Authentication method, device, and system
摘要
說明書
In one aspect, the UDM network element may obtain the first link information that represents the access location of the NG-RG and the second link information of the NG-RG, and may verify validity of the access location of the NG-RG based on the first link information and the second link information. Therefore, according to the authentication method provided in the embodiment of this application, the validity of the access location of the NG-RG can be verified in a fixed-mobile convergence architecture. In another aspect, because the UDM network element may obtain the first virtual interface information that represents the current service type of the NG-RG and the second virtual interface information of the NG-RG, and may verify validity of the current service of the NG-RG based on the first virtual interface information and the second virtual interface information. Therefore, according to the authentication method provided in the embodiment of this application, the validity of the current service of the NG-RG may be verified in the fixed-mobile convergence architecture. In still another aspect, in the embodiment of this application, when deriving the second key required by the non-3GPP network, the NG-RG or the AMF network element considers the classification identifier of the non-3GPP network, and determines the second key based on the first key, the identifier of the non-3GPP network, and the classification identifier of the non-3GPP network. Therefore, different types of access manners in the non-3GPP network can be isolated.
