Method, device and system for access control

An access control and access right technology, applied in the field of communications, can solve problems affecting other normal user experience, network security threats, etc., to prevent malicious attacks and improve service quality.

Active Publication Date: 2011-03-30
HUAWEI TECH CO LTD
View PDF3 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In the process of realizing the present invention, the inventor found that: when an illegal UE viciously attacks the network side or uses an illegal access point name (Access Point Name, APN) to viciously attack the network, the network side cannot well prevent the illegal UE from continuing to attack other network entities , and the network side does not investigate illegal causes of illegal UEs, resulting in more and more illegal terminals emerging, which poses a great threat to network security and seriously affects the experience of other normal users

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and system for access control
  • Method, device and system for access control
  • Method, device and system for access control

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0036] Embodiment 1. The embodiment of the present invention provides an access control method. The execution subject of the technical solution of this embodiment may be a mobility management network element, or may be an access network element. Can include the following steps:

[0037] Step 201: receiving an access request;

[0038] Step 202: Obtain the access right information of the user equipment of the above access request or the group or access point name to which the user equipment belongs;

[0039] The above access right information includes: the number of access times per unit time of the user equipment or the group where the user equipment is located, the total number of access times of the user equipment or the group where the user equipment is located (it can be the total number of access times on a certain network device , such as a mobility management network element or an access network element), at least one of the number of access times per unit time under a ...

Embodiment 2

[0052] Embodiment 2. In this embodiment, the embodiment of the present invention will be further described by taking the statistics of the access right information of the user equipment by the mobility management network element as an example. In this embodiment, both the first server and the second server can be used as a server for storing user subscription data, and the second server can also be used as a server for troubleshooting illegal causes of illegal APNs or illegal users or illegal groups. Of course, the functions of the first server and the second server can also be integrated. If the functions are integrated, the messages between the first server and the second server belong to the message interaction within the device. In this embodiment, the first or second server stores the traffic model of the UE or the group. The traffic model in the present invention refers to the model in which the UE or the UE in the group initiates an access process to access the network, ...

Embodiment 3

[0064] Embodiment 3. In this embodiment, the embodiment of the present invention will be further described by taking the statistics of access information under a certain APN as an example. In this embodiment, the traffic model of a certain APN is stored in the HSS or the MTC Server, or the traffic model of a certain APN is statically configured by the mobility management network element, for example, the number of accesses under a certain APN is allowed per unit time, or The total number of times a device is allowed to access a certain APN. The mobility management network element counts the access situation under a certain APN, such as the number of accesses under a certain APN per unit time, or the total number of accesses to the APN on a certain mobility management network element Access conditions such as the number of times, the mobility management network element accepts or rejects the access request for a certain APN according to the traffic model of the APN; Figure 4 ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a method, a device and a system for access control. The method comprises the following steps of: receiving an access request; acquiring access right information of user equipment (UE) or a group to which the UE belongs or an access point name (APN) which sends the access request; executing access operation if the access right information is in accordance with access grant condition; refusing access operation if the access right information is not in accordance with access grant condition, and determining that the UE or the group to which the UE belongs or one APN is illegal; and sending the UE or the group to which the UE belongs or some one APN as the illegal information to a server. By judging the access right information of the network side UE or the group to which the UE belongs or the APN, accessing the UE in accordance with the access grant condition, and sending the UE or the group to which the UE belongs or some one APN as the illegal information to the server, the method achieves the aim of limiting the access of the UE, further prevents the UE from maliciously attacking the network side and improves network service quality.

Description

technical field [0001] The present invention relates to the field of communication technology, in particular to an access control method, device and system. Background technique [0002] With the popularization and development of wireless communication technology, a large number of terminals have emerged, such as Machine Type Communications (MTC) applications; in MTC, a network between one or more network elements without human participation Communication, that is, machine-to-machine (M2M) applications; specific application scenarios such as: traffic control and management, factory monitoring, remote meter reading, etc. In MTC applications, user equipment (User Equipment, UE) is called M2ME in MTC applications, and multiple M2MEs form a whole, which can be called a group. Network operators or industry users can manage or control the group as a whole. The group identifier of can be used to identify and distinguish different groups. Network operators and industry users can p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04W48/02H04W48/08
CPCH04W12/10H04W48/02H04W12/084H04W12/086H04W12/108
Inventor 孙晓姬吴问付周汉陈中平
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap