Service authorization method and communication device

一种服务授权、通信装置的技术,应用在通信领域,能够解决第一服务器访问第二服务器未获服务授权等问题

Pending Publication Date: 2021-07-16
HUAWEI TECH CO LTD
View PDF0 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The embodiment of the present application provides a service authorization method and a communication device, which can solve the problem that the first server accesses the second server without service authorization in the scenario where the second server is discovered by the client

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Service authorization method and communication device
  • Service authorization method and communication device
  • Service authorization method and communication device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment approach 1

[0146] Embodiment 1, the above access token request message may also carry the network function type of the client and / or the network function type of the first server, the network function type of the second server and a list of expected service names, so that the authorization server can The function type and / or the network function type of the first server, the network function type of the second server and the expected service name list, determine the second server that authorizes the client and / or the first server to access the network function type, and generate access token. The access token also includes a list of network function types and desired service names of the second server.

Embodiment approach 2

[0147] Embodiment 2, the above access token request message may also carry the instance identifier of the second server and a list of expected service names. For example, the desired server's service name list may include one or more second server's service names. So that the authorization server determines the second server corresponding to the instance identifier of the second server authorized to access the client and / or the first server according to the instance identifier of the second server and the expected service name list. Therefore, optionally, the above-mentioned access token may also include an instance identifier and a list of service names of the second server.

[0148]Optionally, in the above two implementation manners, the access token may further include an instance identifier of the authorization server, which is used to indicate the identity information of the authorizer of the access token.

[0149] Optionally, in the above two implementation manners, the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a service authorization method and a communication device, which can solve the problem that a first server does not obtain service authorization when accessing a second server in a scene that the second server is found by a client, so as to reduce the security risk of a service network. The method comprises the following steps that: a client side applies for an access token of a first server to access a second server, and notifies the first server; or, the first server automatically applies for the access token according to the instance identifier or the resource identifier of the second server provided by the client.

Description

technical field [0001] The present application relates to the field of communication technologies, and in particular to a service authorization method and a communication device. Background technique [0002] In a network deployed with a service-based architecture (SBA), such as the core network (CN) of the fifth generation (5G) mobile communication system, different network functions are usually based on the client ( client) / server (server) communication mode for communication. The requester is the client and the responder is the server. In order to prevent any client from accessing the server and bring security risks to the mobile communication system, and to support limited access to resources by third-party clients, the service architecture also supports service authorization functions. Specifically, the server may include an authorization server (authority server) and a function server (function server). The client applies to the authorization server for the authoriz...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/08H04L63/0807H04L67/55H04L9/3213H04L9/088H04L63/0884H04L63/10H04W12/06H04W12/084H04L63/083
Inventor 戚彩霞银宇
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap