Network resource management method and communication device

The network resource management method enables direct user control over network resources through control plane signaling, addressing inefficiencies in existing mobile network interference processes by reducing time and improving security and efficiency.

JP7885955B2Active Publication Date: 2026-07-07HUAWEI TECH CO LTD

Patent Information

Authority / Receiving Office
JP · JP
Patent Type
Patents
Current Assignee / Owner
HUAWEI TECH CO LTD
Filing Date
2022-12-21
Publication Date
2026-07-07

AI Technical Summary

Technical Problem

The process of a user interfering with a mobile network to meet their service requirements is time-consuming and inefficient, as it typically involves interactions with the operator and use of business and operation support systems.

Method used

A network resource management method where a terminal device sends request messages via control plane or user plane signaling to directly operate the lifecycle of a target network, including actions like creating, deleting, or modifying network attributes, with the core network performing operational authentication to ensure validity and security.

Benefits of technology

This method reduces the time to effective network operation, enhances efficiency, and improves system security by allowing direct user control over network resources, reducing power consumption and invalid operations.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure 0007885955000004
    Figure 0007885955000004
  • Figure 0007885955000005
    Figure 0007885955000005
  • Figure 0007885955000006
    Figure 0007885955000006
Patent Text Reader

Abstract

The present application provides a network resource management method and a communication device. The network resource management method includes: a terminal device generates a request message, where the request message is used to operate a life cycle of a target network (S301), and the request message is a control plane signaling or a user plane signaling between the terminal device and a core network device. The terminal device sends the request message to the core network device (S302). The core network device operates a life cycle of the target network managed by the core network device based on the request message (S303). In this network resource management method, a user can directly change a target network that provides a network service to the user. Compared with a method in which a user uses an operator to change a target network, the period until the change of the target network takes effect is shortened, thereby improving efficiency.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application claims the priority of Chinese Patent Application No. 202111682951.8, titled "NETWORK RESOURCE MANAGEMENT METHOD AND COMMUNICATION APPARATUS", filed with the State Intellectual Property Office of China on December 31, 2021, the entire content of which is incorporated herein by reference.

[0002] [Technical Field] This application relates to the field of communication technologies, and particularly to network resource management methods and communication apparatuses.

Background Art

[0003] In the process of a user using a mobile network, the mobile network can provide network services (such as data transmission services like voice services) to the user, and the user can alternatively interfere with the mobile network so that the mobile network meets the user's current service requirements. For example, in the process of user A using a mobile network, if the charging package of the mobile network is changed, the mobile network changes the mobile network corresponding to user A based on the changed charging package, for example, changes parameters such as the transmission speed or capacity of the mobile network.

[0004] Generally, the procedure for a user to interfere with (or change) a mobile network can be briefly described as follows: The user interacts with the operator of the mobile network about user requirements. After the operator understands the user requirements, the operator uses the business support system (BSS) and the operation support system (OSS) to change the configuration of the mobile network so that the changed mobile network meets the user requirements.

[0005] With the help of an operator, verifying a mobile network that is being interfered with (or altered) by a user is time-consuming and inefficient. [Overview of the Initiative]

[0006] Embodiments of this application provide a network resource management method and a communication device, thereby improving the efficiency of network resource management.

[0007] According to a first aspect, one embodiment of the present application provides a network resource management method. In this method, a terminal device determines a request message, which is used to operate the lifecycle of a target network, and the request message is control plane signaling or user plane signaling between the terminal device and the core network. The terminal device sends the request message to the core network. Based on the request message, the core network operates the lifecycle of the target network, which is managed by the core network.

[0008] Based on the method described in the first aspect, a user can directly operate a target network that provides user services based on control plane signaling or user plane signaling between the user and the core network. Compared to the method in which the user operates the target network via an operator network, the time until operation becomes effective can be reduced, thereby improving the efficiency of operating the target network.

[0009] In possible implementations, the target network is a user service function entity or another network function that provides services to the user. When this possible implementation is implemented, the terminal device can directly operate the user service function entity or another network function that provides services to the user based on control plane signaling or user plane signaling between the terminal device and the core network.

[0010] In possible implementations, the target network includes networking capabilities that provide networking services to terminal devices, a single virtual machine or group of virtual machines, containers, processes, or another set of executable resources.

[0011] In possible implementations, the request message includes information about the type of action, which includes one of the following: creating a target network, deleting a target network, changing the execution state of a target network, or changing the network attributes of a target network. When this possible implementation is implemented, the terminal device may perform the actions of creating a target network, deleting a target network, changing the execution state, and changing network attributes based on control plane signaling or user plane signaling between the terminal device and the core network.

[0012] In possible implementations, changing the target network's operational state includes pausing or resuming the target network. When this possible implementation is implemented, a terminal device may update the target network's operational state based on user requirements. For example, when a terminal device does not temporarily require the target network to provide network services, it may choose to suspend the target network to reduce system power consumption. When a terminal device requires the target network to provide network services, it may choose to resuming the target network to meet user requirements.

[0013] In possible implementations, modifying the network attributes of a target network may include one or more of the following: modifying the capacity of the target network, modifying the capabilities of the target network, modifying the configuration policy of the target network, or modifying the service user list of the target network. When this possible implementation is implemented, a terminal device may modify the network attributes of a target network based on user requirements so that the target network better meets user requirements.

[0014] In possible implementations, the core network performs operational authentication based on the request message. If the operational authentication result indicates success, the core network activates the target network's lifecycle. Alternatively, if the operational authentication result indicates failure, the core network does not activate the target network's lifecycle. When this possible implementation is implemented, the core network activates the target network's lifecycle based on requests from terminal devices only when the operational authentication result indicates success, thereby improving system security.

[0015] In possible implementations, the core network device authenticates the status of the target network based on the operation type. Alternatively, the core network authenticates the authorization of the operation type. When this possible implementation is implemented, system power consumption is reduced by avoiding cases where the core network performs invalid operations based on error request messages sent by terminal devices.

[0016] In possible implementations, if the operation type matches the status of the target network, the core network successfully authenticates the status of the target network.

[0017] In possible implementations, if the operation type does not match the status of the target network, the core network will fail to authenticate the status of the target network.

[0018] When the aforementioned possible implementations are implemented, a match between the operation type and the status of the target network is used as a filtering condition to avoid situations where the core network still needs to perform invalid operations on the target network's lifecycle based on an error request message after the terminal device has sent an error request message, thereby reducing power consumption.

[0019] In possible implementations, the status of a target network includes existing and non-existent states, and the inconsistency of the action type with the target network's status includes: when the action type is to create the target network, the target network's status is existing; when the action type is to delete the target network, the target network's status is non-existent; when the action type is to modify the target network's network attributes, the target network's status is non-existent; or when the action type is to modify the target network's running state, the target network's status is non-existent.

[0020] In possible implementations, the status of a target network includes existence and non-existence states, and the matching of the action type with the status of the target network includes: when the action type is to create the target network, the status of the target network is non-existence; when the action type is to delete the target network, the status of the target network is existence; when the action type is to modify the network attributes of the target network, the status of the target network is existence; or when the action type is to modify the running state of the target network, the status of the target network is existence.

[0021] The aforementioned possible implementations provide several specific examples in which the operation type does not (or does) match the status of the target network.

[0022] In possible implementations, the existence state includes a paused state or an activated state, and when the action type is to change the running state of the target network, the action type not matching the status of the target network further includes: when the action type is to pause the target network, the status of the target network is paused, or when the action type is to resume the target network, the status of the target network is activated.

[0023] In possible implementations, the existence state includes a paused state or an activated state, and when the action type is to change the running state of the target network, the action type matching the status of the target network further includes: when the action type is to pause the target network, the status of the target network is in the activated state, or when the action type is to resume the target network, the status of the target network is in the paused state.

[0024] The aforementioned possible implementations provide several specific examples in which the operation type does not (or does) match the status of the target network.

[0025] In a possible implementation, the core network includes a first functional network element and a second functional network element, with a communication connection between the two. The first functional network element is configured to perform operational authentication based on a request message. The second functional network element is configured to activate the lifecycle of the target network when the operational authentication result indicates success. When this possible implementation is implemented, a specific architecture of the core network device that operates the target network is provided.

[0026] In a possible implementation, after the first functional network element executes an operation authentication based on a request message, when the result of the operation authentication indicates success, the first functional network element transmits an instruction message (or a second request message) to the second functional network element, and the instruction message (or the second request message) is for requesting the second functional network element to operate the life cycle of the target network. When this possible implementation is implemented, the second functional network element operates the life cycle of the target network only after receiving the instruction message (or the second request message) from the first functional network element, thereby enhancing the stability of the target network.

[0027] In a possible implementation, the instruction message (or the second request message) includes an operation type or operation parameters corresponding to the operation type. When this possible implementation is implemented, the second functional network element may execute a specific operation on the life cycle of the target network using the instruction message (or the second request message) so that the target network better meets user requirements.

[0028] In a possible implementation, the second functional network element executes an identity authentication on the first functional network element. After the identity authentication for the first functional network element is successful, the second functional network element operates the life cycle of the target network. When this possible implementation is implemented, before the second functional network element operates the life cycle of the target network, the second Functional network elements executes an identity authentication on the first functional network element, thereby improving the security of the target network.

[0029] In a possible implementation form, the request message further includes one or more of the user information of the terminal device, the operation parameters corresponding to the operation type, or the information regarding the target network. When the possible implementation form is implemented, the core network can operate the target network based on the user information, the operation parameters corresponding to the operation type, or the information regarding the target network.

[0030] In a possible implementation form, the user information includes one or more of a subscription persistent identifier, a user group identifier, or a temporary user identifier.

[0031] In a possible implementation form, the information regarding the target network includes one or more of an identifier of the target network, a capacity value, a capability list, a service user list, or a configuration policy list.

[0032] In a possible implementation form, the request message further includes the user information of the terminal device, and the core network obtains the user subscription information based on the user information. The core network authenticates the operation permission of the operation type based on the user subscription information and / or according to the local configuration policy. When this possible implementation form is implemented, it avoids the case where the core network still executes an invalid operation on the life cycle of the target network based on the request message when the terminal device does not have the operation permission corresponding to the operation type, thereby reducing power consumption.

[0033] In a possible implementation form, the user subscription information includes one or more of a list of permitted operation actions, a list of permitted network identifiers, a permitted network capacity allocation, a permitted service user list, or a configuration policy list. When this possible implementation form is implemented, the operation permission of the terminal device is restricted using the user subscription information, so the operation permission of the terminal device is authenticated based on the user subscription information.

[0034] In possible implementations, when the operational authentication result indicates success, the core network sends a first response message to the terminal device based on the operational result that activated the lifecycle of the target network, and the first response message includes the status of the target network or the identifier of the target network.

[0035] In possible implementations, when the operational authentication result indicates failure, the core network sends a second response message to the terminal device, indicating that the operational result of activating the target network's lifecycle was a failure. When this possible method is implemented, the core network feeds back the operational result of activating the target network's lifecycle to the terminal device. For the user, activating the target network through the core network is more open and transparent, improving the user experience.

[0036] According to a second aspect, one embodiment of the present application provides a network resource management method. In this method, a terminal device determines a request message, which is used to operate the lifecycle of a target network, and the request message is control plane signaling or user plane signaling between the terminal device and a core network device. The terminal device sends the request message to the core network device.

[0037] For the beneficial effects of the network resource management method provided in the second embodiment, please refer to the beneficial effects of the network resource management method provided in the first embodiment. Repeating parts will not be explained again here.

[0038] In possible implementations, the request message includes information about the operation type, which includes one of the following: creating a target network, deleting a target network, changing the execution state of a target network, or changing the network attributes of a target network.

[0039] In possible implementations, changing the execution state of a target network includes pausing or resuming the target network.

[0040] In possible implementations, modifying the network attributes of a target network may include one or more of the following: modifying the capacity of the target network, modifying the capabilities of the target network, modifying the configuration policy of the target network, or modifying the service user list of the target network.

[0041] In possible implementations, the request message may further include one or more of the following: user information for the terminal device, operating parameters corresponding to the operation type, or information about the target network.

[0042] In possible implementations, user information includes one or more of the following: a subscription persistence identifier, a user group identifier, or a temporary user identifier.

[0043] In possible implementations, information about the target network may include one or more of the following: the target network identifier, capacity value, capability list, service user list, or configuration policy list.

[0044] In possible implementations, a terminal device receives a response message sent by a core network device, and the response message indicates the result of operating the target network's lifecycle.

[0045] In possible implementations, the target network is a user service function entity, or another network function that provides services to the user.

[0046] In possible implementations, the target network includes networking capabilities that provide networking services to terminal devices, a single virtual machine or group of virtual machines, containers, processes, or another set of executable resources.

[0047] According to a third aspect, one embodiment of the present application provides a network resource management method. In this method, a core network device receives a request message from a terminal device, where the request message is used to operate the lifecycle of a target network, and the request message is control plane signaling or user plane signaling between the terminal device and the core network device. Based on the request message, the core network device operates the lifecycle of the target network, which is managed by the core network device.

[0048] For the beneficial effects of the network resource management method provided in the third embodiment, please refer to the beneficial effects of the network resource management method provided in the first embodiment. Repeating parts will not be explained again here.

[0049] In possible implementations, the request message includes information about the operation type, which includes one of the following: creating a target network, deleting a target network, changing the execution state of a target network, or changing the network attributes of a target network.

[0050] In possible implementations, changing the execution state of a target network includes pausing or resuming the target network.

[0051] In possible implementations, modifying the network attributes of a target network may include one or more of the following: modifying the capacity of the target network, modifying the capabilities of the target network, modifying the configuration policy of the target network, or modifying the service user list of the target network.

[0052] In possible implementations, the core network device performs operational authentication based on the request message. If the operational authentication is successful, the core network device initiates the target network's lifecycle. Alternatively, if the operational authentication fails, the core network device does not initiate the target network's lifecycle.

[0053] In possible implementations, the core network device performing operational authentication based on the request message may include one or more of the following: authenticating the status of the target network based on the operational type, or authenticating the authorization of the operational type.

[0054] In possible implementations, if the operation type matches the status of the target network, the core network device successfully authenticates the status of the target network; otherwise, if the operation type does not match the status of the target network, the core network device fails to authenticate the status of the target network.

[0055] In possible implementations, the status of a target network may be either existing or nonexistent, and the matching of the action type with the status of the target network includes: when the action type is to create the target network, the status of the target network is nonexistent; when the action type is to delete the target network, the status of the target network is existing; when the action type is to modify the network attributes of the target network, the status of the target network is existing; or when the action type is to modify the running state of the target network, the status of the target network is existing.

[0056] In possible implementations, the existence state includes a paused state or an activated state, and when the action type is to change the running state of the target network, the action type matching the status of the target network further includes: when the action type is to pause the target network, the status of the target network is in the activated state, or when the action type is to resume the target network, the status of the target network is in the paused state.

[0057] In possible implementations, the request message may further include one or more of the following: user information for the terminal device, operating parameters corresponding to the operation type, or information about the target network.

[0058] In possible implementations, user information includes one or more of the following: a subscription persistence identifier, a user group identifier, or a temporary user identifier.

[0059] In possible implementations, information about the target network may include one or more of the following: the target network identifier, capacity value, capability list, service user list, or configuration policy list.

[0060] In possible implementations, the core network device retrieves user subscription information based on user information and authenticates operation permission for operation types based on the user subscription information and / or according to local configuration policies.

[0061] In possible implementations, user subscription information may include one or more of the following: a list of permitted action behaviors, a list of permitted network identifiers, a list of permitted network capacity allocations, a list of permitted service users, or a list of configuration policies.

[0062] In possible implementations, when the operational authentication result indicates success, the core network device sends a first response message to the terminal device based on the operational result that activated the target network's lifecycle, and the first response message includes the status of the target network and the target network identifier. Alternatively, when the operational authentication result indicates failure, the core network device sends a second response message to the terminal device, and the second response message indicates that the operational result that activated the target network's lifecycle failed.

[0063] In possible implementations, the target network is a user service function entity, or another network function that provides services to the user.

[0064] According to a fourth aspect, the present application provides a communication device. The device may be a terminal device, a chip, chip system, processor, etc. that supports the terminal device in carrying out the method described above, or a logic module, unit, or software that can implement all or some of the functions of the terminal device. Alternatively, the communication device may be a chip system. The communication device includes: a processing unit configured to determine a request message, the request message being used to operate the lifecycle of a target network, and the request message being control plane signaling or user plane signaling between a terminal device and a core network device; and a transceiver unit configured to transmit the request message to the core network device.

[0065] For the beneficial effects of the network resource management method provided in the fourth embodiment, please refer to the beneficial effects of the network resource management method provided in the first or second embodiment. Repeating parts will not be explained again here.

[0066] In possible implementations, the request message includes information about the operation type, which is one of the following: creating a target network, deleting a target network, or modifying the network attributes of a target network.

[0067] In possible implementations, the operation type may further include pausing or resuming the target network.

[0068] In possible implementations, modifying the network attributes of a target network may include one or more of the following: modifying the capacity of the target network, modifying the capabilities of the target network, modifying the configuration policy of the target network, or modifying the service user list of the target network.

[0069] In possible implementations, the request message may further include one or more of the following: user information for the terminal device, operating parameters corresponding to the operation type, or information about the target network.

[0070] In possible implementations, user information includes one or more of the following: a subscription persistence identifier, a user group identifier, or a temporary user identifier.

[0071] In possible implementations, information about the target network may include one or more of the following: the target network identifier, capacity value, capability list, service user list, or configuration policy list.

[0072] In possible implementations, the transceiver unit is further configured to receive response messages sent by the core network device, which indicate the result of operating the target network's lifecycle.

[0073] In possible implementations, the target network is a user service function entity, or another network function that provides services to the user.

[0074] According to a fifth aspect, the present application provides another communication device. The device may be a core network device, a chip, chip system, processor, etc. that supports the core network device in carrying out the method described above, or a logic module, unit, or software that can implement all or some of the functions of the core network. Alternatively, the communication device may be a chip system. The communication device includes a transceiver unit configured to receive request messages from a terminal device, the request messages being used to operate the lifecycle of a target network, and the request messages being control plane signaling or user plane signaling between the terminal device and the core network device, and a processing unit configured to operate the lifecycle of the target network, which is managed by the core network device, based on the request messages.

[0075] In possible implementations, the request message includes information about the operation type, which is one of the following: creating a target network, deleting a target network, or modifying the network attributes of a target network.

[0076] In possible implementations, the operation type may further include pausing or resuming the target network.

[0077] In possible implementations, modifying the network attributes of a target network may include one or more of the following: modifying the capacity of the target network, modifying the capabilities of the target network, modifying the configuration policy of the target network, or modifying the service user list of the target network.

[0078] In possible implementations, the processing unit is further configured to perform operational authentication based on the request message. If the operational authentication result indicates success, the processing unit activates the target network's lifecycle. Alternatively, if the operational authentication result indicates failure, the processing unit does not activate the target network's lifecycle.

[0079] In possible implementations, the processing unit performing operation authentication based on the request message may include one or more of the following: authenticating the status of the target network based on the operation type, or authenticating the authorization of the operation type.

[0080] In possible implementations, if the operation type matches the status of the target network, the processing unit succeeds in authenticating the status of the target network; otherwise, if the operation type does not match the status of the target network, the processing unit fails to authenticate the status of the target network.

[0081] In possible implementations, the status of a target network includes being present or not present, and the action type matching the status of the target network includes the status of the target network being not present when the action type is to create the target network, the status of the target network being present when the action type is to delete the target network, or the status of the target network being present when the action type is to modify the network attributes of the target network.

[0082] In possible implementations, a mismatch between the action type and the target network status further includes: when the action type is to pause the target network, the target network status is non-existent or paused; or when the action type is to resume the target network, the target network status is non-existent or activated.

[0083] In possible implementations, the request message may further include one or more of the following: user information for the terminal device, operating parameters corresponding to the operation type, or information about the target network.

[0084] In possible implementations, user information includes one or more of the following: a subscription persistence identifier, a user group identifier, or a temporary user identifier.

[0085] In possible implementations, information about the target network may include one or more of the following: the target network identifier, capacity value, capability list, service user list, or configuration policy list.

[0086] In possible implementations, the processing unit retrieves user subscription information based on user information and authenticates operation permission for operation types based on the user subscription information and / or according to local configuration policies.

[0087] In possible implementations, user subscription information may include one or more of the following: a list of permitted action behaviors, a list of permitted network identifiers, a list of permitted network capacity allocations, a list of permitted service users, or a list of configuration policies.

[0088] In possible implementations, when the operation authentication result indicates success, the transceiver unit sends a first response message to the terminal device based on the operation result that activated the target network's lifecycle, and the first response message includes the status of the target network and the target network identifier. Alternatively, when the operation authentication result indicates failure, the transceiver unit sends a second response message to the terminal device, and the second response message indicates that the operation result that activated the target network's lifecycle failed.

[0089] In possible implementations, the target network is a user service function entity, or another network function that provides services to the user.

[0090] According to a sixth aspect, the present application provides a communication device. The communication device may be a terminal device in the embodiments of the methods described above, or a chip located in the terminal device. The communication device includes a communication interface and a processor, and optionally further includes memory. The memory is configured to store computer programs or instructions. The processor is coupled to the memory and the communication interface. When the processor executes a computer program or instructions, the communication device becomes capable of performing the method performed by the terminal device in the embodiments of the methods described above.

[0091] According to a seventh aspect, the present application provides a communication device. The communication device may be a core network device in the embodiments of the methods described above, or a chip located within the core network device. The communication device includes a communication interface and a processor, and optionally further includes memory. The memory is configured to store computer programs or instructions. The processor is coupled to the memory and the communication interface. When the processor executes a computer program or instructions, the communication device becomes capable of performing the method performed by the core network device in the embodiments of the methods described above.

[0092] According to the eighth aspect, the present application provides a computer-readable storage medium. The computer-readable storage medium is configured to store computer executable instructions, and when a computer executable instruction is executed, a method performed by a terminal device in the manner of the first or second aspect is performed, or a method performed by a core network device in the manner of the first or third aspect is performed.

[0093] According to the ninth aspect, the present application provides a computer program product including a computer program, where, when the computer program is executed, a method performed by a terminal device in the manner of the first or second aspect is implemented, or a method performed by a core network device in the manner of the first or third aspect is implemented.

[0094] According to the tenth aspect, the present application provides a communication system which includes a communication device according to the fourth and fifth aspects, or a communication device according to the sixth and seventh aspects. [Brief explanation of the drawing]

[0095] [Figure 1a] This is a schematic diagram of a network system architecture according to one embodiment of the present application. [Figure 1b] This is a schematic diagram of the structure of a core network according to one embodiment of this application. [Figure 1c] This is a schematic diagram of another core network architecture according to one embodiment of the present application. [Figure 2] This is a schematic diagram of the structure of a user-centered network according to one embodiment of this application. [Figure 3] This is a schematic diagram illustrating a network resource management method according to one embodiment of this application. [Figure 4a]This is a schematic diagram illustrating the creation of a target network according to one embodiment of this application. [Figure 4b] This is another schematic diagram illustrating the creation of a target network according to one embodiment of this application. [Figure 5a] This is a schematic diagram illustrating the deletion of a target network according to one embodiment of this application. [Figure 5b] This is another schematic diagram illustrating the deletion of a target network according to one embodiment of the present application. [Figure 6a] This is a schematic dialogue diagram illustrating how to change the network attributes of a target network according to one embodiment of this application. [Figure 6b] This is another schematic diagram illustrating how to modify the network attributes of a target network according to one embodiment of the present application. [Figure 7] This is a schematic dialogue diagram of another network resource management method according to one embodiment of this application. [Figure 8] This is a schematic dialogue diagram of yet another network resource management method according to one embodiment of the present application. [Figure 9] This is a schematic diagram of the structure of a communication device according to one embodiment of the present application. [Figure 10] This is a schematic diagram of the structure of another communication device according to one embodiment of this application. [Modes for carrying out the invention]

[0096] Specific embodiments of this application will be described in further detail below with reference to the attached drawings.

[0097] The terms “first,” “second,” and so on in the specification, claims, and accompanying drawings of this application are used to distinguish different objects, not to describe a specific order. In addition, the terms “including” and “having” and any other variations thereof are intended to cover non-exclusive inclusion. For example, a process, method, system, product, or device comprising a set of steps or units is not limited to the listed steps or units, but may optionally further include steps or units not listed, or may optionally further include other specific steps or units of the process, method, product, or device.

[0098] The “embodiments” referred to herein indicate that certain features, structures, or characteristics described with reference to these embodiments may be included in at least one embodiment of this application. The terms used in various parts of this specification do not necessarily refer to the same embodiment and are not independent embodiments or optional embodiments exclusive to one another. It will be understood, both expressly and implicitly, by those skilled in the art that the embodiments described herein may be combined with other embodiments.

[0099] In this application, "at least one (item)" means one or more, "a plurality" means two or more, "at least two (items)" means two or three or more, and "and / or" is used to describe relationships between related objects, indicating that three relationships may exist. For example, "A and / or B" may indicate that only A exists, only B exists, or both A and B exist. A and B may be singular or plural. The letter " / " usually indicates an "or" relationship between related objects. "At least one of the following items (elements)" or similar expressions mean any combination of these items, including any combination of singular or plural items (elements). For example, at least one of a, b, or c may represent a, b, c, "a and b", "a and c", "b and c", or "a, b, and c", where a, b, and c may be singular or plural.

[0100] To better understand the embodiments of this application, the system architecture in the embodiments of this application will be described below.

[0101] The technical solutions in the embodiments of this application can be applied to various communication systems, such as fifth-generation (5G) communication systems including long-term evolution (LTE) systems, LTE frequency division duplex (FDD) systems, LTE time division duplex (TDD) systems, new radio (NR) systems, and 3rd generation partner project (3GPP) service-based architecture (SBA), or to sixth-generation (6G) communication systems and other communication systems that have evolved beyond 5G.

[0102] Figure 1a is a schematic diagram of a network system architecture according to one embodiment of the present application. As shown in Figure 1a, a terminal device may access a wireless network and obtain services from an external network (e.g., a data network (DN)) via the wireless network, or it may communicate with another device via the wireless network, for example, with another terminal device. The wireless network includes a (radio) access network ((R)AN) and a core network (CN). The (R)AN (hereinafter referred to as RAN) is configured to connect terminal devices to the wireless network, and the CN is configured to manage terminal devices and provide a gateway for communicating with the DN. The terminal devices, RAN, CN, and DN in the system architecture of Figure 1a will be described separately and specifically below.

[0103] I. Terminal Devices

[0104] Terminal devices include devices that provide voice and / or data connectivity to a user. For example, a terminal device is a device with wireless transceiver functionality and may be deployed on the ground, such as an indoor or outdoor device, a handheld device, a wearable or in-vehicle device, or on water (e.g., on a ship), or in the air (e.g., on an airplane, balloon, or satellite). Terminal devices may include mobile phones, tablet computers (Pads), computers with wireless transceiver functionality, virtual reality (VR) terminals, augmented reality (AR) terminals, wireless terminals in industrial control, in-vehicle terminals, wireless terminals in self-driving, wireless terminals in remote medical, wireless terminals in smart grids, wireless terminals in transportation safety, wireless terminals in smart cities, wireless terminals in smart homes, wearable terminals, and the like. Application scenarios are not limited to the embodiments of this application. Terminal devices may also be called terminals, user equipment (UE), access terminals, in-vehicle terminals, terminals in industrial control, UE units, UE stations, mobile stations, remote stations, remote terminals, mobile devices, UE terminals, wireless communication devices, UE proxies, UE equipment, etc. Terminals may also be fixed or mobile. It should be understood that all or part of the functions of a terminal in this application may be implemented using software functions executed on hardware, or using instantiated virtualization functions on a platform (e.g., a cloud platform).

[0105] II.RAN

[0106] A RAN may include one or more RAN devices (or access network devices). The interface between the access network device and the terminal device may be a Uu interface (or air interface). Indeed, in communications that have evolved beyond 5G, the names of these interfaces may remain unchanged or be replaced with other names. This is not limited to the present application.

[0107] An access network device is a node or device that connects terminal devices to a wireless network. Access network devices include, but are not limited to, next-generation NodeB (gNB), evolved NodeB (eNB), next-generation evolved NodeB (ng-eNB), radio backhaul devices, radio network controllers (RNC), NodeB (NB), home evolved NodeB (HeNB) or (home NodeB (HNB)), baseband units (BBU), transmission reception points (TRP), transmission points (TP), mobile exchanges, or devices that function as base stations in device-to-device (D2D), vehicle-to-everything (V2X), or machine-to-machine (M2M) communications in a cloud radio access network (C-RAN) system. This may include a unit (CU) and a distributed unit (DU), a network device located in a non-terrestrial network (NTN) communication system that may be deployed on a high-altitude platform or satellite, etc. This is not particularly limited to the embodiments of this application.

[0108] III.CN

[0109] A CN may include one or more CN devices (which can be understood as network element devices or functional network elements).

[0110] Figure 1b is a schematic diagram of the structure of the CN according to this application. The CN in Figure 1b is a schematic diagram of the CN in a 5G network architecture. The CN shown in Figure 1b consists of multiple CN devices, namely, a network slice selection function (NSSF), a network exposure function (NEF), and a network repository function (network r It includes an epository function (NRF), a policy control function (PCF), unified data management (UDM), an application function (AF), a network control function (NCF), a network slice-specific authentication and authorization function (NSSAAF), an authentication server function (AUSF), an access and mobility management function (AMF), a session management function (SMF), a user plane function (UPF), a service communication proxy (SCP), and a network slice admission control function (NSACF).

[0111] AMF is a control plane function provided by the operator network, responsible for access control and mobility management for terminal devices to access the operator network, including functions such as mobility status management, temporary user identity assignment, and user authentication and authorization.

[0112] SMF is a control plane function provided by the operator network and is configured to manage protocol data unit (PDU) sessions of terminal devices. A PDU session is a channel used to transmit PDUs, and terminal devices must transmit PDUs to the DN via a PDU session. SMF is responsible for establishing, maintaining, and deleting PDU sessions. SMF includes session-related functions such as session management (e.g., session establishment, modification, and release, including tunnel management between UPF and RAN), UPF selection and control, service and session continuity (SSC) mode selection, and roaming.

[0113] The PCF (User Subscription Fee) is a control plane function provided by the operator, including user subscription data management functions, policy control functions, billing policy control functions, and quality of service (QoS) control. It is primarily configured to provide PDU session policies for the SMF. Policies may include billing-related policies, QoS-related policies, authorization-related policies, etc.

[0114] The UPF is a gateway provided by the operator and serves as the gateway for communication between the operator network and the DN. The UPF includes user plane-related functions such as data packet routing and transmission, packet discovery, quality of service (QoS) processing, uplink packet discovery, and downlink data packet storage.

[0115] The UDM is primarily configured to manage user subscription and authentication data and to perform authentication credit processing, user identifier processing, access authorization, registration / mobility management, subscription management, and short message service management. In some embodiments, the UDM may further include a unified data repository (UDR). Alternatively, in some other embodiments, a 3GPP SBA in a 5G system may further include a UDR. The UDR is configured to store and retrieve PCF policies, store and retrieve structured data for publication, store user information requested by application functions, and so on.

[0116] CN devices are sometimes called network elements or functional network elements. In 5G communication systems, a functional network element may be the name of the functional network element shown in Figure 1b. In communication systems that have evolved beyond 5G (e.g., 6G communication systems), a functional network element may still be the name of the functional network element shown in Figure 1b, or it may have a different name. For example, in a 5G communication system, a policy control network element may be a PCF. In communication systems that have evolved beyond 5G (e.g., 6G communication systems), a policy control function may still be a PCF, or it may have a different name. This is not limited to the present application.

[0117] In Figure 1b, Npcf, Nudm, Naf, Namf, Nsmf, N1, N2, N3, N4, and N6 are interface sequence numbers. For the meaning of these interface serial numbers, please refer to the definitions provided in the relevant standard protocols, which are not limited herein.

[0118] Figure 1c is a schematic diagram of another CN architecture according to this application. In Figure 1c, the CN includes a user network access function, a user subscription authentication function, a network control function, and a resource management function. The user network access function is configured to perform access control and mobility management for terminal devices. The user subscription authentication function is configured to store and manage user subscription information. The network control function is configured to manage user network resources, for example, performing operations such as creating, modifying, and deleting user networks. The resource management function manages network resources, for example, by allocating resources to create network function instances required by user networks. A user network is used to provide network services to one or more users and can be understood as a core network element for UE-dedicated services. For example, a user network may include one or more network elements, which may be user-dedicated network elements or network elements shared with other users. When a user network includes one network element, the user network can be a network element, and a network element can be a user network. Specifically, a user network can be a network function that provides network services to terminal devices, and can be a single virtual machine or a group of virtual machines, a container, a process, or another set of executable resources. For illustrative purposes, the following example assumes that the user network is a user service node (USN).

[0119] For example, a user network can be a USN, which can be understood as an integration of core network control functions and is a core network element for UE-specific services. For example, a USN is a session management (SM) and / or policy management ( policyThe USN can integrate management (PM) functions. Alternatively, the USN may be understood as a digital twin function of the UE in the core network, a digital model for the actual behavior of the UE, and having functions such as recording service information used by the UE and artificial intelligence (AI) processing. Alternatively, the USN may be understood as similar to a cloud server (cloud computer). On the cloud server, the UE can orchestrate resources provided by the operator, such as QoS settings and bandwidth allocation for different services. It should be noted that the USN may be integrated into the 5G network architecture shown in Figure 1b or into the CN architecture shown in Figure 1c. In possible implementations, the USN may be used as a newly added logical network element or integrated as a logical function into existing network functions in Figure 1b or Figure 1c. For example, the USN can be integrated into the AMF and SMF. Alternatively, the USN may exist in the form of a user-centric network (UCN) architecture. In this case, the UCN architecture can be understood as a user-centric network. Please refer to the UCN network architecture shown in Figure 2. The UCN network architecture shown in Figure 2 includes network service nodes (NSNs) and user service nodes (USNs). The main functions of the NSN include authentication of accessed UEs, USN creation, and lifecycle management.

[0120] NCF is configured to manage USN resources in the UCN network architecture, and is responsible for operations such as creating, modifying, and deleting USNs.

[0121] It should be understood that the terms NSN, USN, and NCF used in this application are merely illustrative names and should not be considered as specific limitations thereto. In other words, NSN, USN, and NCF may be referred to by other names in other technical solutions outside of this application, or by other communication devices having the same functions. For example, an NSN could be an access control function, an NCF could be a network resource control or management function, and a USN could be a terminal digital twin function.

[0122] The following points should be noted: 1. The CN structure shown in Figure 1c is merely for the purpose of facilitating understanding of the CN, and only examples where each functional network element is deployed separately within the CN are used. In some possible CN structures, functional network elements may be integrated and combined for deployment. For example, the network access function and user subscription authentication function in Figure 1c may be integrated into the same functional network element, or the network access function and network control function in Figure 1c may be integrated into the same functional network element. This is not particularly limited in this application. 2. The core network referred to below in this application may be a functional network element within a core network, an integration of several functional network elements within a core network, or an integration of all functional network elements within a core network. The core network may be the core network in the 5G communication system shown in Figure 1b, the core network shown in Figure 1c, or another possible communication system (e.g., the core network in an LTE communication system or a communication system that has evolved beyond 5G). 3. The aforementioned network elements or functions may be network elements within a hardware device, software functions running on dedicated hardware, or instantiated virtualization functions on a platform (e.g., a cloud platform). Optionally, the network elements or functions may be implemented by a single device, jointly by multiple devices, or as functional modules within a single device. This is not particularly limited to the embodiments of this application.

[0123] IV.DN

[0124] A DN (Data Network), also known as a packet data network (PDN), is a network located outside the operator network. The operator network can access multiple DNs. To provide multiple possible services to terminal devices, application servers supporting multiple services can be deployed in the DN.

[0125] Typically, the procedure for a user to modify a user network can be simply described as follows: the user interacts with the mobile network operator regarding their user requirements, and after understanding these requirements, the operator modifies the user network configuration using BSS and OSS so that the modified user network meets those requirements. However, this method is usually time-consuming and inefficient, as it requires significant time to verify the user network modified by the user.

[0126] This application provides a network resource management method. In this method, a user can change the target network that provides network services to the user by using control plane signaling (or user plane signaling) between a terminal device and the core network to carry request messages to operate the target network. Compared to a method in which the user changes the target network using an operator, the time until the change to the target network becomes effective is shortened, thereby improving efficiency.

[0127] The network resource management method and communication device provided in this application will be further described below with reference to the attached drawings.

[0128] Figure 3 is a schematic flowchart of a network resource management method according to one embodiment of the present application. As shown in Figure 3, the network resource management method may be performed by a core network device or a chip within a core network device, or by a terminal device or a chip within a terminal device. Figure 3 illustrates an example in which a core network device and a terminal device are entities for performing the method.

[0129] S301: The terminal device determines the request message, which is used to operate the lifecycle of the target network.

[0130] The terminal device determines (or generates) a request message to initiate the lifecycle of a target network, based on user requirements. Initiating the lifecycle of a target network includes creating a target network and deleting a target network. In other words, the terminal device may determine the request message used to create a target network, or it may determine the request message used to delete a target network.

[0131] In possible implementations, a target network can have multiple states, including an existential state and a nonexistent state. It should be understood that an existential state means the target network exists, while a nonexistent state means the target network does not exist.

[0132] In possible implementations, a target network status being "existent" includes the target network's execution state being "suspended" (or standby, scheduled for activation, deactivated, etc.) or "activated." In this case, operating the target network's lifecycle may further include changing the target network's execution state. Changing the target network's execution state includes suspending the target network, for example, changing the target network's execution state from "activated" to "suspended," or restarting (or activating) the target network, for example, changing the target network's execution state from "suspended" to "activated." In possible implementations, changing the target network's execution state may further include changing the target network's execution state to "normal" if the target network's execution state is "abnormal" (or "failed").

[0133] In possible implementations, the target network may further include multiple network attributes, including, but not limited to, capacity (i.e., capacity-related parameters), capability (i.e., network capability-related parameters), configuration policies, or service user lists. In this case, operating the target network's lifecycle may further include modifying the target network's network attributes.

[0134] In this application, the target network is a network function (NF) configured to provide network services to terminal devices, a single virtual machine or group of virtual machines, containers, processes, or another set of executable resources. Network services include, but are not limited to, one or more of data downloads, data access, and calls. In other words, the target network may be a user service function entity or another network function that provides services to a user. For example, the target network may be a USN network element or a USN function entity.

[0135] In possible implementations, the request message includes information about the operation type, which is one of the following: create a target network, delete a target network, suspend a target network, resume a target network, or modify the network attributes of a target network.

[0136] Creating a target network is the process of generating (or establishing) a target network from scratch that provides network services to terminals. Deleting a target network is the process of deleting the target network's connectivity relationships (e.g., the connectivity relationship between the target network and access network devices) and deleting the resources occupied by the target network (e.g., running resources). Pausing a target network is the process of setting the target network's status to a paused state (or standby state, scheduled activation state, deactivated state, etc.). Reactivating a target network is the process of changing the target network's status from paused to activated. Modifying the network attributes of a target network can be understood as one or more of the following: modifying the target network's capacity (i.e., modifying capacity-related parameters), modifying the target network's capabilities (modifying network capability-related parameters), modifying the target network's configuration policy, or modifying the target network's service user list.

[0137] In possible implementations, information about the operation type may be an index value, and there is a mapping relationship between the index value and the operation type. This mapping relationship may be specified by the protocol, pre-configured, or agreed upon by the terminal and core network. For example, a specific implementation of information about the operation type may be as follows: the request message includes field 1, where field 1 indicates the operation type. See Table 1 for an example of the mapping relationship between the value of field 1 and the operation type. [Table 1]

[0138] In this case, if the user determines that their request is to pause the target network, the terminal device determines that the value of field 1 in the request message is 2. Note that the representation of the value of field 1 in this example is merely an example and should not be considered a specific limitation to this application. The value of field 1 can alternatively be represented using bits. For example, field 1 may contain 3 bits. In this case, a value of 000 in field 1 indicates that the action type is to create the target network; a value of 001 indicates that the action type is to modify the target network; a value of 010 indicates that the action type is to pause the target network; a value of 011 indicates that the action type is to resume the target network; or a value of 100 indicates that the action type is to change the network attributes of the target network.

[0139] In possible implementations, the request message may further include one or more of the following: user information for the terminal device, operating parameters corresponding to the operation type, or information about the target network.

[0140] User information includes one or more of the following: a user's persistent identifier (e.g., a subscription permanent identifier (SUPI), an international mobile subscriber identification number (IMSI), or a mobile subscriber international ISDN number (MSISDN)); a user group identifier; a temporary user identifier (e.g., a globally unique temporary identity (GUTI)); or a device identifier (e.g., a permanent equipment identifier (PEI) or an international mobile equipment identity (IMEI)). Operational parameters corresponding to the operation type may indicate a specific operation. For example, when a request message is to request the creation of a target network, the operational parameters carried in the request message indicate the creation of a specific target network. When a request message is to modify the network attributes of a target network, the operational parameters carried in the request message indicate the modification of one (or more) specific network attributes of the target network. Information about the target network includes one or more of the following: the target network identifier, capacity value, capability list, service user list, or configuration policy.

[0141] For example, if user 11 creates a target network having a capacity value a1 and a capability value p1, the request message determined by user 11's terminal device may include user 11's identifier, the operation type which is to create the network, and operation parameters including the capacity value a1 and the capability value p1.

[0142] For example, the service user list for target network N1 includes users 11, 12, and 21. If user 11 (which can be understood as a user with administrative permission for target network N1) wants to remove user 21 from the service user list for target network N1, user 11's terminal device determines a request message to activate target network N1. The request message may include the identifier of user 11, the identifier of target network N1, the action type which is to change the network attributes of the target network, and the action parameter which is to remove the identifier of user 21 from the service user list for target network N1.

[0143] S302: A terminal device sends a request message to the core network, and the core network receives the request message in response.

[0144] Request messages are either control plane signaling or user plane signaling between the terminal device and the core network. In other words, terminal devices use control plane signaling or user plane signaling between the terminal device and the core network to send request messages to the core network.

[0145] In possible implementations, control plane signaling can be non-access stratum (NAS) signaling.

[0146] In possible implementations, user plane signaling may be messages based on the General Packet Radio Service Tunneling Protocol (GTP)-User Plane (i.e., GTP-U). In possible implementations, the core network device performing step S302 is a first functional network element, and the terminal device sends a request message to the first functional network element. The first functional network element is configured to allow the terminal device to access the core network; that is, the first functional network element has user network access functionality. For example, the first functional network element may be the AMF network element in Figure 1b, the NSN network element in Figure 2, etc. The first functional network element may also be called an access management network element or a network service network element.

[0147] S303: The core network operates the target network's lifecycle, which is managed by the core network, based on the request message.

[0148] In other words, based on the information about the action type in the request message, the core network will either create a target network, delete a target network, change the execution state of a target network (including pausing or resuming the target network), or modify the network attributes of a target network.

[0149] In possible implementations, the core network manages one or more user networks. When the action type in a request message is one of the following: delete a target network, change the execution state of a target network (including pausing or resuming a target network), or change the network attributes of a target network, the core network determines the target network from among multiple networks based on the request message and operates the lifecycle of the target network.

[0150] In possible implementations, the core network device executing step S303 is a second functional network element, which is configured to operate the lifecycle of the target network. For example, the second functional network element may be an NCF network element. The second functional network element is sometimes also called a network control network element.

[0151] It should be understood that the second functional network element may be deployed in conjunction with the first functional network element (i.e., the entity may have the functionality of both the first and second functional network elements), or it may be deployed separately from the first functional network element. When the second functional network element is deployed separately from the first functional network element, a communication connection exists between the first and second functional network elements (i.e., it can be understood that the first functional network element can communicate with the second functional network element). After the first functional network element receives a request message from a terminal device in S302 (for clarity, the request message in S302 will be referred to as the first request message below), the first functional network element may forward the first request message to the second functional network element, thereby allowing the second functional network element to operate the lifecycle of the target network based on the request message in S303. Alternatively, in S302, after the first functional network element receives a first request message from a terminal device, the first functional network element may send a second request message (the contents of the second request message may be the same as those of the first request message) to the second functional network element based on the first request message, thereby causing the second functional network element to operate the lifecycle of the target network based on the second request message.

[0152] In possible implementations, when the second functional network element is deployed separately from the first functional network element, the second functional network element may perform identity authentication against the first functional network element to improve communication system security. After successful identity authentication against the first functional network element, the second functional network element may then operate the lifecycle of the target network.

[0153] In other words, after the second functional network element receives the second request message from the first functional network element, the second functional network element performs identity verification on the first functional network element, which includes, but is not limited to, one or more of the following: verifying whether the first functional network element actually exists; verifying whether the first functional network element has permission to send the second request message (i.e., whether the first functional network element has permission to request the second functional network element to operate the lifecycle of the target network); or verifying whether the first functional network element is valid. After the identity verification performed by the second functional network element on the first functional network element is successful, the second functional network element operates the lifecycle of the target network based on the second request message.

[0154] To facilitate understanding of the technical solutions of this application, the following examples illustrate how to create a target network, how to delete a target network, how to change the execution state of a target network, or how to change the network attributes of a target network, using an example in which a second functional network element is deployed separately from the first functional network element.

[0155] 1. Create the target network.

[0156] The connection between the target network and the access network device may be a direct connection (hereinafter abbreviated as a direct connection) or an indirect connection (hereinafter abbreviated as an indirect connection). It should be understood that the target network is directly connected to the access network device, meaning the access network device can communicate directly with the target network. In other words, after the access network device receives a service request message from a terminal device (a service request message is a request to the target network to provide network services), the access network device may forward the service request message directly to the target network, causing the target network to provide the corresponding network services. Alternatively, the target network may be indirectly connected to the access network device, meaning the access network device communicates indirectly with the target network using a first functional network element. In other words, after receiving a service request message from a terminal device, the access network device sends the service request message to a first functional network element, which then forwards the service request message to the target network, causing the target network to provide the corresponding network services.

[0157] When the target network is directly connected to the access network device, signaling transmission overhead can be reduced. When the target network is indirectly connected to the access network device, the access network device cannot directly contact the target network, thus improving the security of the target network.

[0158] The following sections specifically describe the process of creating a target network, based on the cases where the target network is directly connected to the access network device and where the target network is indirectly connected to the access network device.

[0159] If the target network is directly connected to an access network device, please refer to Figure 4a. Figure 4a is a schematic flowchart for creating the target network according to this application.

[0160] S401: The second functional network element interacts with the resource management function to create the target network.

[0161] The second functional network element interacts with resource management functions, requests available execution resources, and instantiates execution entities. An execution entity can be a newly instantiated virtual machine, a newly instantiated container, or a new process, thread, or another execution entity running on an existing virtual machine or container. Furthermore, the second functional network element creates a target network based on request messages from terminal devices.

[0162] Resource management functions are configured to manage network resources and, for example, to allocate resources to generate network function instances required by user networks. In some cases, resource management functions may be management and orchestration (MANO) network elements, container (Docker) management network elements, the Docker engine, or another resource management function.

[0163] In possible scenarios, the core network may further include a third functional network element. The third functional network element is configured to store network configuration data, which includes network configuration parameters and / or network operation policy data. Network configuration parameters include one or more parameters required for network operation (e.g., data packet loss rate, latency, bandwidth, or network speed), scripts required for network operation, or environment variables. Network operation policy data includes one or more QoS policies, billing policies, or user access control policies. In possible implementations, the network configuration data within the third functional network element may be associated with a user identifier, or the network configuration data within the third functional network element may be associated with a network identifier, or each configuration data within the third functional network element may be associated with an index value.

[0164] If the network configuration data within the third functional network element is associated with a user identifier, the request message carries the user identifier and the operation type (where the operation type is to create a target network). The second functional network element interacts with the resource management function based on the user identifier to create the target network, and the second functional network element (or target network) retrieves the network configuration data corresponding to the target network from the third functional network element based on the user identifier. Furthermore, the second functional network element configures the target network based on the network configuration data.

[0165] If the network configuration data within the third functional network element is associated with a network identifier, the request message carries the user identifier and the operation type (where the operation type is to create the target network). Furthermore, the second functional network element interacts with the resource management function based on the user identifier to create the target network. The target network (or the second functional network element) retrieves the network configuration data corresponding to the target network identifier from the third functional network element based on the target network identifier. The target network (or the second functional network element) configures the target network based on the network configuration data.

[0166] If each configuration data within the third functional network element is associated with an index value, the request message carries the user identifier, the operation type (where the operation type is to create a target network), and operation-related parameters (where these are specific parameters for creating the target network, e.g., the target network's capacity value, capability, or service user list). Furthermore, the second functional network element interacts with the resource management function based on the user identifier to create the target network. The target network (or the second functional network element) determines the target index value based on the operation parameters and retrieves the network configuration data corresponding to the target network identifier from the third functional network element based on the target index value. The target network (or the second functional network element) configures the target network based on the network configuration data.

[0167] S402: The target network interacts with the access network device to establish a communication connection and a user context connection.

[0168] Specifically, after creating the target network, the second functional network element sends information about the access network device to the target network and notifies it to update the user context information. The information about the access network device is used to address the access network device, and the user context information is used to establish a user context connection. Furthermore, the target network establishes a communication connection to the access network device based on the information about the access network device and establishes a user context connection based on the user context information. An access network device is a device that connects terminal devices to the target network. Information about the access network device is used to address the access network device. For example, an access network device includes an access network device identifier and / or access network device address information.

[0169] Alternatively, after creating the target network, the second functional network element sends information about the target network to the access network device and notifies it to update the user context information. The target network information is used to address the target network, and the user context information is used to establish a user context connection. Furthermore, the access network device establishes a communication connection to the target network based on the target network information and establishes a user context connection based on the user context information. The access network device is the device that connects terminal devices to the target network. The target network information is used to address the target network. For example, the target network information includes the identifier and / or address information of the target network.

[0170] It should be noted that a communication connection includes one or more underlying connections established and completed according to the Hypertext Transfer Protocol (HTTP), Transmission Control Protocol (TCP), Stream Control Transmission Protocol (SCTP), or another protocol. User context information includes user status, user attribute information, and user-related communication connection information.

[0171] S403: The access network device changes the connection information of the terminal device.

[0172] In other words, after establishing a communication connection and a user context connection to the target network, the access network device modifies the transmission path (or routing path) of messages from the terminal device so that the access network device forwards network service request messages (e.g., PDU session establishment request messages) from the terminal device to the target network.

[0173] If the target network is indirectly connected to an access network device, that is, if the target network and the access network device interact indirectly with each other using a first functional network element, please refer to Figure 4b. Figure 4b is another schematic flowchart for creating a target network according to this application.

[0174] S411: The second functional network element interacts with the resource management function to create the target network.

[0175] For the specific implementation of S411, please refer to the previously mentioned explanation of the specific implementation of S401. Repeated parts will not be explained again here.

[0176] S412: The target network sends a first update request to a first functional network element, and in response, the first functional network element receives a first update request from the target network.

[0177] The first update request is intended to request a first functional network element to update (or change) the access control of the target network. The first update request carries information about the target network and notifies it to update the user context information. The information about the target network is used to address the target network. For example, the information about the target network includes, but is not limited to, the identifier or address information of the target network. The user context information is used to establish the user context connection.

[0178] S413: The first functional network element updates (or modifies) the connection information based on the first update request.

[0179] In other words, the first functional network element stores information about the target network, establishes a communication connection and a user context connection, and thereby, after receiving a request message (or a request message to access the target network) to request the target network to provide network services, the first functional network element forwards the received request message to the target network to request the target network to provide network services.

[0180] S414: The first functional network element sends a second update request to the access network device, and in response, the access network device receives a second update request from the first functional network element.

[0181] In other words, the second update request may enable the access network device to establish communication and user context connections to the first functional network element relating to the target network, i.e., both communication and user context connections are associated with the target network. The second update request is intended to request the access network device to update (or change) the access control for the target network. The second update request carries information about the target network, which is used to address the target network. For example, the information about the target network may include, but is not limited to, the identifier or address information of the target network.

[0182] S415: The access network device sends a response message to the first functional network element for the second update request, and in response, the first functional network element receives a response message from the access network device for the second update request. The response message carries the result of the access network device's operation based on the second update request.

[0183] The access network device performs the corresponding actions based on the second update request: it establishes a communication connection and a user context connection to the first functional network element associated with the target network, i.e., the communication connection and user context connection are associated with the target network. Furthermore, based on the results of the actions in the second update request, the access network device sends a response message to the second update request to the first functional network element.

[0184] S416: The first functional network element sends a response message to the first update request to the target network, and in response, the target network receives the response message to the first update request from the first functional network element.

[0185] The response message to the first update request indicates the operational result of the first functional network element based on the first update request and the operational result of the access network device based on the second update request. In other words, when the operational result of the first functional network element based on the first update request is successful and the operational result of the access network device based on the second update request is successful, the operational result in the response message to the first update request sent by the first functional network element to the target network indicates success. When the operational result of the first functional network element based on the first update request is a failure, or when the operational result of the access network device based on the second update request is a failure, the operational result in the response message to the first update request sent by the first functional network element to the target network indicates failure.

[0186] 2. Delete the target network.

[0187] The following sections specifically describe the process of deleting a target network, based on the cases where the target network is directly connected to the access network device (hereinafter referred to as "directly connected") and where the target network is indirectly connected to the access network device.

[0188] If the target network is directly connected to the access network device, please refer to Figure 5a. Figure 5a is a schematic flowchart of the removal of the target network according to this application.

[0189] S501: The second functional network element sends a control action request message to the target network, and in response, the target network receives a control action request message from the second functional network element, where the control action request message includes an action type (in this case, to delete the target network).

[0190] The second functional network element receives a request message from the terminal device, which is used to remove the target network. In this case, the second functional network element sends a control action request message to the target network, which instructs the target network to release the link.

[0191] S502: The target network sends a link release request to the access network device, and in response, the access network device receives a link release request from the target network.

[0192] Based on the control action request message sent by the second functional network element, the target network removes the user context connection to the access network device and sends a link release request to the access network device, which instructs (or notifies) the access network device to remove the user context connection to the target network.

[0193] A link release request includes information about the target network, which is used to address the target network. This information includes, but is not limited to, the target network identifier and / or the target network address.

[0194] S503: The access network device removes the user context connection to the target network based on a link release request.

[0195] An access network device can smoothly remove a user context connection to a target network based on a link release request. The process for smoothly removing a user context connection can be described as follows: The access network device sends a notification message to the terminal device, informing it that the terminal device served by the target network is offline. After all terminal devices served by the target network service have gone offline, the access network device removes the user context connection to the target network. This method can improve the user experience because the link is released only after all users served by the target network have gone offline.

[0196] Alternatively, an access network device may, based on a link release request, indirectly remove the user context connection to the target network. In other words, after receiving a link release request, the access network device directly removes the user context connection to the target network, regardless of whether the terminal device served by the target network is offline. This method can improve the efficiency of link release by the access network device.

[0197] S504: The access network device sends a response message to the target network in response to the link release request, and the target network receives the response message sent by the access network device in response to the link release request. The response message carries the result of the access network device's actions based on the link release request.

[0198] It is important to understand that releasing a link as referred to in this application means removing the context connection between the two devices, and that the response message is sent via the signaling channel. Therefore, after the link between the two devices is released, subsequent transmission of response messages is unaffected (i.e., response messages can still be transmitted between the two devices via the signaling channel (or communication connection)). For example, after an access network device releases the user context connection between the access network device and the target network based on the link release request in S503, in S504, the access network device releases the user context connection between the access network device and the target network via the signaling channel (communication connection) , A response message to a link release request may be sent to the first functional network element.

[0199] S505: The target network sends a response message to the control operation request message to the second functional network element, and in response, the second functional network element Control operation request message A response message is received from the target network. The response message carries the result of the link release operation for the user context connection between the target network and the access network device.

[0200] S506: The second functional network element interacts with the resource management function to release resources from the target network.

[0201] The second functional network element releasing resources from the target network, and the completion of the release of those resources, can be understood as the release of all communication connections related to the target network (including communication connections between the target network and the second functional network element, and communication connections between the target network and access network devices). Deleting communication connections may involve deleting one or more underlying connections completed according to HTTP, TCP, SCTP, or another protocol.

[0202] If the target network is indirectly connected to an access network device, please refer to Figure 5b. Figure 5b is another schematic flowchart of removing the target network according to this application.

[0203] S511: The second functional network element sends a control action request message to the target network, and in response, the target network receives a control action request message from the second functional network element. The control action request message includes the action type (in this case, deleting the target network).

[0204] S512: The target network sends a first link release request to a first functional network element, and in response, the first functional network element receives a first link release request from the target network.

[0205] Based on a control action request message sent by the second functional network element, the target network sends a first link release request to the first functional network element, which instructs (or notifies) the first functional network element to remove the user context connection to the target network. The link release request includes information about the target network, which is used to address the target network. The information about the target network includes, but is not limited to, the identifier and / or address information of the target network.

[0206] S513: The first functional network element sends a second link release request to the access network device, and in response, the access network device receives a second link release request from the first functional network element.

[0207] Based on the first link release request, the first functional network element sends a second link release request to the access network device, which instructs (or notifies) the access network device to remove the user context connection to the first functional network element related to the target network. The link release request includes information about the target network, which is used to address the target network. The information about the target network includes, but is not limited to, the identifier and / or address information of the target network.

[0208] S514: The access network device performs a connection deletion process based on the second link release request.

[0209] Specifically, the access network device may smoothly perform the connection deletion process based on the second link release request. Alternatively, the access network device may not smoothly perform the connection deletion process based on the second link release request.

[0210] S515: The access network device sends a response message to the first functional network element for the second link release request, and in response, the first functional network element receives a response message from the access network device for the second link release request. The response message carries the result of the access network device's operation based on the second link release request.

[0211] S516: The first functional network element sends a response message to the target network for a first link release request, and in response, the target network receives a response message from the first functional network element for a second link release request. The response message carries the result of the operation of the first functional network element based on the first link release request, or further includes the result of the operation of an access network device based on the second link release request.

[0212] S517: The target network sends a response message to the second functional network element in response to the control operation request message, and in response, the second functional network element Control operation request message A response message is received from the target network. The response message carries the result of the operation of a first functional network element based on the first link release request, or further includes the result of the operation of an access network device based on a second link release request.

[0213] S518: The second functional network element interacts with the resource management function to release resources from the target network.

[0214] When the second functional network element releases resources from the target network, and the release of those resources is completed, it can be understood that all communication connections associated with the target network (including communication connections between the target network and the second functional network element, and communication connections between the target network and the first functional network element) are released.

[0215] 3. Modifying the target network (including changing the network attributes of the target network, or changing the running state of the target network, such as pausing or resuming the target network).

[0216] The following describes in detail the process of temporarily suspending the target network, based on the cases where the second functional network element directly controls the first functional network element and where the second functional network element indirectly controls the first functional network element.

[0217] See Figure 6a if the second functional network element directly controls the first functional network element. Figure 6a is a schematic flowchart of how to modify a target network (change the execution state of the target network or change the network attributes of the target network) according to this application.

[0218] S601: The second functional network element sends a first control operation request message to the target network, and in response, the target network receives the first control operation request message from the second functional network element. The first control operation request message includes the operation type.

[0219] In Figure 6a, the operation type is one of the following: changing the execution state of the target network (i.e., pausing or resuming the target network) or changing the network attributes of the target network. The first control operation request message is intended to request the target network to perform the operation corresponding to the operation type, i.e., one of the following: changing the execution state of the target network (i.e., pausing or resuming the target network) or changing the network attributes of the target network. In this case, the first control operation request message may further include identifier information for the target network.

[0220] In possible implementations, modifying the network attributes of a target network includes modifying one or more of the following: 1. Modifying the network capabilities of the target network, for example, enabling or disabling device capabilities or services corresponding to the target network, where services may be services provided by each NF as defined in 3GPP, in which case NRF registration and updates are triggered after the services provided by the NF are modified. 2. Modifying the network capacity of the target network, for example, increasing the capacity value of the target network (performing a capacity expansion process), decreasing the capacity value of the target network (performing a capacity reduction process), or changing the capacity value of the target network to a specified value or level to perform a capacity expansion or reduction of the target network. 3. Modifying the user list of the target network, for example, adding user information to the user list of the target network, or removing user information from the user list of the target network, where user information includes one or more of the following: subscription persistent identifiers (e.g., IMSI / SUPI / MSISDN), user group identifiers, temporary user identifiers (e.g., GUTI), or device identifiers (e.g., PEI / IME).

[0221] In possible implementations, when the first control action request message is used to modify the network attributes of the target network, the first control action request message may further include operation parameters.

[0222] S602: The second functional network element sends a second control operation request message to the first functional network element, and in response, the first functional network element receives the second control operation request message from the second functional network element. The second control operation request message includes the operation type.

[0223] The second control action request message is used to request the first functional network element to perform an action on information about the target network that corresponds to one of the action types: pausing the target network, resuming the target network, or changing the network attributes of the target network.

[0224] In this case, the second control operation request message may further include identifier information for the target network.

[0225] In possible implementations, when a second control action request message is used to modify the network attributes of a target network, the second control action request message may further include operational parameters.

[0226] It should be noted that the execution order of S601 and S602 in this specification is merely an example and should not be considered a specific limitation to this application. In other words, in an actual application process, S601 and S602 may be executed simultaneously, S602 may be executed before S601, or S601 may be executed before S602.

[0227] S603: The target network performs the corresponding operation based on the operation type in the first control operation request message.

[0228] Suspending a target network by a target network specifically includes one or more of the following: preventing subsequent signaling from the user by working with the user context. status Recording user statistics and call detail log data, or immediately (or timer-triggered) detaching the user through signaling.

[0229] Restarting (or activating) a target network by a target network specifically includes one or more of the following: working on the user context to restart subsequent signaling for the user. status To record user statistics and call detail record data, or to enable subsequent user signaling.

[0230] Modifying the network attributes of a target network by a target network specifically includes the following: The target network modifies the network attributes of the target network (including one or more of network capability, network capacity, or user list) based on the operation parameters in the first control operation request message.

[0231] S604: The target network responds to the first control operation request message. First A feedback message is sent to a second functional network element, and in response, the second functional network element receives a first feedback message from the target network that corresponds to the first control operation request message.

[0232] After the target network performs the corresponding operation processing based on the first control operation request message, the target network sends a first feedback message to the second functional network element based on the result of this operation. The first feedback message includes first operation result information, which indicates the result of the operation performed by the target network based on the first control operation request message. When the first operation result information indicates an operation failure, the first operation result information may include a first failure cause value, which indicates the specific reason why this operation performed by the target network failed.

[0233] In possible implementations, the first feedback message includes one or more of the following: the target network identifier, the target network's state after the operation (including activated or paused states), or network attribute information of the target network.

[0234] S605: The first functional network element executes an operation process based on the second control operation request message.

[0235] The first functional network element performs the corresponding operation process based on the specific content of the second control operation request message sent by the second functional network element.

[0236] For example, when the action type in the second control action request message is to pause the target network, the first functional network element pausing the target network in the information list maintained by the first functional network element, i.e., updating (or changing) the information about the target network to the corresponding information while the target network is paused, specifically includes one or more of the following: recording the work status of the user context to prevent further signaling by the user; terminating and reporting the user's statistics and call detail log data; or immediately (or timer-triggered) detaching or deregistering the user through signaling.

[0237] In another example, when the action type in the second control action request message is to restart the target network, the restart of the target network in the information list maintained by the first functional network element, i.e., updating (or changing) information about the target network to the corresponding information during the activation of the target network, specifically includes one or more of the following: recording the work status of the user context in order to restart subsequent signaling by the user; restarting user statistics and call detail log data; or enabling subsequent signaling by the user.

[0238] In yet another example, when the operation type in the second control operation request message is to modify the network attributes of the target network, it can be understood that the first functional network element modifies the network attribute information of the target network in the information list maintained by the first functional network element based on the second control operation request message, i.e., the first functional network element modifies the network attribute information of the target network based on the operation parameters in the second control operation request message.

[0239] S606: The first functional network element sends a network control access update request message to an access network device, and in response, the access network device receives a network control access update request message from the first functional network element. The network control access update request message includes an operation type.

[0240] When the operation type is to suspend the target network, the network control access update request message is intended to request the access network device to perform the corresponding operation on the information about the target network, that is, to update (or change) the information about the target network to the corresponding information while the target network is suspended. In this case, the update request may further include identifier information for the target network.

[0241] When the operation type is to restart (or activate) the target network, the network control access update request message is intended to request the access network device to perform the corresponding operation on the information about the target network, that is, to update (or change) the information about the target network to the corresponding information while the target network is being activated. In this case, the update request may further include identifier information for the target network.

[0242] When the operation type is to modify the network attributes of the target network, the network control access update request message is intended to request the access network device to modify the network attributes of the target network that are maintained by the access network device. In this case, the second control operation request message may further include the target network identifier information and operation parameters.

[0243] S607: The access network device performs an action based on the network control access update request.

[0244] The access network device performs the corresponding action based on the specific content of the network control access update request.

[0245] For example, when the action type in a network control access update request is to pause the target network and for the access network device to update (or modify) the corresponding information while the target network is paused, the information about the target network in the list of information maintained by the access network device specifically includes one or more of the following: recording the user context's work status to prevent further signaling by the user; terminating and reporting user statistics and call detail log data; or immediately (or timer-triggered) detaching the user through signaling.

[0246] In another example, when the action type in a network control access update request is to reactivate the target network, the access network device updates (or modifies) the corresponding information during the activation of the target network. The information about the target network in the list of information maintained by the access network device specifically includes one or more of the following: recording the work status of the user context to resume subsequent signaling for the user; resuming user statistics and call detail log data; or enabling subsequent signaling for the user.

[0247] In yet another example, when the operation type in a network control access update request is to modify the network attributes of the target network, the access network device modifies the network attributes of the target network maintained by the access network device based on the operation parameters in the network control access update request.

[0248] S608: The access network device sends a second feedback message to the first functional network element corresponding to the network control access update request, and in response, the first functional network element receives the second feedback message from the access network device corresponding to the network control access update request.

[0249] After performing the corresponding operation processing based on the network control access update request, the access network device sends a second feedback message to the first functional network element. The second feedback message includes second operation result information, which is used to feed back the operation result of the access network device to the first functional network element, indicating whether the operation was successful or failed. When the second operation result information indicates an operation failure, the second operation result information may include a second failure cause value, which indicates the specific reason why this operation performed by the access network device failed.

[0250] In possible implementations, the second feedback message may further include one or more of the following: the identifier of the target network, the state of the target network on the access network device after the operation (including the activated or suspended state), or network attribute information of the target network.

[0251] S609: The first functional network element transmits a third feedback message corresponding to the second control operation request message to the second functional network element, and in response, the second functional network element receives a third feedback message corresponding to the second control operation request message from the first functional network element.

[0252] The third feedback message includes third operation result information, which is used to feed back the operation results of the first functional network element and the access network device to the second functional network element, and the third operation result is one of the following cases: 1. When the operation result of the access network device indicates success and the operation processing result of the first functional network element indicates success, the operation result information carried in the third feedback message indicates success. 2. When the operation result of the access network device indicates failure, or when the operation processing result of the first functional network element indicates failure, the operation result carried in the third feedback message indicates failure. In this case, the third feedback message may further carry a third failure cause value (indicating a specific cause for the operation result in the third feedback message indicating failure).

[0253] In possible implementations, the third feedback message may further carry one or more of the following: target network state information (including activated or paused state) in the first functional network element, a target network identifier, or network attribute information of the target network.

[0254] For cases where the second functional network element indirectly controls the first functional network element, please refer to Figure 6b. Figure 6b is a schematic flowchart of how to modify a target network (change the execution state of the target network or change the network attributes of the target network) according to this application.

[0255] S611: The second functional network element sends a first control operation request message to the target network, and in response, the target network receives the first control operation request message from the second functional network element. The first control operation request message includes the operation type.

[0256] For the specific implementation of S611, please refer to the previously mentioned explanation of the specific implementation of S601. Repeated parts will not be explained again.

[0257] S612: The target network executes the corresponding operation process based on the operation type in the first control operation request message.

[0258] For the specific implementation of S612, please refer to the above explanation of the specific implementation of S603. Repeated parts will not be explained again.

[0259] S613: The target network sends a second control operation request message to the first functional network element, and in response, the first functional network element receives a second control operation request message from the target network. The second control operation request message includes the operation type.

[0260] The second control action request message is intended to request the first functional network element to perform an action on information about the target network, corresponding to one of the action types: pausing the target network, resuming the target network, or changing the network attributes of the target network. In possible implementations, the second control action request message may further include identifier information for the target network.

[0261] In possible implementations, when a second control action request message is used to modify the network attributes of a target network, the second control action request message may further include operational parameters.

[0262] S614: The first functional network element executes an operation process based on the second control operation request message.

[0263] S615: The first functional network element sends a network control access update request message to an access network device, and in response, the access network device receives a network control access update request message from the first functional network element. The network control access update request message includes an operation type.

[0264] S616: The access network device performs an action based on the network control access update request.

[0265] S617: The access network device sends a second feedback message to the first functional network element corresponding to the network control access update request, and in response, the first functional network element receives the second feedback message from the access network device corresponding to the network control access update request.

[0266] For the specific implementation of S614 to S617, please refer to the above explanation of the specific implementation of S605 to S608. Repeated parts will not be explained again here.

[0267] S618: The first functional network element sends a third feedback message to the target network corresponding to the second control operation request message, and in response, the target network receives the third feedback message from the first functional network element corresponding to the second control operation request message.

[0268] For a detailed explanation of the feedback message corresponding to the second control operation request message, please refer to the explanation in S609. Further details will not be explained here.

[0269] S619: The target network sends a first feedback message corresponding to the first control operation request message to the second functional network element, and in response, the second functional network element receives a first feedback message corresponding to the first control operation request message from the target network.

[0270] The target network transmits a first feedback message to the second functional network element based on feedback messages from the first functional network element and the operational processing results of the target network based on a first control operation request message. The first feedback message includes first operational result information, which is used to feed back the operational results of the target network, the first functional network element, and the access network device to the second functional network element. The first operational result information is one of several cases: 1. When the operational result of the first functional network element is successful, the operational result of the access network device is successful, and the operational processing result of the target network is successful, the operational result carried in the first feedback message is successful. 2. When the operational result of the first functional network element is a failure, the operational result of the access network device is a failure, and the operational processing result of the target network is a failure, the first feedback message may further carry a failure cause value (indicating a specific cause for the operational result in the first feedback message being a failure).

[0271] In possible implementations, the first feedback message may further carry one or more of the following: the state of the target network in the first functional network element (including activated or suspended states), the identifier of the target network, or network attribute information of the target network.

[0272] As shown in Figure 3, the network resource management method allows terminal devices to directly operate the target network using core network devices. Compared to a method where the user changes the target network using an operator, the time it takes for the change to take effect is shortened, thereby improving efficiency.

[0273] Figure 7 is a schematic flowchart of another network resource management method according to one embodiment of the present application. As shown in Figure 7, the network resource management method may be performed by a core network device or a chip within a core network device, or by a terminal device or a chip within a terminal device. Figure 7 illustrates an example in which a core network device and a terminal device are entities for performing the method.

[0274] S701: The terminal device determines the request message, which is used to operate the lifecycle of the target network.

[0275] S702: The terminal device sends a request message to the core network device, and in response, the core network device receives the request message from the terminal device.

[0276] For specific implementations of S701 and S702, please refer to the above-mentioned explanation of the specific implementations of S301 and S302. Repeated parts will not be explained again here.

[0277] S703: The core network device performs operational authentication based on the request message.

[0278] After the core network device receives a request message from the terminal device, the core network device performs an operation authentication on the request message to authenticate whether the request message is from a valid (or actually existing) terminal device, or to authenticate whether the content of the request message is valid (or understood to be executable by the core network device, that is, the terminal device has an operation permission corresponding to the request message). Thereby, the core network device is prevented from performing an invalid operation based on the request message, and the security of the target network is improved.

[0279] In a possible implementation form, the core network device performing an operation authentication based on the request message includes one or more of the following methods.

[0280] Method 1: The core network device authenticates the status of the target network based on the operation type.

[0281] In this operation authentication method of this method, the core network device determines whether the target network can execute a processing operation corresponding to the operation type in the request message based on the status of the target network, that is, the core network device determines whether the operation type matches the status of the target network. When the operation type matches the status of the target network, the core network device succeeds in authenticating the status of the target network, or when the operation type does not match the status of the target network, the core network device fails in authenticating the status of the target network.

[0282] It should be understood that the action type matching the status of the target network means that the core network device determines that the target network can execute a processing operation corresponding to the action type in the request message based on the status of the target network. Conversely, the action type not matching the status of the target network means that the core network device determines that the target network cannot execute a processing operation corresponding to the action type in the request message based on the status of the target network.

[0283] In a possible implementation, the action type not matching the status of the target network includes one or more of the following: 1. When the action type is to create a target network, the status of the target network exists. 2. When the action type is to delete a target network, the status of the target network does not exist. 3. When the action type is to change the network attributes of a target network, the status of the target network does not exist. 4. When the action type is to suspend a target network, the status of the target network is non-existent or in a suspended state. 5. When the action type is to resume a target network, the status of the target network is non-existent or in an activated state.

[0284] Conversely, if the action type is to create a target network and the target network does not exist, the action type may be determined to match the status of the target network. If the action type is to delete a target network and the target network exists, the action type may be determined to match the status of the target network. If the action type is to change the network attributes of a target network and the target network exists, the action type may be determined to match the status of the target network. If the action type is to pause a target network and the target network exists and is in an activated state, the action type may be determined to match the status of the target network. If the action type is to resume a target network and the target network exists and is in a paused state (or deactivated or standby state), the action type may be determined to match the status of the target network.

[0285] Method 2: The core network device authenticates the permission for the operation type.

[0286] In this operation authentication method, the core network device authenticates whether the terminal device sending the request message has the operation authorization corresponding to the operation type. If the terminal device has the operation authorization corresponding to the operation type, the core network device succeeds in authenticating the operation authorization for that operation type; otherwise, if the terminal device does not have the operation authorization corresponding to that operation type, the core network device fails in authenticating the operation authorization for that operation type.

[0287] In possible implementations, the request message further includes user information from the terminal device, and the core network device retrieves user subscription information based on the user information, and the core network device authenticates operation authorization for operation types based on the user subscription information and / or according to local configuration policies. User subscription information includes one or more of the following: a list of authorized operation actions, a list of authorized network identifiers, authorized network capacity allocations, a list of authorized service users, or a list of configuration policies. Local configuration policies may be understood as operator management and control policies, core network device management and control policies, etc.

[0288] In other words, a core network device can obtain user subscription information based on the user information of a terminal device, and this user subscription information includes the authorized operation permissions of the terminal device. Furthermore, the core network device determines, based on the authorized operation permissions of the terminal device in the user subscription information, whether the terminal device can request to perform the operation type in the request message. If the user subscription information includes the operation type in the request message, the core network device succeeds in authenticating the operation permission for that operation type. Conversely, if the user subscription information does not include the operation type in the request message, the core network device fails to authenticate the operation permission for that operation type (i.e., authentication fails).

[0289] For example, the core network device receives a request message sent by terminal device 1, where the request message includes user information (identifier of user A), operation type (to change the network attributes of network 1 (i.e., the target network)), and operation parameters (to change the network capacity value to value a3). The core network device retrieves user A's subscription information based on user A's identifier, as shown in Table 2. [Table 2]

[0290] Furthermore, the core network device authenticates the permission to perform the requested action based on user A's subscription information. User A's subscription information indicates that the terminal device may change the network attribute of network 1 and may change the network capacity value of network 1 to a1 or a2, but the terminal device is not authorized to change the network capacity value of network 1 to a3. In this case, the core network device cannot authenticate the permission to perform the action type in the requested message.

[0291] Furthermore, both operation authentication method 1 and operation authentication method 2 may be executed, or only one of operation authentication method 1 and operation authentication method 2 may be executed. This is not particularly limited in this application. In addition, when both operation authentication method 1 and operation authentication method 2 may be executed, the execution order of operation authentication method 1 and operation authentication method 2 is not particularly limited in this application. That is, operation authentication method 1 may be executed before operation authentication method 2, operation authentication method 1 may be executed after operation authentication method 2, or operation authentication method 1 and operation authentication method 2 may be executed simultaneously.

[0292] In possible implementations, when multiple functional network elements within a core network device are configured to perform operational authentication, the functional network element performing operational authentication method 1 and the functional network element performing operational authentication method 2 may be the same functional network element or different functional network elements.

[0293] S704: When the operational authentication result indicates success, the core network device activates the lifecycle of the target network.

[0294] After the core network device performs operational authentication on the request message, if the authentication is successful, the core network device operates the target network lifecycle based on the operational type and / or operational parameters in the request message.

[0295] In possible implementations, the core network device sends a first response message to the terminal device based on the result of the operation that activated the lifecycle of the target network, the first response message containing the status of the target network or the identifier of the target network. In other words, the first response message may indicate that the operation that activated the lifecycle of the target network by the core network device was successful. In this case, the first response message may contain one or more of the following: the identifier of the target network, the status of the target network after the core network device activated the lifecycle of the target network, or network attribute information of the target network. Alternatively, the first response message may indicate that the operation that activated the lifecycle based on the target network by the core network device was unsuccessful. In this case, the first response message may contain the identifier of the target network, the status of the target network after the core network device activated the lifecycle of the target network, network attribute information of the target network, or a failure cause value (where the failure cause value indicates the reason why the lifecycle of the target network was not activated this time).

[0296] In one example, the network capacity value of network 1 is a1, and the core network device receives a request message sent by terminal device 1, where the request message contains user information (identifier of user A), operation type (to change the network attributes of network 1 (i.e., the target network)), and operation parameters (to change the network capacity value to value a2). とThis includes: If the core network device performs an operational authentication on the request message and the result is successful, the core network device changes the network capacity value of network 1 from a1 to a2. Furthermore, the first response message that the core network device returns to terminal device 1 may include the identifier of network 1, the state of network 1 (existence, availability, or activation), and the network attribute of network 1 (that the network capacity value is a2).

[0297] In another example, the network capacity value of network 1 is a3, and the core network device receives a request message sent by terminal device 1, which includes user information (identifier of user A), operation type (to change the network attribute of network 1 (i.e., the target network)), and operation parameter (to change the network capacity value to the value a2). The core network device performs operation authentication on the request message and the result is successful. After the core network device changes the network capacity value of network 1 based on the request message, the network capacity value of network 1 becomes a3 (not equal to the capacity value in the operation parameter in the request message). In this case, it is considered that the core network device has failed to perform the lifecycle of network 1. Furthermore, the first response message that the core network device returns to terminal device 1 may include the identifier of network 1, the state of network 1 (existence, availability, or activation), the network attribute of network 1 (the network capacity value being a2), and failure cause value 1 (indicating that the changed network capacity value is the same as the network capacity value before the change).

[0298] In possible implementations, if the operation authentication result indicates failure, the core network device does not activate the target network lifecycle. In this case, the core network device may further send a second response message to the terminal device, which indicates that the operation that activated the target network lifecycle failed. In this case, the second response message may further carry a failure cause value (indicating the reason why the current operation failed). For example, see Table 3 for the mapping relationship between the failure cause value and the failure cause. [Table 3]

[0299] It should be noted that the core network device in Figure 7 may be one or more functional network elements within a core network. This is not particularly limited in this application. In one example, the core network device referred to in Figure 7 may include three functional network elements: functional network element 1, functional network element 2, and functional network element 3. Functional network element 1 is configured to receive a request message from a terminal device (i.e., perform step S702). Functional network element 2 is configured to perform operational authentication based on the request message (i.e., perform step S703). Functional network element 3 is configured to activate the lifecycle of the target network (i.e., perform step S704) when the result of operational authentication indicates success. In another example, the core network device referred to in Figure 7 may include two functional network elements: functional network element 1 and functional network element 2, and the two functional network elements are configured to perform steps S702 through S704. For example, functional network element 1 may be configured to perform steps S702 and S703 and functional network element 2 to perform step S704, or functional network element 1 may be configured to perform step S702 and functional network element 2 to perform steps S703 and S704. In yet another example, the core network device mentioned in Figure 7 is a functional network element, and the functional network element is configured to perform steps S702 through S704.

[0300] In a possible implementation form, when the core network device includes a plurality of functional network elements and there is a communication connection between the functional network elements, a functional network element configured to receive a message may perform identity authentication on a functional network element configured to transmit the message. For example, the first functional network element is configured to perform operation authentication based on a request message. The second functional network element is configured to operate the life cycle of the target network. In this case, when the result of the operation authentication indicates success, the first functional network element transmits an instruction message (or a second request message) to the second functional network element, where the instruction message (or the second request message) is for requesting the second functional network element to operate the life cycle of the target network. The instruction message (or the second request message) includes an operation type and / or operation parameters. The second functional network element receives the instruction message (or the second request message) and performs identity verification on the first functional network element. When the verification is successful, the second functional network element operates the life cycle of the target network. In this way, the system security can be further improved.

[0301] According to the network resource management method provided in FIG. 7, the terminal device can directly operate the target network by using the core network device, and the core network device performs an authentication operation on the identity and operation permission of the terminal device, thereby improving the efficiency and the system security.

[0302] To more intuitively explain the network resource management method in this application, hereinafter, the network resource management method in this application will be described with reference to the network architecture shown in FIG. 1b.

[0303] Figure 8 is a schematic flowchart of yet another network resource management method according to one embodiment of the present application. As shown in Figure 8, the network resource management method may be performed by a core network or a chip within the core network, or by a terminal device or a chip within a terminal device. Figure 8 illustrates an example in which a specific functional network element within the core network and a terminal device are entities for performing the method.

[0304] S801: The terminal device sends a request message to the AMF, and in response, the AMF receives the request message from the terminal device.

[0305] The terminal device sends a request message to the AMF using an access network device (i.e., the gNB in ​​Figure 8) to request that the lifecycle of the target network be activated. The request message may be a non-access stratum (NAS) message. Specifically, the request message may be a separate NAS message (i.e., the function of the NAS message is used to activate the lifecycle of the target network). The request message may be carried within an information element of a NAS message that has another function. That is, in addition to the function of requesting that the lifecycle of the target network be activated, the NAS message may further include another function.

[0306] For specific explanations of "request messages," "target networks," and "operating within the target network lifecycle," please refer to the relevant explanations in S301. Repeated sections are not explained again here.

[0307] S802: AMF performs operational authentication based on the request message.

[0308] For the specific implementation of S802, please refer to the previously mentioned explanation of the specific implementation of S703. Repeated parts will not be explained again here.

[0309] The process by which the core network operates the target network lifecycle shown in Figure 1b, after the AMF has successfully performed operational authentication, is specifically described in S803 to S811 below.

[0310] S803: AMF operates the lifecycle of the target network.

[0311] Specifically, when an AMF network element creates a target network, it means that the AMF network element interacts with a MANO network element or a container-managed network element, requests available execution resources, and instantiates execution entities. Execution entities can be newly instantiated virtual machines, newly instantiated containers, or new processes, threads, or other execution entities running on existing virtual machines or containers. Furthermore, the AMF network element creates the target network based on request messages from terminal devices.

[0312] When AMF removes a target network, it means that the AMF network elements release (or remove) the execution resources corresponding to the target network and remove the instantiation of the target network's execution entities.

[0313] An AMF network element pauses a target network, that is, sets the status of the target network to a paused state (or standby state, scheduled activation state, deactivation state, etc.). In other words, when an AMF network element pauses a target network, it means that the AMF network element updates the information about the target network that is maintained by the AMF network element. Updating the information includes one or more of the following: recording the user context's work status to prevent further signaling of the user; terminating and reporting user statistics and call detail log data; or immediately (or timer-triggered) detaching the user through signaling.

[0314] An AMF network element restarts a target network, that is, changes the status of the target network from paused to active. In other words, when an AMF network element restarts a target network, it means that the AMF network element updates the information about the target network that is maintained by the AMF network element. Updating the information includes: recording the working status of the user context to restart subsequent user signaling; restarting user statistics and call detail log data; or enabling subsequent user signaling.

[0315] When an AMF network element modifies the network attributes of a target network, it means that the AMF network element modifies the capacity of the target network (i.e., capacity-related parameters) and the capabilities of the target network (network). abilityThis can be understood as changing one or more of the following: related parameters, the configuration policy of the target network, or the service user list of the target network. In other words, when an AMF network element changes the network attributes of a target network, it means that the AMF network element updates the information about the target network that is maintained by the AMF network element. Updating the content includes: 1. Changing the network capabilities of the target network, for example, enabling or disabling device capabilities or services corresponding to the target network, where services are services provided by each NF as defined in 3GPP, and triggering NRF registration and updates. 2. Changing the network capacity of the target network, for example, increasing the capacity value of the target network (performing a capacity expansion process) or decreasing the capacity value of the target network (performing a capacity reduction process). 3. Modify the user list of the target network, for example, by adding or removing user information from the user list of the target network, where the user information includes one or more of the following: subscription persistence identifier (e.g., IMSI / SUPI / MSISDN), user group identifier, temporary user identifier (e.g., GUTI), or device identifier (e.g., PEI / IME).

[0316] S804: (Optional) The AMF sends an update request regarding the target network to the access network device (i.e., gNB), and in response, the access network device (i.e., gNB) receives an update request regarding the target network from the AMF.

[0317] The AMF sends an update request about the target network to the access network device based on the operation type that drives the target network's lifecycle, as indicated in the request message. The update request carries information about the operation type and instructs the access network device to update (or modify) information about the target network maintained by the access network device, including radio link-side information of the target network such as radio scheduling priority and air interface priority. After receiving the update request, the access network device performs different actions based on the different operation type. Details are as follows:

[0318] When the AMF creates a target network (i.e., its operation type is to create a target network), the update request is to ask the access network device to establish a communication connection (also called a link connection, channel, etc.) to the AMF. The link is the communication connection (also called a link connection, channel, etc.) between the AMF and the gNB, and the communication connection (also called a link connection, channel, etc.) is associated with the target network.

[0319] When the AMF removes a target network (i.e., the operation type is to remove the target network), the update request is intended to instruct the access network device to remove its communication connection (or link connection, channel, etc.) to the AMF.

[0320] When the AMF pauses the target network (i.e., the operation type is to change the running state of the target network, specifically to pause the target network), the update request is intended to ask the access network device to interrupt its communication connection (or link connection, channel, etc.) to the AMF.

[0321] When the AMF restarts (or activates) a target network (i.e., when the operation type is to change the running state of the target network, and specifically restarts the target network), the update request is intended to request the access network device to restart (or activate) its communication connection (or link connection, channel, etc.) to the AMF.

[0322] When AMF modifies the network attributes of a target network (i.e., its operation type is to modify the network attributes of a target network), an update request is intended to instruct the gNB to modify (or update) the information about the target network that is maintained by the gNB.

[0323] S805: (Optional) The gNB modifies information corresponding to the target network (including one or more of the following: link information, target network identifier, or target network attributes) based on an update request for the target network.

[0324] The gNB establishes (or terminates) a communication connection (or channel) to the target network for a first function based on a request to establish (or terminate) a link connection. In other words, the communication connection (or channel) is associated with the target network.

[0325] When the AMF creates a target network, the gNB establishes a communication connection (also called a link connection, channel, etc.) to the AMF.

[0326] When the AMF removes the target network, the gNB removes its communication connection (also called a link connection, channel, etc.) to the AMF.

[0327] When the AMF pauses the target network, the gNB interrupts its communication connection (also called a link connection, channel, etc.) to the AMF.

[0328] When the AMF restarts (or activates) the target network, the gNB restarts (or activates) its communication connection (or link connection, channel, etc.) to the AMF.

[0329] When AMF modifies the network attributes of a target network, gNB modifies (or updates) the information about the target network that is maintained by gNB.

[0330] It is important to know that gNB can establish, delete, suspend, or resume links according to the Next Generation Application Protocol (NGAP) or SCTP.

[0331] It should be noted that when the action type in the request message is one or more of the following: create a target network, delete a target network, or change the running state of a target network, specific actions in S804 and S805 are performed. When the action type in the request message is to change the network attributes of a target network, if the network attributes of the target network to be changed affect the radio link-side information of the target network (wherein the radio link-side information includes radio scheduling priority or air interface priority), specific actions in S804 and S805 may be performed. If the network attributes of the target network to be changed do not affect the radio link-side information of the target network, specific actions in S804 and S805 may not be performed.

[0332] S806: (Optional) The AMF sends a first operation control request to the SMF, and in response, the SMF receives a first operation control request from the AMF.

[0333] The AMF sends a first operation control request to the SMF based on the operation type that will operate the lifecycle of the target network, as contained in the request message. The first operation control request carries information about the operation type and instructs (or requests) the SMF to operate the lifecycle of the target network. The first operation control request is an N11 interface message. Specifically, the first operation control request can be a standalone N11 interface message (i.e., the function of the N11 interface message is used to operate the lifecycle of the target network). The first operation control request may be carried in an information element of an N11 interface message that has another function. That is, in addition to the function for requesting the operation of the lifecycle of the target network, the N11 interface message may further include another function.

[0334] S807: (Optional) SMF operates the lifecycle of the target network.

[0335] For specific details on how SMF operates the target network lifecycle, please refer to the explanation of how AMF operates the target network lifecycle in S803. Further details will not be explained here.

[0336] S808: (Optional) The SMF sends a second operation control request to the UPF, and in response, the UPF receives a second operation control request from the SMF.

[0337] The SMF sends a second operation control request to the UPF based on the operation type that will activate the target network's lifecycle, as contained in the first operation control request. The second operation control request carries information about the operation type and instructs (or requests) the UPF to activate the target network's lifecycle. The second operation control request is an N4 interface message. Specifically, the second operation control request may be a separate N4 interface message (i.e., the function of the N4 interface message is used to activate the target network's lifecycle). The second operation control request may be carried in an information element of an N4 interface message that has another function. That is, in addition to the function for requesting the activation of the target network's lifecycle, the N4 interface message may further include another function.

[0338] S809: (Optional) UPF operates the lifecycle of the target network.

[0339] For specific details on how UPF operates the target network lifecycle, please refer to the explanation of how AMF operates the target network lifecycle in S803. Further details will not be explained here.

[0340] In possible implementations, after the target network's lifecycle has been activated, the UPF sends a feedback message to the SMF corresponding to a second operational control request, where the feedback message corresponding to the second operational control request is an N4 interface message. If the UPF fails to activate the target network's lifecycle, the feedback message corresponding to the second operational control request may carry a failure cause value, which indicates the reason why the UPF failed to activate the target network's lifecycle.

[0341] In possible implementations, the SMF sends a feedback message to the AMF corresponding to the first operation control request, based on the results of the operation in which the UPF activated the target network's lifecycle and the results of the operation in which the SMF activated the target network's lifecycle. The feedback message corresponding to the first operation control request is an N11 interface message. If the operation result in which the UPF activated the target network's lifecycle indicates failure, or if the operation result in which the SMF activated the target network's lifecycle indicates failure, the feedback message corresponding to the first operation control request may carry a failure cause value. The failure cause value indicates the reason why the UPF failed to activate the target network's lifecycle, or the failure cause value indicates the reason why the SMF failed to activate the target network's lifecycle.

[0342] It should be noted that when the action type in the request message is one or more of the following: create a target network, delete a target network, or change the execution state of a target network, specific actions S806 through S809 are performed. When the action type in the request message is to change the network attributes of a target network, if the network attributes of the target network to be changed affect the target network's session (e.g., PDU session) or user plane-related information, specific actions S806 through S809 are performed. If the network attributes of the target network to be changed do not affect the target network's session or user plane-related information, then specific actions S806 through S809 do not need to be performed.

[0343] S810: (Optional) The AMF sends a third operation control request to the PCF, and in response, the PCF receives a third operation control request from the AMF.

[0344] The AMF sends a third operation control request to the PCF based on the operation type that operates the target network's lifecycle, as contained in the request message. The third operation control request carries information about the operation type and instructs (or requests) the PCF to operate the target network's lifecycle. The third operation control request is an N15 interface message. Specifically, the third operation control request can be an independent N15 interface message (i.e., the function of the N15 interface message is used to operate the target network's lifecycle). The third operation control request may be carried in an information element of an N15 interface message that has another function. That is, in addition to the function for requesting the operation of the target network's lifecycle, the N15 interface message may further include another function.

[0345] S811: (Optional) PCF operates the lifecycle of the target network.

[0346] For specific details on how PCF operates the target network lifecycle, please refer to the explanation of how AMF operates the target network lifecycle in S803. Further details will not be explained here.

[0347] In possible implementations, after the target network lifecycle has been activated, the PCF sends a feedback message to the AMF corresponding to a third operational control request, where the feedback message corresponding to the third operational control request is an N15 interface message. If the PCF fails to activate the target network lifecycle, the feedback message corresponding to the third operational control request may carry a failure cause value, which indicates the reason why the PCF failed to activate the target network lifecycle.

[0348] It should be noted that when the action type in the request message is one or more of the following: create a target network, delete a target network, or change the running state of a target network, specific actions S810 and S811 are performed. When the action type in the request message is to change the network attributes of a target network, if the network attributes of the target network to be changed affect the configuration policy of the target network, specific actions S810 and S811 are performed; if the network attributes of the target network to be changed do not affect the configuration policy of the target network, specific actions S810 and S811 are performed. It's not necessary. .

[0349] In possible implementations, after S811 is executed, the AMF records the status of the target network and uses gNB to feed back the results of the operation that ran through the target network's lifecycle to the terminal device. The target network status includes the existence of the target network (including activated and paused states) and the absence of the target network. In possible implementations, the AMF may further record the network attributes of the target network.

[0350] Figure 9 is a schematic diagram of the structure of a communication device according to one embodiment of the present application. The communication device shown in Figure 9 may be configured to implement some or all of the functions of a terminal device in an embodiment corresponding to a network resource management method, or the communication device shown in Figure 9 may be configured to implement some or all of the functions of a core network device in an embodiment corresponding to a network resource management method.

[0351] In one embodiment, the communication device shown in Figure 9 may be configured to implement some or all of the functions of the terminal device in the embodiment of the method described in Figure 3 or Figure 8. The device may be a terminal device, a device within a terminal device, or a device that can be used with a terminal device. Alternatively, the communication device may be a chip system. The communication device shown in Figure 9 may include a transceiver unit 901 and a processing unit 902.

[0352] The processing unit 902 is configured to determine the request message, which is used to operate the lifecycle of the target network, and the request message is either control plane signaling or user plane signaling between the terminal device and the core network device. The transceiver unit 901 is configured to send the request message to the core network device.

[0353] In possible implementations, the request message includes an action type, which may include one of the following: create a target network, delete a target network, change the running state of a target network, or change the network attributes of a target network.

[0354] In possible implementations, changing the execution state of a target network includes pausing or resuming the target network.

[0355] In possible implementations, modifying the network attributes of a target network may include one or more of the following: modifying the capacity of the target network, modifying the capabilities of the target network, modifying the configuration policy of the target network, or modifying the service user list of the target network.

[0356] In possible implementations, the request message may further include one or more of the following: user information for the terminal device, operating parameters corresponding to the operation type, or information about the target network.

[0357] In possible implementations, user information includes one or more of the following: a subscription persistence identifier, a user group identifier, or a temporary user identifier.

[0358] In possible implementations, information about the target network may include one or more of the following: the target network identifier, capacity value, capability list, service user list, or configuration policy list.

[0359] In possible implementations, the transceiver unit 901 is further configured to receive response messages transmitted by the core network device, which indicate the result of operating the target network lifecycle.

[0360] In possible implementations, the target network is a user service function entity, or another network function that provides services to the user.

[0361] In one embodiment, the communication device shown in Figure 9 may be configured to implement some or all of the functions of the core network device in the embodiment of the method described in Figure 3 or Figure 8. The device may be the core network device, a device within the core network device, or a device that can be used with the core network device. Alternatively, the communication device may be a chip system. The communication device shown in Figure 9 may include a transceiver unit 901 and a processing unit 902.

[0362] The transceiver unit 901 is configured to receive request messages from a terminal device, where the request messages are used to operate the lifecycle of the target network and are either control plane signaling or user plane signaling between the terminal device and the core network. The processing unit 902 is configured to operate the lifecycle of the target network, which is managed by the core network device, based on the request messages.

[0363] In possible implementations, the request message includes an action type, which may include one of the following: create a target network, delete a target network, change the running state of a target network, or change the network attributes of a target network.

[0364] In possible implementations, changing the execution state of a target network includes pausing or resuming the target network.

[0365] In possible implementations, modifying the network attributes of a target network may include one or more of the following: modifying the capacity of the target network, modifying the capabilities of the target network, modifying the configuration policy of the target network, or modifying the service user list of the target network.

[0366] In possible implementations, the processing unit 902 is further configured to perform operational authentication based on the request message. If the operational authentication result indicates success, the processing unit 902 activates the lifecycle of the target network. Alternatively, if the operational authentication result indicates failure, the processing unit 902 does not activate the lifecycle of the target network.

[0367] In possible implementations, the processing unit 902 performing operation authentication based on the request message includes one or more of the following: authenticating the status of the target network based on the operation type, or authenticating the authorization of the operation type.

[0368] In possible implementations, if the operation type matches the status of the target network, the processing unit 902 succeeds in authenticating the status of the target network; otherwise, if the operation type does not match the status of the target network, the processing unit 902 fails to authenticate the status of the target network.

[0369] In possible implementations, a mismatch between the action type and the target network status includes: when the action type is to create the target network, the target network status is present; when the action type is to delete the target network, the target network status is absent; when the action type is to modify the network attributes of the target network, the target network status is absent; or when the action type is to modify the running state of the target network, the target network status is absent.

[0370] In possible implementations, the existence states include the paused and activated states, and when the action type is to change the running state of the target network, the action type not matching the status of the target network further includes: when the action type is to pause the target network, the status of the target network is paused, or when the action type is to resume the target network, the status of the target network is activated.

[0371] In possible implementations, the request message may further include one or more of the following: user information for the terminal device, operating parameters corresponding to the operation type, or information about the target network.

[0372] In possible implementations, user information includes one or more of the following: a subscription persistence identifier, a user group identifier, or a temporary user identifier.

[0373] In possible implementations, information about the target network may include one or more of the following: the target network identifier, capacity value, capability list, service user list, or configuration policy list.

[0374] In possible implementations, the processing unit 902 retrieves user subscription information based on user information and authenticates operation permission for operation types based on the user subscription information and / or according to local configuration policies.

[0375] In possible implementations, user subscription information may include one or more of the following: a list of permitted action behaviors, a list of permitted network identifiers, a list of permitted network capacity allocations, a list of permitted service users, or a list of configuration policies.

[0376] In possible implementations, when the operation authentication result indicates success, the transceiver unit 901 sends a first response message to the terminal device based on the operation result that activated the lifecycle of the target network, and the first response message includes the status of the target network and the identifier of the target network. Alternatively, when the operation authentication result indicates failure, the transceiver unit 901 sends a second response message to the terminal device, and the second response message indicates that the operation result that activated the lifecycle of the target network indicates failure.

[0377] In possible implementations, the target network is a user service function entity, or another network function that provides services to the user.

[0378] For a more detailed description of the transceiver unit 901 and the processing unit 902, please refer to the relevant description of the terminal devices or core network in the embodiments of the method described above. Further details are not provided here.

[0379] Figure 10 is a schematic diagram of the structure of the communication device 1000 according to this application. The communication device 1000 includes a processor 1010 and an interface circuit 1020. The processor 1010 and the interface circuit 1020 are coupled to each other. It can be understood that the interface circuit 1020 may be a transceiver or an input / output interface. Optionally, the communication device 1000 may further include a memory 1030 configured to store instructions executed by the processor 1010, or input data required by the processor 1010 to execute an instruction, or data generated after the processor 1010 has executed an instruction.

[0380] When the communication device 1000 is configured to carry out the method in the embodiment of the method described above, the processor 1010 is configured to perform the functions of the processing unit 902 described above, and the interface circuit 1020 is configured to perform the functions of the transceiver unit 901 described above.

[0381] When the communication device is a chip used in a terminal device, the chip in the terminal device implements the functions of the terminal device in the embodiment of the method described above. The chip in the terminal device receives information from another network element, or the chip in the terminal device transmits information to another network element.

[0382] When the communication device is a chip used in a core network, the chip in the core network implements the functions of the core network in the embodiment of the method described above. The chip in the core network receives information from another network element, or the chip in the core network transmits information to another network element.

[0383] It can be understood that the processor in the embodiments of this application may be a central processing unit (CPU), another general-purpose processor, a digital signal processor (DSP), an application-specific integrated circuit (ASIC), a field programmable gate array (FPGA), another programmable logic device, a transistor logic device, a hardware component, or any combination thereof. The general-purpose processor may be a microprocessor or any ordinary processor, etc.

[0384] The method steps in embodiments of this application may be implemented in hardware or by executing software instructions by a processor. Software instructions may include corresponding software modules. Software modules may be stored in random access memory (RAM), flash memory, read-only memory (ROM), programmable read-only memory (PROM), erasable programmable read-only memory (EPROM), electrically erasable programmable read-only memory (EEPROM), registers, hard disks, removable hard disks, CD-ROMs, or any other form of storage medium well known in the art. For example, the storage medium is coupled to the processor so that the processor can read information from and write information to the storage medium. Naturally, the storage medium may be a component of the processor. The processor and storage medium may reside in an ASIC. In addition, the ASIC may reside in an access network device or a terminal device. Naturally, the processor and storage medium may, alternatively, reside as separate components in a terminal device or core network.

[0385] All or part of the embodiments described above may be implemented by software, hardware, firmware, or any combination thereof. When software is used to implement an embodiment, all or part of the embodiment may be implemented in the form of a computer program product. A computer program product includes one or more computer programs or instructions. When a computer program or instruction is loaded onto a computer and executed, all or part of the procedures or functions in the embodiments of this application are performed. The computer may be a general-purpose computer, a dedicated computer, a computer network, or other programmable device. The computer program or instruction may be stored on or transmitted using a computer-readable storage medium. The computer-readable storage medium may be any available medium accessible by a computer, or a data storage device such as a server that integrates one or more available media. The available media may be magnetic media, e.g., floppy disks, hard disks, or magnetic tapes; optical media, e.g., digital versatile discs (DVDs); or semiconductor media, e.g., solid-state drives (SSDs).

[0386] In the embodiments of this application, unless otherwise stated or unless there is a logical inconsistency, the terminology and / or descriptions in different embodiments are consistent and can be referenced to one another, and the technical features in different embodiments can be combined on the basis of their internal logical relationships to form new embodiments.

[0387] It should be understood that the various numbers in the embodiments of this application are used merely for illustrative purposes to distinguish them and not to limit the scope of the embodiments of this application. The sequence numbers of the processes described above do not imply execution order, and the execution order of the processes should be determined based on the function and internal logic of the processes.

[0388] One embodiment of this application further provides a computer-readable storage medium. The computer-readable storage medium stores computer-executable instructions, and when a computer-executable instruction is executed, the method executed by a terminal device or core network in the embodiment of the method described above is implemented.

[0389] One embodiment of this application further provides a computer program product. The computer program product includes a computer program, and when the computer program is executed, the method executed by a terminal device or core network in the embodiment of the method described above is implemented.

[0390] One embodiment of this application further provides a communication system, which includes terminal devices or a core network. The terminal devices are configured to perform the methods performed by the terminal devices in the embodiments of the methods described above. The core network is configured to perform the methods performed by the core network in the embodiments of the methods described above.

[0391] For the sake of brevity, it should be noted that the embodiments of the aforementioned method are presented as a series of actions. However, according to this application, some steps may be performed in other orders or simultaneously, so those skilled in the art will understand that this application is not limited to the described order of actions. All embodiments described herein are Exemplary Those skilled in the art will further understand that the actions and modules belonging to the embodiments and related to them are not necessarily required by this application.

[0392] The descriptions of embodiments provided in this application may refer to one another, and the descriptions of embodiments have different focuses. For parts not described in detail in an embodiment, please refer to the relevant description in another embodiment. For the sake of brevity and ease of explanation, the functions of the apparatus and devices provided in the embodiments of this application, as well as the steps performed, should be referred to the relevant description in the embodiments of the method of this application. Furthermore, embodiments of the method and embodiments of the apparatus may refer to, combine, or cite each other.

[0393] Finally, it should be noted that the embodiments described above are intended only to illustrate the technical solutions of this application and are not intended to limit this application. Although this application is specifically described with reference to the embodiments described above, those skilled in the art should understand that it is possible to modify the technical solutions described above, or to replace some or all of their technical features with equivalents, without departing from the scope of the technical solutions of the embodiments of this application.

Claims

1. A network resource management method performed by a terminal device, or a chip or chip system located on the terminal device, A step of generating a request message including an action type, wherein the request message is used by a core network device to operate the lifecycle of a target network configured to provide network services to the terminal device, the operation of the lifecycle includes creating the target network, deleting the target network, changing the running state of the target network, and changing the network attributes of the target network, the action type includes one of creating the target network, deleting the target network, changing the running state of the target network, or changing the network attributes of the target network, and the request message is control plane signaling or user plane signaling between the terminal device and the core network device, The steps include sending the request message to the core network device. A method that includes this.

2. The method according to claim 1, wherein changing the execution state of the target network includes suspending the target network or resuming the target network.

3. A step of receiving a response message transmitted by the core network device, wherein the response message indicates the result of operating the lifecycle of the target network. The method according to claim 1, further comprising:

4. The method according to any one of claims 1 to 3, wherein changing the network attributes of the target network includes one or more of changing the capacity of the target network, changing the capabilities of the target network, changing the configuration policy of the target network, or changing the service user list of the target network.

5. The method according to any one of claims 1 to 3, wherein the request message further includes one or more of the following: user information of the terminal device, operating parameters corresponding to the operation type, or information relating to the target network.

6. The method according to claim 5, wherein the user information includes one or more of a subscription persistence identifier, a user group identifier, or a temporary user identifier.

7. The method according to claim 5, wherein the information relating to the target network includes one or more of the following: an identifier for the target network, a capacity value, a capability list, a service user list, or a configuration policy list.

8. The method according to any one of claims 1 to 3, wherein the target network is a user service function entity or another network function that provides services to a user.

9. A network resource management method performed by a core network device, or a chip or chip system located on the core network device, A step of receiving a request message from a terminal device, including an action type, wherein the request message is used by the core network device to operate the lifecycle of a target network configured to provide network services to the terminal device, the operation of the lifecycle includes creating the target network, deleting the target network, changing the running state of the target network, and changing the network attributes of the target network, the action type includes one of creating the target network, deleting the target network, changing the running state of the target network, or changing the network attributes of the target network, and the request message is control plane signaling or user plane signaling between the terminal device and the core network device, A step of operating the lifecycle of the target network, which is managed by the core network device, based on the request message. A method that includes this.

10. The method according to claim 9, wherein changing the execution state of the target network includes suspending the target network or resuming the target network.

11. The step of operating the lifecycle of the target network, managed by the core network device, based on the request message, The steps include: performing operational authentication based on the aforementioned request message; When the result of the operation authentication indicates success, the steps to activate the lifecycle of the target network and The method according to claim 9, including the method described in claim 9.

12. The step of performing operational authentication based on the aforementioned request message is: A step of authenticating the status of the target network based on the aforementioned operation type, or Steps to authenticate permission for the aforementioned operation type The method according to claim 11, comprising one or more of the above.

13. The step of authenticating the status of the target network based on the operation type is: If the operation type matches the status of the target network, the step of successfully authenticating the status of the target network. The method according to claim 12, including the method described in claim 12.

14. The status of the target network includes an existing or non-existent state, and the operation type matches the status of the target network. When the operation type is to create the target network, the status of the target network is the non-existent state, When the operation type is to delete the target network, the status of the target network is the existing state, When the operation type is to change the network attribute of the target network, the status of the target network is the existence state, or When the operation type is to change the execution state of the target network, the status of the target network is the existence state. The method according to claim 13, including the method described in claim 13.

15. The existence state includes a paused state or an activated state, and when the operation type is to change the running state of the target network, the operation type matches the status of the target network. When the operation type is to temporarily suspend the target network, the status of the target network is the activated state, or When the operation type is to restart the target network, the status of the target network is the paused state. The method according to claim 14, further comprising:

16. The request message further includes user information of the terminal device, and the step of authenticating permission for the operation type is: A step of obtaining user subscription information based on the aforementioned user information, A step of authenticating the permission for the operation of the operation type based on the user subscription information and / or in accordance with the local configuration policy. The method according to any one of claims 11 to 15, including the method described in any one of claims 11 to 15.

17. The method according to claim 16, wherein the user subscription information includes one or more of the following: a list of permitted action behaviors, a list of permitted network identifiers, permitted network capacity allocations, a list of permitted service users, or a list of configuration policies.

18. A step of sending a first response message to the terminal device based on the result of operating the lifecycle of the target network, wherein the first response message includes the status of the target network. The method according to any one of claims 9 to 15, further comprising:

19. The method according to any one of claims 9 to 15, wherein changing the network attributes of the target network includes one or more of changing the capacity of the target network, changing the capabilities of the target network, changing the configuration policy of the target network, or changing the service user list of the target network.

20. The method according to any one of claims 9 to 15, wherein the request message further includes one or more of the following: user information of the terminal device, operating parameters corresponding to the operation type, or information relating to the target network.

21. The method according to claim 20, wherein the user information includes one or more of a subscription persistence identifier, a user group identifier, or a temporary user identifier.

22. The method according to claim 20, wherein the information relating to the target network includes one or more of the target network identifier, capacity value, capability list, service user list, or configuration policy list.

23. The method according to any one of claims 9 to 15, wherein the target network is a user service function entity or another network function that provides services to a user.

24. A communication device comprising at least one module configured to perform the method described in any one of claims 1 to 3.

25. A communication device comprising at least one module configured to perform the method described in any one of claims 9 to 15.

26. A communication device comprising a processor, wherein the processor is coupled to a memory, the memory stores instructions, and the processor executes the instructions, thereby enabling the communication device to perform the method according to any one of claims 1 to 3.

27. The communication device according to claim 26, further comprising one or more of the memory and transceivers, wherein the transceivers are configured to receive and transmit data and / or signaling.

28. A communication device comprising a processor, the processor being coupled to a memory, the memory storing instructions, and the processor executing the instructions, the communication device being configured to enable the communication device to perform the method according to any one of claims 9 to 15.

29. The communication device according to claim 28, further comprising one or more of the memory and transceivers, wherein the transceivers are configured to receive and transmit data and / or signaling.

30. A chip comprising a processor and an interface, wherein the processor is coupled to the interface, The interface is configured to receive or output signals, and the processor is configured to execute code instructions so that the method according to any one of claims 1 to 3 is performed. Tip.

31. A chip comprising a processor and an interface, wherein the processor is coupled to the interface, The interface is configured to receive or output signals, and the processor is configured to execute code instructions so that the method according to any one of claims 9 to 15 is performed. Tip.

32. A communication system comprising a terminal device and a core network device, wherein the terminal device is configured to perform the method according to any one of claims 1 to 3, and the core network device is configured to perform the method according to any one of claims 9 to 15.

33. A computer-readable storage medium, wherein the computer-readable storage medium stores computer-executable instructions, and when the computer-executable instructions are invoked by a computer, the method according to any one of claims 1 to 3 is executed.

34. A computer-readable storage medium, wherein the computer-readable storage medium stores computer-executable instructions, and when the computer-executable instructions are invoked by a computer, the method according to any one of claims 9 to 15 is performed.