WO2005062645A1 - ローミングシステム、移動体通信システムおよび移動体通信制御方法 - Google Patents
ローミングシステム、移動体通信システムおよび移動体通信制御方法 Download PDFInfo
- Publication number
- WO2005062645A1 WO2005062645A1 PCT/JP2004/019282 JP2004019282W WO2005062645A1 WO 2005062645 A1 WO2005062645 A1 WO 2005062645A1 JP 2004019282 W JP2004019282 W JP 2004019282W WO 2005062645 A1 WO2005062645 A1 WO 2005062645A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- mobile communication
- identification information
- directory
- search request
- communication terminal
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/02—Processing of mobility data, e.g. registration information at HLR [Home Location Register] or VLR [Visitor Location Register]; Transfer of mobility data, e.g. between HLR, VLR or external networks
- H04W8/08—Mobility data transfer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/02—Processing of mobility data, e.g. registration information at HLR [Home Location Register] or VLR [Visitor Location Register]; Transfer of mobility data, e.g. between HLR, VLR or external networks
- H04W8/04—Registration at HLR or HSS [Home Subscriber Server]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/02—Processing of mobility data, e.g. registration information at HLR [Home Location Register] or VLR [Visitor Location Register]; Transfer of mobility data, e.g. between HLR, VLR or external networks
- H04W8/08—Mobility data transfer
- H04W8/12—Mobility data transfer between location registers or mobility servers
Definitions
- the present invention relates to data communication in a wireless network, and more specifically, to a roaming system, a mobile communication system, and a mobile communication control method.
- a zone of several kilometers to several tens of kilometers around a base station is a single site, and for each site, a base station exists at the site at that time Accepts incoming and outgoing wireless terminals.
- a so-called wide area network is realized by performing data communication between the base stations at each site.
- Each wireless terminal is registered at the home site.
- the zone where the wireless terminal is normally located is the home site for the wireless terminal.
- a server arranged at each base station provides a service that can be provided at each site to a wireless terminal having each zone as a home site.
- the user of the wireless terminal In order to use such services, the user of the wireless terminal must not prove that he or she is authorized to use the services or that he / she is authentic by authentication. Not be. Therefore, the identification information of the wireless terminal is registered in advance, and the certification is performed using this identification information.
- the identification information is held by the home site server and managed centrally.
- the wireless terminal moves to a zone other than the home site, Although the service will not be available from the home site, the convenience of wireless terminals will be impaired, so the same services as the home site will be provided in zones other than the home site.
- each site In order to be able to specify where the home site is when roaming is performed as described above, it is conceivable to provide each site with a data table that can extract the home site from the identification information. However, each site must store extra data for each site that is not related to the terminal that uses the home site as its home site. This not only increases the man-hours of the developer, but also increases the amount of system resources required and increases the total cost.
- controllers are installed at each site making up the network. If there is, the procedure for knowing which controller manages the identification information becomes complicated. In such a case, it was assumed that the response characteristics from each site would be degraded and that users would not be able to receive satisfactory services.
- the present invention has been made in view of the above-mentioned current situation and problems of the related art, and is a speech communication system, a mobile communication system, and a mobile communication system that require less system resources and less complicated procedures.
- An object is to provide a body communication control method.
- a roaming system includes: a roaming system including at least one controller arranged in each of a plurality of zones constituting a wireless network; and a controller for each zone. And a server communicably connected to the server.
- Each of the controllers includes storage means for storing identification information given to a wireless terminal registered in a zone where the controller is located to receive a service, and when a wireless terminal requesting a service is received, Detecting, from the storage unit, identification information of the wireless terminal that has issued the request, providing a service to the wireless terminal in which the identification information is detected, and determining whether or not identification information is present in the wireless terminal in which the identification information is not detected.
- the server operates to generate a query for external confirmation, and the server retains information indicating in which controller the identification information of a plurality of wireless terminals is stored in the controller;
- the identification information is detected by communication with the detected controller. Confirm the identification information of the wireless terminal that has not been It operates to provide a service from the controller.
- server may be configured integrally with one of the controllers.
- the server is operable to prohibit the provision of the service to the confirmed wireless terminal when an inquiry is received from a controller of the specific zone.
- a mobile communication system includes a directory information tree provided by a plurality of directory servers provided corresponding to a plurality of sites arranged in a mobile communication network. And a plurality of authentication control devices provided for each of the plurality of sites and for authenticating a mobile communication terminal that requests a service at each site.
- Each of the plurality of authentication control devices when receiving a service request from a mobile communication terminal, obtains identification information of the mobile communication terminal and generates a search request to the directory server.
- each of the plurality of directory servers includes storage means for storing identification information given to a mobile communication terminal registered at a site associated with the directory server to receive a service.
- Identification information detection means for detecting identification information of a mobile communication terminal from the storage means; and a search request from the authentication control device when the identification information of the mobile communication terminal is not detected by the identification information detection means.
- Request transfer means for transferring a search request to a higher or lower position in the directory information tree among a plurality of directory servers provided corresponding to other sites, and the search request transfer
- the search request transfer When the identification information of the mobile communication terminal is detected by another directory server to which the search request is transferred by the means or the identification information detection means, the search result indicating that the identification information is detected is received.
- the authentication processing means when acquiring a search result indicating that the identification information of the mobile communication terminal has been detected from the directory server, permits the provision of the service to the mobile communication terminal. It operates to make a judgment.
- each of the directory servers includes reference information storage means for storing address information of another directory server located at an upper or lower position in the directory information tree, and the search request transfer means Preferably, the search request is transferred to another directory server located above or below the directory information library with reference to the address information stored in the reference information storage unit.
- a mobile communication system enables a plurality of server devices to access a directory information library having a single hierarchical tree structure. Each have multiple services that can provide services in a mobile communications network.
- Entry management means for storing an entry having, as an attribute value, identification information given to one of the mobile communication terminals in a directory provided in a subtree included in the directory information tree
- Identification information detecting means for detecting the identification information of the mobile communication terminal from the attribute values of the entries stored in the directory by the entry management means;
- Search request sending means for sending a predetermined search request to another server device located at a higher or lower position in the directory information library when the terminal identification information is not detected; When the identification information of the mobile communication terminal is detected in another server device to which the search request has been sent by the request sending means or in the identification information detecting means.
- a service can be provided to a mobile communication terminal, and when there is no other server device located in the upper or lower directory information directory, or when a search request is sent by the search request sending means.
- Service providing control means for operable to prohibit provision of a service to the mobile communication terminal when the identification information of the mobile communication terminal is not detected in another server device obtained.
- each of the server devices includes a reference information storage unit that stores address information of another server device positioned higher or lower in the directory information tree, and the search request sending unit includes the reference request transmitting unit. It is preferable that a search request is sent to another server device located above or below the directory information library with reference to the address information stored in the information storage unit.
- a mobile communication control method enables a plurality of server devices to access one directory information tree.
- the following series of processing steps are performed by each of the server devices.
- a predetermined search request is sent to another server device located at a higher or lower position in the directory information directory among a plurality of mobile communication terminals capable of providing a service in the mobile communication network. Sending out a search request,
- a service provision prohibition step for prohibiting provision of a service to the mobile communication terminal when the identification information of the mobile communication terminal is not detected.
- the present invention can be understood as a computer program that executes signal processing in a mobile communication control method including the above series of steps. In that case, the program will execute the following series of processing steps.
- An entry having, as an attribute value, identification information given to any of a plurality of mobile communication terminals capable of providing a service in the plurality of mobile communication networks is included in the directory information library. Entry management steps stored in the directory provided in the subtree
- An identification information detection step for detecting the identification information of the mobile communication terminal from the attribute values of the entries stored in the directory in the entry management step;
- a predetermined search request is sent to another server device located at a higher or lower position in the directory information library. Sending a search request to be sent to
- a service provision prohibition step for prohibiting provision of service to the mobile communication terminal when identification information of the mobile communication terminal is not detected.
- FIG. 1 is a connection diagram of the mouthing system according to the first embodiment.
- FIG. 2 is a configuration diagram showing a controller.
- FIG. 3 is a configuration diagram showing a super.
- FIG. 4 is an explanatory diagram of a roaming method.
- FIG. 5 is a flowchart showing a roaming procedure.
- FIG. 6 is a connection diagram of the mobile communication system according to the second embodiment.
- FIG. 7 is a diagram illustrating an example of a logical configuration of the authentication server.
- FIG. 8 is a diagram showing an example of a logical configuration of a directory server.
- FIG. 9 is a diagram showing a configuration example of a data communication network using a plurality of directory servers.
- FIG. 10 is a diagram showing a configuration example of one directory tree that can be accessed by a plurality of directory servers.
- FIG. 11 is a flowchart showing the authentication process.
- FIG. 12 is a flowchart showing a search process.
- FIG. 13 is a diagram for explaining an example of a specific operation in the configuration example shown in FIG.
- FIG. 14 is a diagram for explaining an example of a specific process in the configuration example shown in FIG.
- FIG. 1 is a connection diagram of a roaming system according to a first embodiment of the present invention.
- FIG. 2 is a configuration diagram showing a controller.
- FIG. 3 is a diagram showing a configuration example of the server 20.
- the wireless network has one site in zone Z, which is several kilometers to several tens of kilometers, centered on a base station.
- An arbitrary number of controllers 10 are arranged in each base station. These controllers 10 are connected via a network N.
- the controller 10 of the base station is accepting incoming and outgoing calls of the radio terminal existing at the site at that time. And the controller at each site
- a so-called wide area network is realized by the data communication between the 10 computers.
- Each wireless terminal is registered at the home site.
- the zone where the wireless terminal is normally located is the home site of the wireless terminal.
- a controller 10 arranged in each base station provides a service.
- the mouthing system includes a controller 10 arranged at a site Sa, Sb, Sc... And a server 20 arranged at a site Sb, for example. .
- the controller 10 includes a memory 11 for storing programs and the like, a CPU 12, a database 13, and a communication unit 14, which are interconnected.
- the database 13 stores identification information and other information of wireless terminals registered in advance in the zone in which the controller 10 is arranged in a format.
- the communication unit 14 is communicably connected to the server 20 via the network N.
- the communication unit 14 can communicate with a wireless terminal wirelessly.
- the server 20 includes a memory 21 for storing programs and the like, a CPU 22, a database 23, and a communication unit 24, which are interconnected.
- the communication unit 24 is communicably connected to the controller 10 via the network N. Communication between the communication unit 24 and the controller 10 is performed according to a protocol such as TCP / IP, for example.
- the database 23 stores a directory tree for various types of information using the data storage space of each controller 10 of the own site and other sites as an entry. On the other hand, in each site, various data are stored such that the data storage space of the controller 10 in the site has a master-slave relationship in a tree-like manner. In other words, the data base 23 of the server 20 and the data base 13 of the controller 10 form a tree so that the directories of various information including the identification information of the wireless terminal can be complemented with each other. I remember.
- the server 20 can detect the location of the directory storing each information.
- the controller 10 and the server 20 may be configured integrally.
- FIG. 4 is an explanatory diagram of the mouthing method.
- FIG. 5 is a flowchart showing a roaming procedure.
- the controller 10 When there is a service request from the wireless terminal, the controller 10 obtains the request from the communication unit 14.
- the CPU 12 searches the database 13 for identification information given to provide services to the registered wireless terminals. That is, the own directory inquiry (step ST 1) shown in FIG. 5 is performed.
- the CPU 12 performs the process of step ST1 irrespective of whether the wireless terminal has been registered in the zone where the controller 10 is located or registered in another zone. If the wireless terminal has been registered in the zone where the controller 10 is located, the identification information is stored in the database 13 so that the identification information can be detected. If the identification information is detected, it is determined that the wireless terminal that requested the service is valid. The controller 10 provides a service to the requesting wireless terminal (step ST4).
- the identification information of the wireless terminal is not detected at the site Sa.
- the CPU 12 performs a parent directory tracking process in step ST2. That is, the communication unit 14 generates an inquiry as to whether or not the identification information of the wireless terminal that has requested the service is stored in a device other than the controller 10.
- the generated inquiry is input to the server 20 from the communication unit 24 of the server 20.
- the CPU 22 enters the directory using the database 23, and stores the identification information of the wireless terminal to be queried at the site Sc in the database 13 of the site Sc. Detect that it is.
- the controller 10 that stores the identification information is detected. And find the directory where that identification is recorded.
- the CPU 22 of the server 20 communicates with the controller 10 of the site Sb, and The identification information of the wireless terminal to be queried is detected from the stored identification information.
- server 20 sends the query to the The controller 10 is notified that the identification information has been confirmed, and the controller 10 provides a service to the wireless terminal that has made the service request (step ST4).
- step ST2 the CPU 22 of the server 20 knows that the identification information of the wireless terminal registered at the site Sc is stored in the controller 10 of the site Sc.
- the super-computer 20 communicates with the controller 10 of the site c via the network N in step ST3, and the query target stored in the database 13 of the controller 10 is transmitted. Confirm the identification information of the wireless terminal. This proves that the wireless terminal that requested the service is legitimate.
- the server 20 notifies the controller 10 of the inquiry source that the validity has been confirmed, and causes the wireless terminal that has made the service request to provide the service from the controller 10.
- the mouthing system according to the first embodiment of the present invention is provided with the service even when the wireless terminal moves to a site other than the registered site. be able to.
- the roaming system of the present embodiment has the following operation and effects.
- FIG. 6 is a connection diagram of the mobile communication system according to the second embodiment of the present invention.
- multiple sites are arranged in units of several kilometers to several tens of kilometers of zone Z around base stations that are geographically separated. ing.
- Each site is provided with an arbitrary number (one or a plurality) of base stations, and a base station controller 100 corresponding to each base station is arranged.
- a plurality of authentication servers 110 and a plurality of directory servers 120 are arranged corresponding to each of the plurality of sites.
- site S alpha five base stations are installed in five of the base station controller 1 0 0 alpha corresponding to each base station
- the site S ⁇ placed one base station, provided one base station controller 1 0 0 corresponding to the base station, and the authentication server 1 1 0 e, and directories Torisaba 1 2 0 0 It has been done.
- the site S tau is installed three base stations, and three base station controller 1 0 0 tau E ⁇ 1 0 0 tau 3 corresponding to each base station, and the authentication server 1 1 0 r, directories Torisaba 1 2 0 ⁇ is provided.
- a mobile communication terminal capable of providing a service to a user can use any one of a plurality of sites including the sites S a to S 7 shown in FIG.
- Various information such as identification information is registered on the home site.
- Each of the authentication server 110 and the directory server 120 has a workstation equipped with ROM (Read Only Memory), AM (Random Access Memory), CPU, HDD (Hard Disk Drive), communication interface, etc. It consists of one session.
- Authentication server 1 1 0 is for authenticating the mobile communication terminal requesting the service, and has a logical configuration as shown in FIG. 7 by, for example, executing the program read from the HDD by the CPU. I have.
- the authentication server 110 includes an identification information acquisition unit 111, a search request generation unit 112, a search request transmission unit 113, and a search result acquisition unit 114. And an authentication processing unit 115.
- the identification information acquisition unit 111 is for acquiring identification information of the mobile communication terminal from the mobile communication terminal that requests service provision at the site where the authentication server 110 is installed.
- the search request generation unit 112 is for generating a search request to the directory server 120 based on the identification information of the mobile communication terminal acquired by the identification information acquisition unit 111. For example, the search request generation unit 112 generates a search request having a format according to a predetermined protocol such as LDAP or a protocol corresponding thereto.
- the search request transmission unit 113 sends the search request generated by the search request generation unit 112 to the directory server 120 installed corresponding to the authentication server 110. Things.
- the search request transmitting unit 113 sends a search request to the directory server 120 installed on the same site as the authentication server 110.
- the configuration example shown in FIG. 1 in the configuration example shown in FIG.
- site S et al provided a authentication server 1 1 0 search request transmitting unit 1 1 3 ⁇ is de I Lek a search request Torisa ICHIBA 1
- the search request sending unit 113 of the authentication server 110 ⁇ provided at the site sends the search request to the directory server 120 ⁇
- the site S ⁇ search request transmission unit 1 1 3 of the authentication server 1 1 0 7 provided in the de les a search request It is sent to the directory server 120 ⁇ .
- the search result obtaining section 114 is for obtaining the result of a search performed in response to a search request in the directory server 120.
- the authentication processing unit 115 determines, based on the search result obtained by the search result obtaining unit 114, whether to permit the provision of the service to the mobile communication terminal that has requested the service. The authentication process is executed.
- the directory server 120 is for storing and managing various information such as identification information given to any of a plurality of mobile communication terminals capable of providing a service in a mobile communication system. It is.
- the directory server 120 has a logical configuration as shown in FIG. 8 by, for example, executing a program read from the HDD by the CPU.
- the directory server 120 includes an entry management unit 121, an identification information detection unit 122, a search request transfer unit 123, and a search result providing unit 124. And a reference information storage unit 125.
- the entry management unit 122 stores, in a predetermined hierarchical tree structure, an entry having, as an attribute value, identification information given to a mobile communication terminal having the site where the directory server 120 is installed as a home site. It is intended to store and manage in a directory that forms
- the identification information detection unit 122 executes a predetermined search process in response to a search request from the authentication server 110, and performs, for example, the search of the entry stored in the directory by the entry management unit 121. It is for detecting the identification information of the mobile communication terminal specified by the search request from the attribute values.
- the identification information detection unit 122 responds to the search request redirected (transferred) from another directory server 120 in the same manner. For example, by executing a search process, the identification information of the mobile communication terminal specified by the search request is detected.
- the search request transfer unit 123 when the identification information detection unit 122 executes the search process does not detect the identification information of the mobile communication terminal specified in the search request, The search request received from 110 etc. is redirected to another directory server 120
- the search result providing unit 124 outputs a search result indicating whether or not the identification information of the mobile communication terminal has been detected as an execution result of the search processing by the identification information detection unit 122, and the authentication server 110, etc. It is for providing to. Also, when the search request transfer unit 123 redirects the search request to another directory server 120, the search result providing unit 124 may send another search request to the other directory server 120. Obtain the search results from the directory server 120 and authenticate server
- the search result providing unit 124 detects the identification information when the identification information detection unit 122 executes the search process in response to the search request redirected from another directory server 120.
- the search result obtained by the unit 122 can be provided to another directory server 120 that has transmitted the search request.
- the reference information storage unit 125 stores the search results from the other directory server 120 that is the transfer destination when the search request transfer unit 123 redirects the search request, and the search result providing unit 124. This is for storing information about another directory server 120 to which the server is provided.
- a plurality of directory servers 120 installed corresponding to a plurality of sites include, for example, a wide area LAN (Local Area Network), a WAN (Wide Area Network), and a VPN (Virtual Private Network). Network), and each directory server 120 is connected to each other by a data communication line 150 as shown in FIG. 9, for example. It operates as one of the information controllers 130.
- a data communication line 150 As an example, six information controllers ISO il SO e are connected via a data communication line 150, and mutually communicate data according to a predetermined protocol such as TCP / IP. It is possible.
- the entries managed by the entry management unit 121 of the directory server 120 form a hierarchical structure, and a plurality of information controllers 1 3 0 the entire E-1 3 0 6 entries which are held in respective first 0 one logical, as shown in FIG. for example (hypothetical) of directories Torijo paper Tsu Li one (DIT; Directory Information Tree) is formed. That is, the information controller one La 1 3 0 1 to 1 3 0 6 has a storage space, each corresponding to the entry is stored in the subtree (sub-trees) that manages the information controller 1 3 0! Entire entry that put in ⁇ 1 3 0 6 are accessible managed as a single logical directories tri information Tsu Li scratch.
- the information the controller 1 3 0 3 is site S a directories Torisaba 1 2 0 alpha installed in the information controller one La 1 3 0 4 Sai Bok S 0 to a the installed directories tri server 1 2 0 beta, the information the controller 1 3 0 5 is assumed to be site S directories Torisaba 1 2 0 installed in tau tau.
- the entry management section 1 2 1 directories Torisaba 1 2 0 alpha to operate as the information controller 1 3 0 3, Three entries 2 0 0 alpha 1 ⁇ 2 0 0 alpha 3 in a predetermined distinguished name shown in the first 0 Figure (D ⁇ ; Distinguished Name) or relative distinguished name (RD N; Relative Distinguished Name) given to impart and the like are stored in the entry information off Ayr, manages the subtree 1 9 0 a.
- a subtree 190 ⁇ is managed by, for example, assigning a predetermined identification name to 2200 ⁇ 3 and storing it in a predetermined entry information file.
- the reference information of each directory server 120 is stored.
- the section 125 stores information relating to another directory server 120 located above or below the directory information directory.
- the directories tri server 1 2 0 alpha reference information storage section 1 2 5 operating as the information controller 1 3 0 3, the subtree to be the first 0-level subtrees 1 9 0 alpha shown in FIG managed by itself to directories Torisa ICHIBA 1 2 0 beta address information for managing 1 9 0 beta e.g., a host URL of L DA P [Uniform Resource Locator] address, etc.
- the subtree to be the first 0-level subtrees 1 9 0 alpha shown in FIG managed by itself to directories Torisa ICHIBA 1 2 0 beta address information for managing 1 9 0 beta e.g., a host URL of L DA P [Uniform Resource Locator] address, etc.
- the Rudy Lek Torisaba 1 2 0 beta reference information storage section 1 2 5 operates as the information controller 1 3 0 4, subtree 1 9 0 as a subtree 1 9 0 beta managed by itself to " ⁇ Directories Torisa ICHIBA 1 2 0 alpha and address information of directories Torisaba 1 2 0 tau managing fine Saburri 1 9 0 tau, respectively, are stored.
- the directories Torisa one server 1 2 0 reference information storage section 1 2 5 of ⁇ that operates as the information controller one La 1 3 0 5, subtree 1 9 0 3 as the upper Saburri one 1 9 0 r managed by itself to Stores the address information of the directory server that manages the data.
- the directories Torisa ICHIBA 1 2 0 3 of the reference information storage section 1 2 5 which operates for example as the information controller one La 1 3 0 4 May store the address information of another directory tree 120 that manages each of the other sub-trees below and below the sub-tree 190 p managed by itself. .
- the base station controller 100 acquires the identification information of the mobile communication terminal and sends it to the authentication server 110.
- the authentication server 110 performs the authentication processing shown in the flowchart of FIG. 11 to authenticate the mobile communication terminal that has requested the service.
- the authentication server 110 obtains the identification information of the mobile communication terminal from the base station control device 100 by the identification information acquisition unit 111 (step S100). 1) Based on the identification information, the search request generation unit 112 generates a search request to the directory server 120 (step S102). The search request generated by the search request generation unit 112 is sent to the corresponding directory server 120 by the search request transmission unit 113 (step S1). 0 3). For example, the search request transmission unit 113 sends the search request generated by the search request generation unit 112 to the directory server 120 installed at the same site.
- the authentication server 110 determines whether or not the search result obtaining unit 114 has obtained the search result from the directory server 120 (step S104), and determines the search result. If it has not been acquired (step S104; No), it is determined whether a predetermined standby time has elapsed and a time-out has occurred (step S105). If a timeout occurs in step S105 (step S105; Yes), predetermined error processing is executed, such as transmitting an error message to the authentication server 110. (Step S106). On the other hand, if a timeout has not occurred in step S105 (step S105; No), the process returns to step S104 and waits until a search result is obtained.
- step S104 When it is determined in step S104 that the search result has been obtained from the directory server 120 (step S104; Yes), the authentication processing unit 1 is determined based on the search result. According to 15, it is determined whether or not the provision of the service to the mobile communication terminal that has requested the service is permitted (step S107). At this time, the authentication processing unit 115 does not detect an entry having the identification information of the mobile communication terminal as an attribute value in the search result obtained from the directory server 120 by the search result obtaining unit 114. If so, it is determined that the provision of the service to the user of the mobile communication terminal is not permitted (step S107; No), and for example, the service provision to the mobile communication terminal is performed. Base station controller 1 0 A predetermined process at the time of authentication failure, such as transmission to 0, is executed (step S108).
- step S107 it is determined that the provision of the service to the user of the mobile communication terminal is permitted (step S107; Yes), and, for example, the permission to provide the service to the mobile communication terminal is notified.
- the search result obtaining unit 114 specifies service contents that can be provided to the mobile communication terminal based on the search result obtained from the directory server 120, A process for notifying the control device 100 so that a predetermined service can be provided or based on the location of the base station control device 100 that has received the service request from the mobile communication terminal.
- the authentication server 110 may include the process of registering the location of the mobile communication terminal to which the use of the service is permitted. Based on the search result of the identification information of the mobile communication terminal, the mobile communication terminal that has requested the service can be authenticated.
- the directory server 120 provides a search result according to the search request sent from the authentication server 110 by executing a search process as shown in the flowchart of FIG.
- Steps S 1 1 1) In response to the search request, the identification information detection unit 122 performs a predetermined search process, etc., and the entry management unit 122 detects the attribute values of the entries stored in the directory. Then, the identification information of the mobile communication terminal specified by the search request is searched (step S112).
- the search result providing unit 12 As a result of the search by the identification information detection unit 122, when the identification information of the mobile communication terminal specified by the search request is detected (step S113; Yes), the search result providing unit 12 According to 4, a process for providing a search result indicating that the identification information of the mobile communication terminal has been detected (detected) is executed (step S114).
- the search result providing unit 124 may use the identification name of the entry holding the identification information of the mobile communication terminal specified by the search request as an attribute value as a search result, and perform the search request in step S111 described above. It may be returned to the authentication server 110 or another directory server 120 that has received it.
- step SI11 when the identification information of the mobile communication terminal specified by the search request is not detected (step SI13; No), the above-described step SI11 is performed.
- a process for redirecting (transferring) the search request received to another directory server 120 is executed. That is, the search request transfer unit 123 refers to the address information and the like stored in the reference information storage unit 125 so that another directory server 122 located at the upper or lower level of the directory information directory can be obtained. It is determined whether there is 0 (step S115).
- Step SI15 it is determined that none of the entries to be searched has the identification information specified in the search request as an attribute value, and the search result providing unit 124 A process for providing a search result indicating that the identification information of the mobile communication terminal has not been detected (no detection) is executed (step S116).
- the search result providing unit 124 outputs the search result indicating that the identification information of the mobile communication terminal has not been detected to the authentication server 111 that has received the search request in step S111 described above. 0, or provide it to the other directory server 120 that was the transfer source of the search request in step S111.
- step S115 if an appropriate directory server 120 located above or below the directory information directory is found (step S115: Yes;), the search request transfer is performed.
- the unit 123 redirects the search request to the other directory server 120 specified based on the address information and the like stored in the reference information storage unit 125 (step S117) .
- the directory server 120 determines in step S117 whether or not the search result has been obtained from another directory server 120 which is the transfer destination to which the search request was redirected. If the search result has not been acquired (step S118; No), it is determined whether a predetermined standby time has elapsed and a time-out has occurred (step S118). Step S1 19). If it is determined that a time-out has occurred at this time (step S119; Yes), for example, the authentication server 110 that has received the search request in step S111 described above, or Sends an error message to the other directory server 120 from which the search request was forwarded in step S111. Is executed (step S120).
- step S119 If it is determined in step S119 that a time-out has occurred, it is determined that the identification information of the mobile communication terminal specified in the search request could not be detected, and the above-described step S119 is performed. Proceeding to 6, a search result indicating that the identification information could not be detected may be returned.
- step S119 if a time-out has not occurred in step S119 (step S119; No), the process returns to step S118 and waits until a search result is obtained. If it is determined in step S117 that the search result has been obtained from another directory server 120 that is the transfer destination of the redirected search request (step S118) Y es), and transmits the search result to the authentication server 110 that has received the search request in step S 111 described above by the search result providing unit 124, or forwards the search request in step S 111. A transfer process for providing the original directory server 120 is executed (step S121).
- the directory server 120 searches for an entry whose attribute value is the identification information of the mobile communication terminal specified in the search request sent from the authentication server 110, and provides the search result. can do.
- the mobile communications terminal to the site S T and E one Musai bets will be described operation when requesting service with site s a.
- the search request transferring section 1 2 3 directories Torisaba 1 2 0 alpha refers to the address information stored in the reference information storage section 1 2 5, the upper sub-tree 1 9 0 alpha as the information controller 1 3 0 4 for managing the subtree 1 9 0 beta, identifies the directories Torisa ICHIBA 1 2 0 0 which is Installation to site S. Therefore, the search request transferring section 1 2 3, as shown by the arrow in the first 3 view (beta), the directories Torisaba 1 2 0 beta operating as information controller 1 3 0 4 against it, it was received from the authentication server 1 1 0 alpha search request be redirected (step S 1 1 7 of the first 2 view).
- the reference information storage section 1 2 5 of directories Torisaba 1 2 0 tau, directories as information controller 1 3 0 3 for managing Saburri 1 9 0 a to be lower Sabu' Li one 1 9 0 beta Torisaba 1 2 0 a address information is also stored.
- the directories Torisaba 1 2 0 alpha is the transfer source of the search request to the directories Torisaba 1 2 0 It from directories Torisaba 1 2 0 e search request transfer unit 1 2 3 is oddly to process included the directories Torisaba 1 2 0 alpha to the destination appropriate search request.
- the directory server 12 0 ⁇ that has received a search request from the directory server 12 0 ⁇ installed on the site S 0 as the information controller 13 0 4 via the data communication line 150 is step S 1 1 1) in the figure, as the information controller 1 3 0 5 shown by hatching in the first 3 view (E), to perform a search process in the entry of self-managed. That is, the identification information detecting unit 122 of the directory server 120 ⁇ is determined by the entry 200 Tt to 200 ⁇ in the sub-server 190 r managed by the entry managing unit 121. 3 (indicated by hatching in FIG. 14 (C)) to determine whether or not the identification information of the mobile communication terminal specified by the search request has been detected (see FIG. Step S 1 1 3) in FIG.
- step S 1 1 3; Y es search indicating that the identification information is detected results would be returned to the directories Torisaba 1 2 0 a through directories Torisaba 1 2 0 beta (step S 1 1 4 and step S 1 2 1).
- the identification information receives a search result indicating that the detection of the mobile communication terminal in the entry managing alpha, mobile communications authentication processing unit 1 1 5 It is determined that the provision of the service to the terminal is permitted (Step S107: Yes), and by performing a predetermined process at the time of successful authentication (Step S109), the mobile communication is performed. Enables service provision to terminals.
- An entry having identification information of a mobile communication terminal as an attribute value can be detected. Search this case, showing directories Torisa ICHIBA 1 2 0 directories Torisaba 1 2 0 without a redirect child a search request to tau, to the effect that identification information in directories Torisaba 1 2 0 alpha was detected Can return results.
- Services can be provided.
- the mobile communication terminal can be identified. Information is managed without duplication to share information, and the mobile communication User authentication can be performed.
- the mobile communication system of the present embodiment it is not necessary for each site to have the identification information of the mobile communication terminal registered in another site, so that an increase in system resources can be suppressed. Can be.
- the mobile communication terminal since the mobile communication terminal does not need to manage information indicating which site is registered, it is possible to avoid an increase in the length of identification information assigned to the mobile communication terminal. Furthermore, even if the site is expanded, there will be no deadlock in the identification number assignment plan.
- the directory server 120 only needs to have information on the other directory server 120 located above or below the directory information tree. You do not need to know the configuration. For this reason, for example, even when a directory server 120 is added, a reference information storage unit is provided between a server located at a higher level and a server located at a lower level of a sub-tree managed by the server to be added. It is only necessary to add and change the address information and the like stored in 125, thereby suppressing an increase in system resources and a complicated procedure.
- the entry management section 121 of the directory server 120 can easily perform access control for each entry (or directory) according to a request content received from the outside. This makes it possible to easily perform settings such as prohibiting mouthing from a specific site. In addition, by retaining information related to access control as attribute values of entries in addition to the identification information of mobile communication terminals, it is possible to set the details of services that can be provided for each mobile communication terminal. .
- the data communication line 150 shown in Fig. 9 By connecting to a public network such as the Internet, it is also possible to easily refer to and change the identification information of mobile communication terminals from various terminals connected to the public network. On the other hand, by separating the data communication line 150 shown in Fig. 9 from the public network, the confidentiality (security) of the identification information and the like of the mobile communication terminal can be improved. .
- the present invention can be variously modified irrespective of the above embodiment.
- the server 20 in the first embodiment receives an inquiry from the controller 10 in a specific zone, the server 20 prohibits the provision of service to the confirmed wireless terminal. It may be.
- the authentication server 110 and the directory server 120 are described as having different configurations.
- the present invention is not limited to this, and the authentication server 110 and the directory server 120 may be realized by one computer system.
- an authentication process for realizing the configuration of the authentication server 110 as shown in FIG. 7 and a directory server 120 as shown in FIG. By executing the directory management process for realizing the configuration of the first embodiment, the function of the authentication server 110 and the function of the directory server 120 in the second embodiment can be combined with one computer system. Can be held.
- the base station control device 100 provided for each base station in the second embodiment has a function as an authentication server 110, and the base station control device 100 directly downloads the data from the base station control device 100.
- the directory server 120 may be accessed to transmit a search request for identification information acquired from the mobile communication terminal.
- the directory server 120 It has been described that the search request is redirected from the directory server 120 to the other directory server 120, so that the other directory server 120, which is the transfer destination, further executes the search process.
- the present invention is not limited to this, and if an entry is not found in the directory server 120, another directory server stored in the reference information storage unit 125 is not stored.
- the address information of the server 120 may be returned to the authentication server 110 as a reference destination, and the authentication server 110 may send a search request to another directory server 120.
- the authentication server 110 should be able to access a plurality of directory servers operating as the information controller ISOilSOe, for example, via the data communication line 150 shown in FIG. . Then, from one directory server 120, the search result indicating that the identification information specified in the search request could not be detected, and the address information of the other directory server 120 to be referred to are returned. Then, a search request may be sent to another directory server 120 based on the address information or the like. This eliminates the need for system resources required to redirect the search request on the directory server 120 side, thereby reducing the processing load on the directory server 120.
- a plurality of directory servers 1 correspond to each of a plurality of sites including zone Z covered by the base station. It has been described that 20 is installed. However, the present invention is not limited to this.
- a computer system functioning as a directory server 120 is provided independently of a site consisting of zone Z covered by a base station. You may be.
- directories Torisaba 1 2 0 0 is installed in the management center or the like of the mobile operator, the authentication server 1 1 0 to installed in each site is to prevent direct access Is also good.
- directories Torisaba 1 2 0 e is, which is a higher-level of Sabu' Lee 1 9 0 r to support Burri 1 9 0 ⁇ and directories Torisaba 1 2 0 7 directories Torisaba 1 2 0 ⁇ managed to manage and a server which manages 1 9 0 beta, may be accepted redirect Tonomi of directories Torisaba 1 2 0 alpha and directories Torisaba 1 2 0 gamma search request and search results from.
- a plurality of directory servers 120 may be provided corresponding to one site. Even in this case, the reference information storage section 125 of each directory server 120 stores information relating to another directory server 120 located above or below the directory information directory. Each directory server 120 operates as one of a plurality of information controllers 130 as illustrated in FIG. As a result, each directory server 120 can easily identify another directory server 120 as a reference destination that is a transfer destination of a search request while suppressing an increase in system resources. .
- a search request may be sent to the directory server 120 by specifying a search range.
- the authentication server 110 can identify, from the identification information of the mobile communication terminal, the mobile communication carrier that manages the site where the mobile communication terminal is a home site. I do.
- the authentication server 110 specifies a subtree managed by the directory server 120 owned by the specified mobile communication carrier as a search range and issues a search request. You may make it transmit.
- the authentication server 110 and the directory server 120 in the second embodiment can be realized not by a dedicated device but also by a computer system functioning as a normal server device.
- a program for causing the computer system to function as the above-described authentication server 110 or directory server 120 or executing the above-described authentication processing and search processing is stored in a predetermined recording medium (IC).
- the program may be recorded and stored in a memory, a magnetic disk, an optical disk, a magneto-optical disk, and the like, and the program may be installed.
- the program is posted on a bulletin board (BBS) on a communication network, or the program is stored in a file system of an FTP (File Transfer Protocol) server on the communication network. It may be distributed by superimposing it on a carrier wave via the Internet.
- BSS bulletin board
- FTP File Transfer Protocol
Landscapes
- Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
Claims
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/582,544 US20070149190A1 (en) | 2003-12-22 | 2004-12-16 | Roaming system, mobile communication system, and mobile communication control method |
DE04807639T DE04807639T1 (de) | 2003-12-22 | 2004-12-16 | Roaming-system, mobilkommunikationssystem und mobilkommunikations-steuerverfahren |
EP04807639A EP1699250A4 (en) | 2003-12-22 | 2004-12-16 | ROAMING SYSTEM, MOBILE COMMUNICATION SYSTEM AND MOBILE COMMUNICATION CONTROL PROCEDURE |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2003424630 | 2003-12-22 | ||
JP2003-424630 | 2003-12-22 | ||
JP2004-023384 | 2004-01-30 | ||
JP2004023384A JP4378182B2 (ja) | 2003-12-22 | 2004-01-30 | 移動体通信システム、移動体通信制御方法及びプログラム |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2005062645A1 true WO2005062645A1 (ja) | 2005-07-07 |
Family
ID=34712969
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2004/019282 WO2005062645A1 (ja) | 2003-12-22 | 2004-12-16 | ローミングシステム、移動体通信システムおよび移動体通信制御方法 |
Country Status (6)
Country | Link |
---|---|
US (1) | US20070149190A1 (ja) |
EP (1) | EP1699250A4 (ja) |
JP (1) | JP4378182B2 (ja) |
DE (1) | DE04807639T1 (ja) |
RU (1) | RU2370911C2 (ja) |
WO (1) | WO2005062645A1 (ja) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1893723B (zh) * | 2005-11-18 | 2010-08-11 | 华为技术有限公司 | 移动通信系统中的漫游限制方法及其装置 |
US8380169B2 (en) | 2007-10-12 | 2013-02-19 | Qualcomm Incorporated | System and method for enabling transaction of femto cell information from a host terminal device to a guest terminal device |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7624270B2 (en) * | 2002-11-26 | 2009-11-24 | Cisco Technology, Inc. | Inter subnet roaming system and method |
US8041689B2 (en) * | 2006-11-30 | 2011-10-18 | Red Hat, Inc. | Flexible LDAP templates |
US8145616B2 (en) * | 2007-01-22 | 2012-03-27 | Red Hat, Inc. | Virtual attribute configuration source virtual attribute |
US9286375B2 (en) * | 2007-02-06 | 2016-03-15 | Red Hat, Inc. | Linked lightweight directory access protocol (LDAP) attributes |
US8090686B2 (en) * | 2007-02-13 | 2012-01-03 | Red Hat, Inc. | Multi-master attribute uniqueness |
JP5582344B2 (ja) * | 2010-08-09 | 2014-09-03 | 日本電気株式会社 | 接続管理システム、及びシンクライアントシステムにおける接続管理サーバの連携方法 |
JP5659068B2 (ja) * | 2011-04-04 | 2015-01-28 | オリンパス株式会社 | 無線通信装置、無線通信方法および無線通信プログラム |
HUE049114T2 (hu) * | 2012-10-05 | 2020-09-28 | Ericsson Telefon Ab L M | Jelentés a kiszolgáló hálózatról, az idõzónáról és az UCI-ról |
US10180985B2 (en) * | 2015-02-19 | 2019-01-15 | At&T Intellectual Property I, L.P. | Apparatus and method for automatically redirecting a search |
MX2019001683A (es) * | 2016-08-12 | 2019-06-03 | Huawei Tech Co Ltd | Metodo de radiobusqueda y dispositivo de radiobusqueda. |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0690647A2 (en) * | 1994-06-30 | 1996-01-03 | AT&T Corp. | An authentication hierarchical structure of switching nodes for storage of authentication information |
WO2001069948A1 (en) * | 2000-03-10 | 2001-09-20 | Motorola, Inc. | Multiple tree hierarchical communication system and method |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH0865728A (ja) * | 1994-08-24 | 1996-03-08 | Hitachi Ltd | 移動体通信ネットワークおよび呼制御方法 |
US5564068A (en) * | 1994-10-28 | 1996-10-08 | Telefonaktiebolaget Lm Ericsson | Home location register for manual visitors in a telecommunication system |
US5956637A (en) * | 1996-02-20 | 1999-09-21 | Telefonaktiebolaget L M Ericsson (Publ) | Subscriber database management in a mobile telecommunications system |
SE514266C2 (sv) * | 1997-02-20 | 2001-01-29 | Ericsson Telefon Ab L M | Förfarande och system för att begränsa rörligheten i ett system med kärntjänste- och åtkomstleverantör |
US6138017A (en) * | 1997-12-08 | 2000-10-24 | Nortel Networks Limited | Cellular communications system |
US6868272B1 (en) * | 1999-06-08 | 2005-03-15 | Utstarcom, Inc. | Method and apparatus for roaming in hierarchical mobile communications network |
US6415148B1 (en) * | 1999-12-11 | 2002-07-02 | Qualcomm, Incorporated | System and method for the detection of service from alternate wireless communication systems |
FI112024B (fi) * | 2000-06-28 | 2003-10-15 | Nokia Corp | Verkkovierailun ohjaaminen matkaviestinjärjestelmässä |
-
2004
- 2004-01-30 JP JP2004023384A patent/JP4378182B2/ja not_active Expired - Fee Related
- 2004-12-16 US US10/582,544 patent/US20070149190A1/en not_active Abandoned
- 2004-12-16 EP EP04807639A patent/EP1699250A4/en not_active Withdrawn
- 2004-12-16 RU RU2006126719/09A patent/RU2370911C2/ru active
- 2004-12-16 DE DE04807639T patent/DE04807639T1/de active Pending
- 2004-12-16 WO PCT/JP2004/019282 patent/WO2005062645A1/ja active Application Filing
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0690647A2 (en) * | 1994-06-30 | 1996-01-03 | AT&T Corp. | An authentication hierarchical structure of switching nodes for storage of authentication information |
WO2001069948A1 (en) * | 2000-03-10 | 2001-09-20 | Motorola, Inc. | Multiple tree hierarchical communication system and method |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1893723B (zh) * | 2005-11-18 | 2010-08-11 | 华为技术有限公司 | 移动通信系统中的漫游限制方法及其装置 |
US8380169B2 (en) | 2007-10-12 | 2013-02-19 | Qualcomm Incorporated | System and method for enabling transaction of femto cell information from a host terminal device to a guest terminal device |
Also Published As
Publication number | Publication date |
---|---|
JP4378182B2 (ja) | 2009-12-02 |
RU2006126719A (ru) | 2008-01-27 |
RU2370911C2 (ru) | 2009-10-20 |
EP1699250A1 (en) | 2006-09-06 |
US20070149190A1 (en) | 2007-06-28 |
JP2005210652A (ja) | 2005-08-04 |
EP1699250A4 (en) | 2010-09-01 |
DE04807639T1 (de) | 2007-01-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP3937475B2 (ja) | アクセス制御システムおよびその方法 | |
CN1925485B (zh) | 数据服务器、数据管理方法和数据管理系统 | |
US8396220B2 (en) | System and method of mobile content sharing and delivery in an integrated network environment | |
JP2004363878A (ja) | ネットワークサービス接続方法/プログラム/記録媒体/システム、アクセスポイント、無線利用者端末 | |
JP2004187305A (ja) | 共通のグループラベルを用いたピア・ツー・ピアネットワークにおけるノード間の通信のための方法 | |
WO2005062645A1 (ja) | ローミングシステム、移動体通信システムおよび移動体通信制御方法 | |
KR101127794B1 (ko) | 네트워크 식별자 위치판단 시스템 및 그 방법 | |
US20060036858A1 (en) | Terminal device authentication system | |
JP4345565B2 (ja) | 移動ルータ、位置管理サーバ、移動ネットワーク管理システム、及び移動ネットワーク管理方法 | |
JPWO2007077615A1 (ja) | ソフトウェア実行管理装置、その方法及びプログラム | |
TW200523754A (en) | Method and system for plug and play installation of network entities in a mobile wireless internet | |
TWI245185B (en) | Clustered computer system, method of accessing a group in a clustered computer system, apparatus thereof, and recording medium thereof | |
JP2016144186A (ja) | 通信情報制御装置、中継システム、通信情報制御方法、および、通信情報制御プログラム | |
JP3564117B2 (ja) | 無線lan装置 | |
JP2002261794A (ja) | ホスト接続装置及び方法、並びにそのプログラム | |
JP2005301891A (ja) | アクセス制御装置、情報提供システム及びアクセス制御方法 | |
US20060085202A1 (en) | Method and a system for responding to a request for access to an application service | |
US20130198359A1 (en) | System and method for navigating and accessing resources on private and/or public networks | |
JP4078289B2 (ja) | 認証システム | |
CN118540303B (zh) | 域名解析方法、装置、通信设备、存储介质和产品 | |
KR101145298B1 (ko) | 네트워크 시스템 및 이를 이용한 웹 리다이렉션 방법 | |
US20240129303A1 (en) | Routing device, management center device, user authentication method, and storage medium | |
WO2008039481A1 (en) | System, method and computer program product for identifying, configuring and accessing a device on a network | |
KR100525755B1 (ko) | 공중 무선 랜 서비스에서 무선 단말기 적응 초기 접속웹페이지 제공 방법 | |
KR20030058655A (ko) | Dhcp를 이용한 가상 사설 네트워크 및 그 보안방법 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 200480038487.7 Country of ref document: CN |
|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2004807639 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2007149190 Country of ref document: US Ref document number: 10582544 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2006126719 Country of ref document: RU |
|
WWP | Wipo information: published in national office |
Ref document number: 2004807639 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 10582544 Country of ref document: US |