Search

EP-4742713-A1 - COMMUNICATION METHOD AND APPARATUS, COMMUNICATION DEVICE, COMMUNICATION SYSTEM, AND STORAGE MEDIUM

EP4742713A1EP 4742713 A1EP4742713 A1EP 4742713A1EP-4742713-A1

Abstract

Embodiments of the present disclosure provide a communication method and apparatus, a communication device, a communication system, and a storage medium. The method comprises: sending a first NAI to a network device, wherein the first NAI comprises first information and second information, the first information is used for indicating a first domain corresponding to the network device, the second information is used for indicating a second domain corresponding to a credentials holder of a terminal, and the first domain is an NPN. The technical solution provided by the embodiments of the present disclosure can achieve NSWO when a credentials holder and WLAN-AN are located in different domains.

Inventors

  • LIANG, HAORAN
  • LU, WEI

Assignees

  • Beijing Xiaomi Mobile Software Co., Ltd.

Dates

Publication Date
20260513
Application Date
20230705

Claims (20)

  1. A communication method, performed by a terminal and comprising: sending a first Network Access Identifier (NAI) to a network device; wherein the first NAI comprises first information and second information, the first information is configured to indicate a first realm corresponding to the network device, the second information is configured to indicate a second realm corresponding to a credential holder of the terminal, and the first realm is a Non-Public Network (NPN).
  2. The method according to claim 1, wherein the second realm is one of the following types: a Public Land Mobile Network (PLMN); an NPN; or a realm to which an Authentication, Authorization and Accounting (AAA) server belongs.
  3. The method according to claim 1 or 2, wherein the first NAI satisfies the following format: CHrealm! username@NPNrealm; where CHrealm represents the second information, username represents a username, NPNrealm represents the first information, and CHrealm, username and NPNrealm are separated by ! and @.
  4. The method according to any one of claims 1 to 3, wherein the first information comprises a first Network Identifier (NID), a first Mobile Network Code (MNC) and a first Mobile Country Code (MCC) of the first realm.
  5. The method according to any one of claims 1 to 4, wherein the second realm is a PLMN; and the second information comprises a second MNC and a second MCC of the second realm.
  6. The method according to any one of claims 1 to 5, wherein the second realm is a PLMN; and the second information satisfies the following format: Sgc-nswo.mnc<chMNC>.mcc<chMCC>.3gppnetwork.org; where 5gc-nswo is a non-seamless wireless local area network offload (NSWO) tag, mnc<chMNC> is configured to indicate a second MNC of the second realm, mcc<chMCC> is configured to indicate a second MCC of the second realm, and 3gppnetwork.org is a domain name.
  7. The method according to any one of claims 1 to 6, wherein the second realm is a PLMN; and the first NAI satisfies the following format: 5gc-nswo.mnc<chMNC>.mcc<chMCC>.3gppnetwork.org!<username of SUCI in NAI format>@5gc-nswo.nid<NID>.mnc<servingMNC>.mcc<servingMCC>.3gppnetwork.org; where 5gc-nswo is a NSWO tag, 3gppnetwork.org is a domain name, username is configured to indicate a username in a Subscription Concealed Identifier (SUCI), mnc<chMNC> is configured to indicate a second MNC of the second realm, mcc<chMCC> is configured to indicate a second MCC of the second realm, nid<NID> is configured to indicate a first NID of the first realm, mnc<servingMNC> is configured to indicate a first MNC of the first realm, and mcc<servingMCC> is configured to indicate a first MCC of the first realm.
  8. The method according to any one of claims 1 to 4, wherein the second realm is an NPN; and the second information comprises a second NID, a second MNC and a second MCC of the second realm.
  9. The method according to any one of claims 1-4 and 8, wherein the second realm is an NPN; and the second information satisfies the following format: 5gc-nswo.nid<chNID>.mnc<chMNC>.mcc<chMCC>.3gppnetwork.org; where 5gc-nswo is a NSWO tag, nid<NID> is configured to indicate a second NID of the second realm, mnc<chMNC> is configured to indicate a second MNC of the second realm, mcc<chMCC> is configured to indicate a second MCC of the second realm, and 3gppnetwork.org is a domain name.
  10. The method according to any one of claims 1-4 and 8-9, wherein the second realm is an NPN; and the first NAI satisfies the following format: 5gc-nswo.nid<chNID>.mnc<chMNC>.mcc<chMCC>.3gppnetwork.org!<username of SUCI in NAI format>@5gc-nswo.nid<servingNID>.mnc<servingMNC>.mcc<servingMCC>.3gppnetwork.org; where 5gc-nswo is a NSWO tag, 3gppnetwork.org is a domain name, username is configured to indicate a username in a SUCI, nid<chNID> is configured to indicate a second NID of the second realm, mnc<chMNC> is configured to indicate a second MNC of the second realm, mcc<chMCC> is configured to indicate a second MCC of the second realm, nid<servingNID> is configured to indicate a first NID of the first realm, mnc<servingMNC> is configured to indicate a first MNC of the first realm, and mcc<servingMCC> is configured to indicate a first MCC of the first realm.
  11. The method according to any one of claims 1 to 4, wherein the second realm is a realm to which an AAA server belongs; and the second information comprises indication information of the realm to which the AAA server belongs.
  12. The method according to any one of claims 1-4 and 11, wherein the second realm is an AAA server; and the second information satisfies the following format: 5gc-nswo.AAArealm; where 5gc-nswo is a NSWO tag, and AAArealm is indication information of a realm to which the AAA server belongs.
  13. The method according to any one of claims 1-4 and 11-12, wherein the second realm is an AAA server; and the first NAI satisfies the following format: 5gc-nswo.AAArealm!<username of SUCI in NAI format>@5gc-nswo.nid<NID>.mnc<servingMNC>.mcc<servingMCC>.3gppnetwork.org; where 5gc-nswo is a NSWO tag, 3gppnetwork.org is a domain name, username is configured to indicate a username in a SUCI, AAArealm is indication information of a realm to which the AAA server belongs, nid<NID> is configured to indicate a first NID of the first realm, mnc<servingMNC> is configured to indicate a first MNC of the first realm, and mcc<servingMCC> is configured to indicate a first MCC of the first realm.
  14. The method according to any one of claims 11 to 13, wherein the indication information of the realm to which the AAA server belongs comprises a Fully Qualified Domain Name (FQDN) of the AAA server.
  15. The method according to any one of claims 1 to 14, wherein the first NAI is carried in an Extended Authentication Protocol (EAP) response/identity message.
  16. The method according to any one of claims 1 to 15, wherein before sending the first NAI to the network device, the method further comprises: receiving third information from the network device, wherein the third information is used by the terminal to determine an NAI format of the first NAI.
  17. The method according to claim 16, wherein the third information is carried in an EAP identity/request message.
  18. The method according to any one of claims 1 to 17, wherein the network device is located in a Wireless Local Area Network Access Network (WLAN-AN).
  19. A communication method, performed by a network device, and comprising: receiving a first Network Access Identifier (NAI) from a terminal; wherein the first NAI comprises first information and second information, the first information is configured to indicate a first realm corresponding to the network device, the second information is configured to indicate a second realm corresponding to a credential holder of the terminal, and the first realm is a Non-Public Network (NPN).
  20. The method according to claim 19, wherein the second realm is one of the following types: a Public Land Mobile Network (PLMN); an NPN; or a realm to which an Authentication, Authorization and Accounting (AAA) server belongs.

Description

TECHNICAL FIELD The present disclosure relate to the field of communication technologies, and in particular to a communication method and apparatus, a communication device, a communication system and a storage medium. BACKGROUND In the field of communication technologies, non-seamless wireless local area network offload (NSWO) enables terminals to access access networks in Non-Public Networks (NPNs) without requiring the access networks to register with fifth-generation systems (5GSs). During the NSWO, the terminals and the NPNs can realize mutual authentication based on the shared key. SUMMARY In an NPN scenario, if the NPN and a Credential Holder (CH) of a terminal are in different realms, an access network in the NPN needs to route authentication-related messages from the terminal to the credential holder. Embodiments of the present disclosure provide a communication method and apparatus, a communication device, a communication system, and a storage medium. According to a first aspect of embodiments of the present disclosure, there is provided a communication method, which is performed by a terminal and includes: sending a first Network Access Identifier (NAI) to a network device; wherein the first NAI includes first information and second information, the first information is configured to indicate a first realm corresponding to the network device, the second information is configured to indicate a second realm corresponding to a credential holder of the terminal, and the first realm is an NPN. According to a second aspect of embodiments of the present disclosure, there is provided a communication method, which is performed by a network device and includes: receiving a first NAI from a terminal; wherein the first NAI includes first information and second information, the first information is configured to indicate a first realm corresponding to the network device, the second information is configured to indicate a second realm corresponding to a credential holder of the terminal, and the first realm is an NPN. According to a third aspect of embodiments of the present disclosure, there is provided a communication apparatus, which is provided in a terminal and includes: a sending module, configured to send a first NAI to a network device; wherein the first NAI includes first information and second information, the first information is configured to indicate a first realm corresponding to the network device, the second information is configured to indicate a second realm corresponding to a credential holder of the terminal, and the first realm is an NPN. According to a fourth aspect of embodiments of the present disclosure, there is provided a communication apparatus, which is provided in a network device and includes: a receiving module, configured to receive a first NAI from a terminal; wherein the first NAI includes first information and second information, the first information is configured to indicate a first realm corresponding to the network device, the second information is configured to indicate a second realm corresponding to a credential holder of the terminal, and the first realm is an NPN. According to a fifth aspect of embodiments of the present disclosure, there is provided a communication device, which includes at least one processor. The processor is configured to invoke instructions to execute the communication method as described in the first or second aspect. According to a sixth aspect of embodiments of the present disclosure, there is provided a communication system, which includes a terminal and a network device. The terminal is configured to implement the communication method as described in the first aspect. The network device is configured to implement the communication method as described in the second aspect. According to a seventh aspect of embodiments of the present disclosure, there is provided a storage medium having instructions stored. The instructions, when executed by a processor, perform the communication method as described in the first or second aspect. According to an eighth aspect of embodiments of the present disclosure, there is provided a computer program or computer program product. The computer program or computer program product includes codes. Instructions, when executed by a processor, perform the communication method as described in the first or second aspect. According to the embodiments of the present disclosure, the first NAI sent by the terminal to the network device includes both the first information and the second information. The first information indicates the realm corresponding to the network device, and the second information indicates the realm corresponding to the credential holder of the terminal. The network device obtains, based on the received first NAI, the realm corresponding to the network device and the realm corresponding to the credential holder, thereby enabling it to route the authentication-related information from the terminal t