Service authorization method and communication device

A technology for service authorization information and service authorization, applied in the field of service authorization methods and communication devices, can solve the problem that a first server accesses a second server without obtaining service authorization, and achieves the effect of reducing security risks

Active Publication Date: 2020-05-05
HUAWEI TECH CO LTD
View PDF5 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The embodiment of the present application provides a service authorization method and a communication device, which can solve the problem that the first server accesses the second server without service authorization in the scenario where the second server is discovered by the client

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Service authorization method and communication device
  • Service authorization method and communication device
  • Service authorization method and communication device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment approach 1

[0146] Embodiment 1, the above access token request message may also carry the network function type of the client and / or the network function type of the first server, the network function type of the second server and a list of expected service names, so that the authorization server can The function type and / or the network function type of the first server, the network function type of the second server and the expected service name list, determine the second server that authorizes the client and / or the first server to access the network function type, and generate access token. The access token also includes a list of network function types and desired service names of the second server.

Embodiment approach 2

[0147] Embodiment 2, the above access token request message may also carry the instance identifier of the second server and a list of expected service names. For example, the desired server's service name list may include one or more second server's service names. So that the authorization server determines, according to the instance identifier of the second server and the expected service name list, that the client and / or the first server are authorized to access the second server corresponding to the instance identifier of the second server. Therefore, optionally, the above-mentioned access token may also include an instance identifier and a list of service names of the second server.

[0148]Optionally, in the above two implementation manners, the access token may further include an instance identifier of the authorization server, which is used to indicate the identity information of the authorizer of the access token.

[0149] Optionally, in the above two implementation m...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a service authorization method and a communication device, and can solve the problem that a first server accesses a second server and does not obtain serviceauthorization in a scene that the second server is discovered by a client, so as to reduce the security risk of a servitization network. The method comprises the following steps that: a client replaces an access token for applying for a first server to access a second server and informs the first server; or, the first server applies for the access token by itself according to an instance identifier or resource identifier of the second server provided by the client.

Description

technical field [0001] The present application relates to the field of communication technologies, and in particular to a service authorization method and a communication device. Background technique [0002] In a network deployed with a service-based architecture (SBA), such as the core network (CN) of the fifth generation (5G) mobile communication system, different network functions are usually based on the client ( client) / server (server) communication mode for communication. The requester is the client and the responder is the server. In order to prevent any client from accessing the server and bring security risks to the mobile communication system, and to support limited access to resources by third-party clients, the service architecture also supports service authorization functions. Specifically, the server may include an authorization server (authority server) and a function server (function server). The client applies to the authorization server for the authoriz...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L9/32
CPCH04L63/08H04L63/0807H04L67/55H04L9/3213H04L9/088H04L63/0884H04L63/10H04W12/06H04W12/084H04L63/083
Inventor 戚彩霞银宇
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap