Device access method and apparatus, electronic device, and computer-readable storage medium

By generating a permanent device identifier in the target network and combining it with the identifier information of the gateway and the device, the problem of devices not being able to be identified under the gateway is solved, enabling differentiated control and management of devices and improving management efficiency.

CN116017634BActive Publication Date: 2026-06-23CHINA TELECOM CORP LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
CHINA TELECOM CORP LTD
Filing Date
2022-12-09
Publication Date
2026-06-23

AI Technical Summary

Technical Problem

Existing technologies cannot identify devices attached to a gateway, making it impossible to perform differentiated control and management.

Method used

By generating a permanent device identifier and combining it with the identifier information of the gateway and the device, the target device can be uniquely identified in the target network, thereby achieving differentiated control and management.

Benefits of technology

It enables accurate identification and differentiated control of devices attached to the gateway, improving the core network's management efficiency for different terminals.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN116017634B_ABST
    Figure CN116017634B_ABST
Patent Text Reader

Abstract

The present disclosure provides a device access method and device, an electronic device and a computer readable storage medium, relating to the technical field of communication, comprising: a target gateway receiving a network access request of a target device, the target gateway having accessed a target network; the target gateway determining that the target device has subscribed to a target service in response to the network access request; and the target gateway sending device information of the target device to the target network, wherein the device information comprises a device identifier of the target device, so that the target network generates a device permanent identifier for the target device in the target network according to a gateway identifier of the target gateway and the device identifier of the target device, wherein the device permanent identifier is used for identifying the target device in the target network. The embodiment of the present disclosure can generate a device permanent identifier for a target device that has subscribed to a target service and is attached to a target gateway, so as to independently identify the target device and provide the target device with the target service.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This disclosure relates to the field of communication technology, and in particular to a device access method and apparatus, electronic device and computer-readable storage medium. Background Technology

[0002] In the R16 5WWC project, 3GPP has developed a technical solution for wired access in the 5GC (5G (generation) core network) scenario. Wired access can be further subdivided into at least two access solutions, such as 5G RG (5G Residential Gateway; a type of 5G gateway with a 5G SIM card inserted) and FN RG (Fixed Network RG; a gateway without a 5G SIM card).

[0003] In practical applications of wired access core networks, there is a need for differentiated control and management of different terminals under a gateway. For example, different services may be customized for different devices under a certain industrial gateway.

[0004] However, the relevant technologies can only identify gateways with wired access, but cannot identify devices attached to the gateway, and therefore cannot perform differentiated control and management of devices attached to the gateway.

[0005] Therefore, the technical problem to be solved by this application is how to identify devices attached to a gateway.

[0006] It should be noted that the information disclosed in the background section above is only used to enhance the understanding of the background of this disclosure. Summary of the Invention

[0007] The purpose of this disclosure is to provide a device access method, apparatus, electronic device, and computer-readable storage medium that can identify devices attached to a gateway.

[0008] Other features and advantages of this disclosure will become apparent from the following detailed description, or may be learned in part from practice of this disclosure.

[0009] This disclosure provides a device access method, comprising: a target gateway receiving a network access request from a target device, the target gateway being already connected to a target network; the target gateway responding to the network access request and determining that the target device has subscribed to a target service; the target gateway sending device information of the target device to the target network, wherein the device information includes a device identifier of the target device, the device identifier being used to uniquely identify the target device, so that the target network generates a permanent device identifier for the target device in the target network based on the gateway identifier of the target gateway and the device identifier of the target device, wherein the permanent device identifier is used to identify the target device in the target network.

[0010] In some embodiments, the target network has generated a gateway session for the target gateway in the target network through the gateway identifier of the target gateway; wherein, the method further includes: the target gateway responding to the network access request and determining that the target device has not subscribed to the target service; the target device communicating with the target network through the gateway session corresponding to the target gateway.

[0011] In some embodiments, before the target gateway determines that the target device has subscribed to the target service in response to the network access request, the method further includes: the target network receiving a subscription list of the target service; wherein, the target gateway determining that the target device has subscribed to the target service in response to the network access request includes: the target gateway determining that the target device has subscribed to the target service based on the subscription list.

[0012] This disclosure provides a device access method, comprising: receiving a device permanent identifier generation request sent by a target gateway for a target device, wherein the target gateway has determined that the target device has subscribed to a target service, wherein the device permanent identifier generation request includes a device identifier of the target device, the device identifier being used to uniquely identify the target device; obtaining a gateway identifier of the target gateway; and generating a device permanent identifier for the target device in a target network based on the gateway identifier of the target gateway and the device identifier of the target device, so as to identify the target device attached to the target gateway based on the device permanent identifier.

[0013] In some embodiments, the method further includes: registering and authenticating the target device based on the permanent identifier of the target device; and, after registration and authentication are completed, establishing a device session for the target device based on the target service subscribed by the target device.

[0014] In some embodiments, before receiving a device permanent identifier generation request sent by the target gateway for the target device, the method includes: receiving a gateway permanent identifier generation request sent by the target gateway; obtaining the gateway identifier of the target gateway; and generating a gateway permanent identifier for the target gateway in the target network based on the gateway identifier of the target gateway.

[0015] In some embodiments, the method further includes: performing registration authentication based on the gateway permanent identifier of the target gateway; and establishing a gateway session for the target gateway based on the services subscribed by the target gateway after the gateway registration authentication is completed.

[0016] This disclosure provides a device access apparatus, including: a network access request module, a service subscription confirmation module, and a sending module.

[0017] The network access request module is used by the target gateway to receive a network access request from the target device, indicating that the target gateway has already connected to the target network. The service subscription determination module is used by the target gateway to determine, in response to the network access request, that the target device has subscribed to a target service. The sending module is used by the target gateway to send the device information of the target device to the target network, wherein the device information includes the device identifier of the target device, the device identifier being used to uniquely identify the target device, so that the target network can generate a permanent device identifier for the target device in the target network based on the gateway identifier of the target gateway and the device identifier of the target device, wherein the permanent device identifier is used to identify the target device in the target network.

[0018] This disclosure provides an electronic device, which includes a memory and a processor; the memory is used to store program instructions; the processor calls the program instructions stored in the memory to implement the device access method described above.

[0019] This disclosure provides a computer-readable storage medium storing a computer program thereon, which, when executed by a processor, implements the device access method as described in any of the preceding embodiments.

[0020] This disclosure provides a computer program product or computer program that includes computer instructions stored in a computer-readable storage medium. A processor of a computer device reads the computer instructions from the computer-readable storage medium and executes the computer instructions, causing the computer device to perform the aforementioned device access method.

[0021] The device access method, apparatus, electronic device, and computer-readable storage medium provided in this disclosure can generate a permanent device identifier for a target device based on the device identifier of the target device and the gateway identifier of the gateway to which the target device is attached when the target device requests access, so as to independently identify the target device in the target network and to perform differentiated control and management of the target device.

[0022] It should be understood that the above general description and the following detailed description are merely exemplary and do not limit this disclosure. Attached Figure Description

[0023] The accompanying drawings, which are incorporated in and form part of this specification, illustrate embodiments consistent with this disclosure and, together with the description, serve to explain the principles of this disclosure. It is obvious that the drawings described below are merely some embodiments of this disclosure, and those skilled in the art can obtain other drawings based on these drawings without any inventive effort.

[0024] Figure 1 This is a schematic diagram illustrating a device access method based on relevant technologies.

[0025] Figure 2 This is a flowchart illustrating a device access method according to an exemplary embodiment.

[0026] Figure 3 This is a flowchart illustrating a device access method according to an exemplary embodiment.

[0027] Figure 4 This is a flowchart illustrating a device access method according to an exemplary embodiment.

[0028] Figure 5 This is a flowchart illustrating a device access method according to an exemplary embodiment.

[0029] Figure 6 This is a flowchart illustrating a device access method according to an exemplary embodiment.

[0030] Figure 7 This is a flowchart illustrating a gateway access method according to an exemplary embodiment.

[0031] Figure 8 This is a schematic diagram of a device access method according to an exemplary embodiment.

[0032] Figure 9 This is a flowchart of a device access method according to an exemplary embodiment.

[0033] Figure 10This is a block diagram illustrating a device access apparatus according to an exemplary embodiment.

[0034] Figure 11 A schematic diagram of the structure of an electronic device suitable for implementing embodiments of the present disclosure is shown. Detailed Implementation

[0035] Exemplary embodiments will now be described more fully with reference to the accompanying drawings. However, these exemplary embodiments can be implemented in many forms and should not be construed as limited to the embodiments set forth herein; rather, they are provided so that this disclosure will be thorough and complete, and will fully convey the concept of the exemplary embodiments to those skilled in the art. The same reference numerals in the drawings denote the same or similar parts, and therefore repeated descriptions of them will be omitted.

[0036] The features, structures, or characteristics described in this disclosure can be combined in any suitable manner in one or more embodiments. Numerous specific details are provided in the following description to give a thorough understanding of embodiments of this disclosure. However, those skilled in the art will recognize that the technical solutions of this disclosure can be practiced with one or more specific details omitted, or other methods, components, apparatuses, steps, etc., can be employed. In other instances, well-known methods, apparatuses, implementations, or operations are not shown or described in detail to avoid obscuring various aspects of this disclosure.

[0037] The accompanying drawings are merely illustrative of this disclosure, and the same reference numerals in the drawings denote the same or similar parts, thus omitting repeated descriptions of them. Some block diagrams shown in the drawings do not necessarily correspond to physically or logically independent entities. These functional entities may be implemented in software, in one or more hardware modules or integrated circuits, or in different network and / or processor devices and / or microcontroller devices.

[0038] The flowchart shown in the accompanying drawings is merely illustrative and does not necessarily include all content and steps, nor does it require execution in the described order. For example, some steps may be broken down, while others may be combined or partially combined; therefore, the actual execution order may change depending on the specific circumstances.

[0039] In the description of this application, unless otherwise stated, " / " means "or," for example, A / B can mean A or B. "And / or" in this document is merely a description of the relationship between related objects, indicating that three relationships can exist. For example, A and / or B can represent: A alone, A and B simultaneously, and B alone. Furthermore, "at least one" means one or more, and "multiple" means two or more. The terms "first," "second," etc., do not limit the quantity or order of execution, and "first," "second," etc., do not necessarily imply differences; the terms "contains," "includes," and "has" are used to indicate an open-ended inclusion and mean that additional elements / components / etc. may exist besides the listed elements / components / etc.

[0040] To better understand the above-mentioned objectives, features and advantages of the present invention, the present invention will be further described in detail below with reference to the accompanying drawings and specific embodiments. It should be noted that, unless otherwise specified, the embodiments and features in the embodiments of this application can be combined with each other.

[0041] The exemplary embodiments of this disclosure will now be described in detail with reference to the accompanying drawings.

[0042] Figure 1 This is a schematic diagram illustrating a device access method based on relevant technologies.

[0043] like Figure 1 As shown, when a gateway registers and authenticates in the core network, the gateway in the core network, such as FN-NG (Wireline Access Gateway Function), can generate a SUPI (SUbscriptionPermanent Identifier) ​​for the gateway based on the gateway's gateway identifier (such as GLI (Global Line Identifier)) so as to establish its subscribed session based on the SUPI.

[0044] In related technologies, once a device (such as device UE1 or device UE2) connects to the gateway, it will directly use the session subscribed by the gateway to communicate with the core network. This may result in the core network being unaware of the devices attached to the gateway, and thus unable to control or manage them.

[0045] In practical applications, there is a need for the core network to perform differentiated control and management of different terminals under the gateway. For example, the core network may need to provide a higher QoS (Quality of Service) guarantee for AGV (Automatic Guided Vehicle) terminals under a certain gateway, while providing a lower QoS guarantee for temperature and humidity acquisition terminals in the workshop under the same gateway, so as to improve resource allocation and enhance user experience.

[0046] To address the aforementioned technical issues, this application provides the following device access method to enable accurate identification of devices connected to the gateway, thereby allowing for differentiated control and management of devices attached to the gateway.

[0047] Figure 2 This is a flowchart illustrating a device access method according to an exemplary embodiment.

[0048] Reference Figure 2 The device access method provided in this disclosure may include the following steps.

[0049] In step S202, the target gateway receives the network access request from the target device, indicating that the target gateway has been connected to the target network.

[0050] In some embodiments, the target gateway may be a home gateway, an industrial gateway, or a gateway located close to the user side, such as a 5G RG gateway or an FN RG gateway. This application does not impose any restrictions on this.

[0051] In some embodiments, the target gateway may already be registered and authenticated in the target network and may already be able to communicate with the core network of the target network through a subscribed session.

[0052] In step S204, the target gateway responds to the network access request and determines that the target device has subscribed to the target service.

[0053] The target service may refer to a service that is different from the service subscribed to by the target gateway. For example, if the target gateway subscribes to a 50M broadband service, then the target service may refer to a 500M service; or if the target gateway subscribes to a low QoS service, then the target service may refer to a high QoS service, but this application is not limited to this.

[0054] In some embodiments, when a target device requests access, the target gateway may determine whether the target device has subscribed to the target service.

[0055] In step S206, the target gateway sends the device information of the target device to the target network. The device information includes the device identifier of the target device. The device identifier is used to uniquely identify the target device so that the target network can generate a permanent device identifier for the target device in the target network based on the gateway identifier of the target gateway and the device identifier of the target device. The permanent device identifier is used to identify the target device in the target network.

[0056] When the target gateway determines that the target device has subscribed to the target service, it determines that the target device will not use the session subscribed by the target gateway to communicate with the target network. Therefore, a permanent device identifier needs to be generated for the target device, and a separate session needs to be generated for the target device.

[0057] Based on this, the target gateway will send the device information of the target device to the target network, so that the target network or the access gateway (such as the wired access gateway W-AGF) of the target network can generate a unique permanent device identifier for the target device based on the gateway identifier of the target gateway and the device identifier of the target device. This allows the target gateway to be located based on the gateway identifier in the permanent device identifier, and then the target device to be located based on the device identifier in the permanent device identifier. This enables the target network to identify the target device, and the target device to perform differentiated management and services.

[0058] The gateway identifier of the target gateway can refer to the globally unique identifier (GLI) of the line connecting the gateway RG and the target network. The GLI can contain the identifier of the line identifier source and the line identifier value, which can be managed by the W-AGF operator.

[0059] The device identifier of the target device can refer to a unique identifier such as the UE MAC (User Equipment Media Access Control Address, the MAC address of the terminal device). The UE MAC can be uniquely determined at the factory, and different devices can correspond to different MAC addresses.

[0060] In some embodiments, the final generated permanent device identifier may include the aforementioned mesh identifier and device identifier. Any method of including the identifier is within the scope of protection of this application. For example, it may be "gateway identifier@device identifier", "gateway identifier + device identifier", "gateway identifier device identifier", etc. This application does not limit this.

[0061] The technical solution provided in this embodiment can generate a permanent device identifier for the target device based on the device identifier of the target device and the gateway identifier of the gateway to which the target device is attached when the target device requests access, so as to independently identify the target device in the target network and thereby perform differentiated control and management of the target device.

[0062] Figure 3 This is a flowchart illustrating a device access method according to an exemplary embodiment.

[0063] In some embodiments, the target network has generated a gateway session for the target gateway in the target network using the gateway identifier of the target gateway.

[0064] In this context, a gateway session is a session established by the target network for the target gateway based on the services subscribed to by the target gateway.

[0065] Reference Figure 3 The device access method provided in this disclosure may include the following steps.

[0066] In step S302, the target gateway receives the network access request from the target device, indicating that the target gateway has connected to the target network.

[0067] In some embodiments, the target gateway may be a home gateway, industrial gateway, or other gateway located close to the user side, such as a 5G RG gateway or an FN RG gateway. This application does not impose any restrictions on this.

[0068] In some embodiments, the target gateway may already be registered and authenticated in the target network and may already be able to communicate with the core network of the target network through a subscribed session.

[0069] Step S304: The target gateway determines whether the target device has subscribed to the target service.

[0070] The target service may refer to a service that is different from the service subscribed to by the target gateway. For example, if the target gateway subscribes to a 50M broadband service, then the target service may refer to a 500M service; or if the target gateway subscribes to a low QoS service, then the target service may refer to a high QoS service, but this application is not limited to this.

[0071] In some embodiments, when a target device requests access, the target gateway may determine whether the target device has subscribed to the target service.

[0072] If it is determined that the target device has not subscribed to the target service, step S306 is executed, and the target device communicates with the target network through the gateway session corresponding to the target gateway.

[0073] If it is determined that the target device has subscribed to the target service, step S308 is executed, whereby the target gateway sends the device information of the target device to the target network. The device information includes the device identifier of the target device, which is used to uniquely identify the target device so that the target network can generate a permanent device identifier for the target device in the target network based on the gateway identifier of the target gateway and the device identifier of the target device. The permanent device identifier is used to identify the target device in the target network.

[0074] The permanent identifier for the aforementioned equipment may be SUPI, etc., and this application does not impose any restrictions on it.

[0075] The technical solution provided in this embodiment can, on the one hand, allow the target device to communicate with the target network using the gateway session subscribed by the target gateway when the target device has not subscribed to the target service; on the other hand, when it is determined that the target gateway has subscribed to the target service, a permanent device identifier can be generated for the target device based on the device identifier of the target device and the gateway identifier of the gateway to which the target device is attached, so as to independently identify the target device in the target network and generate an independent session, so as to differentiate the control and management of the target device.

[0076] Figure 4 This is a flowchart illustrating a device access method according to an exemplary embodiment.

[0077] Reference Figure 4 The device access method provided in this disclosure may include the following steps.

[0078] Step S402: The target network receives the subscription list of the target service.

[0079] The order list includes equipment information for devices that have ordered the target business.

[0080] In step S404, the target gateway receives the network access request from the target device, indicating that the target gateway has connected to the target network.

[0081] Step S406: The target gateway determines whether the target device has subscribed to the target service based on the order.

[0082] In step S408, the target device communicates with the target network through the gateway session corresponding to the target gateway.

[0083] In step S410, the target gateway sends the device information of the target device to the target network. The device information includes the device identifier of the target device. The device identifier is used to uniquely identify the target device so that the target network can generate a permanent device identifier for the target device in the target network based on the gateway identifier of the target gateway and the device identifier of the target device. This permanent device identifier is used to register and authenticate the target device in the target network and establish a device session for the target device.

[0084] In the above embodiments, the target gateway can conveniently determine whether the target device has subscribed to the target service through the target service subscription list.

[0085] Figure 5 This is a flowchart illustrating a device access method according to an exemplary embodiment.

[0086] Reference Figure 5 The device access method provided in this disclosure may include the following steps.

[0087] In step S502, the target gateway receives the network access request from the target device, indicating that the target gateway has been connected to the target network.

[0088] Step S504: The target gateway determines whether the target device has subscribed to the target service based on the subscription list.

[0089] If it is determined that the target device has not subscribed to the target service, step S506 is executed, and the target device communicates with the target network through the gateway session corresponding to the target gateway.

[0090] If it is determined that the target device has subscribed to the target service, step S508 is executed, and the target gateway sends a device permanent identifier generation request to the target network. The device permanent identifier generation request includes the device identifier of the target device, which is used to uniquely identify the target device.

[0091] In step S510, the target network receives a device permanent identifier generation request sent by the target gateway for the target device, wherein the target gateway has determined that the target device has subscribed to the target service.

[0092] Step S512: The target network obtains the gateway identifier of the target gateway.

[0093] In step S514, the target gateway generates a permanent device identifier for the target device in the target network based on the gateway identifier of the target gateway and the device identifier of the target device, so as to identify the target device attached to the target gateway based on the permanent device identifier.

[0094] The technical solutions provided by the above embodiments can, on the one hand, allow the target device to communicate with the target network using the gateway session subscribed by the target gateway when the target device has not subscribed to the target service; on the other hand, when it is determined that the target gateway has subscribed to the target service, a permanent device identifier can be generated for the target device based on the device identifier of the target device and the gateway identifier of the gateway to which the target device is attached, so as to independently identify the target device in the target network and generate an independent session, so as to differentiate the control and management of the target device.

[0095] Figure 6 This is a flowchart illustrating a device access method according to an exemplary embodiment.

[0096] Reference Figure 6 The device access method provided in this disclosure may include the following steps.

[0097] In step S602, the target gateway receives the network access request from the target device, indicating that the target gateway has been connected to the target network.

[0098] Step S604: The target gateway determines whether the target device has subscribed to the target service based on the subscription list.

[0099] If it is determined that the target device has not subscribed to the target service, step S606 is executed, and the target device communicates with the target network through the gateway session corresponding to the target gateway.

[0100] If it is determined that the target device has subscribed to the target service, step S608 is executed, and the target gateway sends a device permanent identifier generation request to the target network. The device permanent identifier generation request includes the device identifier of the target device, which is used to uniquely identify the target device.

[0101] In step S610, the target network receives a request from the target gateway to generate a permanent device identifier for the target device, wherein the target gateway has determined that the target device has subscribed to the target service.

[0102] Step S612: The target network obtains the gateway identifier of the target gateway.

[0103] In step S614, the target gateway generates a permanent device identifier for the target device in the target network based on the gateway identifier of the target gateway and the device identifier of the target device, so as to identify the target device attached to the target gateway based on the permanent device identifier.

[0104] Step S616: Register and authenticate the target device based on its permanent identifier.

[0105] Step S618: After registration and authentication are completed, establish a device session for the target device based on the target service ordered by the target device.

[0106] The technical solutions provided by the above embodiments can, on the one hand, allow the target device to communicate with the target network using the gateway session subscribed by the target gateway when the target device has not subscribed to the target service; on the other hand, when it is determined that the target gateway has subscribed to the target service, a permanent device identifier can be generated for the target device based on the device identifier of the target device and the gateway identifier of the gateway to which the target device is attached, so as to independently identify the target device in the target network and generate an independent session, so as to differentiate the control and management of the target device.

[0107] Figure 7 This is a flowchart illustrating a gateway access method according to an exemplary embodiment.

[0108] refer to Figure 7 The above-mentioned mesh access method may include the following methods.

[0109] Step S702: Receive a request from the target gateway to generate a permanent gateway identifier.

[0110] Step S704: Obtain the gateway identifier of the target gateway.

[0111] Step S706: Generate a permanent gateway identifier for the target gateway in the target network based on the gateway identifier of the target gateway.

[0112] Step S708: Perform registration and authentication based on the target gateway's permanent gateway identifier.

[0113] Step S710: After the gateway registration and authentication are completed, establish a gateway session for the target gateway based on the services ordered by the target gateway.

[0114] The above embodiments can, on the one hand, generate a permanent gateway identifier for the target gateway in the target network based on the gateway identifier of the gateway, so as to identify and locate the target gateway in the target network; on the other hand, establish a gateway session for the target gateway based on the permanent gateway identifier, so as to provide the subscription service to the target gateway.

[0115] Figure 8 This is a schematic diagram of a device access method according to an exemplary embodiment.

[0116] according to Figure 8 The diagram shows the structure of the device access method. This application embodiment provides a method that enables 5GC (5G core network) to identify fixed network access devices under the gateway. The specific method is as follows: the enterprise user first completes a batch order, and then stores the MAC address of the UE device that has ordered the target service on the gateway FN-RG.

[0117] When FN RG goes online, it will be registered and authenticated according to the standard process. At this time, the SUSI generated by W-AGF only contains GLI. W-AGF will interact with each network element of 5GC according to the standard process to establish the PDU Session it has ordered.

[0118] When a UE requests to attach to the gateway FN RG, the gateway FN RG looks up the subscription list based on the UE's MAC address to determine if the UE has subscribed to the service. If not, the UE uses the PDU session previously subscribed to by the FN RG. If subscribed, the W-AGF generates a SUSI based on the UE's MAC address and the gateway's GLI, where the GLI parameter in the SUSI is replaced by "UEMAC@GLI". Then, the SUSI containing "UEMAC@GLI" is used to register and authenticate with AUSF again. Finally, the UE interacts with each network element of the 5GC according to the standard procedure to establish the PDU session subscribed to by the UE.

[0119] Method Description: This application is primarily aimed at industrial scenarios where existing iOS / Android terminals can be set to random MAC addresses. In such scenarios, all connected devices are the industrial enterprise's own devices. Therefore, the prerequisite for using this application is that the enterprise sets the MAC address of the connected devices to a fixed MAC address.

[0120] The technical solution provided in this embodiment can bind the gateway and the user as an authentication entity, thereby enabling each device under the gateway to subscribe to different QoS in 5GC and realize differentiated policy control for different devices.

[0121] Figure 9 This is a flowchart of a device access method according to an exemplary embodiment.

[0122] Step S901, Service Order. The user completes a bulk order for the target service.

[0123] In step S902, the gateway (such as FN RG) goes online and performs registration and authentication according to the standard process. At this time, the SUSI generated by the gateway W-AGF in the core network only contains GLI.

[0124] In step S903, the gateway W-AGF in the core network interacts with each network element of 5GC according to the standard procedure to establish the PDU session it ordered.

[0125] In step S904, the UE requests to attach to the FN RG. The FN RG looks up the subscription list based on its MAC address to determine whether the device has subscribed to the service.

[0126] In step S905, the UE uses the PDU session previously ordered by the FNRG.

[0127] In step S906, the core network gateway W-AGF generates a SUSI based on the device identifier UEMAC and the gateway identifier GLI, where the GLI parameter can be replaced, for example, by “BSSID@GLI”.

[0128] In step S907, the core network gateway W-AGF uses the SUSI containing "UEMAC@GLI" to register and authenticate with AUSF again.

[0129] In step S908, W-AGF interacts with each network element of 5GC according to the standard procedure to establish a PDU session ordered by the UE.

[0130] The technical solution provided in this embodiment creatively replaces GLI with "UEMAC@GLI" to complete the identification of different users under FN RG by 5GC, thereby enabling differentiated policy control for different users.

[0131] Based on the same inventive concept, this disclosure also provides a device access apparatus, as shown in the following embodiment. Since the principle by which this apparatus solves the problem is similar to that of the method embodiments described above, the implementation of this apparatus embodiment can refer to the implementation of the method embodiments described above, and repeated details will not be described again.

[0132] Figure 10 This is a block diagram illustrating a device access apparatus according to an exemplary embodiment. (Refer to...) Figure 10 The device access apparatus 1000 provided in this embodiment may include: a network access request module 1001, a service subscription confirmation module 1002, and a sending module 1003.

[0133] The network access request module 1001 can be used by the target gateway to receive a network access request from the target device, indicating that the target gateway has already connected to the target network; the service subscription confirmation module 1002 can be used by the target gateway to respond to the network access request and confirm that the target device has subscribed to the target service; the sending module 1003 can be used by the target gateway to send the device information of the target device to the target network, wherein the device information includes the device identifier of the target device, which is used to uniquely identify the target device, so that the target network can generate a permanent device identifier for the target device in the target network based on the gateway identifier of the target gateway and the device identifier of the target device, wherein the permanent device identifier is used to identify the target device in the target network.

[0134] It should be noted that the network access request module 1001, service subscription determination module 1002, and sending module 1003 mentioned above correspond to S202 to S206 in the method embodiment. The examples and application scenarios implemented by the above modules and corresponding steps are the same, but are not limited to the content disclosed in the above method embodiment. It should be noted that the above modules, as part of the apparatus, can be executed in a computer system such as a set of computer-executable instructions.

[0135] In some embodiments, the target network has generated a gateway session for the target gateway in the target network through the gateway identifier of the target gateway; wherein, the device access device may further include: an unordered determination module and a session selection module.

[0136] The "Unsubscribed" determination module can be used by the target gateway to determine whether the target device has subscribed to the target service in response to a network access request; the "session selection" module can be used by the target device to communicate with the target network through the gateway session corresponding to the target gateway.

[0137] In some embodiments, before the target gateway determines that the target device has subscribed to the target service in response to the network access request, the device access device may further include: a subscription list receiving module; the service subscription determination module 1002 may include a subscription list usage unit.

[0138] The subscription list receiving module can be used by the target network to receive the subscription list of the target service; the subscription list using unit can be used by the target gateway to determine whether the target device has subscribed to the target service based on the subscription list.

[0139] This disclosure provides a device access apparatus, including: a device permanent identifier generation request receiving module, a gateway identifier acquisition module, and a device permanent identifier generation module.

[0140] The device permanent identifier generation request receiving module can be used to receive a device permanent identifier generation request sent by the target gateway for the target device, wherein the target gateway has determined that the target device has subscribed to the target service, and the device permanent identifier generation request includes the device identifier of the target device, which is used to uniquely identify the target device; the gateway identifier acquisition module can be used to acquire the gateway identifier of the target gateway; the device permanent identifier generation module can be used to generate a device permanent identifier for the target device in the target network based on the gateway identifier of the target gateway and the device identifier of the target device, so as to identify the target device attached to the target gateway based on the device permanent identifier.

[0141] In some embodiments, the device access apparatus may further include: a registration and authentication module and a first session establishment module.

[0142] The registration and authentication module can be used to register and authenticate the target device based on its permanent identifier; the first session establishment module can be used to establish a device session for the target device based on the target service it has subscribed to after registration and authentication is completed.

[0143] In some embodiments, the device access apparatus may further include: a gateway permanent identifier generation request receiving module, a gateway identifier receiving module, and a gateway permanent identifier generation module.

[0144] The gateway permanent identifier generation request receiving module can be used to receive the gateway permanent identifier generation request sent by the target gateway before receiving the device permanent identifier generation request sent by the target gateway for the target device; the gateway identifier receiving module can be used to obtain the gateway identifier of the target gateway; and the gateway permanent identifier generation module can be used to generate a gateway permanent identifier for the target gateway in the target network based on the gateway identifier of the target gateway.

[0145] In some embodiments, the device access apparatus may further include: a second registration and authentication module and a second session generation module.

[0146] The second registration and authentication module can be used to perform registration and authentication based on the permanent gateway identifier of the target gateway; the second session generation module can be used to establish a gateway session for the target gateway based on the services subscribed by the target gateway after the gateway registration and authentication is completed.

[0147] Since the functions of the device 1000 have been described in detail in their corresponding method embodiments, they will not be repeated here.

[0148] The modules and / or units described in the embodiments of this application can be implemented in software or hardware. The described modules and / or units can also be located in a processor. The names of these modules and / or units do not, in some cases, constitute a limitation on the module and / or unit itself.

[0149] The flowcharts and block diagrams in the accompanying drawings illustrate the architecture, functionality, and operation of possible implementations of systems, methods, and computer program products according to various embodiments of this application. In this regard, each block in a flowchart or block diagram may represent a module, segment, or portion of code containing one or more executable instructions for implementing a specified logical function. It should also be noted that in some alternative implementations, the functions indicated in the blocks may occur in a different order than those indicated in the drawings. For example, two consecutively indicated blocks may actually be executed substantially in parallel, and they may sometimes be executed in reverse order, depending on the functions involved. It should also be noted that each block in a block diagram or flowchart, and combinations of blocks in a block diagram or flowchart, may be implemented using a dedicated hardware-based system that performs the specified function or operation, or using a combination of dedicated hardware and computer instructions.

[0150] Furthermore, the above figures are merely illustrative of the processes included in the method according to exemplary embodiments of this disclosure and are not intended to be limiting. It is readily understood that the processes shown in the above figures do not indicate or limit the temporal order of these processes. Additionally, it is readily understood that these processes may be executed synchronously or asynchronously, for example, in multiple modules.

[0151] Figure 11 A schematic diagram of the structure of an electronic device suitable for implementing embodiments of the present disclosure is shown. It should be noted that... Figure 11 The illustrated electronic device 1100 is merely an example and should not impose any limitation on the functionality and scope of use of the embodiments disclosed herein.

[0152] like Figure 11 As shown, the electronic device 1100 includes a central processing unit (CPU) 1101, which can perform various appropriate actions and processes according to a program stored in a read-only memory (ROM) 1102 or a program loaded from a storage section 1108 into a random access memory (RAM) 1103. The RAM 1103 also stores various programs and data required for the operation of the electronic device 1100. The CPU 1101, ROM 1102, and RAM 1103 are interconnected via a bus 1104. An input / output (I / O) interface 1105 is also connected to the bus 1104.

[0153] The following components are connected to I / O interface 1105: an input section 1106 including a keyboard, mouse, etc.; an output section 1107 including a cathode ray tube (CRT), liquid crystal display (LCD), etc., and speakers, etc.; a storage section 1108 including a hard disk, etc.; and a communication section 1109 including a network interface card such as a LAN card, modem, etc. The communication section 1109 performs communication processing via a network such as the Internet. A drive 1110 is also connected to I / O interface 1105 as needed. Removable media 1111, such as a disk, optical disk, magneto-optical disk, semiconductor memory, etc., are installed on drive 1110 as needed so that computer programs read from them can be installed into storage section 1108 as needed.

[0154] In particular, according to embodiments of this disclosure, the processes described above with reference to the flowcharts can be implemented as computer software programs. For example, embodiments of this disclosure include a computer program product comprising a computer program carried on a computer-readable storage medium, the computer program containing program code for performing the methods shown in the flowcharts. In such embodiments, the computer program can be downloaded and installed from a network via communication section 1109, and / or installed from removable medium 1111. When the computer program is executed by central processing unit (CPU) 1101, it performs the functions defined above in the system of this application.

[0155] It should be noted that the computer-readable storage medium disclosed herein may be a computer-readable signal medium or a computer-readable storage medium, or any combination thereof. A computer-readable storage medium may be, for example,—but not limited to—an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples of a computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer disk, a hard disk, random access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), optical storage device, magnetic storage device, or any suitable combination thereof. In this application, a computer-readable storage medium may be any tangible medium containing or storing a program that can be used by or in conjunction with an instruction execution system, apparatus, or device. In this application, a computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, carrying computer-readable program code. Such propagated data signals may take various forms, including but not limited to electromagnetic signals, optical signals, or any suitable combination thereof. Computer-readable signal media can also be any computer-readable storage medium other than a computer-readable storage medium, which can send, propagate, or transmit a program for use by or in connection with an instruction execution system, apparatus, or device. The program code contained on the computer-readable storage medium can be transmitted using any suitable medium, including but not limited to: wireless, wire, optical fiber, RF, etc., or any suitable combination thereof.

[0156] In another aspect, this application also provides a computer-readable storage medium, which may be included in the device described in the above embodiments; or it may exist independently and not assembled into the device. The computer-readable storage medium carries one or more programs that, when executed by the device, enable the device to perform the following functions: a target gateway receives a network access request from a target device, indicating that the target gateway has already connected to a target network; in response to the network access request, the target gateway determines that the target device has subscribed to a target service; the target gateway sends device information of the target device to the target network, wherein the device information includes a device identifier of the target device, the device identifier being used to uniquely identify the target device, so that the target network generates a permanent device identifier for the target device in the target network based on the gateway identifier of the target gateway and the device identifier of the target device, wherein the permanent device identifier is used to identify the target device in the target network.

[0157] According to one aspect of this application, a computer program product or computer program is provided, comprising computer instructions stored in a computer-readable storage medium. A processor of a computer device reads the computer instructions from the computer-readable storage medium and executes the computer instructions, causing the computer device to perform the methods provided in various optional implementations of the above embodiments.

[0158] From the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein can be implemented by software or by combining software with necessary hardware. Therefore, the technical solutions of the embodiments of this disclosure can be embodied in the form of a software product, which can be stored in a non-volatile storage medium (such as a CD-ROM, USB flash drive, external hard drive, etc.) and includes several instructions to cause a computing device (such as a personal computer, server, mobile terminal, or smart device, etc.) to execute the method according to the embodiments of this disclosure.

[0159] Other embodiments of this disclosure will readily occur to those skilled in the art upon consideration of the specification and practice disclosed herein. This disclosure is intended to cover any variations, uses, or adaptations of this disclosure that follow the general principles of this disclosure and include common knowledge or customary techniques in the art not claimed herein. The specification and examples are to be considered exemplary only, and the true scope and spirit of this disclosure are indicated by the claims.

[0160] It should be understood that this disclosure is not limited to the detailed structures, drawing arrangements or implementations shown herein; rather, this disclosure is intended to cover various modifications and equivalent arrangements contained within the spirit and scope of the appended claims.

Claims

1. A device access method, characterized in that, include: The target gateway receives a network access request from the target device, and the target gateway has already connected to the target network. The target network has generated a gateway session for the target gateway in the target network through the gateway identifier of the target gateway; The target gateway determines whether the target device has subscribed to a target service that is different from the service subscribed to by the target gateway. If the target gateway responds to the network access request and determines that the target device has not subscribed to a target service different from the service subscribed to by the target gateway, then it controls the target device to communicate with the target network through the gateway session subscribed to by the target gateway. If the target gateway, in response to the network access request, determines that the target device has subscribed to a target service different from the service subscribed to by the target gateway, it controls the target device not to communicate with the target network using the gateway session subscribed to by the target gateway. Furthermore, the target gateway sends the device information of the target device to the target network, wherein the device information includes the device identifier of the target device. The device identifier is used to uniquely identify the target device, so that the target network generates a permanent device identifier for the target device in the target network based on the gateway identifier of the target gateway and the device identifier of the target device, and generates a separate device session for the target device based on the permanent identifier, enabling the target device to execute the target service through the device session. The permanent device identifier is used to identify the target device in the target network.

2. The method according to claim 1, characterized in that, Before the target gateway determines that the target device has subscribed to the target service in response to the network access request, the method further includes: The target network receives the subscription list of the target service; Wherein, the target gateway, in response to the network access request, determines that the target device has subscribed to the target service, including: The target gateway determines that the target device has subscribed to the target service based on the subscription list.

3. The method according to claim 1, characterized in that, include: The target network receives a device permanent identifier generation request sent by the target gateway for the target device, wherein the target gateway has determined that the target device has subscribed to a target service different from the service subscribed to by the target gateway, and wherein the device permanent identifier generation request includes the device identifier of the target device, which is used to uniquely identify the target device; Obtain the gateway identifier of the target gateway; Based on the gateway identifier of the target gateway and the device identifier of the target device, a permanent device identifier is generated for the target device in the target network so as to identify the target device attached to the target gateway based on the permanent device identifier.

4. The method according to claim 3, characterized in that, The method further includes: The target device is registered and authenticated based on its permanent identifier; After registration and authentication are completed, a device session is established for the target device based on the target service ordered by the target device.

5. The method according to claim 3, characterized in that, Before receiving the device persistent identifier generation request sent by the target gateway for the target device, the method further includes: Receive a gateway permanent identifier generation request sent by the target gateway; Obtain the gateway identifier of the target gateway; A permanent gateway identifier is generated for the target gateway in the target network based on the gateway identifier of the target gateway.

6. The method according to claim 5, characterized in that, The method further includes: Registration and authentication are performed based on the permanent gateway identifier of the target gateway; After the gateway registration and authentication are completed, a gateway session is established for the target gateway based on the services ordered by the target gateway.

7. A device access device, characterized in that, include: The network access request module is used for the target gateway to receive a network access request from the target device, wherein the target gateway has already connected to the target network. The target network has generated a gateway session for the target gateway in the target network through the gateway identifier of the target gateway; The service subscription determination module is used to determine, through the target gateway, whether the target device has already subscribed to a target service that is different from the service subscribed by the target gateway; If the target gateway, in response to the network access request, determines that the target device has not subscribed to a target service different from the service subscribed to by the target gateway, then it controls the target device to communicate with the target network through the gateway session subscribed to by the target gateway. If the target gateway responds to the network access request and determines that the target device has subscribed to a target service different from the service subscribed to by the target gateway, then it controls the target device not to use the gateway session subscribed to by the target gateway to communicate with the target network. A sending module is configured to send device information of the target device to the target network through the target gateway, wherein the device information includes a device identifier of the target device, the device identifier being used to uniquely identify the target device, so that the target network generates a permanent device identifier for the target device in the target network based on the gateway identifier of the target gateway and the device identifier of the target device, and generates a separate device session for the target device based on the permanent identifier, so that the target device can execute the target service through the device session, wherein the permanent device identifier is used to identify the target device in the target network.

8. An electronic device, characterized in that, include: Memory; as well as A processor coupled to the memory, the processor being used to execute the device access method as described in any one of claims 1-6 based on instructions stored in the memory.

9. A computer-readable storage medium having stored thereon program instructions that, when executed by a processor, implement the device access method as described in any one of claims 1-6.