CN100421519C - A Security-Based User Plane Mobile Location Method - Google Patents

Abstract

The invention discloses a security-based user plane mobile positioning method. After the H-SLP receives the positioning request for the target SET sent by the SUPL agent, the H-SLP obtains the third-party client information for confirming whether the positioning process is carried out. And send a positioning confirmation message to the third-party client, and start the positioning process of the target SET after receiving the confirmation result message carrying the positioning permission information returned by the third-party client. The invention satisfies the requirement that the locating process of the target SET needs the permission of the third-party client, and further expands the application range of the SUPL protocol.

Description

A Security-Based User Plane Mobile Location Method

technical field

The invention relates to the technical field of location services, in particular to a security-based user plane mobile positioning method.

Background technique

For the security-based user plane mobile location service, the International Open Mobile Alliance (OMA, Open Mobile Alliance) has formulated a set of security-based user plane mobile location (SUPL, Secure User Plane Location) protocols, which have comprehensively implemented the service specification. Utilizing the SUPL protocol, it can provide accurate positioning for SUPL Terminals (SET, SUPL Enabled Terminal) with positioning capabilities such as Assisted Global Positioning System (AGPS, Assisted Global Positioning System) without any modification to the existing network equipment. The SUPL protocol specifies the network-initiated positioning process and the SET-initiated positioning process, and also specifies the message interface in the positioning process. In the positioning process initiated by the network, the mobile location service (MLS, MobilcLocation Service) application on the network side sends the location request of the initiator client to the target SET to the SUPL location platform (SLP, SUPL Location Platform) through the SUPL proxy, and uses The subsequent SUPL positioning process such as AGPS technology obtains the precise position information of the target SET. In the SET-initiated positioning process, the SET actively initiates a positioning request to the SLP, and obtains its own precise location information through the subsequent positioning process using AGPS technology.

A typical network-originated positioning process is shown in Figure 1, which mainly includes the following steps:

Step 101: the SUPL agent associated with the SLP (H-SLP) to which the target SET belongs on the network side sends a Mobile Location Protocol (MLP, Mobile Location Protocol) immediate location request (SLIR, Standard Location Immediate Request) message to the H-SLP, the The MLP SLIR message carries the initiator client identification (Client-ID) and target SET identification (MS-ID).

Step 102: After the H-SLP receives the MLP SLIR message, it judges whether the position of the target SET saved by itself and obtained in the previous positioning process satisfies the positioning quality (QoP, Quality of Position) requirement, if so, executes step 103; otherwise, Go to step 108.

QoP can include positioning accuracy, response time, and maximum allowable time limit, etc. For example, QoP requires that the maximum allowable time limit for the location information of the target SET stored by H-SLP is 120 seconds, then the target SET position obtained before 120 seconds cannot be used as the current The position of the target SET is now.

Here, after the H-SLP receives the MLP SLIR message, it needs to authenticate the SUPL agent, and check whether the SUPL agent has the right to use the requested service according to the identity of the initiator client, and based on the identity of the target SET, the H-SLP also needs to Perform privacy authentication on the initiator client.

Step 103: The H-SLP judges whether the private information of the target SET includes information requiring the target SET to notify and/or confirm its positioning process, and if so, executes step 104; otherwise, executes step 117.

The privacy information of the target SET is stored in the Privacy Checking Entity (PCE, Privacy Checking Entity). H-SLP needs to first obtain the privacy information of the target SET from the PCE, and then search the privacy information to request the target SET to notify itself of the positioning process. and/or confirmed information.

Step 104: The H-SLP determines that the target SET is not currently roaming.

Here, the H-SLP may also need to determine whether the target SET supports the SUPL protocol, and if so, perform step 105; otherwise, directly return the MLP immediate location response (SLIA, Standard Location Immediate Answer) message carrying the location failure information to the SUPL agent, this process Finish.

Step 105: H-SLP sends a SUPL initialization (INIT) message to the target SET, the message carries a notification (Notification) parameter and a positioning method parameter whose value is "no position (no position)", and the notification parameter is used to specify the target SET to return an acknowledgment way of results.

The SUPL initialization message includes a session ID (Session-ID), and may also include QoP, address information of the H-SLP, a key ID (Key ID) and a message authentication code (MAC, Message Authentication Code).

Based on security, before the H-SLP sends the SUPL initialization message, it should calculate the hash value (Hash) of the SUPL initialization message according to the algorithm stipulated in the SUPL protocol, and then put the Hash into the verification field parameter of the SUPL initialization message and send it to Target SET: After receiving the SUPL initialization message, the target SET also calculates the Hash of the SUPL initialization message according to the algorithm specified in the SUPL protocol, and then matches the Hash with the Hash sent by the H-SLP. If the match is successful, it accepts The SUPL initialization message sent by the H-SLP; if the match fails, the SUPL initialization message sent by the H-SLP is ignored, and the H-SLP sends the MLP SLIA message carrying the positioning failure parameter to the SUPL agent after waiting for the response of the SUPL initialization message to time out.

The SUPL initialization message can be carried by the wireless application protocol push (WAP PUSH) method, and can also be carried by the short message service (SMS, Short Message Service) method.

Step 106: After receiving the SUPL initialization message, the target SET sends a SUPL end (END) message to the H-SLP according to the notification parameter carried in the message.

If the notification parameter requires the target SET to confirm the positioning process, then the SUPL end message needs to carry the confirmation result: access allowed or denied.

If the SUPL initialization message carries the key ID and MAC, the target SET can judge whether the SUPL initialization message is credible according to the key ID and MAC. If it is credible, it will process the SUPL initialization message; if it is not credible, it will ignore it. For the SUPL initialization message, after the H-SLP waits for the response message to time out, it returns the MLP SLIA message carrying the positioning failure parameter to the SUPL agent, and this process ends.

If the target SET is not yet bound to the packet data network when receiving the SUPL initialization message, the target SET will bind itself to the packet data network; or establish a circuit switched data connection to bind itself to the packet data network through the connection. packet data online.

Generally, the target SET can use the address of the H-SLP provided by its own home network to establish a secure IP connection with the H-SLP, or use the H-SLP address carried in the SUPL initialization message to establish a secure IP connection with the H-SLP; If the SUPL initialization message does not carry the H-SLP address, the target SET uses the default address of the H-SLP configured by itself to establish a secure IP connection with the H-SLP.

Step 107: H-SLP receives the SUPL end message, and judges whether the SUPL end message carries an access rejection parameter, if so, sends the MLP SLIA message carrying the location failure parameter to the SUPL agent, and the process ends; otherwise, sends the SUPL agent to carry the target MLP SLIA message at the SET position, this process ends.

Step 108: The H-SLP determines that the target SET is not currently roaming.

Here, the H-SLP may also need to judge whether the target SET supports the SUPL protocol, and if so, execute step 109; otherwise, directly return the MLP SLIA message carrying the location failure parameter to the SUPL agent, and the process ends.

Step 109: The H-SLP sends a SUPL initialization message to the target SET, and the SUPL initialization message carries the ID of the initiator client.

The SUPL initialization message includes dialogue identification and positioning method parameters, and may also include QoP, H-SLP address, key identification and MAC.

If the private information of the target SET includes information that requires the target SET to notify and/or confirm its positioning process, the SUPL initialization message also needs to carry a notification parameter, which is used to specify the way the target SET returns the confirmation result.

Step 110: After receiving the SUPL initialization message, the target SET judges whether the SUPL initialization message carries notification parameters, and if so, executes step 111; otherwise, executes step 113.

Step 111: The target SET judges whether it is allowed to locate itself according to the ID of the initiator client carried in the SUPL initialization message, and if so, executes step 113; otherwise, executes step 112.

Step 112: The target SET returns a SUPL end message carrying location rejection information to the H-SLP. After receiving the SUPL end message, the H-SLP returns an MLP SLIA message carrying location failure parameters to the SUPL agent, and the process ends.

Step 113: The target SET sends a SUPL positioning initialization (SUPL POS INIT) message to the H-SLP.

The SUPL positioning initialization message contains at least a session identifier, a location identifier and SET capabilities. The location identifier refers to the cell location identifier of the target SET, which is used to describe the approximate location of the target SET. SET capabilities include: positioning methods supported by target SETs, such as: SET-assisted AGPS positioning methods, SET-based AGPS positioning methods, etc.; and related positioning protocols, such as: Radio Resource Location Service Protocol (RRLP, Radio Resource Location service Protocol), Radio Resource Control (RRC, Radio Resource Control) protocol, Telecommunications Industry Association (TIA, Telecommunications Industries Association)-801 protocol, etc.

The target SET may also carry network measurement report (NMR, Network Measurement Report) parameters related to the currently used wireless technology in the SUPL positioning initialization message, such as: for a GSM network, the NMR parameters are time advance (TA, Time Advance) and Received signal strength (RXLEV, Received signal LEVel).

The target SET may also carry its own location information in the SUPL positioning initialization message. The location information is the location information of the target SET that has been calculated or obtained. After receiving the location information, the H-SLP can store the location information As the reference location information of the target SET, the location information may also be ignored.

The target SET may set the requested assistance data (Requested Assistance Data) parameter in the SUPL positioning initialization message, which indicates the assistance data required by the SET during the SUPL positioning process.

Step 114: The H-SLP receives the SUPL positioning initialization message, and judges whether the position of the target SET corresponding to the location identifier contained in the SUPL positioning initialization message meets the QoP requirement, and if so, executes step 116; otherwise, executes step 115.

Step 115: The H-SLP determines the final positioning method to be adopted according to the positioning method supported by the target SET included in the SUPL positioning initialization message, and starts the SUPL positioning process, and obtains the position information of the target SET after the positioning process is completed.

The positioning method finally determined by the H-SLP is supported by both the H-SLP and the target SET.

During the SUPL positioning process, some intermediate positioning process information may be continuously exchanged between the target SET and the H-SLP. The position of the target SET can be calculated by the H-SLP based on the position measurement information sent by the target SET, such as: SET-assisted AGPS positioning, or the target SET can calculate its own position based on the auxiliary data provided by the H-SLP, such as: SET-based AGPS position.

Step 116: The H-SLP sends a SUPL end message to the target SET.

If the location of the target SET corresponding to the location identifier carried in the SUPL location initialization message meets the QoP requirements, the H-SLP carries the location information of the target SET in the SUPL end message. If the H-SLP performs the SUPL positioning process, the H-SLP determines whether to add the location information of the target SET to the SUPL end message according to the positioning method and positioning protocol used in the SUPL positioning process. After receiving the SUPL end message, the target SET releases all resources related to this session.

Step 117: The H-SLP sends the MLP SLIA message to the SUPL agent, and the message carries the location information of the target SET.

The target SET location information carried in the MLP SLIA message may be the location information of the target SET previously calculated by the H-SLP, or it may be the location information of the target SET obtained during the SUPL positioning process.

When the H-SLP sends the MLP SLIA message, it releases all resources related to this session.

It can be seen from the above positioning process that only the target SET and the initiator client participate in the network-initiated positioning process; similarly, in the prior art, only the target SET itself participates in the SET-initiated positioning process. The client described in this paper includes entities such as SET and service provider (SP, Service Provider). However, with the development of communication technology, the application requirements of location services are becoming more and more abundant. In the positioning process initiated by some networks or SETs, the positioning process of the target SET may require the permission of other clients, for example: user 2 is a paid user of user 1's location service, such as: user 2 and user 1 are father and son relationship, employment relationship, etc. When SET1 corresponding to user 1 initiates a location service request, such as: initiates a self-location request, or initiates a location request to SET3 through the MLS application on the network side, the positioning process for SET1 itself or SET3 needs to go through the location process of user 2. It can only be performed after the permission of SET2. However, the current SUPL agreement has no provisions related to this.

Contents of the invention

In view of this, the main purpose of the present invention is to provide a security-based user plane mobile positioning method to meet the requirement that the positioning of the target SET needs to be permitted by a third-party client, and further expand the application range of the SUPL protocol.

In order to achieve the above object, technical solution of the present invention is achieved in that way:

A security-based user plane mobile positioning method, the method comprising:

A. The H-SLP to which the target SET belongs receives the third-party client information after receiving the positioning request for the target SET sent by the SUPL agent;

B. H-SLP sends a positioning confirmation message to the third-party client according to the obtained third-party client information, and then H-SLP judges whether it has received the confirmation result message carrying the location-allowing information returned by the third-party client. If so, Then start to locate the target SET; otherwise, this process ends.

The positioning request described in step A carries third-party client information,

In step A, the H-SLP obtains the third-party client information by: obtaining from the positioning request.

The method further includes: when the target SET and/or the initiator client of the positioning request in step A registers the third-party client information when the H-SLP registers, and the H-SLP stores the third-party client information in the corresponding In the registration information of the target SET and/or the initiator client,

In step A, the acquisition of third-party client information by the H-SLP is as follows: the H-SLP acquires it from the registration information of the target SET and/or the initiator client saved by the H-SLP.

The method further includes: when the target SET and/or the initiator client of the positioning request in step A register the location service, report the third-party client information to the PCE, and the PCE correspondingly saves the third-party client information in the target SET and/or in the private information of the initiator client,

The H-SLP obtaining third-party client information in step A specifically includes: the H-SLP obtains the privacy information of the target SET and/or the initiator client from the PCE, and obtains the target SET and/or the initiator client The third-party client information corresponding to the target SET and/or the initiator client is found in the private information of the client.

In step B, after the H-SLP sends the location confirmation message to the third-party client, before the end of the process, it further includes: the third-party client returns a confirmation result message carrying location rejection information to the H-SLP.

Before the H-SLP in step B sends the location confirmation message to the third-party client, it further includes: the H-SLP calculates and saves the Hash of the location confirmation message according to the algorithm specified in the SUPL protocol,

After the H-SLP in step B sends the location confirmation message to the third-party client and before receiving the confirmation result message returned by the third-party client, it further includes: after the third-party client receives the location confirmation message, according to the SUPL protocol Calculate the Hash of the positioning confirmation message according to the specified algorithm, and then return the Hash and the confirmation result message to the H-SLP,

And, after the H-SLP described in step B receives the confirmation result message returned by the third-party client, it further includes: the H-SLP receives the Hash returned together with the confirmation result message, and then matches the Hash with the Hash saved by itself , if the matching is successful, accept the confirmation result message; otherwise, ignore the confirmation result message.

The method further includes: the third-party client pre-stores all SET identifications allowed to be located, and,

After the H-SLP in step B sends the positioning confirmation message to the third-party client, before receiving the confirmation result message returned by the third-party client, it further includes:

After the third-party client receives the location confirmation message, it searches for the target SET identifier carried in the location confirmation message and/or the originator client identifier of the location request described in step A, and if found, returns it to the H-SLP. A confirmation result message carrying the location-allowed information; otherwise, the process ends.

The method further includes: the third-party client pre-stores all SET identifications allowed to be located, and,

After the H-SLP in step B sends the positioning confirmation message to the third-party client, before receiving the confirmation result message returned by the third-party client, it further includes:

After the third-party client receives the positioning confirmation message, it displays the target SET identification carried in the positioning confirmation message and/or the initiator client identification of the positioning request described in step A to the user, and displays "allow" and "deny" to the user. " option, and return the confirmation result message corresponding to the detected option selected by the user to the H-SLP.

After the H-SLP in step B sends the positioning confirmation message to the third-party client, before receiving the confirmation result message returned by the third-party client, it further includes:

After the third-party client receives the positioning confirmation message, it returns a confirmation result message to the H-SLP, and at the same time, the target SET identification carried in the positioning confirmation message and/or the initiator client identification and confirmation result of the positioning request described in step A Information is displayed to the user.

After the H-SLP in step B sends the positioning confirmation message to the third-party client and before receiving the confirmation result message returned by the third-party client, it further includes:

The third-party client uses the H-SLP address provided by its home network to establish a secure IP connection with the H-SLP.

After the H-SLP in step B sends the positioning confirmation message to the third-party client and before receiving the confirmation result message returned by the third-party client, it further includes:

The third-party client detects whether the location confirmation message contains an H-SLP address, and if so, uses the H-SLP address contained in the location confirmation message to establish a secure IP connection with the H-SLP; otherwise, uses the H-SLP address configured by itself. The default address establishes a secure IP connection with the H-SLP.

The location confirmation message sent by the H-SLP to the third-party client in step B carries key information,

And, after the H-SLP described in step B sends the positioning confirmation message to the third-party client, before receiving the confirmation result message returned by the third-party client, it further includes:

After receiving the location confirmation message, the third-party client verifies the key information carried in the location confirmation message. If the verification is passed, it accepts the location confirmation message, and after determining whether to allow or deny the target SET to perform location, it sends the H - The SLP returns a corresponding confirmation result message.

The key information is key identifier and MAC.

After the H-SLP in step B sends the location confirmation message to the third-party client, it further includes:

After receiving the positioning confirmation message, the third-party client detects that it is not currently bound to the packet data network, and then directly binds itself to the packet data network; or, first establishes a circuit-switched data connection, and then connects itself Bind to the packet data network.

The location confirmation message sent by the H-SLP in step B is sent to the third-party client through WAP push, or sent to the third-party client through SMS.

The positioning of the target SET by the H-SLP described in step B specifically includes:

C1. The H-SLP judges whether the location of the target SET saved by itself and obtained in the previous positioning process meets the QoP requirements. If so, take the location as the location of the target SET, and this process ends; otherwise, execute step C2;

C2. After the H-SLP determines that the current target SET is not roaming, it sends a SUPL initialization message to the target SET. After receiving the SUPL initialization message, the target SET returns a SUPL positioning initialization message carrying a positioning method and a location identifier to the H-SLP;

C3. After receiving the SUPL positioning initialization message, the H-SLP judges whether the location of the target SET corresponding to the location identifier carried in the SUPL location initialization message meets the QoP requirements. If so, the location corresponding to the location identifier is used as the location of the target SET. The process ends; otherwise, execute step C4;

C4. The H-SLP determines the final positioning method according to the positioning method carried in the SUPL positioning initialization message, and then starts SUPL positioning for the target SET.

The number of third-party clients described in step B is two,

In step B, the H-SLP sends the location confirmation message to the third-party client as follows: the H-SLP sends the location confirmation message to the two third-party clients,

In step B, the H-SLP receives the confirmation result message carrying the positioning permission information returned by the third-party client: the H-SLP receives the confirmation result messages carrying the positioning permission information returned by the two third-party clients.

Compared with the prior art, the present invention first obtains the third-party client information that needs to be confirmed for this positioning process after receiving the positioning request for the target SET sent by the SUPL agent through H-SLP, and obtains the third-party After the permission of the client, the positioning process of the target SET is carried out, which meets the requirement that the positioning process of the target SET needs to be permitted by the third-party client, and further expands the application range of the SUPL protocol.

Description of drawings

FIG. 1 is a flow chart of implementing network-originated positioning in the prior art;

FIG. 2 is a flow chart of implementing security-based user plane mobile positioning in the present invention;

Fig. 3 is a flowchart of a specific embodiment of implementing network-initiated positioning in the present invention.

Detailed ways

The core idea of the present invention is: after H-SLP receives the positioning request to the target SET sent by SUPL agent, it first obtains the third-party client information, then confirms to the third-party client whether this positioning process is carried out, and obtains After the permission of the third-party client, the process of locating the target SET is performed.

The present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments. The client receiving the notification described below is a third-party client.

Fig. 2 is the flowchart that realizes SUPL provided by the present invention, as shown in Fig. 2, its specific steps are as follows:

Step 201: The H-SLP receives a location request for the target SET sent by the SUPL agent, and the location request message carries the target SET ID, or carries the target SET ID and the initiator client ID.

If the location request for the target SET is a self-location request initiated by the target SET through its own SUPL agent, the location request message only carries the target SET identifier; if the location request for the target SET is the SUPL associated with the H-SLP on the network side When the proxy initiates a location request from the initiator client to the target SET, the location request message carries the target SET identifier and the initiator client identifier.

Step 202: After receiving the positioning request, the H-SLP obtains the accepted notification (Accepted) client information.

The notification receiving client information includes: the identification of the notification receiving client, the service information registered by the notification receiving client, and the like.

H-SLP can obtain the notification client information through one of the following three ways:

Approach 1: Obtain the acceptance notification client information in the MLP SLIR message;

The MLP SLIR message can carry the acceptance notification client information.

Approach 2: find out the information of the receiving notification client in the registration information of the target SET and/or the initiator client saved by itself;

The target SET and/or the initiator client can register the acceptance notification client information when registering with the H-SLP, and then the H-SLP will accept the notification client information corresponding to the registration information stored in the target SET and/or the initiator client middle.

Approach 3: Find the client information of acceptance notification from the target SET obtained from the PCE and/or the privacy information reported by the initiator client.

When the target SET and/or the initiator client register the location service, they can report the client information of the acceptance notification to the PCE, and then the PCE correspondingly saves the client information of the acceptance notification in the private information of the target SET and/or the initiator client.

Here, the H-SLP may acquire not only the notification acceptance client information corresponding to the target SET, but also the notification acceptance client information corresponding to the initiator client, that is, there may be one or two notification acceptance clients.

Step 203: The H-SLP sends a location confirmation message to the client receiving the notification according to the information of the client receiving the notification, that is: a SUPL notification (Notify) message, and the SUPL notification message carries the target SET identifier and/or the initiator client identifier to notify Accept and notify the client to confirm this positioning process.

If the H-SLP obtains the information of two clients receiving the notification, the H-SLP needs to send a SUPL notification message to both clients, and whether the SUPL notification message carries the target SET identifier, or the initiator client identifier, or The principle of carrying both is: must carry the target SET ID or initiator client ID corresponding to the client receiving the notification, and the initiator client ID or target SET ID corresponding to the client receiving the notification may or may not be carried. carry. For example: if the receiving notification client is the location service payment user of the initiator client obtained by the H-SLP from the privacy information of the initiator client, then the SUPL notification message sent by the H-SLP to the acceptance notification client must carry The originator client identifier can also carry the target SET identifier. In this way, after receiving the SUPL notification message, the receiving notification client knows that its corresponding user is the location service paying user corresponding to the originator client identifier carried in the message. Then, according to predetermined rules, it is judged whether payment should be made for the service initiated by the initiator client, and if so, positioning is allowed; otherwise, positioning is refused. If the SUPL notification message carries the target SET identifier, the receiving notification client may further determine whether positioning is allowed according to the target SET identifier.

Step 204: Accept the notification that the client receives the SUPL notification message, and determine whether to allow this positioning process according to the target SET identifier and/or the initiator client identifier carried in the SUPL notification message, if so, execute step 207; otherwise, execute Step 205.

If the notification client needs to communicate with the H-SLP through the IP link, then when receiving the SUPL notification message, if the notification client has not been bound to the packet data network, the notification client will bind itself to the packet data network to establish a data connection with a packet network; or establish a circuit-switched data connection through which it binds itself to a packet data network.

Accept the notification client to determine whether to allow this positioning process, through:

1. Accept the notification The client itself saves all the SET identifications allowed to be located. After receiving the SUPL notification message, it searches for the target SET identification and/or the initiator client identification carried in the SUPL notification message. If found, then This positioning process is allowed; otherwise, this positioning process is refused.

2. Accept the notification After receiving the SUPL notification message, the client will display the target SET ID and/or initiator client ID carried in the SUPL notification message to the user, and provide the user with options of "allow" and "deny". If the user selects "Allow", the positioning process is allowed; if it is detected that the user selects "Deny", the positioning process is refused.

Step 205: Accept the notification. The client sends a SUPL Confirmation (Verify) message to the H-SLP, and the SUPL Confirmation message carries the confirmation result (Verify Status) information: positioning is refused.

Step 206: The H-SLP receives the SUPL acknowledgment message carrying location rejection information, notifies the SUPL agent that the location fails, and specifies the reason for the failure: accept and notify the client to reject the location, and this process ends.

If there are two notification clients, as long as the H-SLP receives a SUPL acknowledgment message carrying location rejection information returned by any notification client, it will notify the SUPL agent of location failure.

Step 207: Accept the notification. The client sends a SUPL confirmation message to the H-SLP. The SUPL confirmation message carries confirmation result information: positioning is allowed.

Step 208: The H-SLP starts to locate the target SET after receiving the SUPL acknowledgment message carrying the location permission information.

If there are two notification clients, the H-SLP must receive SUPL acknowledgment messages carrying positioning permission information returned by the two notification clients before starting to locate the target SET.

Fig. 3 is the flow chart of the specific embodiment that realizes the SUPL that the network originates provided by the present invention, as shown in Fig. 3, in this embodiment, accepting the notice client is specifically accepting the notice SET, and its specific steps are as follows:

Step 301: The SUPL agent associated with the H-SLP to which the target SET belongs at the network side sends an MLP SLIR message to the H-SLP, and the MLP SLIR message carries the ID of the initiator client and the ID of the target SET.

Step 302: After receiving the MLP SLIR message, the H-SLP judges whether it has found the acceptance notification SET information, if so, executes step 303; otherwise, executes step 310.

The notification acceptance SET information includes: the identification of the notification acceptance SET, the service information registered by the notification acceptance SET, and so on.

H-SLP can find the acceptance notification SET information through one of the following three ways:

Approach 1: H-SLP finds the acceptance notification SET information in the MLP SLIR message;

Approach 2: The H-SLP finds the notification acceptance SET information in the registration information of the target SET and/or the initiator client saved by the H-SLP;

Approach 3: The H-SLP finds the acceptance notification SET information in the target SET obtained from the PCE and/or the privacy information reported by the initiator client.

The H-SLP may find the information of one SET that accepts the notification, or find the information of two SETs that accept the notification.

Here, after the H-SLP receives the MLP SLIR message, it needs to authenticate the SUPL agent, and check whether the SUPL agent has the right to use the requested service according to the identity of the initiator client, and based on the identity of the target SET, the H-SLP also needs to Perform privacy authentication on the initiator client.

Step 303: The H-SLP sends a SUPL notification message to the SET that accepts the notification, and the SUPL notification message carries the ID of the initiator client and/or the ID of the target SET to notify the SET that accepts the notification that it needs to confirm the positioning process.

If the H-SLP obtains the information of two acceptance notification SETs, the H-SLP needs to send SUPL notification messages to both the acceptance notification SETs. The SUPL notification message must carry the target SET ID or the initiator client ID corresponding to the SET that accepts the notification.

The SUPL notification message also carries a notification parameter, which is used to specify the manner in which the SET receives the notification and returns whether to allow this positioning process. For example: if the SET accepts the notification to allow this positioning process, this parameter specifies that the SUPL confirmation message that the SET accepts the notification carries a confirmation result parameter with a value of "Allow"; if the SET accepts the notification and refuses to perform this positioning process, the The parameter specifies that the acceptance notification SET carries a confirmation result parameter whose value is "reject" or empty in the returned SUPL confirmation message.

The SUPL notification message can be carried by WAP push or SMS trigger.

Based on security, before the H-SLP sends the SUPL notification message, it shall calculate and store the Hash of the SUPL notification message according to the algorithm stipulated in the SUPL protocol; after receiving the SUPL notification message, the H-SLP shall also calculate and store the Hash of the SUPL notification message according to the algorithm specified in the SUPL protocol. Calculate the Hash of the SUPL notification message, and then put the Hash into the verification field parameter of the SUPL confirmation message. After the H-SLP receives the Hash carried in the SUPL confirmation message, it compares the Hash it saves with the Hash returned by the acceptance notification SET. Match, if the match is successful, accept the SUPL confirmation message returned by the notification SET, if the match fails, ignore the SUPL confirmation message returned by the notification SET.

The security mechanism between the H-SLP and the SET that accepts the notification fully adopts the security mechanism stipulated in the SUPL agreement. In the SUPL protocol, the message code stream is calculated according to the specified algorithm, and a Hash about the message will be obtained. A SUPL entity adopting this security mechanism, before sending a certain message or after receiving a certain message, calculates the message according to the algorithm specified in the security mechanism of the SUPL protocol, and can obtain a Hash about the message.

In addition, the H-SLP can carry the key ID and MAC in the SUPL notification message. If the SET supports the key ID and MAC, it will verify the key ID and MAC after receiving the SUPL notification message. If the verification is passed, the SUPL notification message is accepted; if the verification fails, the SUPL notification message is ignored.

Step 304: Accept the notification that the SET receives the SUPL notification message, and determine whether to allow this positioning process according to the initiator client ID and/or the target SET ID carried in the SUPL notification message, if so, go to step 307; otherwise, go to step 305 .

If the SET that accepts the notification needs to communicate with the H-SLP through the IP link, then after receiving the SUPL notification message, if the SET that accepts the notification finds that it is not bound to the packet data network, it will directly bind itself to the packet data network; or through Establishes a circuit-switched data connection, binding itself to a packet data network.

Accept the notification SET to determine whether to allow this positioning process, through:

1. Accept the notification SET itself saves all initiator client IDs and/or target SET IDs that are allowed to be located. After receiving the SUPL notification message, it searches for the initiator client ID and/or target carried in the SUPL notification message. If the SET logo is found, the positioning process is allowed; otherwise, the positioning process is refused.

After the acceptance notification SET determines whether to allow the positioning process, it can display the confirmation result "allow" or "deny" together with the initiator client ID and/or the target SET ID to the user.

2. Accept the notification After receiving the SUPL notification message, the SET will display the initiator client ID and/or target SET ID carried by the SUPL notification message to the user, and provide the user with options of "allow" and "deny". After the user selects an option, the acceptance notification SET sends the confirmation result corresponding to the option to the H-SLP through the SUPL confirmation message. For example: if the user sees the identity of the originator client and the identity of the target SET, he knows that he is a paid user of the location service of the user corresponding to the originator client, and judges according to the predetermined rules that he should be the user of the target SET corresponding to the identity of the target SET. Pay for positioning, so the user selects the "Allow" option, and after receiving the notification, the SET detects that the user selects "Allow", and then sends the permitted positioning information to the H-SLP through the SUPL confirmation message.

Step 305: The SET accepts the notification and sends a SUPL confirmation message to the H-SLP, the message carries location rejection information, and at the same time, the SET accepts the notification and releases related resources.

Generally, the SET accepts the notification and uses the H-SLP address provided by its own home network to establish a secure IP connection with the H-SLP. It can also use the H-SLP address carried in the SUPL notification message to establish a secure IP connection with the H-SLP; if the SUPL notification message Without the H-SLP address, use the default address of the H-SLP configured by itself to establish a secure IP connection with the H-SLP.

Step 306: After receiving the SUPL acknowledgment message carrying location rejection information, the H-SLP sends an MLP SLIA message carrying location failure information to the SUPL agent, and this process ends.

If there are two notification acceptance SETs, as long as the H-SLP receives a SUPL acknowledgment message carrying location rejection information returned by any notification acceptance SET, it will notify the SUPL proxy of location failure.

When the H-SLP sends the MLP SLIA message, it releases all resources related to this session.

Step 307: The SET accepts the notification and sends a SUPL confirmation message to the H-SLP, the message carries the location permission information, and at the same time, the SET receives the notification and releases related resources.

Step 308: The H-SLP receives the SUPL acknowledgment message carrying the location permission information.

If there are two notification acceptance SETs, the H-SLP must receive SUPL acknowledgment messages carrying the location permission information returned by the two notification acceptance SETs before starting to execute step 309 .

Step 309: The H-SLP judges whether the position of the target SET saved by itself and obtained in the previous positioning process meets the QoP requirement, and if so, executes step 310; otherwise, executes step 315.

Step 310: The H-SLP judges whether the private information of the target SET includes information requiring the target SET to notify and/or confirm its positioning process, and if so, executes step 311; otherwise, executes step 323.

Similarly, the H-SLP needs to first obtain the private information of the target SET from the PCE, and then search the private information for information requiring the target SET to notify and/or confirm its own positioning process.

Step 311: The H-SLP determines that the target SET is not currently roaming.

Here, the H-SLP may also need to judge whether the target SET supports the SUPL protocol, and if so, execute step 312; otherwise, directly return the MLP SLIA message carrying the location failure information to the SUPL agent, and the process ends.

Step 312: The H-SLP sends a SUPL initialization message to the target SET, and the SUPL initialization message carries a notification parameter and a positioning method parameter whose value is "no positioning required".

The SUPL initialization message includes the session identifier, and may also include QoP, H-SLP address, key identifier and MAC.

Based on security, before the H-SLP sends the SUPL initialization message, it should calculate the Hash of the SUPL initialization message according to the algorithm specified in the SUPL protocol, and then put the Hash into the verification field parameter of the SUPL initialization message and send it to the target SET; the target SET After receiving the SUPL initialization message, calculate the Hash of the SUPL initialization message according to the algorithm specified in the SUPL protocol, and then match the Hash with the Hash sent by the H-SLP. If the match is successful, accept the Hash sent by the H-SLP. SUPL initialization message; if the matching fails, the SUPL initialization message sent by the H-SLP is ignored, and the H-SLP sends the MLP SLIA message carrying the positioning failure parameter to the SUPL agent after waiting for the SUPL initialization message response to time out.

The SUPL initialization message can be carried by WAP push or SMS.

Step 313: After receiving the SUPL initialization message, the target SET sends a SUPL end message to the H-SLP according to the notification parameter carried in the SUPL initialization message.

If the notification parameter requires the target SET to confirm the positioning process, then the SUPL end message needs to carry the confirmation result: access allowed or denied.

If the SUPL initialization message carries the key ID and MAC, the target SET can judge whether the SUPL initialization message is credible according to the key ID and MAC. If it is credible, it will process the SUPL initialization message; if it is not credible, it will ignore it. The SUPL initialization message, and after the H-SLP waits for the SUPL initialization message response timeout, returns the MLP SLIA message carrying the positioning failure information to the SUPL agent, and this process ends.

If the target SET is not yet bound to the packet data network when receiving the SUPL initialization message, the target SET will bind itself to the packet data network; or establish a circuit switched data connection to bind itself to the packet data network through the connection. packet data online.

If the SUPL initialization message does not carry the H-SLP address, the target SET can use the default address of the H-SLP configured by its own home network to establish a secure IP connection with the H-SLP, or use the default address of the H-SLP configured by itself , to establish a secure IP connection with the H-SLP.

Step 314: H-SLP receives the SUPL end message, judges whether the SUPL end message carries access rejection information, if so, sends the MLP SLIA message carrying the location failure information to the SUPL agent, and the process ends; otherwise, sends the MLP SLIA message to the SUPL agent message, the MLP SLIA message carries the location information of the target SET, that is, the location information of the target SET obtained by the H-SLP in the previous positioning process, and this process ends.

Step 315: The H-SLP determines that the target SET is not currently roaming.

Here, the H-SLP may also need to judge whether the target SET supports the SUPL protocol, and if so, execute step 316; otherwise, directly return the MLP SLIA message carrying the location failure information to the SUPL agent, and the process ends.

Step 316: The H-SLP sends a SUPL initialization message to the target SET.

The SUPL initialization message includes dialogue identification and positioning method parameters, and may also include QoP, H-SLP address, key identification and MAC.

If the private information of the target SET includes information that requires the target SET to notify and/or confirm its positioning process, the SUPL initialization message also needs to carry a notification parameter.

Step 317: After receiving the SUPL initialization message, the target SET judges whether the SUPL initialization message carries the notification parameter and the identifier of the initiator client, and if so, executes step 318; otherwise, executes step 320.

Step 318: The target SET judges whether it is allowed to locate itself according to the ID of the initiator client carried in the SUPL initialization message, and if so, executes step 320; otherwise, executes step 319.

Step 319: The target SET returns a SUPL end message carrying location rejection information to the H-SLP. After receiving the SUPL end message, the H-SLP returns an MLP SLIA message carrying location failure information to the SUPL agent, and the process ends.

Step 320: The target SET sends a SUPL location initialization message to the H-SLP.

The SUPL positioning initialization message contains at least a session identifier, a location identifier and SET capabilities. SET capabilities include: positioning methods supported by the target SET, such as: SET-assisted AGPS positioning method, SET-based AGPS positioning method, etc.; and related positioning protocols, such as: RRLP, RRC protocol, TIA-801 protocol, etc.

The target SET may also carry NMR parameters related to the currently used wireless technology in the SUPL positioning initialization message. For example, for a GSM network, the NMR parameters are TA and RXLEV.

The target SET may also carry its own location information in the SUPL location initialization message. The location information is the own location information once calculated or obtained by the target SET. After receiving the location information, the H-SLP can use the location information as the reference location information of the target SET, or ignore the location information.

The target SET may set the auxiliary data parameter required by itself in the SUPL positioning initialization message, and the parameter indicates the auxiliary data required by the SET during the SUPL positioning process.

Step 321: The H-SLP receives the SUPL positioning initialization message, and judges whether the position of the target SET corresponding to the location identifier contained in the SUPL positioning initialization message meets the QoP requirement, and if so, executes step 323; otherwise, executes step 322.

Step 322: The H-SLP determines the final positioning method to be adopted according to the positioning method supported by the target SET contained in the SUPL positioning initialization message, and starts the SUPL positioning process.

The positioning method finally determined by the H-SLP is supported by both the H-SLP and the target SET.

During the SUPL positioning process, some intermediate positioning process information may be continuously exchanged between the target SET and the H-SLP. The position of the target SET can be calculated by the H-SLP based on the position measurement information sent by the target SET, such as: SET-assisted AGPS positioning, or the target SET can calculate its own position based on the auxiliary data provided by the H-SLP, such as: SET-based AGPS position.

Step 323: The H-SLP sends a SUPL end message to the target SET.

If the location of the target SET corresponding to the location identifier carried in the SUPL location initialization message meets the QoP requirements, the H-SLP carries the location information of the target SET in the SUPL end message. If the H-SLP performs the SUPL positioning process, the H-SLP determines whether to add the location information of the target SET to the SUPL end message according to the positioning method and positioning protocol used in the SUPL positioning process. After receiving the SUPL end message, the target SET releases all resources related to this session.

Step 324: The H-SLP sends an MLP SLIA message to the SUPL agent, and the MLP SLIA message carries the location information of the target SET.

The target SET location information carried in the MLP SLIA message may be the location information of the target SET obtained by the H-SLP in the previous positioning process, or it may be the target SET position information obtained in the SUPL positioning process.

When the H-SLP sends the MLP SLIA message, it releases all resources related to this session.

The above descriptions are only preferred embodiments of the present invention, and are not intended to limit the protection scope of the present invention.

Claims (17)

1. one kind based on safe user plane running fix SUPL method, it is characterized in that this method comprises:

The SUPL platform H-SLP of A, target SUPL terminal attaching obtains third party's client-side information after receiving the Location Request to target SUPL terminal that SUPL agency sends;

B, H-SLP are according to the third party's client-side information that gets access to, send positioning confirmation message to third party's client, H-SLP judges whether to receive the affirmation results messages that allows locating information of carrying that third party's client returns afterwards, if then begin target SUPL terminal is positioned; Otherwise this flow process finishes.

2. SUPL method as claimed in claim 1, the described Location Request of steps A is carried third party's client-side information,

The described H-SLP of steps A obtains third party's client-side information: obtain from described Location Request.

3. SUPL method as claimed in claim 1, it is characterized in that, described method further comprises: initiator's client of target SUPL terminal and/or the described Location Request of steps A is when H-SLP registers, registration third party client-side information, and H-SLP is kept at third party's client-side information correspondence in the log-on message of target SUPL terminal and/or described initiator's client

The described H-SLP of steps A obtains third party's client-side information: H-SLP obtains from the log-on message of the target SUPL terminal of self preserving and/or described initiator's client.

4. SUPL method as claimed in claim 1, it is characterized in that, described method further comprises: initiator's client of target SUPL terminal and/or the described Location Request of steps A is when registration location is professional, check that to privacy entity PCE reports third party's client-side information, and PCE is kept at third party's client-side information correspondence in the privacy information of target SUPL terminal and/or described initiator's client

The described H-SLP of steps A obtains third party's client-side information and is specially: H-SLP obtains the privacy information of target SUPL terminal and/or described initiator's client to PCE, and finds third party's client-side information of target SUPL terminal and/or described initiator's client correspondence in the privacy information of the target SUPL terminal that gets access to and/or described initiator's client.

5. SUPL method as claimed in claim 1, it is characterized in that, the described H-SLP of step B is after third party's client sends positioning confirmation message, and this flow process further comprises before finishing: third party's client is returned the affirmation results messages of carrying the refusal locating information to H-SLP.

6. SUPL method as claimed in claim 1, it is characterized in that the described H-SLP of step B is before third party's client sends positioning confirmation message, further comprise: H-SLP is according to the algorithm of stipulating in the SUPL agreement, calculate and preserve the cryptographic Hash Hash of this positioning confirmation message

The described H-SLP of step B after third party's client sends positioning confirmation message, receive before the affirmation results messages that third party's client returns, further comprise: after third party's client is received this positioning confirmation message, according to the algorithm of stipulating in the SUPL agreement, calculate the Hash of this positioning confirmation message, then this Hash is together returned to H-SLP with the affirmation results messages

And, the described H-SLP of step B receives after the affirmation results messages that third party's client returns, further comprises, and: H-SLP receives and confirms the Hash that results messages is together returned, and then this Hash and the Hash that self preserves is mated, if the match is successful, then accept described affirmation results messages; Otherwise, ignore described affirmation results messages.

7. SUPL method as claimed in claim 1 is characterized in that, described method further comprises: third party's client is preserved all signs that allow location SUPL terminal in advance, and,

The described H-SLP of step B receives before the affirmation results messages that third party's client returns after third party's client sends positioning confirmation message, further comprises:

After third party's client is received this positioning confirmation message, self searching target SUPL terminal iidentification that this positioning confirmation message carries and/or initiator's client identification of the described Location Request of steps A, if find, then return and carry the affirmation results messages that allows locating information to H-SLP; Otherwise this flow process finishes.

8. SUPL method as claimed in claim 1 is characterized in that, described method further comprises: third party's client is preserved all signs that allow location SUPL terminal in advance, and,

The described H-SLP of step B receives before the affirmation results messages that third party's client returns after third party's client sends positioning confirmation message, further comprises:

After third party's client is received this positioning confirmation message, show target SUPL terminal iidentification that this positioning confirmation message is carried and/or initiator's client identification of the described Location Request of steps A to the user, and show " permission " and " refusal " option to the user, and the affirmation results messages of the option correspondence that detected user is selected returns to H-SLP.

9. SUPL method as claimed in claim 1 is characterized in that, the described H-SLP of step B receives before the affirmation results messages that third party's client returns after third party's client sends positioning confirmation message, further comprises:

After third party's client is received this positioning confirmation message, return the affirmation results messages to H-SLP, initiator's client identification of target SUPL terminal iidentification that this positioning confirmation message is carried and/or the described Location Request of steps A and affirmation object information are shown to the user simultaneously.

10. SUPL method as claimed in claim 1 is characterized in that, the described H-SLP of step B after third party's client sends positioning confirmation message, receive before the affirmation results messages that third party's client returns, further comprise:

The H-SLP address that third party's client uses network of self home to provide is set up safe IP with H-SLP and is connected.

11. SUPL method as claimed in claim 1 is characterized in that, the described H-SLP of step B after third party's client sends positioning confirmation message, receive before the affirmation results messages that third party's client returns, further comprise:

Third party's client detects this positioning confirmation message and whether has the H-SLP address, if the H-SLP address of using this positioning confirmation message to have is set up safe IP with H-SLP and is connected; Otherwise, use the default address of H-SLP of self configuration to set up safe IP and be connected with H-SLP.

12. SUPL method as claimed in claim 1 is characterized in that, the described H-SLP of step B carries key information to the positioning confirmation message that third party's client sends,

And the described H-SLP of step B receives before the affirmation results messages that third party's client returns after third party's client sends positioning confirmation message, further comprises:

After third party's client is received this positioning confirmation message, the key information that this positioning confirmation message is carried is verified,, then accepted this positioning confirmation message if checking is passed through, and after judging that permission or refusal target SUPL terminal position, return corresponding affirmation results messages to H-SLP.

13. SUPL method as claimed in claim 12 is characterized in that, described key information is key identification and Message Authentication Code MAC.

14. SUPL method as claimed in claim 1 is characterized in that, the described H-SLP of step B further comprises after third party's client sends positioning confirmation message:

After third party's client is received this positioning confirmation message, detect that current self not to be tied to grouped data online, it is online then directly self to be tied to grouped data; Perhaps, set up circuit switched data earlier and connect, it is online by this connection self to be tied to grouped data then.

15. SUPL method as claimed in claim 1 is characterized in that, the positioning confirmation message that the described H-SLP of step B sends sends to third party's client by the wap push mode, or sends to third party's client by the short message service mode.

16. SUPL method as claimed in claim 1 is characterized in that, the described H-SLP of step B positions specifically target SUPL terminal and comprises:

C1, H-SLP judge whether the position of the target SUPL terminal of self preserving, obtain in the former position fixing process satisfies alignment quality QoP requirement, if as target SUPL terminal location, this flow process finishes with this position; Otherwise, execution in step C2;

After C2, H-SLP determine that current goal SUPL terminal is roamed, send the SUPL initial message to target SUPL terminal, target SUPL terminal is returned the SUPL location initial message that carries localization method and station location marker to H-SLP after receiving the SUPL initial message;

After C3, H-SLP receive SUPL location initial message, judge whether the position of the target SUPL terminal of the station location marker correspondence that this SUPL location initial message carries satisfies the QoP requirement, if with the position as target SUPL terminal, the position of this station location marker correspondence, this flow process finishes; Otherwise, execution in step C4;

C4, H-SLP determine the final localization method that adopts according to the localization method that SUPL location initial message carries, and begin then target SUPL terminal is carried out the SUPL location.

17. SUPL method as claimed in claim 1 is characterized in that, the number of the described third party's client of step B is two,

The described H-SLP of step B sends positioning confirmation message to third party's client: H-SLP sends positioning confirmation message to described two third party's clients,

The described H-SLP of step B receives that the affirmation results messages of carrying the permission locating information that third party's client is returned is: H-SLP receives the affirmation results messages of carrying the permission locating information that described two third party's clients are returned.

Images