to access the cell; or, the measurement and reporting does not have the access right a cell, but in the measurement result, the measurement result of the cell that does not have the access right is placed in the reporting queue with a lower priority; or, the cell that does not have the access authority is measured and reported, but in the measurement result, A measurement of the cell that does not have access rights adds a negative offset. The customized result may also be a policy, which includes information about cell measurement and/or measurement result corresponding to each type of access restriction information. The terminal can reduce the measurement behavior, avoid unnecessary measurement on the cell that does not have access rights, and prevent the network side from switching to the cell in which the terminal does not have access rights when performing handover. When the network side device is used, the access restriction information of the terminal and/or the customized result of the customization module are transmitted to other network side devices.
综上所述, 在本发明的实施方式中, 受限网络接收来自有用户管理权限的 用户所使用的终端的操作请求, 该操作请求中携带被操作的用户的标识, 并通 知被操作的用户所使用的终端刷新该终端上该受限网络的接入限制标识。 使得 对用户权限的修改无需到特定的管理后台进行, 可以直接由有权限的用户通过 终端对受限网络的用户接入权限进行管理, 从而使得受限网络的用户接入权限 管理更为灵活。  In summary, in an embodiment of the present invention, the restricted network receives an operation request from a terminal used by a user having a user management right, and the operation request carries an identifier of the operated user, and notifies the operated user. The terminal used refreshes the access restriction identifier of the restricted network on the terminal. The modification of the user rights does not need to be performed in a specific management background, and the user access rights of the restricted network can be directly managed by the authorized user through the terminal, thereby making the user access rights management of the restricted network more flexible.
向受限网络发起的操作请求可以是增加用户的请求, 也可以是删除用户的 请求, 使得有权限的用户对受限网络的用户接入权限的管理更全面和完整。  The operation request initiated to the restricted network may be an increase of the user's request, or a request to delete the user, so that the authorized user can manage the access rights of the restricted network user more comprehensively and completely.
受限网络在增加有权限接入的用户之前, 先通过网络侧对被请求增加的用 户进行合法性认证, 进一步确保了新增加的用户的合法性; 在删除唯一有权限 接入的用户之前, 先向发起该删除操作请求的终端进行确认, 有效防止用户的 误操作, 保证了有权限的用户对受限网络的管理的准确性。  The restricted network first authenticates the user who is requested to increase the network through the network side, and further ensures the legality of the newly added user. Before deleting the only user with permission to access, First, the terminal that initiated the deletion operation request is confirmed, effectively preventing the user from misoperation, and ensuring the accuracy of the management of the restricted network by the authorized user.
终端根据定制的小区测量和 /或测量结果上报的信息, 或包含各类接入限制 信息对应的小区测量和 /或测量结果上 >¾的信息的策略, 进行小区的测量和测量 结果的上报, 可以减小测量行为, 避免对不具备接入权限的小区发起无谓的测 量, 并且避免了网络侧在执行切换时, 将该终端切换到该终端不具备接入权限 的小区。 The terminal performs measurement and measurement of the cell according to the information reported by the customized cell measurement and/or measurement result, or the policy including the information of the cell measurement and/or the measurement result corresponding to the access restriction information. The reporting of the result can reduce the measurement behavior, avoid unnecessary measurement on the cell that does not have access rights, and prevent the network side from switching to the cell in which the terminal does not have access rights when performing handover.
虽然通过参照本发明的某些优选实施方式, 已经对本发明进行了图示和描 述, 但本领域的普通技术人员应该明白, 可以在形式上和细节上对其作各种改 变, 而不偏离本发明的精神和范围。  While the invention has been illustrated and described with reference to the preferred embodiments embodiments The spirit and scope of the invention.

Claims

权 利 要 求 Rights request
1. 一种受限网络用户管理方法, 其特征在于, 包含以下步骤: A method for managing a restricted network user, comprising the steps of:
受限网络接收来自有用户管理权限的用户所使用的终端的操作请求, 该操 作请求中携带被操作的用户的标识;  The restricted network receives an operation request from a terminal used by a user having user management authority, and the operation request carries an identifier of the operated user;
所述受限网络根据所述操作请求通知所述被操作的用户所使用的终端刷新 所述被操作的用户所使用的终端上的所述受限网络的接入限制标识。  And the restricted network notifies the terminal used by the operated user to refresh the access restriction identifier of the restricted network on the terminal used by the operated user according to the operation request.
2. 根据权利要求 1所述的受限网络用户管理方法, 其特征在于, 还包含以 下步骤:  2. The restricted network user management method according to claim 1, further comprising the following steps:
所述受限网络在收到所述操作请求后, 根据所述操作请求刷新用户标识。 After receiving the operation request, the restricted network refreshes the user identifier according to the operation request.
3. 根据权利要求 2所述的受限网络用户管理方法, 其特征在于, 所述操作 请求为增加用户的请求; The method for managing a restricted network user according to claim 2, wherein the operation request is to increase a user's request;
所述受限网络根据所述操作请求刷新用户标识的步骤包括: 在所述受限网 络保存被请求增加的用户的标识;  The step of the restricted network refreshing the user identifier according to the operation request includes: saving, on the restricted network, an identifier of the user requested to be added;
所述通知所述被操作的用户所使用的终端刷新该终端上该受限网络的接入 限制标识的步骤包括: 通知被增加的用户所使用的终端保存该受限网络的接入 限制标识。  The step of notifying the terminal used by the operated user to refresh the access restriction identifier of the restricted network on the terminal comprises: notifying the terminal used by the added user to save the access restriction identifier of the restricted network.
4. 根据权利要求 3所述的受限网络用户管理方法, 其特征在于, 在所述受 限网络保存被请求增加的用户的标识之前, 先执行以下步骤:  4. The restricted network user management method according to claim 3, wherein before the restricted network saves the identifier of the user requested to be added, the following steps are performed:
网络侧对所述被请求增加的用户进行合法性认证。  The network side performs legality authentication on the user who is requested to be added.
5. 根据权利要求 2所述的受限网络用户管理方法, 其特征在于, 所述操作 请求为删除用户的请求;  The method for managing a restricted network user according to claim 2, wherein the operation request is a request to delete a user;
所述受限网络根据所述操作请求刷新用户标识的步骤包括: 在所述受限网 络删除被请求删除的用户的标识;  The step of the limited network refreshing the user identifier according to the operation request includes: deleting, on the restricted network, an identifier of the user requested to delete;
所述通知所述被操作的用户所使用的终端刷新该终端上该受限网络的接入 限制标识的步骤包括: 通知被删除的用户所使用的终端删除该受限网络的接入 限制标识。  The step of notifying the terminal used by the operated user to refresh the access restriction identifier of the restricted network on the terminal comprises: notifying the terminal used by the deleted user to delete the access restriction identifier of the restricted network.
6. 根据权利要求 5所述的受限网络用户管理方法, 其特征在于, 如果所述 被请求删除的用户为所述受限网络的唯一用户, 则该受限网络在删除被请求删 除的用户的标识之前, 先向发送所述操作请求的终端确认该删除用户的请求; 如果发送所述操作请求的终端确认所述删除用户的请求, 则所述受限网络 再删除被请求删除的用户的标识。 The limited network user management method according to claim 5, wherein if the user requested to delete is a unique user of the restricted network, the restricted network deletes the user requested to delete Before the identification of the user, the terminal that sends the operation request is first confirmed to delete the user's request; If the terminal that sent the operation request confirms the request to delete the user, the restricted network deletes the identifier of the user requested to delete.
7. 根据权利要求 3或 5所述的受限网络用户管理方法, 其特征在于, 所述 受限网络通过寻呼消息、 层 1或层 2信令、 或无线资源控制层 RRC信令, 将该 受限网络的接入限制标识发送给所述被增加或被删除的用户所使用的终端。  The restricted network user management method according to claim 3 or 5, wherein the restricted network passes a paging message, layer 1 or layer 2 signaling, or radio resource control layer RRC signaling, The access restriction identifier of the restricted network is sent to the terminal used by the added or deleted user.
8. 根据权利要求 1至 6中任一项所述的受限网络用户管理方法, 其特征在 于, 如果网络侧保存有所述受限网络的用户数据库, 则还包含以下步骤:  The limited network user management method according to any one of claims 1 to 6, wherein if the network side saves the user database of the restricted network, the method further comprises the following steps:
所述网络侧根据所述操作请求更新所述用户数据库。  The network side updates the user database according to the operation request.
9. 根据权利要求 1至 6中任一项所述的受限网络用户管理方法, 其特征在 于, 所述受限网络为私有网络, 或使用特定频率层的网络, 或釆用特定无线接 入技术 RAT的网络。  The limited network user management method according to any one of claims 1 to 6, wherein the restricted network is a private network, or a network using a specific frequency layer, or a specific wireless access is used. Technical RAT network.
10. 一种网络侧设备, 其特征在于, 包含:  10. A network side device, comprising:
接收模块, 用于接收有用户管理权限的用户所使用的终端向受限网络发起 的操作请求, 该操作请求中携带被操作的用户的标识;  a receiving module, configured to receive an operation request initiated by a terminal used by a user with user management authority to the restricted network, where the operation request carries an identifier of the operated user;
通知模块, 用于通知所述被操作的用户所使用的终端刷新该终端上该受限 网络的接入限制标识。  And a notification module, configured to notify the terminal used by the operated user to refresh an access restriction identifier of the restricted network on the terminal.
11. 根据权利要求 10所述的网络侧设备, 其特征在于, 所述网络侧设备还 包含:  The network side device according to claim 10, wherein the network side device further comprises:
第一刷新模块, 用于根据所述接收模块收到的操作请求刷新用户标识。 The first refreshing module is configured to refresh the user identifier according to the operation request received by the receiving module.
12. 根据权利要求 11所述的网络侧设备, 其特征在于, 12. The network side device according to claim 11, wherein
所述操作请求为增加用户的请求, 所述第一刷新模块通过在所述受限网络 保存被请求增加的用户的标识, 刷新用户标识, 所述通知模块通过通知被增加 的用户所使用的终端保存该受限网络的接入限制标识, 通知该终端刷新该终端 上该受限网络的接入限制标识; 或者,  The operation request is to increase a user's request, and the first refresh module refreshes the user identifier by saving the identifier of the user that is requested to be added in the restricted network, and the notification module notifies the terminal used by the added user by using the notification Saving an access restriction identifier of the restricted network, and notifying the terminal to refresh the access restriction identifier of the restricted network on the terminal; or
所述操作请求为删除用户的请求, 所述第一刷新模块通过在所述受限网络 删除被请求删除的用户的标识, 刷新用户标识, 所述通知模块通过通知被删除 的用户所使用的终端删除该受限网络的接入限制标识, 通知该终端刷新该终端 上该受限网络的接入限制标识;  The operation request is to delete a user's request, and the first refreshing module refreshes the user identifier by deleting the identifier of the user that is requested to be deleted in the restricted network, and the notification module notifies the terminal used by the deleted user by Deleting the access restriction identifier of the restricted network, and notifying the terminal to refresh the access restriction identifier of the restricted network on the terminal;
其中, 所述第一刷新模块包括:  The first refresh module includes:
保存单元, 当所述操作请求为增加用户的请求时, 用于在所述受限网络保 存被请求增加的用户的标识; a saving unit, configured to protect the restricted network when the operation request is to increase a user's request The identifier of the user who is requested to be added;
删除单元, 当所述操作请求为删除用户的请求时, 用于在所述受限网络删 除被请求删除的用户的标识。  And deleting the unit, when the operation request is to delete the user's request, for deleting the identifier of the user requested to delete in the restricted network.
13. 根据权利要求 12所述的网络侧设备, 其特征在于, 所述网络侧设备还 包含: 认证模块, 用于在所述第一刷新模块根据接收的操作请求刷新用户标识 之前, 对所述被请求增加的用户进行合法性认证, 该第一刷新模块在该认证通 过后刷新用户标识。  The network side device according to claim 12, wherein the network side device further comprises: an authentication module, configured to: before the first refreshing module refreshes the user identifier according to the received operation request, The user requested to be added performs legality authentication, and the first refresh module refreshes the user identifier after the authentication is passed.
14. 根据权利要求 10至 13 中任一项所述的网络侧设备, 其特征在于, 所 述网络侧设备还包含: 数据库更新模块, 用于在所述第一刷新模块根据接收的 操作请求刷新用户标识之后, 根据该操作请求更新所述受限网络的用户数据库。  The network side device according to any one of claims 10 to 13, wherein the network side device further comprises: a database update module, configured to refresh in the first refresh module according to the received operation request After the user identification, the user database of the restricted network is updated according to the operation request.
15. 一种终端设备, 其特征在于, 包含:  15. A terminal device, comprising:
发送模块 , 用于向受限网络发起操作请求 , 该操作请求中携带被操作的用 户的标识, 该受限网络为所述终端有权限进行所述操作的网络; 和 /或  a sending module, configured to initiate an operation request to the restricted network, where the operation request carries an identifier of the operated user, where the restricted network is a network in which the terminal has the right to perform the operation; and/or
第二刷新模块, 用于根据受限网络下发的通知消息, 在本终端上刷新该受 限网络的接入限制标识。  The second refreshing module is configured to refresh the access restriction identifier of the restricted network on the terminal according to the notification message sent by the restricted network.
16. 根据权利要求 15所述的终端设备, 其特征在于, 所述发送模块发送的 操作请求为增加用户的请求, 或删除用户的请求; 和 /或  The terminal device according to claim 15, wherein the operation request sent by the sending module is to increase a user's request, or delete a user's request; and/or
所述第二刷新模块根据所述受限网络下发的通知消息, 通过在本终端上保 存或删除该受限网络的接入限制标识, 刷新该受限网络的接入限制标识。  The second refreshing module refreshes the access restriction identifier of the restricted network by saving or deleting the access restriction identifier of the restricted network on the local terminal according to the notification message sent by the restricted network.
17. 一种终端测量和上 方法, 其特征在于, 包含以下步骤:  17. A terminal measurement and method, characterized in that it comprises the following steps:
根据接入限制信息对终端的小区测量和 /或测量结果上报进行定制; 所述终端根据所述定制的结果, 对小区进行测量和上 ·¾。  Customizing the cell measurement and/or measurement result reporting of the terminal according to the access restriction information; the terminal performs measurement and uplink on the cell according to the customized result.
18. 根据权利要求 17所述的终端测量和上报方法, 其特征在于, 所述接入 限制信息包含以下之一或其任意组合:  The terminal measurement and reporting method according to claim 17, wherein the access restriction information comprises one or any combination of the following:
受限网络的接入限制信息、 所述终端的能力限制信息、 设置在所述终端内 的接入限制信息。  Access restriction information of the restricted network, capability limitation information of the terminal, and access restriction information set in the terminal.
19. 根据权利要求 17所述的终端测量和上报方法, 其特征在于, 由网络侧 根据所述接入限制信息对所述终端的小区测量和 /或测量结果上报进行定制, 并 将所述定制的结果通过下行信令发送给所述终端, 所述接入限制信息或部分所 述接入限制信息由所述终端通过上行信令上报给该网络侧; 或者, 由所述终端根据所述接入限制信息对该终端的小区测量和 /或测量结果上报 进行定制。 The terminal measurement and reporting method according to claim 17, wherein the network side customizes the cell measurement and/or measurement result reporting of the terminal according to the access restriction information, and customizes the The result is sent to the terminal by using downlink signaling, and the access restriction information or part of the access restriction information is reported by the terminal to the network side by using uplink signaling; or The terminal customizes the cell measurement and/or measurement result reporting of the terminal according to the access restriction information.
20. 根据权利要求 19所述的终端测量和上报方法, 其特征在于, 如果所述网络侧定制的结果发生变化, 则该网络侧通知所述终端更新后的 定制的结果;  The terminal measurement and reporting method according to claim 19, wherein if the result of the network side customization changes, the network side notifies the terminal of the updated customized result;
如果所述终端上报给所述网络侧的接入限制信息发生变化, 则该终端通知 该网络侧更新后的接入限制信息;  If the access restriction information reported by the terminal to the network side changes, the terminal notifies the network side of the updated access restriction information;
当所述终端更换网络节点时, 所述终端的接入限制信息和 /或网络侧定制的 结果可以在网络节点间进行传输。  When the terminal replaces the network node, the access restriction information of the terminal and/or the result of the network side customization may be transmitted between the network nodes.
21. 根据权利要求 19所述的终端测量和上报方法, 其特征在于, 所述网络 侧分别对各终端的小区测量和 /或测量结果上报的信息进行定制, 并将定制的结 果分别发送给对应的终端; 或者  The terminal measurement and reporting method according to claim 19, wherein the network side separately customizes the information reported by the cell measurement and/or the measurement result of each terminal, and sends the customized result to the corresponding Terminal; or
所述网络侧根据接入限制信息的类别, 对终端的小区测量和 /或测量结果上 报的策略进行定制, 该策略中包含各类限制信息对应的小区测量和 /或测量结果 上报的信息, 并将定制的结果发送给终端, 终端根据自身限制信息所属的类别 选择对应的小区测量和 /或测量结果上报的信息, 根据所选择的小区测量和 /或测 量结果上报的信息, 对小区进行测量和上报。  The network side customizes a policy for reporting the cell measurement and/or the measurement result of the terminal according to the category of the access restriction information, where the policy includes the information about the cell measurement and/or the measurement result corresponding to the type of restriction information, and Sending the customized result to the terminal, the terminal selects the information reported by the corresponding cell measurement and/or measurement result according to the category to which the restriction information belongs, and performs measurement on the cell according to the information of the selected cell measurement and/or measurement result. Reported.
22. 根据权利要求 17至 21 中任一项所述的终端测量和上报方法, 其特征 在于, 所述定制的小区测量和 /或测量结果上报的信息为以下之一:  The terminal measurement and reporting method according to any one of claims 17 to 21, wherein the information reported by the customized cell measurement and/or measurement result is one of the following:
禁止对不具备接入权限的小区进行测量;  It is forbidden to measure the cell that does not have access rights;
测量的小区中包含不具备接入权限的小区, 但禁止将该小区的测量结果上 才艮给所述网络侧;  The measured cell includes a cell that does not have access rights, but the measurement result of the cell is prohibited from being sent to the network side;
测量并上报不具备接入权限的小区, 但在测量结果中为本终端不具备接入 权限的小区设置为特定标识, 指示本终端无法正常接入该小区;  The cell that does not have the access right is measured and reported, but in the measurement result, the cell that does not have the access right for the terminal is set as a specific identifier, indicating that the terminal cannot access the cell normally;
测量并上报不具备接入权限的小区, 但在测量结果中, 将所述不具备接入 权限的小区的测量结果放到优先级低的上报队列中;  Measure and report the cell that does not have the access right, but in the measurement result, the measurement result of the cell that does not have the access authority is placed in the reporting queue with a lower priority;
测量并上报不具备接入权限的小区, 但在测量结果中, 将所述不具备接入 权限的小区的测量结果添加一个负的偏置量。  The cell that does not have access rights is measured and reported, but in the measurement result, the measurement result of the cell without the access authority is added with a negative offset.
23. 一种终端设备, 其特征在于, 包含:  23. A terminal device, comprising:
测量模块, 用于根据定制的小区测量和 /或测量结果上 4艮对小区进行测量; 上报模块, 用于根据定制的小区测量和 /或测量结果上报将所述测量模块测 量到的信息上报给网络侧。 a measuring module, configured to measure a cell according to a customized cell measurement and/or a measurement result; The reporting module is configured to report the information measured by the measurement module to the network side according to the customized cell measurement and/or the measurement result.
24. 根据权利要求 23所述的终端设备, 其特征在于,  24. The terminal device according to claim 23, wherein
所述终端设备还包含: 定制模块, 用于根据接入限制信息对终端的小区测 量和 /或测量结果上报进行定制, 所述测量模块和上报模块根据该定制模块定制 的结果对小区进行测量和上报; 或者,  The terminal device further includes: a customization module, configured to customize a cell measurement and/or a measurement result report of the terminal according to the access restriction information, where the measurement module and the reporting module perform measurement on the cell according to the customized result of the customized module. Report; or,
所述终端设备还包含: 接收模块, 用于接收网络侧定制的对终端的小区测 量和 /或测量结果上报, 所述测量模块和上报模块根据该接收模块收到的定制的 结果对小区进行测量和上报。  The terminal device further includes: a receiving module, configured to receive a cell measurement and/or a measurement result report to the terminal customized by the network side, where the measurement module and the reporting module measure the cell according to the customized result received by the receiving module And reported.
25. 一种网络侧设备, 其特征在于, 包含:  25. A network side device, comprising:
定制模块, 用于根据接入限制信息对终端的小区测量和 /或测量结果上报进 行定制;  a customized module, configured to customize a cell measurement and/or a measurement result report of the terminal according to the access restriction information;
下发模块, 用于向终端发送所述定制模块的定制结果。  And a sending module, configured to send a customized result of the customized module to the terminal.
PCT/CN2008/070456 2007-03-20 2008-03-10 Method and device for managing users, measuring and reporting in restricted network WO2008113284A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200710089297.3 2007-03-20
CNA2007100892973A CN101272298A (en) 2007-03-20 2007-03-20 Method and equipment for managing, measuring and reporting limited network user

Publications (1)

Publication Number Publication Date
WO2008113284A1 true WO2008113284A1 (en) 2008-09-25

Family

ID=39765391

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2008/070456 WO2008113284A1 (en) 2007-03-20 2008-03-10 Method and device for managing users, measuring and reporting in restricted network

Country Status (2)

Country Link
CN (1) CN101272298A (en)
WO (1) WO2008113284A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102196474A (en) * 2010-03-05 2011-09-21 中兴通讯股份有限公司 Method and system for detecting interference on user equipment (UE) caused by closed signed user group (CSG) cells

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101330722B (en) 2007-06-18 2012-10-17 华为技术有限公司 Method for controlling district access as well as user facility
CN101754323B (en) * 2008-12-15 2012-05-23 华为技术有限公司 Method and device for reporting measurement result
CN101784087A (en) * 2009-01-16 2010-07-21 华为技术有限公司 Method, device and system for reporting measurement report
CN103460746B (en) * 2011-12-23 2018-02-06 华为技术有限公司 The method and device of information transfer
FR3031272A1 (en) * 2014-12-24 2016-07-01 Orange METHOD FOR OBTAINING RIGHTS IMPLEMENTED BY A COMMUNICABLE OBJECT
WO2018157484A1 (en) * 2017-03-01 2018-09-07 华为技术有限公司 Network configuration method and terminal
CN111757366A (en) * 2019-03-27 2020-10-09 电信科学技术研究院有限公司 Frequency point configuration method, measurement method, network equipment and terminal

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050198262A1 (en) * 2004-01-14 2005-09-08 Jon Barry Method and system for measuring remote-access VPN quality of service
US20060252377A1 (en) * 2005-05-04 2006-11-09 Samsung Electronics Co., Ltd. Method and apparatus for reporting inter-frequency measurement using RACH message in a mobile communication system
US20060259958A1 (en) * 2005-05-16 2006-11-16 Cisco Technology, Inc. Method and system using presence information to manage network access
CN1913713A (en) * 2006-07-28 2007-02-14 华为技术有限公司 Public data networking access method and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050198262A1 (en) * 2004-01-14 2005-09-08 Jon Barry Method and system for measuring remote-access VPN quality of service
US20060252377A1 (en) * 2005-05-04 2006-11-09 Samsung Electronics Co., Ltd. Method and apparatus for reporting inter-frequency measurement using RACH message in a mobile communication system
US20060259958A1 (en) * 2005-05-16 2006-11-16 Cisco Technology, Inc. Method and system using presence information to manage network access
CN1913713A (en) * 2006-07-28 2007-02-14 华为技术有限公司 Public data networking access method and system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102196474A (en) * 2010-03-05 2011-09-21 中兴通讯股份有限公司 Method and system for detecting interference on user equipment (UE) caused by closed signed user group (CSG) cells
CN102196474B (en) * 2010-03-05 2016-05-25 中兴通讯股份有限公司 Detect the method and system that disturb subscriber equipment closed signed user group cell

Also Published As

Publication number Publication date
CN101272298A (en) 2008-09-24

Similar Documents

Publication Publication Date Title
WO2008113284A1 (en) Method and device for managing users, measuring and reporting in restricted network
CN110786034B (en) Method, user equipment and functional node for network slice privacy consideration
JP4864094B2 (en) Communication control system
US7813717B2 (en) Authentication of mobile stations
CN109219965A (en) A kind of communication means and relevant apparatus
WO2009043262A1 (en) A method and device of accessing control
CN102111766B (en) Network accessing method, device and system
US20100002883A1 (en) Security procedure and apparatus for handover in a 3gpp long term evolution system
WO2017120746A1 (en) Method for managing network access rights and related device
JP5892353B2 (en) Communications system
EP3061226A1 (en) Peer based authentication
WO2011127684A1 (en) Transmission method and system for local ip access (lipa) data stream
WO2009024060A1 (en) An access control method, network devices and system of private service access point
US10045330B2 (en) Method and apparatus for negotiation and notification of a network access time period in a wireless communication system
JP2020536408A (en) Access Stratum Security in Wireless Communications
KR20220024922A (en) Authorization method for network slicing
JP2011139113A (en) Method for connecting user equipment and h(e)nb, method for authenticating user equipment, mobile telecommunication system, h (e)nb, and core network
JP2015517750A (en) Method and system for performing handover of a mobile terminal and mobile terminal intended for use in a wireless cellular telecommunication network
WO2008113278A1 (en) Method for a terminal measuring a restricted network cell and device thereof
WO2022068474A1 (en) Communication method and apparatus for prose communication group, and storage medium
CN115412911A (en) Authentication method, communication device and system
WO2023011630A1 (en) Authorization verification method and apparatus
WO2011020411A1 (en) System, device and method for synchronizing closed subscriber group list
CN113055342A (en) Information processing method and communication device
WO2012151846A1 (en) Method and system for triggering terminal in specific location, and terminal thereof

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08715192

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08715192

Country of ref document: EP

Kind code of ref document: A1