CN104185245A - Method, device and system for limiting access position of base station - Google Patents
Method, device and system for limiting access position of base station Download PDFInfo
- Publication number
- CN104185245A CN104185245A CN201410424305.5A CN201410424305A CN104185245A CN 104185245 A CN104185245 A CN 104185245A CN 201410424305 A CN201410424305 A CN 201410424305A CN 104185245 A CN104185245 A CN 104185245A
- Authority
- CN
- China
- Prior art keywords
- ownership
- target
- described target
- cgi
- current
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a method, device and system for limiting the access position of a base station. The problems that the access position limiting scheme in the prior art is limited, so that the access reliability and success rate of the base station are low can be solved. The method comprises the steps that an access request message sent by a target base station and the MAC address of a return link node of the target base station are received; whether the access request message includes the CGI information of an adjacent macro station of the target base station or not is judged; when the fact that the CGI information is included is judged, whether the current access position of the target base station belongs to a preset affiliation access position or not is judged according to the CGI information; when it is judged that the CGI information is not included, whether the current access position of the target base station belongs to the preset affiliation access position or not is judged according to the MAC address; when it is judged that the current access position belongs to the affiliation access position, the target base station is allowed to be accessed; when it is judged that the current access position does not belong to the affiliation access position, the target base station is declined to be accessed.
Description
Technical field
The present invention relates to mobile communication technology field, relate in particular to a kind of methods, devices and systems that limit the on-position of base station.
Background technology
Home eNodeB claims again femtocell, is that a kind of transmitting power is low, and coverage is little, can directly be deployed in user family the small base station equipment that adopts public network to return.Compare with chamber subsystem with traditional macro station, Home eNodeB can be realized capacity when covering is registered one's residence in realization, has reduced the expenses such as property coordination, computer room construction and lease, and the investment cost of operator is greatly reduced.In addition, Home eNodeB can be supported original mobile terminal, has reduced the requirement to terminal, has expanded covering and the capacity of network more economically.
The characteristic of the portability based on Home eNodeB and public network access, if the on-position of Home eNodeB is not limited, user just can carry the core net of Home eNodeB even external access carrier to other cities and carries out the miscellaneous services such as voice call, visual telephone, online and can escape wandering fee, reduce the roaming income of operator, the fee administration of the whole communications industry is formed and impacted, therefore when disposing Home eNodeB, must consider the on-position of Home eNodeB to limit, prevent the random mobile household of user base station.
The on-position method for limiting of three kinds of Home eNodeB has been proposed in prior art:
1, the information such as the band of position number based on grand network (Location Area Code, LAC) and cell index Cell ID limits the on-position of Home eNodeB.But when Home eNodeB is in coverage hole, while there is no macro station around, the method just cannot provide on-position limitation function.
2, based on ADSL (Asymmetric Digital Subscriber Line) (Asymmetrical Digital Subscriber Loop, ADSL) port numbers, the on-position of Home eNodeB is limited.But when Home eNodeB is used broadband access network but not during ADSL, Home eNodeB just cannot obtain adsl port number, now the method also cannot provide on-position limitation function.
3, based on IP address, the on-position of Home eNodeB is limited, restriction Home eNodeB is used in the scope of particular ip address section.The method can only, for prefecture-level other on-position, cannot be accomplished the on-position restriction of cell level; Because IP address field can dynamically be adjusted between area, when IP address database upgrades not in time, can cause erroneous judgement simultaneously, customer service is impacted.
As can be seen here, the method for limiting of the on-position of current Home eNodeB all has certain limitation, reliability and success rate are lower, therefore need badly and propose a kind of on-position more flexibly and effectively restricted version, to improve reliability and the success rate of the on-position restriction of Home eNodeB, solve because moving multiple inconvenience and the threat bringing in the on-position of Home eNodeB.
Summary of the invention
The embodiment of the present invention provides a kind of methods, devices and systems that limit the on-position of base station, in order to solve on-position of the prior art restricted version, all has limitation, causes reliability and the lower problem of success rate of base station access.
The embodiment of the present invention is by the following technical solutions:
The embodiment of the present invention provides a kind of method that limits the on-position of base station, comprising:
MAC Address is controlled in the media interviews of the access request message that receiving target base station sends and the return link node of described target BS;
Judge the CGI(Common gateway interface) CGI information of the adjacent macro station that whether comprises described target BS in described access request message;
When judging while comprising described CGI information, according to described CGI information, judge whether the current on-position of described target BS belongs to default ownership on-position;
When judging while not comprising described CGI information, according to described MAC Address, judge whether the current on-position of described target BS belongs to default ownership on-position;
When judging the current on-position of described target BS and belong to default ownership on-position, allow described target BS access;
When judging the current on-position of described target BS and do not belong to default ownership on-position, refuse described target BS access.
Optionally, described CGI packets of information is containing band of position number LAC, and described ownership on-position comprises the ownership LAC of described target BS; ?
According to described CGI information, judge that whether the current on-position of described target BS belongs to default ownership on-position, specifically comprises:
Judge whether the LAC that described CGI packets of information contains matches with the ownership LAC of described target BS;
When judgment result is that coupling, the current on-position of described target BS belongs to described ownership on-position;
When judgment result is that while not mating, the current on-position of described target BS does not belong to described ownership on-position.
Optionally, described ownership on-position comprises the ownership MAC Address of described target BS; ?
According to described MAC Address, judge that whether the current on-position of described target BS belongs to default ownership on-position, specifically comprises:
Judge whether described MAC Address matches with the ownership MAC Address of described target BS;
When judgment result is that coupling, the current on-position of described target BS belongs to described ownership on-position;
When judgment result is that while not mating, the current on-position of described target BS does not belong to described ownership on-position.
The embodiment of the present invention provides a kind of method that limits the on-position of base station, comprising:
Target BS scanning neighbor region, and MAC Address is controlled in the media interviews that send the return link node of self to access network element;
When described target BS scans described adjacent area and has adjacent macro station, to access network element, send the access request message of the CGI(Common gateway interface) CGI information that comprises described adjacent macro station, so that described access network element judges according to described CGI information whether the current on-position of described target BS belongs to default ownership on-position;
When described target BS scans described adjacent area and does not have adjacent macro station, to access network element, send the access request message of the CGI information that does not comprise adjacent macro station, so that described access network element judges according to described MAC Address whether the current on-position of described target BS belongs to default ownership on-position.
Optionally, when described target BS scans described adjacent area and has adjacent macro station, to access network element, send the access request message of the CGI information that comprises adjacent macro station, specifically comprise:
When described target BS scans described adjacent area and has a plurality of adjacent macro station, the CGI information of any one adjacent macro station is carried in access request message, send to access network element.
Optionally, described method also comprises:
Receive the refusal access message that described access network element sends; Wherein, the current on-position that the described access network element of described refusal access message is judged described target BS does not belong to described ownership on-position and sends;
When there is the CGI information of the adjacent macro station not yet sending, the CGI information of the adjacent macro station that any one was not yet sent is carried in access request message, resends to access network element.
The embodiment of the present invention provides a kind of device that limits the on-position of base station, comprising:
Receiving element, MAC Address is controlled in the media interviews of the access request message sending for receiving target base station and the return link node of described target BS;
Judging unit, for judging whether the access request message of receiving element reception comprises the CGI(Common gateway interface) CGI information of the adjacent macro station of described target BS;
CGI authentification of message unit, while comprising described CGI information for judging when judging unit, judges according to described CGI information whether the current on-position of described target BS belongs to default ownership on-position;
MAC address authentication unit, while not comprising described CGI information for judging when judging unit, judges according to described MAC Address whether the current on-position of described target BS belongs to default ownership on-position;
Allow access unit, while belonging to default ownership on-position for go out the current on-position of described target BS when MAC address authentication unit or CGI authentification of message unit judges, allow described target BS to access;
Refusal access unit, while not belonging to default ownership on-position for the current on-position that goes out described target BS when described MAC address authentication unit or described CGI authentification of message unit judges, refuses described target BS and accesses.
Optionally, described CGI packets of information is containing band of position number LAC, and described ownership on-position comprises the ownership LAC of described target BS; ?
Described CGI authentification of message unit, specifically for:
Judge whether the LAC that described CGI packets of information contains matches with the ownership LAC of described target BS; When judgment result is that coupling, the current on-position of described target BS belongs to described ownership on-position; When judgment result is that while not mating, the current on-position of described target BS does not belong to described ownership on-position.
Optionally, described ownership on-position comprises the ownership MAC Address of described target BS; ?
Described MAC address authentication unit, specifically for:
Judge whether described MAC Address matches with the ownership MAC Address of described target BS; When judgment result is that coupling, the current on-position of described target BS belongs to described ownership on-position; When judgment result is that while not mating, the current on-position of described target BS does not belong to described ownership on-position.
The embodiment of the present invention provides a kind of device that limits the on-position of base station, comprising:
Scanning element, for scanning neighbor region, and MAC Address is controlled in the media interviews that send the return link node of self to access network element;
The first transmitting element, while there is adjacent macro station for scanning described adjacent area when scanning element, to access network element, send the access request message of the CGI(Common gateway interface) CGI information that comprises described adjacent macro station, so that described access network element judges according to described CGI information whether the current on-position of described target BS belongs to default ownership on-position;
The second transmitting element, while there is not adjacent macro station for scanning described adjacent area when scanning element, to access network element, send the access request message of the CGI information that does not comprise adjacent macro station, so that described access network element judges according to described MAC Address whether the current on-position of described target BS belongs to default ownership on-position.
Optionally, described the first transmitting element, specifically for:
When scanning element scans described adjacent area and has a plurality of adjacent macro station, the CGI information of any one adjacent macro station is carried in access request message, send to access network element.
Optionally, described device also comprises:
Receiving element, the refusal access message sending for receiving described access network element; Wherein, the current on-position that the described access network element of described refusal access message is judged described target BS does not belong to described ownership on-position and sends;
Resend unit, for when there is the CGI information of the adjacent macro station not yet sending, the CGI information of the adjacent macro station that any one was not yet sent is carried in access request message, resends to access network element.
The embodiment of the present invention provides a kind of system that limits the on-position of base station, comprising: target BS and access network element, wherein:
Described target BS, for scanning neighbor region, and MAC Address is controlled in the media interviews that send the return link node of self to access network element; When scanning described adjacent area and have adjacent macro station, to access network element, send the access request message of the CGI(Common gateway interface) CGI information that comprises described adjacent macro station; When scanning described adjacent area and do not have adjacent macro station, to access network element, send the access request message of the CGI information that does not comprise adjacent macro station;
Described access network element, controls MAC Address for receiving the media interviews of the access request message of described target BS transmission and the return link node of described target BS; Judge the CGI(Common gateway interface) CGI information of the adjacent macro station that whether comprises described target BS in described access request message; When judging while comprising described CGI information, according to described CGI information, judge whether the current on-position of described target BS belongs to default ownership on-position; When judging while not comprising described CGI information, according to described MAC Address, judge whether the current on-position of described target BS belongs to default ownership on-position; When judging the current on-position of described target BS and belong to default ownership on-position, allow the access of described base station; When judging the current on-position of described target BS and do not belong to default ownership on-position, refuse the access of described base station.
The beneficial effect of the embodiment of the present invention is as follows:
In the embodiment of the present invention, the CGI information that whether comprises the adjacent macro station of target BS in the access request message that judgement receives, when not comprising CGI information, using the MAC Address of return link node of target BS as authentication according to judging that whether the on-position of target BS legal; When comprising CGI information, using this CGI information as authentication according to judging that whether the on-position of target BS legal, and whether the on-position by target BS legal determines whether allowing target BS to access.This technical scheme combines MAC Address and CGI information jointly to judge that whether the on-position of target BS is legal, can guarantee to greatest extent the access of target BS, effectively raises reliability and the success rate of target BS access.
Accompanying drawing explanation
The realization flow figure of the method for a kind of on-position of limiting base station that Fig. 1 provides for the embodiment of the present invention;
The realization flow figure of the method for a kind of on-position of limiting base station that Fig. 2 provides for the embodiment of the present invention;
The application scenarios schematic diagram of the method for the on-position that Fig. 3 is the restriction base station of realizing the embodiment of the present invention and providing;
Fig. 4 is the specific implementation flow chart of method of the on-position of the restriction base station under above-mentioned application scenarios;
The authentication determination strategy schematic diagram of the authentication ' unit 105 that Fig. 5 provides for the embodiment of the present invention;
The structural representation of the device of a kind of on-position of limiting base station that Fig. 6 provides for the embodiment of the present invention;
The structural representation of the device of a kind of on-position of limiting base station that Fig. 7 provides for the embodiment of the present invention
The structural representation of the system of a kind of on-position of limiting base station that Fig. 8 provides for the embodiment of the present invention.
Embodiment
In order to solve on-position of the prior art restricted version, all have limitation, cause reliability and the lower problem of success rate of base station access, the embodiment of the present application has proposed a kind of scheme that limits the on-position of base station.In this technical scheme, the CGI information that whether comprises the adjacent macro station of target BS in the access request message that judgement receives, when not comprising CGI information, using the MAC Address of return link node of target BS as authentication according to judging that whether the on-position of target BS legal; When comprising CGI information, using this CGI information as authentication according to judging that whether the on-position of target BS legal, and whether the on-position by target BS legal determines whether allowing target BS to access.This technical scheme combines MAC Address and CGI information jointly to judge that whether the on-position of target BS is legal, can guarantee to greatest extent the access of target BS, effectively raises reliability and the success rate of target BS access.
Below in conjunction with Figure of description, embodiments of the invention are described, should be appreciated that embodiment described herein, only for description and interpretation the present invention, is not limited to the present invention.And in the situation that not conflicting, the embodiment in the present invention and the feature of embodiment can be interosculated.
A kind of method that limits the on-position of base station is provided in the embodiment of the present invention, as shown in Figure 1, is the realization flow figure of the method, and the executive agent of the method can be to carry out mutual access network element with target BS, can specifically comprise the steps:
Step 11, (Media Access Control, MAC) address is controlled in the media interviews of the access request message that access network element receiving target base station sends and the return link node of target BS;
Target BS in the embodiment of the present invention can be, but not limited to as Home eNodeB, and the return link node of target BS can be, but not limited to as router or switch.
After target BS start, obtain the MAC Address of its return link node, and send to access network element, in order to the follow-up use of access network element.
It should be noted that, in this step, access network element can first receive access request message, then receives the MAC Address of return link node; Or first receive the MAC Address of return link node, then receive access request message; Or the two receives simultaneously.Reception order to the two in the embodiment of the present invention does not limit.
Step 12, judges CGI(Common gateway interface) (Common Gateway Interface, the CGI) information that whether comprises the adjacent macro station of target BS in the access request message receiving;
Wherein, after target BS start, scan its adjacent area and whether have adjacent macro station, if scan its adjacent area, have adjacent macro station, the CGI information of the adjacent macro station scanning can be carried in access request message and send to access network element; If do not scan the adjacent macro station of its adjacent area, in access request message, do not comprise CGI information.
Step 13, when judging while comprising CGI information, judges according to CGI information whether the current on-position of target BS belongs to default ownership on-position;
Generally, in CGI information, carry LAC, according to CGI information, judge whether the current on-position of target BS belongs to default ownership on-position, and the LAC carrying according to CGI information judges whether the current on-position of target BS belongs to default ownership on-position.
Default ownership on-position can comprise the ownership LAC of this target BS, and now step 13 can specifically comprise:
Judge whether the LAC that CGI packets of information contains matches with the ownership LAC of target BS;
When judgment result is that coupling, the current on-position of target BS belongs to ownership on-position;
When judgment result is that while not mating, the current on-position of target BS does not belong to ownership on-position.
Step 14, when judging while not comprising CGI information, judges according to the MAC Address of the return link node of target BS whether the current on-position of target BS belongs to default ownership on-position.
Default ownership on-position can comprise the ownership MAC Address of target BS, and now step 14 can specifically comprise:
Whether the MAC Address that judges its return link node matches with the ownership MAC Address of target BS;
When judgment result is that coupling, the current on-position of target BS belongs to ownership on-position;
When judgment result is that while not mating, the current on-position of target BS does not belong to ownership on-position.
Step 15, when judging the current on-position of target BS and belong to default ownership on-position, allows target BS access.
Step 16, when judging the current on-position of target BS and not belonging to default ownership on-position, the access of refusal target BS.
Above-mentioned steps 13 and step 14 are step arranged side by side, and step 15 and step 16 are step arranged side by side.
As shown in Figure 2, the realization flow figure of the method for the on-position of the restriction base station providing for the embodiment of the present invention, the executive agent of the method can be to carry out mutual target BS with access network element, can specifically comprise the steps:
Step 21, target BS scanning neighbor region, and MAC Address is controlled in the media interviews that send the return link node of self to access network element;
Target BS in the embodiment of the present invention can be, but not limited to as Home eNodeB, and the return link node of target BS can be, but not limited to as router or switch.
Step 22, when target BS scans adjacent area and has adjacent macro station, to access network element, send the access request message of the CGI information that comprises adjacent macro station, so that access network element judges according to CGI information whether the current on-position of target BS belongs to default ownership on-position;
Concrete, if target BS scans adjacent area while there is a plurality of adjacent macro station, the CGI information of any one adjacent macro station is carried in access request message, send to access network element.
Step 23, when target BS scans adjacent area and does not have adjacent macro station, to access network element, send the access request message of the CGI information that does not comprise adjacent macro station, so that access network element judges according to MAC Address whether the current on-position of target BS belongs to default ownership on-position.
Above-mentioned steps 22 and step 23 are step arranged side by side.
Further, at target BS, scan under the prerequisite that adjacent area exists a plurality of adjacent macro stations, after step 22 or step 23, when if target BS receives the refusal access message of access network element transmission, if now there is the CGI information of the adjacent macro station not yet sending, the CGI information of the adjacent macro station any one not yet being sent is carried in access request message, resends to access network element.
Wherein, the current on-position that refusal access message access network element is judged target BS does not belong to ownership on-position and sends.
In the embodiment of the present invention, the CGI information that whether comprises the adjacent macro station of target BS in the access request message that judgement receives, when not comprising CGI information, using the MAC Address of return link node of target BS as authentication according to judging that whether the on-position of target BS legal; When comprising CGI information, using this CGI information as authentication according to judging that whether the on-position of target BS legal, and whether the on-position by target BS legal determines whether allowing target BS to access.This technical scheme combines MAC Address and CGI information jointly to judge that whether the on-position of target BS is legal, can guarantee to greatest extent the access of target BS, effectively raises reliability and the success rate of target BS access
Below in conjunction with accompanying drawing, the preferred embodiment of the present invention is elaborated.
As shown in Figure 3, for realizing the application scenarios schematic diagram of method of the on-position of above-mentioned restriction base station.Under this application scenarios, comprise Home eNodeB 101, security gateway 102, Femto gateway 103, authentication ' unit 105 and network management unit 104.
Home eNodeB 101 is connected with security gateway 102, and business datum between the two is all encrypted by internet security (Internet Protocol Security, the IPsec) tunnel of reaching an agreement on, and guarantees that Home eNodeB 101 is to the fail safe of core network data.After Home eNodeB 101 electrifying startups, obtain the MAC Address of return link node (router or switch) and the CGI information of adjacent macro station reports respectively network management unit 104 and Femto gateway 103.
Wherein, Femto gateway herein, as convergence device, can be connected with many Home eNodeB or home gateway.
Security gateway 102 is decrypted and is transmitted to network management unit 104 or Femto gateway 103 by the upstream data of Home eNodeB 101; The downlink data of issuing Home eNodeB 101 of Femto gateway 103 and network management unit 104 is encrypted.
Femto gateway 103 is connected with authentication ' unit 105 with security gateway 102 respectively.In up link, Femto gateway 103 receives the registration information (HNB_REGISTER request) of the base station of security gateway 102 forwardings, the adjacent macro station information of carrying in this registration information is issued to authentication ' unit 105 and according to certification policy, authenticate; In down link, Femto gateway 103 receives the authentication result that authentication ' unit 105 sends, according to authentication result, generate registering family base station success or failed message, wherein, the Home eNodeB legal for on-position generates the message that succeeds in registration, for the illegal Home eNodeB in on-position, generate registration failure message, this message sends to Home eNodeB 101 after security gateway 102 is encrypted.
In embodiments of the present invention; the reporting of the MAC Address of Home eNodeB 101 can be issued authentication ' unit 105 by network management unit 104 and be authenticated; also can directly by security gateway 102 and Femto gateway 103, issue authentication ' unit 105 and authenticate, within wherein the interface shape of any transmission MAC Address between Home eNodeB 101 and authentication ' unit 105 all belongs to the protection range of the embodiment of the present invention.
It should be noted that, the MAC Address report method that the embodiment of the present invention proposes, can guarantee that the interface between existing each network element is constant, guarantees to greatest extent the Home eNodeB 101 of Liao Ge producer and the compatibility between security gateway 102 or Femto gateway 103.
Authentication ' unit 105 receives after the CGI information of MAC Address that Home eNodeB 101 reports and adjacent macro station, judges that whether Home eNodeB is by position limitation strategy, and authentication result is issued to Femto gateway by Radius agreement according to the certification policy setting in advance.
The final function realizing of the embodiment of the present invention can complete under above-mentioned application scenarios, in actual applications, above-mentioned security gateway 102, Femto gateway 103, authentication ' unit 105 and network management unit 104 can be separate functional entitys, also can be functional modules different in same functional entity, concrete set-up mode, according to the Location of requirement of actual application environment, does not repeat them here.
Below the method for the on-position of the restriction base station under above-mentioned application scenarios is described in detail, as shown in Figure 4, specifically comprises following handling process:
Step 41, Home eNodeB 101 starts, and obtains the MAC Address of return link node (router or switch), and preserves; Then the information of scanning neighbor macro station, and record the CGI information of each adjacent macro station, and preserve;
Step 42, Home eNodeB 101 is initiated IPsec to security gateway 102 and is set up request, the IPsec tunnel between foundation and security gateway 102, all information between Home eNodeB 101 and rear end equipment are all encrypted and are deciphered by IPsec tunnel;
Step 43, Home eNodeB 101 reports authentication ' unit 105 by the MAC Address of preserving in step 41;
Step 44, Home eNodeB 101 sends registration information to Femto gateway 103, carries the CGI information of Home eNodeB identify label ID and an adjacent macro station in this login request message.
Wherein, registration information of the every transmission of Home eNodeB 101, can only carry the CGI information of an adjacent macro station.If do not scan the information of adjacent macro station in step 41, Home eNodeB is in island mode, and in this step, CGI information is empty;
Step 45, Femto gateway 103 is received after the login request message of Home eNodeB 101, the CGI information exchange of Home eNodeB ID and adjacent macro station is crossed to Radius agreement and issue authentication ' unit 105;
Step 46, authentication ' unit 105 is received respectively after the MAC Address and CGI message of network management unit 104 and 103 transmissions of Femto gateway, is adjudicated, and authentication result is issued to Femto gateway 103 according to authentication decision strategy;
Step 47, Femto gateway 103 is received the authentication result of authentication ' unit 105, generates the registration reply message of Home eNodeB 101 according to authentication result;
Step 48, when authentication result is successfully, Femto gateway 103 sends to Home eNodeB 101 message that succeeds in registration;
Step 49, when authentication result is unsuccessfully, Femto gateway 103 sends registration failure message to Home eNodeB 101, and Home eNodeB 101 is received after registration failure message, obtains the CGI information of next adjacent macro station, continues execution step 44.
It should be noted that, in the CGI information of the adjacent macro station scanning in step 41, as long as there is a CGI information, can pass through the authentication of authentication ' unit 105, Home eNodeB 101 just can be by registration, the registering family base station failure that can avoid like this information change of adjacent macro station to cause improves base station login success rate as far as possible.
Below the authentication decision strategy of mentioning in above-mentioned steps 46 is introduced.As shown in Figure 5, the authentication determination strategy schematic diagram of the authentication ' unit 105 providing for the embodiment of the present invention, specifically comprises:
Step 51, authentication ' unit 105 is received MAC Address that Home eNodeB 101 reports and the CGI information of adjacent macro station, then authentication ' unit 105 is adjudicated according to the information of receiving;
Step 52, authentication ' unit 105 checks whether CGI information is empty, and Home eNodeB, whether in island mode, does not have adjacent macro station in adjacent area.If CGI information is empty, jump to step 54, according to MAC Address, adjudicate authentication and whether pass through; If CGI information is not empty, according to the LAC parameter in CGI information, decide authentication whether to pass through;
Step 53, if LAC parameter is legal in CGI information, jumps to step 56; If LAC parameter is illegal in CGI information, jump to step 55.Wherein the LAC parameter in CGI information is legal, refer to that Home eNodeB that when Home eNodeB is opened an account, system provides according to user is used the ownership LAC of the Home eNodeB that the LAC section planning of address and adjacent macro station generates automatically, consider that LAC district geographically may be overlapping or have a common boundary, therefore Home eNodeB ownership LAC can comprise a plurality of LAC parameters, the LAC that authentication ' unit is received is as long as in being included in Home eNodeB ownership LAC, just be judged to authentication and pass through, otherwise be judged to authentication, do not pass through;
Step 54, if MAC Address is legal, jumps to step 56; If MAC Address parameter is illegal, jump to step 55.Wherein MAC Address is legal, refers to that the MAC Address that Home eNodeB reports is consistent with the ownership MAC Address of storage in authentication ' unit 105.The ownership MAC Address of storage in authentication ' unit 105 is that Home eNodeB is first is reported to the MAC Address of authentication ' unit 105 when using, and authentication ' unit 105 stores the ownership MAC Address as subsequent authentication using this MAC Address.
Step 55, authentication ' unit 105 judgements are not passed through for authentication, send authentication do not pass through message to Femto gateway 103;
Step 56, authentication ' unit 105 judgements are passed through for authentication, send authentication pass through message to Femto gateway 103.
Based on said method, the embodiment of the present invention provides a kind of device that limits the on-position of base station, as shown in Figure 6, is the structural representation of this device, comprises following function unit:
Receiving element 61, MAC Address is controlled in the media interviews of the access request message sending for receiving target base station and the return link node of described target BS;
Judging unit 62, for judging whether the access request message of receiving element 61 receptions comprises the CGI(Common gateway interface) CGI information of the adjacent macro station of described target BS;
CGI authentification of message unit 63, while comprising described CGI information for judging when judging unit 62, judges according to described CGI information whether the current on-position of described target BS belongs to default ownership on-position;
MAC address authentication unit 64, while not comprising described CGI information for judging when judging unit 62, judges according to described MAC Address whether the current on-position of described target BS belongs to default ownership on-position;
Allow access unit 65, while belonging to default ownership on-position for judge the current on-position of described target BS when MAC address authentication unit 64 or CGI authentification of message unit 63, allow described target BS to access;
Refusal access unit 66, while not belonging to default ownership on-position for the current on-position of judging described target BS when described MAC address authentication unit 64 or described CGI authentification of message unit 63, refuses described target BS and accesses.
Optionally, described CGI packets of information is containing band of position number LAC, and described ownership on-position comprises the ownership LAC of described target BS; ?
Described CGI authentification of message unit 63, specifically for:
Judge whether the LAC that described CGI packets of information contains matches with the ownership LAC of described target BS; When judgment result is that coupling, the current on-position of described target BS belongs to described ownership on-position; When judgment result is that while not mating, the current on-position of described target BS does not belong to described ownership on-position.
Optionally, described ownership on-position comprises the ownership MAC Address of described target BS; ?
Described MAC address authentication unit 64, specifically for:
Judge whether described MAC Address matches with the ownership MAC Address of described target BS; When judgment result is that coupling, the current on-position of described target BS belongs to described ownership on-position; When judgment result is that while not mating, the current on-position of described target BS does not belong to described ownership on-position.
Based on said method, the embodiment of the present invention also provides a kind of device that limits the on-position of base station, as shown in Figure 7, is the structural representation of this device, comprises following function unit:
Scanning element 71, for scanning neighbor region, and MAC Address is controlled in the media interviews that send the return link node of self to access network element;
The first transmitting element 72, while there is adjacent macro station for scanning described adjacent area when scanning element 71, to access network element, send the access request message of the CGI(Common gateway interface) CGI information that comprises described adjacent macro station, so that described access network element judges according to described CGI information whether the current on-position of described target BS belongs to default ownership on-position;
The second transmitting element 73, while there is not adjacent macro station for scanning described adjacent area when scanning element 71, to access network element, send the access request message of the CGI information that does not comprise adjacent macro station, so that described access network element judges according to described MAC Address whether the current on-position of described target BS belongs to default ownership on-position.
Optionally, described the first transmitting element 72, specifically for:
When scanning element scans described adjacent area and has a plurality of adjacent macro station, the CGI information of any one adjacent macro station is carried in access request message, send to access network element.
Optionally, described device also comprises:
Receiving element 74, the refusal access message sending for receiving described access network element; Wherein, the current on-position that the described access network element of described refusal access message is judged described target BS does not belong to described ownership on-position and sends;
Resend unit 75, for when there is the CGI information of the adjacent macro station not yet sending, the CGI information of the adjacent macro station that any one was not yet sent is carried in access request message, resends to access network element.
Based on said method, the embodiment of the present invention provides a kind of system that limits the on-position of base station, and as shown in Figure 8, the structural representation for this system, comprising: target BS 81 and access network element 82, wherein:
Described target BS 81, for scanning neighbor region, and MAC Address is controlled in the media interviews that send the return link node of self to access network element 82; When scanning described adjacent area and have adjacent macro station, to access network element 82, send the access request message of the CGI(Common gateway interface) CGI information that comprises described adjacent macro station; When scanning described adjacent area and do not have adjacent macro station, to access network element 82, send the access request message of the CGI information that does not comprise adjacent macro station;
Described access network element 82, controls MAC Address for receiving the media interviews of the described target BS 81 access request message of transmission and the return link node of described target BS; Judge the CGI(Common gateway interface) CGI information of the adjacent macro station that whether comprises described target BS 81 in described access request message; When judging while comprising described CGI information, according to described CGI information, judge whether the current on-position of described target BS 81 belongs to default ownership on-position; When judging while not comprising described CGI information, according to described MAC Address, judge whether the current on-position of described target BS 81 belongs to default ownership on-position; When judging the current on-position of described target BS 81 and belong to default ownership on-position, allow described target BS 81 accesses; When judging the current on-position of described target BS 81 and do not belong to default ownership on-position, refuse described target BS 81 accesses.
Those skilled in the art should understand, embodiments of the invention can be provided as method, system or computer program.Therefore, the present invention can adopt complete hardware implementation example, implement software example or in conjunction with the form of the embodiment of software and hardware aspect completely.And the present invention can adopt the form that wherein includes the upper computer program of implementing of computer-usable storage medium (including but not limited to magnetic disc store, CD-ROM, optical memory etc.) of computer usable program code one or more.
The present invention is with reference to describing according to flow chart and/or the block diagram of the method for the embodiment of the present invention, equipment (system) and computer program.Should understand can be in computer program instructions realization flow figure and/or block diagram each flow process and/or the flow process in square frame and flow chart and/or block diagram and/or the combination of square frame.Can provide these computer program instructions to the processor of all-purpose computer, special-purpose computer, Embedded Processor or other programmable data processing device to produce a machine, the instruction of carrying out by the processor of computer or other programmable data processing device is produced for realizing the device in the function of flow process of flow chart or a plurality of flow process and/or square frame of block diagram or a plurality of square frame appointments.
These computer program instructions also can be stored in energy vectoring computer or the computer-readable memory of other programmable data processing device with ad hoc fashion work, the instruction that makes to be stored in this computer-readable memory produces the manufacture that comprises command device, and this command device is realized the function of appointment in flow process of flow chart or a plurality of flow process and/or square frame of block diagram or a plurality of square frame.
These computer program instructions also can be loaded in computer or other programmable data processing device, make to carry out sequence of operations step to produce computer implemented processing on computer or other programmable devices, thereby the instruction of carrying out is provided for realizing the step of the function of appointment in flow process of flow chart or a plurality of flow process and/or square frame of block diagram or a plurality of square frame on computer or other programmable devices.
Although described the preferred embodiments of the present invention, once those skilled in the art obtain the basic creative concept of cicada, can make other change and modification to these embodiment.So claims are intended to all changes and the modification that are interpreted as comprising preferred embodiment and fall into the scope of the invention.
Obviously, those skilled in the art can carry out various changes and modification and not depart from the spirit and scope of the present invention the present invention.Like this, if within of the present invention these are revised and modification belongs to the scope of the claims in the present invention and equivalent technologies thereof, the present invention is also intended to comprise these changes and modification interior.
Claims (13)
1. a method that limits the on-position of base station, is characterized in that, comprising:
MAC Address is controlled in the media interviews of the access request message that receiving target base station sends and the return link node of described target BS;
Judge the CGI(Common gateway interface) CGI information of the adjacent macro station that whether comprises described target BS in described access request message;
When judging while comprising described CGI information, according to described CGI information, judge whether the current on-position of described target BS belongs to default ownership on-position;
When judging while not comprising described CGI information, according to described MAC Address, judge whether the current on-position of described target BS belongs to default ownership on-position;
When judging the current on-position of described target BS and belong to default ownership on-position, allow described target BS access;
When judging the current on-position of described target BS and do not belong to default ownership on-position, refuse described target BS access.
2. the method for claim 1, is characterized in that, described CGI packets of information is containing band of position number LAC, and described ownership on-position comprises the ownership LAC of described target BS; ?
According to described CGI information, judge that whether the current on-position of described target BS belongs to default ownership on-position, specifically comprises:
Judge whether the LAC that described CGI packets of information contains matches with the ownership LAC of described target BS;
When judgment result is that coupling, the current on-position of described target BS belongs to described ownership on-position;
When judgment result is that while not mating, the current on-position of described target BS does not belong to described ownership on-position.
3. the method for claim 1, is characterized in that, described ownership on-position comprises the ownership MAC Address of described target BS; ?
According to described MAC Address, judge that whether the current on-position of described target BS belongs to default ownership on-position, specifically comprises:
Judge whether described MAC Address matches with the ownership MAC Address of described target BS;
When judgment result is that coupling, the current on-position of described target BS belongs to described ownership on-position;
When judgment result is that while not mating, the current on-position of described target BS does not belong to described ownership on-position.
4. a method that limits the on-position of base station, is characterized in that, comprising:
Target BS scanning neighbor region, and MAC Address is controlled in the media interviews that send the return link node of self to access network element;
When described target BS scans described adjacent area and has adjacent macro station, to access network element, send the access request message of the CGI(Common gateway interface) CGI information that comprises described adjacent macro station, so that described access network element judges according to described CGI information whether the current on-position of described target BS belongs to default ownership on-position;
When described target BS scans described adjacent area and does not have adjacent macro station, to access network element, send the access request message of the CGI information that does not comprise adjacent macro station, so that described access network element judges according to described MAC Address whether the current on-position of described target BS belongs to default ownership on-position.
5. method as claimed in claim 4, is characterized in that, when described target BS scans described adjacent area and has adjacent macro station, sends the access request message of the CGI information that comprises adjacent macro station to access network element, specifically comprises:
When described target BS scans described adjacent area and has a plurality of adjacent macro station, the CGI information of any one adjacent macro station is carried in access request message, send to access network element.
6. method as claimed in claim 5, is characterized in that, described method also comprises:
Receive the refusal access message that described access network element sends; Wherein, the current on-position that the described access network element of described refusal access message is judged described target BS does not belong to described ownership on-position and sends;
When there is the CGI information of the adjacent macro station not yet sending, the CGI information of the adjacent macro station that any one was not yet sent is carried in access request message, resends to access network element.
7. a device that limits the on-position of base station, is characterized in that, comprising:
Receiving element, MAC Address is controlled in the media interviews of the access request message sending for receiving target base station and the return link node of described target BS;
Judging unit, for judging whether the access request message of receiving element reception comprises the CGI(Common gateway interface) CGI information of the adjacent macro station of described target BS;
CGI authentification of message unit, while comprising described CGI information for judging when judging unit, judges according to described CGI information whether the current on-position of described target BS belongs to default ownership on-position;
MAC address authentication unit, while not comprising described CGI information for judging when judging unit, judges according to described MAC Address whether the current on-position of described target BS belongs to default ownership on-position;
Allow access unit, while belonging to default ownership on-position for go out the current on-position of described target BS when MAC address authentication unit or CGI authentification of message unit judges, allow described target BS to access;
Refusal access unit, while not belonging to default ownership on-position for the current on-position that goes out described target BS when described MAC address authentication unit or described CGI authentification of message unit judges, refuses described target BS and accesses.
8. device as claimed in claim 7, is characterized in that, described CGI packets of information is containing band of position number LAC, and described ownership on-position comprises the ownership LAC of described target BS; ?
Described CGI authentification of message unit, specifically for:
Judge whether the LAC that described CGI packets of information contains matches with the ownership LAC of described target BS; When judgment result is that coupling, the current on-position of described target BS belongs to described ownership on-position; When judgment result is that while not mating, the current on-position of described target BS does not belong to described ownership on-position.
9. device as claimed in claim 7, is characterized in that, described ownership on-position comprises the ownership MAC Address of described target BS; ?
Described MAC address authentication unit, specifically for:
Judge whether described MAC Address matches with the ownership MAC Address of described target BS; When judgment result is that coupling, the current on-position of described target BS belongs to described ownership on-position; When judgment result is that while not mating, the current on-position of described target BS does not belong to described ownership on-position.
10. a device that limits the on-position of base station, is characterized in that, comprising:
Scanning element, for scanning neighbor region, and MAC Address is controlled in the media interviews that send the return link node of self to access network element;
The first transmitting element, while there is adjacent macro station for scanning described adjacent area when scanning element, to access network element, send the access request message of the CGI(Common gateway interface) CGI information that comprises described adjacent macro station, so that described access network element judges according to described CGI information whether the current on-position of described target BS belongs to default ownership on-position;
The second transmitting element, while there is not adjacent macro station for scanning described adjacent area when scanning element, to access network element, send the access request message of the CGI information that does not comprise adjacent macro station, so that described access network element judges according to described MAC Address whether the current on-position of described target BS belongs to default ownership on-position.
11. devices as claimed in claim 10, is characterized in that, described the first transmitting element, specifically for:
When scanning element scans described adjacent area and has a plurality of adjacent macro station, the CGI information of any one adjacent macro station is carried in access request message, send to access network element.
12. devices as claimed in claim 11, is characterized in that, described device also comprises:
Receiving element, the refusal access message sending for receiving described access network element; Wherein, the current on-position that the described access network element of described refusal access message is judged described target BS does not belong to described ownership on-position and sends;
Resend unit, for when there is the CGI information of the adjacent macro station not yet sending, the CGI information of the adjacent macro station that any one was not yet sent is carried in access request message, resends to access network element.
13. 1 kinds of systems that limit the on-position of base station, is characterized in that, comprising: target BS and access network element, wherein:
Described target BS, for scanning neighbor region, and MAC Address is controlled in the media interviews that send the return link node of self to access network element; When scanning described adjacent area and have adjacent macro station, to access network element, send the access request message of the CGI(Common gateway interface) CGI information that comprises described adjacent macro station; When scanning described adjacent area and do not have adjacent macro station, to access network element, send the access request message of the CGI information that does not comprise adjacent macro station;
Described access network element, controls MAC Address for receiving the media interviews of the access request message of described target BS transmission and the return link node of described target BS; Judge the CGI(Common gateway interface) CGI information of the adjacent macro station that whether comprises described target BS in described access request message; When judging while comprising described CGI information, according to described CGI information, judge whether the current on-position of described target BS belongs to default ownership on-position; When judging while not comprising described CGI information, according to described MAC Address, judge whether the current on-position of described target BS belongs to default ownership on-position; When judging the current on-position of described target BS and belong to default ownership on-position, allow the access of described base station; When judging the current on-position of described target BS and do not belong to default ownership on-position, refuse the access of described base station.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410424305.5A CN104185245A (en) | 2014-08-26 | 2014-08-26 | Method, device and system for limiting access position of base station |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410424305.5A CN104185245A (en) | 2014-08-26 | 2014-08-26 | Method, device and system for limiting access position of base station |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104185245A true CN104185245A (en) | 2014-12-03 |
Family
ID=51965902
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410424305.5A Pending CN104185245A (en) | 2014-08-26 | 2014-08-26 | Method, device and system for limiting access position of base station |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104185245A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104581875A (en) * | 2015-01-14 | 2015-04-29 | 广州杰赛科技股份有限公司 | Miniature base station accessing method and system |
| CN104602235A (en) * | 2015-01-14 | 2015-05-06 | 广州杰赛科技股份有限公司 | Access method and system of micro base station |
| CN109511153A (en) * | 2018-10-31 | 2019-03-22 | 京信通信系统(中国)有限公司 | A kind of base station connection control method, device, medium, computer equipment and system |
| WO2019075665A1 (en) * | 2017-10-18 | 2019-04-25 | 北京小米移动软件有限公司 | Method, device, and base station for implementing wireless backhaul |
| CN115297466A (en) * | 2022-08-01 | 2022-11-04 | 中国电信股份有限公司 | Anti-theft method, system, equipment and storage medium of integrated small base station |
| CN115334548A (en) * | 2022-08-12 | 2022-11-11 | 中国联合网络通信集团有限公司 | Configuration method and device of micro base station and computer readable storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100095368A1 (en) * | 2007-06-25 | 2010-04-15 | Niu Weiguo | Home node b access control method and system |
| CN101741657A (en) * | 2008-11-24 | 2010-06-16 | 中国移动通信集团上海有限公司 | Method, system and device for limiting position of home base station |
| CN102355710A (en) * | 2011-10-08 | 2012-02-15 | 中国联合网络通信集团有限公司 | Home base station position limit method, device and system |
-
2014
- 2014-08-26 CN CN201410424305.5A patent/CN104185245A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100095368A1 (en) * | 2007-06-25 | 2010-04-15 | Niu Weiguo | Home node b access control method and system |
| CN101741657A (en) * | 2008-11-24 | 2010-06-16 | 中国移动通信集团上海有限公司 | Method, system and device for limiting position of home base station |
| CN102355710A (en) * | 2011-10-08 | 2012-02-15 | 中国联合网络通信集团有限公司 | Home base station position limit method, device and system |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104581875A (en) * | 2015-01-14 | 2015-04-29 | 广州杰赛科技股份有限公司 | Miniature base station accessing method and system |
| CN104602235A (en) * | 2015-01-14 | 2015-05-06 | 广州杰赛科技股份有限公司 | Access method and system of micro base station |
| CN104602235B (en) * | 2015-01-14 | 2018-07-31 | 广州杰赛科技股份有限公司 | Femto cell cut-in method and system |
| CN104581875B (en) * | 2015-01-14 | 2018-09-04 | 广州杰赛科技股份有限公司 | Femto cell cut-in method and system |
| WO2019075665A1 (en) * | 2017-10-18 | 2019-04-25 | 北京小米移动软件有限公司 | Method, device, and base station for implementing wireless backhaul |
| US11330643B2 (en) | 2017-10-18 | 2022-05-10 | Beijing Xiaomi Mobile Software Co., Ltd. | Method and device for implementing wireless backhaul, and base station |
| CN109511153A (en) * | 2018-10-31 | 2019-03-22 | 京信通信系统(中国)有限公司 | A kind of base station connection control method, device, medium, computer equipment and system |
| CN115297466A (en) * | 2022-08-01 | 2022-11-04 | 中国电信股份有限公司 | Anti-theft method, system, equipment and storage medium of integrated small base station |
| CN115297466B (en) * | 2022-08-01 | 2024-05-14 | 中国电信股份有限公司 | Antitheft method, antitheft system, antitheft equipment and antitheft storage medium for integrated small base station |
| CN115334548A (en) * | 2022-08-12 | 2022-11-11 | 中国联合网络通信集团有限公司 | Configuration method and device of micro base station and computer readable storage medium |
| CN115334548B (en) * | 2022-08-12 | 2024-07-02 | 中国联合网络通信集团有限公司 | Configuration method and device of micro base station and computer readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109561427B (en) | A kind of communication means and relevant apparatus | |
| US20220377540A1 (en) | Key obtaining method and apparatus | |
| US11843950B2 (en) | Protecting a telecommunications network using network components as blockchain nodes | |
| CN104185245A (en) | Method, device and system for limiting access position of base station | |
| CN102204307B (en) | WLAN authentication method based on MAC address and device thereof | |
| EP2403313B1 (en) | Method for implementing a convergent wireless local area network (wlan) authentication and privacy infrastructure (wapi) network architecture in a local mac mode | |
| CN101437223B (en) | Access method, system and apparatus for household base station | |
| CN103139768B (en) | Authentication method in fusing wireless network and authentication device | |
| WO2009000206A1 (en) | Method and system for access control of home node b | |
| CN103686709A (en) | Method and system for identifying wireless mesh network | |
| CN101785343B (en) | Method, system and device for fast transitioning resource negotiation | |
| CN104244367A (en) | Telecommunication network and arrangement | |
| JP2016530733A (en) | Secure discovery for proximity-based service communication | |
| CN106790251B (en) | User access method and user access system | |
| WO2021082527A1 (en) | Communication method and system, base station and terminal | |
| CN101730102B (en) | System and method for implementing authentication on user of home base station | |
| CN103929740A (en) | Safe data transmission method and LTE access network system | |
| CN103384365A (en) | Method and system for network access, method for processing business and equipment | |
| EP2827628A1 (en) | Authentication method, device and system for user equipment | |
| CN101534236A (en) | Encryption method and device for relay station communication | |
| US8606228B2 (en) | Method, user network equipment and management system thereof for secure data transmission | |
| CN101990207A (en) | Access control method, home base station (HBS) and HBS authorization server | |
| CN101999240B (en) | Communication method, device and communication system between base stations | |
| CN114765827A (en) | Safety protection method, device and system | |
| CN106888447A (en) | The processing method and system of secondary USIM application messages |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20141203 |
|
| RJ01 | Rejection of invention patent application after publication |