CN106412860B - Multimedia short message authentication method, core network and authorization server in cluster system - Google Patents

Multimedia short message authentication method, core network and authorization server in cluster system Download PDF

Info

Publication number
CN106412860B
CN106412860B CN201610831410.XA CN201610831410A CN106412860B CN 106412860 B CN106412860 B CN 106412860B CN 201610831410 A CN201610831410 A CN 201610831410A CN 106412860 B CN106412860 B CN 106412860B
Authority
CN
China
Prior art keywords
sending
terminal
receiving
short message
authorization code
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610831410.XA
Other languages
Chinese (zh)
Other versions
CN106412860A (en
Inventor
管鲍
尧俊锋
陈钢
关洪军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hytera Communications Corp Ltd
Original Assignee
Hytera Communications Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hytera Communications Corp Ltd filed Critical Hytera Communications Corp Ltd
Priority to CN201610831410.XA priority Critical patent/CN106412860B/en
Publication of CN106412860A publication Critical patent/CN106412860A/en
Application granted granted Critical
Publication of CN106412860B publication Critical patent/CN106412860B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • H04W4/14Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/07User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail characterised by the inclusion of specific contents
    • H04L51/10Multimedia information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/562Brokering proxy services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Multimedia (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention discloses a multimedia short message authentication method in a cluster system, which comprises the following steps: a sending terminal sends a multimedia short message sending request to a cluster core network; the cluster core network judges whether the sending terminal and the receiving terminal are authorized users, if so, at least distributes a first authorization code for the sending terminal and sends authentication information to an authorization server, wherein the authentication information at least comprises the first authorization code; the cluster core network sends a first authorization code and the address of the resource server to the sending terminal; the sending terminal utilizes the first authorization code to carry out sending authentication with the authorization server; after the authentication is successfully sent, the sending terminal uploads the multimedia short message to the resource server; after the uploading is finished, the cluster core network sends the multimedia short message or the address of the multimedia short message to one or at least two receiving terminals. The invention also discloses a cluster core network and an authorization server. By the mode, the invention can realize the sending of the multimedia short message in the cluster system and introduces an authentication mechanism.

Description

Multimedia short message authentication method, core network and authorization server in cluster system
Technical Field
The invention relates to the field of trunking communication, in particular to a multimedia short message authentication method in a trunking system, a trunking core network and an authorization server.
Background
At present, only text short messages are sent in a cluster system, and large-file short messages such as multimedia short messages are not supported. And the cluster system has no authentication mechanism for the short message service, has no limit on the identities/authorities of the sending terminal and the receiving terminal of the short message, and may have unauthorized transmission of the short message, even bring about potential safety hazard.
Disclosure of Invention
The invention mainly solves the technical problem of providing a multimedia short message authentication method, a cluster core network and an authorization server in a cluster system, which can solve the problem that the cluster system in the prior art supports text short messages and has no authentication mechanism.
In order to solve the technical problems, the invention adopts a technical scheme that: a multimedia short message authentication method in a cluster system is provided, which comprises the following steps: a sending terminal sends a multimedia short message sending request to a cluster core network through a sending side cluster base station; the cluster core network judges whether the sending terminal and the receiving terminal are authorized users, if so, at least distributes a first authorization code for the sending terminal and sends authentication information to an authorization server, wherein the authentication information at least comprises the first authorization code; the cluster core network sends a first authorization code and the address of the resource server to the sending terminal through the cluster base station at the sending side; the sending terminal utilizes the first authorization code to carry out sending authentication with the authorization server; after the authentication is successfully sent, the sending terminal uploads the multimedia short message to the resource server; after the uploading is finished, the resource server sends an uploading completion notice to the cluster core network, wherein the uploading completion notice comprises the address of the multimedia short message; the trunking core network sends the multimedia short message or the address of the multimedia short message to one or at least two receiving terminals through the trunking base station at the receiving side.
The sending terminal performs sending authentication with the authorization server by using the first authorization code includes: the sending terminal sends a first authorization code to an authorization server; and the authorization server matches the first authorization code with the authentication information, and if the matching is successful, first positive response information is sent to the sending terminal, wherein the first positive response information is used for indicating that the sending authentication is successful.
The authentication information further comprises a session identifier, wherein the session identifier is allocated to the session and sent to the sending terminal and the receiving terminal under the condition that the cluster core network judges that the sending terminal and the receiving terminal are authorized users; the sending terminal utilizes the first authorization code and the authorization server to carry out sending authentication, and the sending authentication comprises the following steps: the authorization server receives a first authorization code from a sending terminal and a session identifier from the sending terminal or a cluster core network; and the authorization server matches the first authorization code, the session identifier and the authentication information, and if the matching is successful, first positive response information is sent to the sending terminal, wherein the first positive response information is used for indicating that the sending authentication is successful.
If the cluster core network judges that the sending terminal and the receiving terminal are authorized users, a second authorization code is further distributed to the receiving terminal, and the authentication information further comprises the second authorization code; the cluster core network further sends a second authorization code to the receiving terminal; the trunking core network further comprises the following steps after sending the addresses of the multimedia short messages to one or at least two receiving terminals through the trunking base station at the receiving side: the receiving terminal utilizes the second authorization code to perform receiving authentication with the authorization server; and after the receiving authentication is successful, the receiving terminal downloads the multimedia short message from the resource server according to the address of the multimedia short message.
The receiving terminal performs receiving authentication with the authorization server by using the second authorization code, including: the receiving terminal sends a second authorization code to the authorization server; and the authorization server matches the second authorization code with the authentication information, and if the matching is successful, second positive response information is sent to the receiving terminal, wherein the second positive response information is used for indicating that the receiving authentication is successful.
The authentication information further comprises a session identifier, wherein the session identifier is allocated to the session and sent to the sending terminal and the receiving terminal under the condition that the cluster core network judges that the sending terminal and the receiving terminal are authorized users; the receiving terminal performs receiving authentication with the authorization server by using the second authorization code, and the receiving authentication includes: the authorization server receives a second authorization code from the receiving terminal and a session identifier from the receiving terminal or the cluster core network; and the authorization server matches the second authorization code, the session identifier and the authentication information, and if the matching is successful, second positive response information is sent to the receiving terminal, wherein the second positive response information is used for indicating that the receiving authentication is successful.
Wherein, the sending terminal further comprises, after sending the multimedia short message sending request to the trunking core network: the cluster core network checks whether the sending terminal has the service authority; if yes, judging whether the sending terminal and the receiving terminal are authorized users, and if not, refusing to send the request.
Wherein, the step of the cluster core network sending the address of the multimedia short message to the receiving terminal further comprises: the cluster core network checks whether the receiving terminal has the service authority; if yes, the address of the multimedia short message is sent to the receiving terminal, and if not, the multimedia short message is not sent.
In order to solve the technical problem, the invention adopts another technical scheme that: there is provided a cluster system comprising: the system comprises a sending terminal, a sending side cluster base station, a cluster core network, a resource server, a receiving side cluster base station, one or at least two receiving terminals and an authorization server; the sending terminal is used for sending a multimedia short message sending request to the cluster core network through the cluster base station at the sending side; the cluster core network is used for judging whether the sending terminal and the receiving terminal are authorized users, if so, at least distributing a first authorization code for the sending terminal and sending authentication information to an authorization server, wherein the authentication information at least comprises the first authorization code; the cluster core network is further used for sending the first authorization code and the address of the resource server to the sending terminal through the cluster base station at the sending side; the sending terminal is further used for sending authentication with the authorization server by utilizing the first authorization code; after the authentication is successfully sent, the sending terminal is further used for uploading the multimedia short message to the resource server; the resource server is used for sending an uploading completion notice to the cluster core network after the uploading is completed, wherein the uploading completion notice comprises the address of the multimedia short message; the trunking core network is further configured to send the multimedia short message, or the address of the multimedia short message, to one or at least two receiving terminals through the receiving-side trunking base station.
In order to solve the technical problem, the invention adopts another technical scheme that: a multimedia short message authentication method in a cluster system is provided, which comprises the following steps: a cluster core network receives a multimedia short message sending request sent by a sending terminal through a sending side cluster base station; the cluster core network judges whether the sending terminal and the receiving terminal are authorized users, if so, at least distributes a first authorization code for the sending terminal and sends authentication information to an authorization server, wherein the authentication information at least comprises the first authorization code; the cluster core network sends a first authorization code and the address of the resource server to the sending terminal through the cluster base station at the sending side; the cluster core network receives an uploading completion notice which is sent by the resource server after the sending terminal finishes uploading the multimedia short message to the resource server, wherein the uploading completion notice comprises the address of the multimedia short message, and the multimedia short message can be uploaded only after the sending terminal successfully sends authentication with the authorization server by utilizing the first authorization code; the trunking core network sends the multimedia short message or the address of the multimedia short message to one or at least two receiving terminals through the trunking base station at the receiving side.
If the cluster core network judges that the sending terminal and the receiving terminal are authorized users, a second authorization code is further distributed to the receiving terminal and sent to the receiving terminal, and the authentication information further comprises the second authorization code.
If the cluster core network judges that the sending terminal and the receiving terminal are authorized users, the cluster core network further allocates a session identifier for the session and sends the session identifier to the sending terminal and the receiving terminal, and the authentication information further comprises the session identifier.
In order to solve the technical problem, the invention adopts another technical scheme that: a multimedia short message authentication method in a cluster system is provided, which comprises the following steps: the authorization server receives authentication information from the cluster core network, wherein the authentication information at least comprises a first authorization code, the first authorization code is used for responding a multimedia short message sending request sent by a sending terminal through a cluster base station at the sending side by the cluster core network, and the multimedia short message sending request is distributed to the sending terminal and sent to the sending terminal under the condition that the sending terminal and the receiving terminal are authorized users; the authorization server utilizes the first authorization code to perform sending authentication with the sending terminal, and the sending terminal is allowed to upload the multimedia short message to the resource server after the sending authentication is successful.
The authentication information further comprises a second authorization code, wherein the second authorization code is distributed to the receiving terminal and sent to the receiving terminal under the condition that the cluster core network judges that the sending terminal and the receiving terminal are authorized users; the method further comprises the following steps: and the authorization server performs receiving authentication with the receiving terminal by using the second authorization code, and the receiving terminal is allowed to download the multimedia short message from the resource server after the receiving authentication is successful.
The authentication information further comprises a session identifier, wherein the session identifier is allocated to the session and sent to the sending terminal and the receiving terminal under the condition that the cluster core network judges that the sending terminal and the receiving terminal are authorized users; the authorization server performs sending authentication with the sending terminal by using the first authorization code comprises the following steps: the authorization server receives a first authorization code from a sending terminal and a session identifier from the sending terminal or a cluster core network; and the authorization server matches the first authorization code, the session identifier and the authentication information, and if the matching is successful, first positive response information is sent to the sending terminal, wherein the first positive response information is used for indicating that the sending authentication is successful.
In order to solve the technical problem, the invention adopts another technical scheme that: there is provided a cluster core network comprising: the first receiving module is used for receiving a multimedia short message sending request sent by a sending terminal through a sending side cluster base station; the judging module is used for judging whether the sending terminal and the receiving terminal are authorized users, if so, at least distributing a first authorization code for the sending terminal and sending authentication information to an authorization server, wherein the authentication information at least comprises the first authorization code; the first sending module is used for sending a first authorization code and the address of the resource server to the sending terminal through the sending side cluster base station; the second receiving module is used for receiving an uploading completion notice which is sent by the resource server after the sending terminal finishes uploading the multimedia short message to the resource server, wherein the uploading completion notice comprises the address of the multimedia short message, and the multimedia short message can be uploaded only after the sending terminal successfully sends and authenticates with the authorization server by utilizing the first authorization code; and the second sending module is used for sending the multimedia short message or the address of the multimedia short message to one or at least two receiving terminals through the receiving side trunking base station.
In order to solve the technical problem, the invention adopts another technical scheme that: there is provided an authorization server comprising: the receiving module is used for receiving authentication information from the trunking core network, wherein the authentication information at least comprises a first authorization code, the first authorization code is used for responding to a multimedia short message sending request sent by a sending terminal through a trunking base station at a sending side by the trunking core network, and is distributed to the sending terminal and sent to the sending terminal under the condition that the sending terminal and the receiving terminal are authorized users; and the sending authentication module is used for sending authentication with the sending terminal by using the first authorization code, and allowing the sending terminal to upload the multimedia short message to the resource server after the sending authentication is successful.
The authentication information further comprises a second authorization code, wherein the second authorization code is distributed to the receiving terminal and sent to the receiving terminal under the condition that the cluster core network judges that the sending terminal and the receiving terminal are authorized users; the authorization server further comprises: and the receiving authentication module is used for receiving authentication with the receiving terminal by using the second authorization code, and allowing the receiving terminal to download the multimedia short message from the resource server after the receiving authentication is successful.
In order to solve the technical problem, the invention adopts another technical scheme that: there is provided a cluster core network comprising: the processor is connected with the transceiver; the processor is used for receiving a multimedia short message sending request sent by the sending terminal through the sending side cluster base station through the transceiver; judging whether the sending terminal and the receiving terminal are authorized users, if so, at least distributing a first authorization code for the sending terminal and sending authentication information to an authorization server through a transceiver, wherein the authentication information at least comprises the first authorization code; sending a first authorization code and an address of a resource server to a sending terminal through a transceiver and a sending side cluster base station; receiving an uploading completion notification sent by a resource server after a sending terminal finishes uploading the multimedia short message to the resource server through a transceiver, wherein the uploading completion notification comprises an address of the multimedia short message, and the multimedia short message can be uploaded only after the sending terminal successfully sends authentication with an authorization server by using a first authorization code; and sending the multimedia short message or the address of the multimedia short message to one or at least two receiving terminals through the transceiver and the receiving side cluster base station.
The processor is further configured to allocate a second authorization code to the receiving terminal and send the second authorization code to the receiving terminal through the transceiver when it is determined that the sending terminal and the receiving terminal are authorized users, and the authentication information further includes the second authorization code.
The processor is further configured to allocate a session identifier for the session and send the session identifier to the sending terminal and the receiving terminal through the transceiver when it is determined that the sending terminal and the receiving terminal are authorized users, and the authentication information further includes the session identifier. In order to solve the technical problem, the invention adopts another technical scheme that: there is provided an authorization server comprising: the processor is connected with the memory and the network circuit respectively; the processor is used for receiving authentication information from the cluster core network through the network circuit, wherein the authentication information at least comprises a first authorization code, the first authorization code is used for responding to a multimedia short message sending request sent by a sending terminal through a sending side cluster base station by the cluster core network, and is distributed to the sending terminal and sent to the sending terminal under the condition that the sending terminal and the receiving terminal are authorized users; and the network circuit utilizes the first authorization code to carry out sending authentication with the sending terminal, and the sending terminal is allowed to upload the multimedia short message to the resource server after the sending authentication is successful.
The authentication information further comprises a second authorization code, wherein the second authorization code is distributed to the receiving terminal and sent to the receiving terminal under the condition that the cluster core network judges that the sending terminal and the receiving terminal are authorized users; the processor is further configured to perform receiving authentication with the receiving terminal through the network circuit by using the second authorization code, and allow the receiving terminal to download the multimedia short message from the resource server only after the receiving authentication is successful.
The authentication information further comprises a session identifier, wherein the session identifier is allocated to the session and sent to the sending terminal and the receiving terminal under the condition that the cluster core network judges that the sending terminal and the receiving terminal are authorized users; the processor is used for receiving a first authorization code from the sending terminal and a session identifier from the sending terminal or the cluster core network through the network circuit; and matching the first authorization code, the session identifier and the authentication information, and if the matching is successful, sending first positive response information to the sending terminal through the network circuit, wherein the first positive response information is used for indicating that the sending authentication is successful.
The invention has the beneficial effects that: by setting the resource server, the multimedia short message can be uploaded to the resource server only after the sending terminal successfully sends and authenticates with the authorization server, and the cluster core network sends the multimedia short message or the address of the multimedia short message to the receiving terminal, thereby realizing the sending of the multimedia short message in the cluster system and introducing the authentication mechanism.
Drawings
FIG. 1 is a schematic diagram of a first embodiment of a cluster system of the present invention;
FIG. 2 is a flowchart of a first embodiment of a multimedia short message authentication method in a trunking system according to the present invention;
FIG. 3 is a flowchart of a second embodiment of the authentication method for multimedia short messages in a trunking system according to the present invention;
FIG. 4 is a flowchart of a third embodiment of the authentication method for multimedia short messages in a trunking system according to the present invention;
FIG. 5 is a flowchart of a fourth embodiment of the authentication method for multimedia short messages in a trunking system according to the present invention;
fig. 6 is a flowchart of a fifth embodiment of the authentication method for multimedia short messages in a trunking system according to the present invention;
fig. 7 is a flowchart of a sixth embodiment of the authentication method for multimedia short messages in a trunking system according to the present invention;
fig. 8 is a flowchart of a seventh embodiment of the authentication method for multimedia short messages in a trunking system according to the present invention;
fig. 9 is a flowchart of an eighth embodiment of the authentication method for multimedia short messages in a trunking system according to the present invention;
fig. 10 is a flowchart of a ninth embodiment of the authentication method for multimedia short messages in a trunking system according to the present invention;
fig. 11 is a schematic structural diagram of a first embodiment of a cluster core network according to the present invention;
fig. 12 is a schematic structural diagram of a cluster core network according to a second embodiment of the present invention;
FIG. 13 is a schematic structural diagram of a first embodiment of an authorization server of the present invention;
FIG. 14 is a schematic structural diagram of a second embodiment of the authorization server of the present invention;
fig. 15 is a schematic structural diagram of a third embodiment of the authorization server of the invention.
Detailed Description
As shown in fig. 1, the trunking system includes a sending terminal 1, a sending-side trunking base station 2, a trunking core network 3, a resource server 4, a receiving-side trunking base station 5, a receiving terminal 6, and an authorization server 7. Each part in the trunking system is used for executing the embodiment of the authentication method of the multimedia short message in the trunking system of the invention.
The sending terminal 1 is connected with the sending side cluster base station 2 through an air interface, the receiving terminal 6 is connected with the receiving side cluster base station 5 through an air interface, the sending side cluster base station 2 and the receiving side cluster base station 5 are further connected with a cluster core network 3, and the cluster core network is further connected with a resource server 4 and an authorization server 7 respectively.
The transmitting terminal 1 and the receiving terminal 6 provide various services to the user. The cluster base station, which includes a sending side cluster base station 2 and a receiving side cluster base station 5, is connected to the cluster core network 3, and performs wireless communication with user equipment, such as a sending terminal 1 and a receiving terminal 6, to provide communication coverage for a corresponding geographic area. The cluster core network 3 may include a plurality of network elements, which satisfy different service requirements and support cluster services. The resource server 4 is used for storing and forwarding the multimedia short message. The authorization server 7 is used for performing sending authentication with the sending terminal before uploading the multimedia short message, and in some embodiments, the authorization server 7 is further used for performing receiving authentication with the receiving terminal before downloading the multimedia short message.
The number of receiving terminals 6 shown in the figure is only one, and the number of actual receiving terminals 6 may be larger. When the number of the receiving terminals is greater than one, different receiving terminals may be connected to the same receiving-side cluster base station, or may be connected to different receiving-side cluster base stations. The transmitting terminal 1 and the receiving terminal 6 shown in the figure are connected to different trunked base stations, but the transmitting terminal 1 and the receiving terminal 6 may actually be connected to the same trunked base station. The resource server 4 is shown separately from the cluster core network 3 and connected to the cluster core network 3 through a network, and in other embodiments, the resource server 4 may also be a part of the cluster core network 3. The resource server 4 and the authorization server 7 are independent and not connected to each other in the figure, the actual resource server 4 and the authorization server 7 may also be connected to each other for direct information interaction, and in some embodiments, the resource server 4 and the authorization server 7 may be integrated together.
As shown in fig. 2, a first embodiment of the authentication method for multimedia short messages in a trunking system of the present invention includes:
s1: and the sending terminal sends a multimedia short message sending request to the cluster core network through the cluster base station at the sending side.
The multimedia short message may include at least one of video, audio, and picture files, and may further include text.
The sending request message may include one or more of multimedia short message information, sending terminal identity information, receiving terminal identity information, and the like.
The multimedia short message information may include message type and/or multimedia resource information. The message type may indicate that the short message is a multimedia short message only, to be distinguished from a text short message. Of course, the message type may further indicate the type of multimedia file (e.g. picture, audio, video) included in the short message. The multimedia asset information may include one or more of a multimedia file type, a multimedia file format (e.g., a file extension), a multimedia file size, and the like. The multimedia file type may not be included in the multimedia asset information if the multimedia file type has been indicated in the message type. The identity information of the receiving terminal and the sending terminal may be the number of the terminal.
S2: the cluster core network judges whether the sending terminal and the receiving terminal are authorized users.
If yes, go to step S3; if not, the process is ended, and at this time, prompt information can be further sent to the sending terminal, where the prompt information may include a sending failure prompt, and may further include a failure reason.
The number of receiving terminals may be one or at least two. When the number of receiving terminals is greater than one, it is necessary to determine whether each receiving terminal is an authorized user, and if some of the receiving terminals are not authorized users, the unauthorized users need to be removed from the receiving terminals.
The sending terminal and the receiving terminal are authorized users, that is, the sending terminal has the authority to send the multimedia short message and the receiving terminal has the authority to receive the multimedia short message, and the sending terminal and the receiving terminal can be judged to be authorized users only when the two conditions are met. For example, the multimedia short message includes an audio file that needs authorization, such as a copyrighted song, and user a has purchased the song and then obtained authorization, allowing it to send the song to user B in the form of the multimedia short message. User B and user C are thereafter not authorized users if user B attempts to forward the song to another user C, since user B has only receive rights and no transmit rights.
The cluster core network judges whether the sending terminal and the receiving terminal are authorized users at least according to the multimedia resource authorization information. The multimedia resources refer to multimedia files included in the multimedia short message, if one multimedia short message includes at least two multimedia files, the authorization information of each multimedia resource can be used for judging, and the sending terminal and the receiving terminal can be judged as authorized users only under the condition that the sending terminal has sending authority to all multimedia resources and the receiving terminal has receiving authority to all multimedia resources.
The multimedia resource authorization information may be included in the transmission request message, in which case the multimedia resource authorization information may be independent of the multimedia short message information or may be a part of the multimedia short message information. The multimedia resource authorization information can also be stored in a memory of the cluster core network, and the cluster core network reads the corresponding multimedia resource authorization information from the memory according to the multimedia short message information. The cluster core network may also obtain the multimedia resource authorization information from other devices, such as an authorization server, other servers on the network, and the like.
If the multimedia resource authorization information indicates that the corresponding multimedia resource is completely authorized (i.e. propagation is not limited, all terminals can send and receive the multimedia resource), or completely unauthorized (i.e. propagation is not allowed, and all terminals cannot send or receive the multimedia resource), the trunking core network can directly make a judgment without acquiring information of the sending terminal and the receiving terminal. Otherwise, if the multimedia resource authorization information indicates that the resource needs to be authorized for transmission and/or reception, the identity information of the corresponding receiving terminal and/or transmitting terminal needs to be acquired to determine whether the resource has the right.
S3: the cluster core network at least distributes a first authorization code for the sending terminal and sends authentication information to an authorization server.
The authentication information includes at least a first authorization code, and the authorization server can store the received authentication information for subsequent authentication with the terminal. If only the sending terminal is authenticated, only the first authorization code can be distributed to the sending terminal; if the receiving terminal is also authenticated, an authorization code is also assigned to the receiving terminal.
S4: and the cluster core network sends the first authorization code and the address of the resource server to the sending terminal through the cluster base station at the sending side.
The first authorization code and the address of the resource server may be sent simultaneously or separately. If the first authorization code and the address of the resource server are respectively sent, the sequence between the first authorization code and the address of the resource server is not limited.
In this embodiment, the address of the resource server is sent to the sending terminal before the authentication is successfully sent, and in other embodiments, the cluster core network may send the address of the resource server to the sending terminal after the authentication is successfully sent.
The address of the resource server may be pre-stored, or may be confirmed after the cluster core network negotiates with the resource server, and at this time, the address of the resource server may be only the address of the resource server itself, or may further include directory information allocated by the resource server for the sending terminal.
The cluster core network may be connected to a plurality of resource servers at the same time, and at this time, the cluster core network may select one resource server from the plurality of resource servers according to a preset principle, such as load balancing, and at this time, if the cluster core network fails to negotiate with the selected resource server, the cluster core network may continue to select another resource server.
S5: and the sending terminal utilizes the first authorization code to carry out sending authentication with the authorization server.
The sending terminal can send the first authorization code to the authorization server, and the authorization server matches the first authorization code with the authentication information to carry out sending authentication; or the sending terminal searches whether the authentication information matched with the first authorization code exists on the authorization server by using the first authorization code, if so, the sending authentication is successful, otherwise, the sending authentication is failed.
S6: and after the authentication is successfully sent, the sending terminal uploads the multimedia short message to the resource server.
After the authentication is successfully sent, the sending terminal can upload the multimedia short message to the resource server according to the received address of the resource server, and if the authentication fails, the multimedia short message cannot be uploaded. The sending terminal may delete the first authorization code after the uploading is completed.
The resource server and the authorization server may be two different devices independent of each other or may be integrated together.
If the address of the resource server does not include the directory information allocated by the resource server for the sending terminal, the sending terminal can be directly uploaded under a root directory for uploading by the resource server, or a directory is allocated for the sending terminal by the resource server before uploading and then uploaded into the directory; otherwise, the multimedia short message can be directly uploaded to the directory corresponding to the directory information included in the address of the resource server.
S7: and after the uploading is finished, the resource server sends an uploading completion notice to the cluster core network, wherein the uploading completion notice comprises the address of the multimedia short message.
The upload completion notification includes an address of the multimedia short message, and the address of the multimedia short message is generally represented by a Uniform Resource Locator (URL).
S8: the trunking core network sends the multimedia short message or the address of the multimedia short message to one or at least two receiving terminals through the trunking base station at the receiving side.
The cluster core network acquires the information of the receiving terminal from the multimedia short message sending request. The cluster core network can download the multimedia short message from the resource server according to the address of the multimedia short message and then send the multimedia short message to the resource server; the address of the multimedia short message can also be directly sent to the receiving terminal, the user controls the receiving terminal to access the resource server to download the multimedia short message according to the address of the multimedia short message, and the receiving terminal can receive and authenticate with the authorization server before downloading the multimedia short message, or not.
It should be noted that, in the interaction process between the sending terminal/the receiving terminal and the cluster core network/the resource server/the authorization server, the cluster base station needs to pass through the cluster base station, but the cluster base station, including the sending side cluster base station and the receiving side cluster base station, is in a transparent transmission state and does not process transmission services. Similarly, in the process of uploading the multimedia short message to the resource server by the sending terminal, performing sending authentication with the authorization server by the sending terminal, and downloading the multimedia short message from the resource server by the receiving terminal, the sending terminal/the receiving terminal needs to access the resource server/the authorization server through the cluster core network, and at this time, the cluster core network is in a transparent transmission state and does not process the transmission service.
Through the implementation of the embodiment, the resource server is set, the multimedia short message can be uploaded to the resource server only after the sending terminal and the authorization server successfully send and authenticate, and the cluster core network sends the multimedia short message or the address of the multimedia short message to the receiving terminal, so that the sending of the multimedia short message in the cluster system is realized, and an authentication mechanism is introduced. In addition, if the receiving terminal receives the address of the multimedia short message, the user can select when to download the multimedia short message, thereby realizing the delayed sending of the multimedia short message.
As shown in fig. 3, the second embodiment of the authentication method for multimedia short messages in the trunking system of the present invention is to further perform receiving authentication on the receiving terminal based on the first embodiment of the authentication method for multimedia short messages in the trunking system of the present invention. This embodiment is a further extension of the first embodiment of the authentication method for multimedia short messages in the trunking system of the present invention, and therefore the steps that are the same as those of the first embodiment of the authentication method for multimedia short messages in the trunking system of the present invention are not described herein again. The embodiment comprises the following steps:
s11: and the sending terminal sends a multimedia short message sending request to the cluster core network through the cluster base station at the sending side.
S12: the cluster core network checks whether the sending terminal has the service authority.
Having a service right means that the sending terminal has signed up for a multimedia short message service. In some embodiments, this step may be omitted.
If yes, go to step S13; if not, the flow is ended.
S13: the cluster core network judges whether the sending terminal and the receiving terminal are authorized users.
If yes, go to step S14; if not, the flow is ended.
S14: the cluster core network distributes a first authorization code for the sending terminal, distributes a second authorization code for the receiving terminal, and sends authentication information to the authorization server.
The authentication information at least comprises a first authorization code and a second authorization code. If the number of the receiving terminals is greater than one, the second authorization codes of different receiving terminals may be the same or different.
S15: and the cluster core network sends the first authorization code and the address of the resource server to the sending terminal through the cluster base station at the sending side.
S16: and the sending terminal utilizes the first authorization code to carry out sending authentication with the authorization server.
S17: and after the authentication is successfully sent, the sending terminal uploads the multimedia short message to the resource server.
The step may be performed without the involvement of an authorization server.
S18: and after the uploading is finished, the resource server sends an uploading completion notice to the cluster core network.
The uploading completion notice comprises the address of the multimedia short message. The step may be performed without the involvement of an authorization server.
S19: the cluster core network checks whether the receiving terminal has the service authority.
Similarly, having a service right means that the receiving terminal has signed up for a multimedia short message service. In some embodiments, this step may be omitted.
If yes, go to step S20; if not, the flow is ended. The step may be performed without the participation of an authorization server and a resource server.
S20: and the trunking core network sends the address of the multimedia short message and the second authorization code to the receiving terminal through the trunking base station at the receiving side.
The second authorization code and the address of the multimedia short message may be sent simultaneously or separately. If the second authorization code and the address of the multimedia short message are sent separately, the sequence between the two is not limited. The step may be performed without the participation of an authorization server and a resource server.
In this embodiment, the address of the multimedia short message is sent to the receiving terminal before the receiving authentication is successful, and in other embodiments, the trunking core network may send the address of the multimedia short message to the receiving terminal after the receiving authentication is successful.
S21: and the receiving terminal performs receiving authentication with the authorization server by using the second authorization code.
The authentication of reception can be performed immediately after the address of the multimedia short message is received, or when the user initiates a request for downloading the multimedia message, or at any time between the two. The step may be performed without the participation of a resource server.
The receiving terminal can send the second authorization code to the authorization server, and the authorization server matches the second authorization code with the authentication information to perform receiving authentication; or the receiving terminal uses the second authorization code to search whether the authorization server has the matched authentication information, if so, the receiving terminal represents that the authentication is successfully received, otherwise, the receiving terminal represents that the authentication is failed.
S22: and after the receiving authentication is successful, the receiving terminal downloads the multimedia short message from the resource server according to the address of the multimedia short message.
And if the receiving authentication fails, the downloading cannot be carried out. The receiving terminal may delete the second authorization code after the download is complete. The step may be performed without the involvement of an authorization server.
Through the implementation of the embodiment, the receiving authentication is carried out before the receiving terminal downloads the multimedia short message, so that the authentication mechanism is further perfected, and the safe transmission of the multimedia short message is ensured.
As shown in fig. 4, the third embodiment of the authentication method for multimedia short message in trunking system of the present invention is to receive authentication based on the second embodiment of the authentication method for multimedia short message in trunking system of the present invention, that is, step S21 specifically includes:
s211: and the receiving terminal sends the second authorization code to the authorization server.
S212: and the authorization server matches the second authorization code with the authentication information.
If the matching is successful, the process skips to step S213, and if the matching is failed, the process ends. In other embodiments, a second negative acknowledgement message indicating that the receiving authentication fails may also be sent to the receiving terminal when the matching fails.
The matching may be performed by simple search, that is, the authorization server searches whether the received authentication information includes the second authorization code, if the authentication information is found, the matching is successful, and if the authentication information is not found, the matching is failed.
The matching may further be associated with the multimedia short message. At this time, the authentication information further includes a message identifier, and the message identifier is used to indicate the multimedia short message corresponding to the first authorization code and the second authorization code. And the authorization server searches the authentication information comprising the second authorization code, compares the message identifier with the multimedia short message information after finding the authentication information comprising the second authorization code, and if the message identifier corresponds to the same multimedia short message as the multimedia short message information, the matching is successful, otherwise, the matching is failed. In this embodiment, the multimedia short message information is obtained from a trunking core network, and the trunking core network obtains the multimedia short message information from a multimedia short message sending request submitted by a sending terminal. In other embodiments, the authorization server may also obtain the multimedia short message information from the resource server, where the multimedia short message information may be obtained by the resource server from the cluster core network or the sending terminal, or may be obtained by itself according to the stored multimedia short message.
S213: the authorization server sends the second acknowledgement information to the receiving terminal.
The second acknowledgement information is used for indicating that the receiving authentication is successful. The receiving terminal can download the multimedia short message after receiving the second acknowledgement message.
As shown in fig. 5, a fourth embodiment of the authentication method for a multimedia short message in a trunking system of the present invention is based on the second embodiment of the authentication method for a multimedia short message in a trunking system of the present invention, where the authentication information further includes a session identifier, and the session identifier is allocated to the current session and sent to the sending terminal and the receiving terminal when the trunking core network determines that the sending terminal and the receiving terminal are authorized users, and at this time, the authentication information may also be referred to as an authentication triplet, and the receiving authentication is performed, that is, step S21 specifically includes:
s221: the authorization server receives the second authorization code from the receiving terminal and the session identifier from the receiving terminal or the cluster core network.
If the session identifier is from the receiving terminal, the receiving terminal may send the second authorization code and the session identifier at the same time, or may send them separately.
S222: and the authorization server matches the second authorization code, the session identifier and the authentication information.
The authorization server may search for, in the received authentication information, whether there is authentication information that includes both the second authorization code and the session identifier, and if found, it indicates that the matching is successful, and if not, it indicates that the matching is failed. The authorization server may also search whether the received authentication information includes the second authorization code and the session identifier, if both searches are found and the search result is the same authentication information, the matching is successful, otherwise, the matching is failed.
If the matching is successful, the process skips to step S223, and if the matching is failed, the process is ended. In other embodiments, a second negative acknowledgement message indicating that the receiving authentication fails may also be sent to the receiving terminal when the matching fails.
S223: the authorization server sends the second acknowledgement information to the receiving terminal.
The second acknowledgement information is used for indicating that the receiving authentication is successful. The receiving terminal can download the multimedia short message after receiving the second acknowledgement message.
As shown in fig. 6, a fifth embodiment of the authentication method for multimedia short messages in a trunking system of the present invention is based on the first embodiment of the authentication method for multimedia short messages in a trunking system of the present invention, and the sending authentication specifically includes:
s31: the sending terminal sends the first authorization code to the authorization server.
S32: the authorization server matches the first authorization code with the authentication information.
If the matching is successful, the process goes to step S33, and if the matching is failed, the process ends. In other embodiments, the failure of matching may also send a first negative acknowledgement message to the sending terminal indicating that the sending authentication failed.
The matching may be performed by simple search, that is, the authorization server searches whether the received authentication information includes the authentication information of the first authorization code, if the authentication information is found, the matching is successful, and if the authentication information is not found, the matching is failed.
If the sending terminal has already submitted the information of the multimedia short message to be uploaded when executing this step, the multimedia short message can be further associated in the matching process, and the specific process can refer to the corresponding description in the third embodiment of the authentication method for multimedia short messages in the cluster system of the present invention, and is not described herein again.
S33: the authorization server sends the first acknowledgement information to the sending terminal.
The first acknowledgement information is used for indicating that the sending authentication is successful. The sending terminal can upload the multimedia short message after receiving the first acknowledgement information.
This embodiment may be combined with any of the above embodiments.
As shown in fig. 7, a sixth embodiment of the authentication method for multimedia short messages in a trunking system of the present invention is based on the first embodiment of the authentication method for multimedia short messages in a trunking system of the present invention, the authentication information further includes a session identifier, the session identifier is allocated to the session and sent to the sending terminal and the receiving terminal when the trunking core network determines that the sending terminal and the receiving terminal are authorized users, and the sending authentication specifically includes:
s41: the authorization server receives a first authorization code from the sending terminal and a session identifier from the sending terminal or the cluster core network.
If the session identifier is from the sending terminal, the sending terminal may send the first authorization code and the session identifier at the same time, or may send them separately.
S42: and the authorization server matches the first authorization code, the session identifier and the authentication information.
The authorization server may search for, in the received authentication information, whether there is authentication information that includes both the first authorization code and the session identifier, and if found, it indicates that the matching is successful, and if not, it indicates that the matching is failed. The authorization server may also search whether the received authentication information includes the first authorization code and the session identifier, if both searches are found and the search result is the same authentication information, the matching is successful, otherwise, the matching is failed.
If the matching is successful, the process goes to step S43, and if the matching is failed, the process ends. In other embodiments, the failure of matching may also send a first negative acknowledgement message to the sending terminal indicating that the sending authentication failed.
S43: the authorization server sends the first acknowledgement information to the sending terminal.
The first acknowledgement information is used for indicating that the sending authentication is successful. The sending terminal can upload the multimedia short message after receiving the first acknowledgement information.
This embodiment may be combined with any of the above embodiments.
As shown in fig. 8, an execution main body of a seventh embodiment of the authentication method for multimedia short messages in a trunking system of the present invention is a trunking core network, and this embodiment includes:
s110: the cluster core network receives a multimedia short message sending request sent by a sending terminal through a sending side cluster base station.
S120: the cluster core network judges whether the sending terminal and the receiving terminal are authorized users.
If yes, go to step S130, otherwise, end the process.
S130: the cluster core network at least distributes a first authorization code for the sending terminal and sends authentication information to an authorization server.
The authentication information includes at least a first authorization code.
S140: and the cluster core network sends the first authorization code and the address of the resource server to the sending terminal through the cluster base station at the sending side.
S150: and the cluster core network receives an uploading completion notification sent by the resource server after the sending terminal finishes uploading the multimedia short message to the resource server.
The uploading completion notice comprises the address of the multimedia short message, wherein the multimedia short message can be uploaded only after the sending terminal successfully sends and authenticates with the authorization server by utilizing the first authorization code.
S160: the trunking core network sends the multimedia short message or the address of the multimedia short message to one or at least two receiving terminals through the trunking base station at the receiving side.
For specific contents and subsequent embodiments, reference may be made to the description of the first to sixth embodiments of the authentication method for multimedia short messages in the trunking system of the present invention, which is not described herein again.
As shown in fig. 9, an execution subject of the eighth embodiment of the authentication method for multimedia short messages in a trunking system of the present invention is an authorization server, and the embodiment includes:
s210: the authorization server receives authentication information from the cluster core network.
The authentication information at least comprises a first authorization code, wherein the first authorization code is distributed to the sending terminal and sent to the sending terminal by the trunking core network when the trunking core network responds to the sending request of the multimedia short message sent by the sending terminal through the trunking base station at the sending side and judges that the sending terminal and the receiving terminal are authorized users.
S220: and the authorization server performs sending authentication with the sending terminal by using the first authorization code.
The sending terminal can upload the multimedia short message to the resource server only after the sending authentication is successful.
As shown in fig. 10, a ninth embodiment of the method for authenticating a multimedia short message in a trunking system of the present invention is based on the eighth embodiment of the method for authenticating a multimedia short message in a trunking system of the present invention, where the authentication information further includes a second authorization code, and the second authorization code is allocated to the receiving terminal and sent to the receiving terminal when the trunking core network determines that the sending terminal and the receiving terminal are authorized users. The embodiment further comprises:
s230: and the authorization server performs receiving authentication with the receiving terminal by using the second authorization code.
The receiving terminal can download the multimedia short message from the resource server only after the receiving authentication is successful.
After the receiving authentication is completed or the time length for receiving the authentication information exceeds a preset threshold value, the authorization server can delete the authentication information.
For specific contents and subsequent embodiments, reference may be made to the description of the first to sixth embodiments of the authentication method for multimedia short messages in the trunking system of the present invention, which is not described herein again.
As shown in fig. 11, the first embodiment of the cluster core network of the present invention includes:
a first receiving module 11, configured to receive a multimedia short message sending request sent by a sending terminal through a sending-side cluster base station.
The determining module 12 is configured to determine whether the sending terminal and the receiving terminal are authorized users, and if yes, at least allocate a first authorization code to the sending terminal and send authentication information to an authorization server, where the authentication information at least includes the first authorization code.
The first sending module 13 is configured to send the first authorization code and the address of the resource server to the sending terminal through the sending-side cluster base station.
The second receiving module 14 is configured to receive an upload completion notification sent by the resource server after the sending terminal completes uploading the multimedia short message to the resource server, where the upload completion notification includes an address of the multimedia short message, and the sending terminal may upload the multimedia short message only after the sending terminal successfully performs sending authentication with the authorization server by using the first authorization code.
A second sending module 15, configured to send the multimedia short message or the address of the multimedia short message to one or at least two receiving terminals through the receiving-side trunking base station.
As shown in fig. 12, a second embodiment of the cluster core network of the present invention includes:
a processor 110 and a transceiver 120, the processor 110 being connected to the transceiver 120 via a bus.
The transceiver 120 is used for transmitting and receiving data and is an interface for the cluster core network to communicate with other communication devices.
The processor 110 controls the operation of the cluster core network, and the processor 110 may also be referred to as a Central Processing Unit (CPU). The processor 110 may be an integrated circuit chip having signal processing capabilities. The processor 110 may also be a general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The cluster core network may further include a memory (not shown) for storing instructions and data necessary for the operation of the processor 110 and for storing data received by the transceiver 120.
The processor 110 is configured to receive, through the transceiver 120, a multimedia short message transmission request sent by a sending terminal through a sending-side trunking base station; judging whether the sending terminal and the receiving terminal are authorized users, if so, at least distributing a first authorization code for the sending terminal and sending authentication information to an authorization server through the transceiver 120, wherein the authentication information at least comprises the first authorization code; sending a first authorization code and an address of a resource server to a sending terminal through a transceiver 120 and a sending side cluster base station; receiving an upload completion notification sent by the resource server after the transmission terminal finishes uploading the multimedia short message to the resource server through the transceiver 120, wherein the upload completion notification comprises an address of the multimedia short message, and the multimedia short message can be uploaded only after the transmission terminal successfully sends authentication with the authorization server by using the first authorization code; the multimedia short message, or the address of the multimedia short message, is sent to one or at least two receiving terminals through the transceiver 120 and the receiving side cluster base station.
If the cluster core network judges that the sending terminal and the receiving terminal are authorized users, a second authorization code is further distributed to the receiving terminal and sent to the receiving terminal, and the authentication information further comprises the second authorization code.
If the cluster core network judges that the sending terminal and the receiving terminal are authorized users, the cluster core network further allocates a session identifier for the session and sends the session identifier to the sending terminal and the receiving terminal, and the authentication information further comprises the session identifier.
The functions of each part in each embodiment of the cluster core network of the present invention may refer to the description in the corresponding embodiment of the authentication method for multimedia short messages in the cluster system of the present invention, and are not repeated here.
As shown in fig. 13, the first embodiment of the authorization server of the present invention includes:
the receiving module 21 is configured to receive authentication information from the trunking core network, where the authentication information at least includes a first authorization code, and the first authorization code is used for responding to a multimedia short message sending request sent by a sending terminal through a trunking base station on a sending side by the trunking core network, and is allocated to the sending terminal and sent to the sending terminal when it is determined that the sending terminal and the receiving terminal are authorized users.
And the sending authentication module 22 is configured to perform sending authentication with the sending terminal by using the first authorization code, and allow the sending terminal to upload the multimedia short message to the resource server only after the sending authentication is successful.
As shown in fig. 14, the second embodiment of the authorization server of the present invention is based on the first embodiment of the authorization server of the present invention, and further includes:
and a receiving authentication module 23, configured to perform receiving authentication with the receiving terminal by using the second authorization code, and allow the receiving terminal to download the multimedia short message from the resource server only after the receiving authentication is successful.
The authentication information further includes a second authorization code, where the second authorization code is allocated to the receiving terminal and sent to the receiving terminal when the cluster core network determines that the sending terminal and the receiving terminal are authorized users.
As shown in fig. 15, the third embodiment of the authorization server of the present invention includes: a processor 210, a network circuit 220 and a memory 230, the processor 210 being connected to the network circuit 220 and the memory 230 by a bus, respectively.
The network circuit 220 is used to send and receive data and is the interface for the authorization server to communicate with other devices.
The memory 230 is used for storing instructions and data necessary for the processor 210 to operate and may also store data received by the network circuit 220.
Processor 210 controls the operation of the authorization server, and processor 210 may also be referred to as a Central Processing Unit (CPU). The processor 210 may be an integrated circuit chip having signal processing capabilities. The processor 210 may also be a general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The processor 210 is configured to receive, through the network circuit 220, authentication information from the trunking core network, where the authentication information at least includes a first authorization code, where the first authorization code is used by the trunking core network to respond to a multimedia short message sending request sent by a sending terminal through a sending-side trunking base station, and is used for allocating and sending the multimedia short message to the sending terminal when it is determined that the sending terminal and the receiving terminal are authorized users; the network circuit 220 utilizes the first authorization code to perform sending authentication with the sending terminal, and the sending terminal is allowed to upload the multimedia short message to the resource server after the sending authentication is successful.
Further, the authentication information further includes a second authorization code, where the second authorization code is allocated to the receiving terminal and sent to the receiving terminal when the cluster core network determines that the sending terminal and the receiving terminal are authorized users. The processor is further configured to perform receiving authentication with the receiving terminal through the network circuit by using the second authorization code, and allow the receiving terminal to download the multimedia short message from the resource server only after the receiving authentication is successful.
Further, the authentication information further includes a session identifier, where the session identifier is allocated to the current session and sent to the sending terminal and the receiving terminal when the cluster core network determines that the sending terminal and the receiving terminal are authorized users; the authorization server performs sending authentication with the sending terminal by using the first authorization code comprises the following steps: the authorization server receives a first authorization code from a sending terminal and a session identifier from the sending terminal or a cluster core network; and the authorization server matches the first authorization code, the session identifier and the authentication information, and if the matching is successful, first positive response information is sent to the sending terminal, wherein the first positive response information is used for indicating that the sending authentication is successful.
The functions of each part in each embodiment of the authorization server of the present invention may refer to the description in the corresponding embodiment of the multimedia short message authentication method in the cluster system of the present invention, and are not repeated here.
In several embodiments provided by the present invention, it should be understood that the disclosed cluster core network, authorization server and method may be implemented in other manners. For example, the above-described cluster core network and authorization server embodiments are merely illustrative, and for example, the division of the modules or units is only one logical function division, and there may be another division in actual implementation, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, a network device, or the like) or a processor (processor) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above description is only an embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes performed by the present specification and drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (24)

1. A multimedia short message authentication method in a cluster system is characterized by comprising the following steps:
a sending terminal sends a multimedia short message sending request to a cluster core network through a sending side cluster base station;
the cluster core network judges whether the sending terminal and the receiving terminal are authorized users, if so, at least distributes a first authorization code for the sending terminal and sends authentication information to an authorization server, wherein the authentication information at least comprises the first authorization code;
the cluster core network sends the first authorization code and the address of the resource server to the sending terminal through the sending side cluster base station;
the sending terminal utilizes the first authorization code to carry out sending authentication with the authorization server;
after the authentication is successfully sent, the sending terminal uploads a multimedia short message to the resource server;
after the uploading is finished, the resource server sends an uploading completion notice to the cluster core network, wherein the uploading completion notice comprises the address of the multimedia short message;
and the trunking core network sends the multimedia short message or the address of the multimedia short message to one or at least two receiving terminals through a trunking base station at a receiving side.
2. The method of claim 1,
the sending terminal performs sending authentication with the authorization server by using the first authorization code, including:
the sending terminal sends the first authorization code to the authorization server;
and the authorization server matches the first authorization code with authentication information, and if the matching is successful, first positive response information is sent to the sending terminal, wherein the first positive response information is used for indicating that the sending authentication is successful.
3. The method of claim 1,
the authentication information further comprises a session identifier, wherein the session identifier is allocated to the session and sent to the sending terminal and the receiving terminal under the condition that the cluster core network judges that the sending terminal and the receiving terminal are authorized users;
the sending terminal performs sending authentication with the authorization server by using the first authorization code, including:
the authorization server receives the first authorization code from the sending terminal and the session identifier from the sending terminal or the cluster core network;
and the authorization server matches the first authorization code, the session identifier and authentication information, and if the matching is successful, first positive response information is sent to the sending terminal, wherein the first positive response information is used for indicating that the sending authentication is successful.
4. The method of claim 1,
if the cluster core network judges that the sending terminal and the receiving terminal are authorized users, a second authorization code is further distributed to the receiving terminal, and the authentication information further comprises the second authorization code;
the cluster core network further sends the second authorization code to the receiving terminal;
the cluster core network further comprises, after sending the address of the multimedia short message to one or at least two receiving terminals through a receiving side cluster base station:
the receiving terminal performs receiving authentication with the authorization server by using the second authorization code;
and after the receiving authentication is successful, the receiving terminal downloads the multimedia short message from the resource server according to the address of the multimedia short message.
5. The method of claim 4, wherein the receiving terminal performing receiving authentication with the authorization server using the second authorization code comprises:
the receiving terminal sends the second authorization code to the authorization server;
and the authorization server matches the second authorization code with the authentication information, and if the matching is successful, second positive response information is sent to the receiving terminal, wherein the second positive response information is used for indicating that the receiving authentication is successful.
6. The method of claim 4,
the authentication information further comprises a session identifier, wherein the session identifier is allocated to the session and sent to the sending terminal and the receiving terminal under the condition that the cluster core network judges that the sending terminal and the receiving terminal are authorized users;
the receiving terminal performing receiving authentication with the authorization server by using the second authorization code includes:
the authorization server receives the second authorization code from the receiving terminal and the session identifier from the receiving terminal or the cluster core network;
and the authorization server matches the second authorization code, the session identifier and the authentication information, and if the matching is successful, second positive response information is sent to the receiving terminal, wherein the second positive response information is used for indicating that the receiving authentication is successful.
7. The method according to any one of claims 1 to 6,
after the sending terminal sends the multimedia short message sending request to the cluster core network, the method further comprises the following steps:
the cluster core network checks whether the sending terminal has the service authority;
if yes, judging whether the sending terminal and the receiving terminal are authorized users, and if not, rejecting the sending request.
8. The method according to any one of claims 1 to 6,
the step of the cluster core network sending the address of the multimedia short message to the receiving terminal further comprises:
the cluster core network checks whether the receiving terminal has service authority;
if yes, the address of the multimedia short message is sent to the receiving terminal, and if not, the address of the multimedia short message is not sent.
9. A cluster system, comprising: the system comprises a sending terminal, a sending side cluster base station, a cluster core network, a resource server, a receiving side cluster base station, one or at least two receiving terminals and an authorization server;
the sending terminal is used for sending a multimedia short message sending request to the cluster core network through the sending side cluster base station;
the cluster core network is configured to determine whether the sending terminal and the receiving terminal are authorized users, and if so, at least allocate a first authorization code to the sending terminal and send authentication information to the authorization server, where the authentication information at least includes the first authorization code;
the cluster core network is further configured to send the first authorization code and the address of the resource server to the sending terminal through the sending-side cluster base station;
the sending terminal is further used for carrying out sending authentication with the authorization server by utilizing the first authorization code;
after the authentication is successfully sent, the sending terminal is further used for uploading the multimedia short message to the resource server;
after the uploading is finished, the resource server is used for sending an uploading completion notice to the cluster core network, wherein the uploading completion notice comprises the address of the multimedia short message;
the trunking core network is further configured to send the multimedia short message or the address of the multimedia short message to one or at least two of the receiving terminals through the receiving-side trunking base station.
10. A multimedia short message authentication method in a cluster system is characterized by comprising the following steps:
a cluster core network receives a multimedia short message sending request sent by a sending terminal through a sending side cluster base station;
the cluster core network judges whether the sending terminal and the receiving terminal are authorized users, if so, at least distributes a first authorization code for the sending terminal and sends authentication information to an authorization server, wherein the authentication information at least comprises the first authorization code;
the cluster core network sends the first authorization code and the address of the resource server to the sending terminal through the sending side cluster base station;
the cluster core network receives an uploading completion notification sent by the resource server after the sending terminal finishes uploading the multimedia short message to the resource server, wherein the uploading completion notification comprises an address of the multimedia short message, and the sending terminal can upload the multimedia short message only after successfully sending and authenticating with the authorization server by using the first authorization code;
and the trunking core network sends the multimedia short message or the address of the multimedia short message to one or at least two receiving terminals through a trunking base station at a receiving side.
11. The method of claim 10,
if the cluster core network judges that the sending terminal and the receiving terminal are authorized users, a second authorization code is further distributed to the receiving terminal and sent to the receiving terminal, and the authentication information further comprises the second authorization code.
12. The method of claim 10,
if the cluster core network judges that the sending terminal and the receiving terminal are authorized users, further allocating session identification for the session and sending the session identification to the sending terminal and the receiving terminal, wherein the authentication information further comprises the session identification.
13. A multimedia short message authentication method in a cluster system is characterized by comprising the following steps:
an authorization server receives authentication information from a cluster core network, wherein the authentication information at least comprises a first authorization code, the first authorization code is used for responding a multimedia short message sending request sent by a sending terminal through a sending side cluster base station by the cluster core network, and the multimedia short message is distributed to the sending terminal and sent to the sending terminal under the condition that the sending terminal and a receiving terminal are authorized users;
and the authorization server performs sending authentication with the sending terminal by using the first authorization code, and allows the sending terminal to upload the multimedia short message to the resource server after the sending authentication is successful.
14. The method of claim 13,
the authentication information further includes a second authorization code, where the second authorization code is allocated to the receiving terminal and sent to the receiving terminal when the cluster core network determines that the sending terminal and the receiving terminal are authorized users;
the method further comprises:
and the authorization server performs receiving authentication with the receiving terminal by using the second authorization code, and allows the receiving terminal to download the multimedia short message from the resource server after the receiving authentication is successful.
15. The method of claim 13,
the authentication information further comprises a session identifier, wherein the session identifier is allocated to the session and sent to the sending terminal and the receiving terminal under the condition that the cluster core network judges that the sending terminal and the receiving terminal are authorized users;
the authorization server performing sending authentication with the sending terminal by using the first authorization code includes:
the authorization server receives the first authorization code from the sending terminal and the session identifier from the sending terminal or the cluster core network;
and the authorization server matches the first authorization code, the session identifier and authentication information, and if the matching is successful, first positive response information is sent to the sending terminal, wherein the first positive response information is used for indicating that the sending authentication is successful.
16. A cluster core network, comprising:
the first receiving module is used for receiving a multimedia short message sending request sent by a sending terminal through a sending side cluster base station;
the judging module is used for judging whether the sending terminal and the receiving terminal are authorized users, if so, at least distributing a first authorization code for the sending terminal and sending authentication information to an authorization server, wherein the authentication information at least comprises the first authorization code;
a first sending module, configured to send the first authorization code and the address of the resource server to the sending terminal through the sending-side cluster base station;
a second receiving module, configured to receive an upload completion notification sent by the resource server after the sending terminal completes uploading the multimedia short message to the resource server, where the upload completion notification includes an address of the multimedia short message, and the sending terminal may upload the multimedia short message only after the sending terminal successfully performs authentication with the authorization server by using the first authorization code;
and the second sending module is used for sending the multimedia short message or the address of the multimedia short message to one or at least two receiving terminals through the receiving side trunking base station.
17. An authorization server, comprising:
a receiving module, configured to receive authentication information from a trunking core network, where the authentication information at least includes a first authorization code, and the first authorization code is used for responding to a multimedia short message sending request sent by a sending terminal through a trunking base station at a sending side by the trunking core network, and is used for allocating and sending the multimedia short message to the sending terminal when the sending terminal and the receiving terminal are judged to be authorized users;
and the sending authentication module is used for carrying out sending authentication with the sending terminal by utilizing the first authorization code, and allowing the sending terminal to upload the multimedia short message to the resource server after the sending authentication is successful.
18. The authorization server of claim 17,
the authentication information further includes a second authorization code, where the second authorization code is allocated to the receiving terminal and sent to the receiving terminal when the cluster core network determines that the sending terminal and the receiving terminal are authorized users;
the authorization server further comprises:
and the receiving authentication module is used for receiving authentication with the receiving terminal by using the second authorization code, and allowing the receiving terminal to download the multimedia short message from the resource server after the receiving authentication is successful.
19. A cluster core network, comprising: the processor is connected with the transceiver;
the processor is used for receiving a multimedia short message sending request sent by a sending terminal through a sending side cluster base station through the transceiver; judging whether the sending terminal and the receiving terminal are authorized users, if so, at least distributing a first authorization code for the sending terminal and sending authentication information to an authorization server through the transceiver, wherein the authentication information at least comprises the first authorization code; sending the first authorization code and the address of the resource server to the sending terminal through the transceiver and the sending side cluster base station; receiving, by the transceiver, an upload completion notification sent by the resource server after the transmission terminal completes uploading the multimedia short message to the resource server, where the upload completion notification includes an address of the multimedia short message, and the transmission terminal may upload the multimedia short message only after the transmission terminal successfully performs authentication with the authorization server by using the first authorization code; and sending the multimedia short message or the address of the multimedia short message to one or at least two receiving terminals through the transceiver and the receiving side trunking base station.
20. The clustered core network of claim 19,
the processor is further configured to assign a second authorization code to the receiving terminal and send the second authorization code to the receiving terminal through the transceiver when it is determined that the sending terminal and the receiving terminal are authorized users, where the authentication information further includes the second authorization code.
21. The clustered core network of claim 19,
the processor is further configured to allocate a session identifier for the session and send the session identifier to the sending terminal and the receiving terminal through the transceiver when it is determined that the sending terminal and the receiving terminal are authorized users, where the authentication information further includes the session identifier.
22. An authorization server, comprising: the system comprises a processor, a memory and a network circuit, wherein the processor is respectively connected with the memory and the network circuit;
the processor is configured to receive, through the network circuit, authentication information from a trunking core network, where the authentication information at least includes a first authorization code, where the first authorization code is for the trunking core network to respond to a multimedia short message sending request sent by a sending terminal through a sending-side trunking base station, and is allocated to the sending terminal and sent to the sending terminal when it is determined that the sending terminal and the receiving terminal are authorized users; and the network circuit utilizes the first authorization code to carry out sending authentication with the sending terminal, and the sending terminal is allowed to upload the multimedia short message to the resource server after the sending authentication is successful.
23. The authorization server of claim 22,
the authentication information further includes a second authorization code, where the second authorization code is allocated to the receiving terminal and sent to the receiving terminal when the cluster core network determines that the sending terminal and the receiving terminal are authorized users;
the processor is further configured to perform, by the network circuit, receiving authentication with the receiving terminal by using the second authorization code, and allow the receiving terminal to download the multimedia short message from the resource server only after the receiving authentication is successful.
24. The authorization server of claim 22,
the authentication information further comprises a session identifier, wherein the session identifier is allocated to the session and sent to the sending terminal and the receiving terminal under the condition that the cluster core network judges that the sending terminal and the receiving terminal are authorized users;
the processor is configured to receive, through the network circuit, the first authorization code from the sending terminal and the session identifier from the sending terminal or the trunking core network; and matching the first authorization code, the session identifier and authentication information, and if the matching is successful, sending first positive response information to the sending terminal through the network circuit, wherein the first positive response information is used for indicating that the sending authentication is successful. .
CN201610831410.XA 2016-09-18 2016-09-18 Multimedia short message authentication method, core network and authorization server in cluster system Active CN106412860B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610831410.XA CN106412860B (en) 2016-09-18 2016-09-18 Multimedia short message authentication method, core network and authorization server in cluster system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610831410.XA CN106412860B (en) 2016-09-18 2016-09-18 Multimedia short message authentication method, core network and authorization server in cluster system

Publications (2)

Publication Number Publication Date
CN106412860A CN106412860A (en) 2017-02-15
CN106412860B true CN106412860B (en) 2021-05-25

Family

ID=57996703

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610831410.XA Active CN106412860B (en) 2016-09-18 2016-09-18 Multimedia short message authentication method, core network and authorization server in cluster system

Country Status (1)

Country Link
CN (1) CN106412860B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101064872A (en) * 2006-04-26 2007-10-31 中兴通讯股份有限公司 Group calling authentication method for cluster system
CN101741566A (en) * 2009-12-24 2010-06-16 北京科技大学 Method for entity authentication based on secret sharing encryption
CN102088691A (en) * 2009-12-07 2011-06-08 中国电信股份有限公司 User authentication and identification system and method for mobile internet application of mobile phone
CN103428655A (en) * 2012-05-15 2013-12-04 上海博路信息技术有限公司 Data exchanging system based on short messages

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140164243A1 (en) * 2012-12-07 2014-06-12 Christian Aabye Dynamic Account Identifier With Return Real Account Identifier
US9800556B2 (en) * 2015-01-30 2017-10-24 Docusign, Inc. Systems and methods for providing data security services

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101064872A (en) * 2006-04-26 2007-10-31 中兴通讯股份有限公司 Group calling authentication method for cluster system
CN102088691A (en) * 2009-12-07 2011-06-08 中国电信股份有限公司 User authentication and identification system and method for mobile internet application of mobile phone
CN101741566A (en) * 2009-12-24 2010-06-16 北京科技大学 Method for entity authentication based on secret sharing encryption
CN103428655A (en) * 2012-05-15 2013-12-04 上海博路信息技术有限公司 Data exchanging system based on short messages

Also Published As

Publication number Publication date
CN106412860A (en) 2017-02-15

Similar Documents

Publication Publication Date Title
US11096051B2 (en) Connection establishment method, device, and system
US20180041893A1 (en) Method and system of multi-terminal mapping to a virtual sim card
CN106685978B (en) Method and device for controlling access authority among multiple devices and mobile terminal
CN108540433B (en) User identity verification method and device
US11778458B2 (en) Network access authentication method and device
CN105228153B (en) Network access method, system and wireless routing equipment
WO2015116593A1 (en) Methods, devices and systems for dynamic network access administration
KR101439796B1 (en) Systems and methods for authorizing access to network services using information obtained from subscriber equipment
CN111783068A (en) Device authentication method, system, electronic device and storage medium
CN101577908A (en) User equipment verification method, device identification register and access control system
CN108293055A (en) Method, apparatus and system for authenticating to mobile network and for by the server of device authentication to mobile network
CN111865731B (en) Intelligent equipment adding method and device, intelligent household control panel and storage medium
US11973880B2 (en) Data processing method and data processing device
US20230180010A1 (en) Method for securely connecting vehicle and bluetooth key, and bluetooth module and bluetooth key
CN105722072A (en) Business authorization method, device, system and router
CN107087293B (en) Access method, terminal and server
WO2013189398A2 (en) Application data push method, device, and system
CN106412860B (en) Multimedia short message authentication method, core network and authorization server in cluster system
US20170310736A1 (en) Method and system for sharing file between mobile terminals
US9742776B2 (en) Contact identification validation via social invitation
CN114025349B (en) Network service method, device, system and storage medium
CN115136625A (en) Vehicle machine system login method and related device
CN113452693B (en) Login method and device for page back end, storage medium and electronic device
CN108307534B (en) Method and device for establishing connection between devices
CN114365523B (en) Remote signing method, terminal, device and storage medium of NPN (negative-positive-negative) network

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant