CN106534040A - Method and device for identifying subscriber identity of terminal equipment - Google Patents
Method and device for identifying subscriber identity of terminal equipment Download PDFInfo
- Publication number
- CN106534040A CN106534040A CN201510570314.XA CN201510570314A CN106534040A CN 106534040 A CN106534040 A CN 106534040A CN 201510570314 A CN201510570314 A CN 201510570314A CN 106534040 A CN106534040 A CN 106534040A
- Authority
- CN
- China
- Prior art keywords
- user
- identification
- subscriber identity
- identity information
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses a method and a device for identifying a subscriber identity of terminal equipment, and relates to the field of mobile communication. The method disclosed by the invention comprises the steps of when receiving a subscriber identity identification request initiated by a third party for the terminal equipment, generating a subscriber identity query request according to the subscriber identity identification request and sending the generated subscriber identity query request to a core network PCRF, wherein the subscriber identity query request carries an IP (Internet Protocol) address of the terminal equipment, so as to indicate the PCRF to return subscriber identity information corresponding to the IP address according to the IP address in an identity query request message; and when receiving the subscriber identity information fed back by the PCRF, feeding the received subscriber identity information back to the third party. The invention further discloses the device for identifying the subscriber identity of the terminal equipment. According to the technical scheme disclosed by the invention, identity labels (MSISDN (Mobile Subscriber International ISDN (Integrated Service Digital Network)) and IMSI (International Mobile Subscriber Identification Number)) of an operator subscriber are expanded to various APPs and contents of the third party; and the method and the device can play an important role in various big data scenes.
Description
Technical field
A kind of the present invention relates to moving communicating field, more particularly to method of identification terminal equipment user identity
And device.
Background technology
In the mobile Internet epoch, subscriber identity information and user account information are extremely important and have
The resource of strategic value, Facebook possess 11.6 hundred million any active ues in the whole world, followed by Youtube,
Any active ues 1,000,000,000, the social media network QQ spaces of largest domestic have 7.12 hundred million, WhatsAPP and
Twitter also has 3.6 hundred million users, and it is huge that the maximum value of the APP of these Internet firms is which possesses
User, and the registration that the basis of its market value of 10,000,000,000, hundred billion U.S. dollar ranks easily is exactly its more than one hundred million meter is used
Family or online user, Internet firm are exactly to be won by this huge user base number, user's visit capacity
Profit.Meanwhile, each Internet firm in order that its account have bigger value, one after another by its user's account
Number opening, it is intended that its account becomes a general identification number in mobile Internet field.Than
Such as, the Facebook accounts of user may be used for logging in internet site or the shifting of external major part main flow
Dynamic the Internet APP, the deciding factor of its behind are that Facebook by its user account and based on which
The identification capability of account is opened to third party, any to meet third party website, the APP that its rule is required
User identity can be identified by the user identity identification ability of Facebook.
And its user group and user account institute are excavated far away by the operator with suitable user's magnitude therewith
The extra value brought, is particularly which and possesses the MSISDN that virtual account more this than the Internet is more worth
Phone number and IMSI number, not operatively by MSISDN phone numbers and IMSI number information so
The resource of great strategic importance is used.Like a diamond mine, still buried underground, Deng Daofa
Pick, waits a kind of effective method to go to excavate this resource, and can help operator by this resource
Use.
The content of the invention
The technical problem to be solved is to provide a kind of method of identification terminal equipment user identity
And device, to solve the problem of third party's None- identified terminal user's identity in prior art.
In order to solve above-mentioned technical problem, the invention discloses a kind of side of identification terminal equipment user identity
Method, the method include:
When receiving the user identity identification request that third party is initiated for terminal unit, according to the user
Identification request generates user identity inquiry request, and the user identity inquiry request for being generated is sent to
Core net PCRF, wherein, carries the IP address of the terminal unit in the user identity inquiry request,
PCRF is indicated according to the IP address in the identity lookup request message, return the IP address institute right
The subscriber identity information answered;
When the subscriber identity information of the PCRF feedbacks is received, the subscriber identity information for receiving is fed back
The third party for giving.
Alternatively, in said method, the subscriber identity information at least includes mobile subscriber's international number
MSISDN and international mobile subscriber identity IMSI.
Alternatively, in said method, the user identity inquiry request is Rx interface message.
Alternatively, said method also includes:When the subscriber identity information of the PCRF feedbacks is received,
Other users identity information is identified according to the subscriber identity information of PCRF feedbacks, by the use for receiving
Family identity information and the other users identity information for identifying feed back to the third party together;
Wherein, the other users identity information at least includes address of theenduser, user's name.
Alternatively, said method also includes:All subscriber identity informations of terminal unit are preserved, and from fortune
The CRM system of battalion business obtains and updates the subscriber identity information of terminal unit, makes the use of preservation
The identity information newest subscriber identity information for possessing actual with operator in family is consistent.
Alternatively, in said method, receive the user identity identification that third party is initiated for terminal unit
During request, methods described also includes:
Access authentication is carried out to the client of the terminal unit and user authorizes;
When the client of the terminal unit passes through access authentication and user authorizes, further according to the user
Identification request generates user identity inquiry request, and the user identity inquiry request for being generated is sent
To the PCRF.
The invention also discloses a kind of device of identification terminal equipment user identity, the device at least includes should
With interactive module, identification module and network interaction module, wherein:
The application interactive module, opens identification interface to third party, receives third party and is directed to terminal
The identification request message that equipment is initiated, and to third party feedback identification request message institute
The subscriber identity information of the terminal unit of inquiry;
The identification module, generates user identity according to received identification request message and looks into
Request is ask, the IP address of the terminal unit wherein, in the user identity inquiry request, is carried, to refer to
Show that PCRF, according to the IP address in the identity lookup request message, is returned corresponding to the IP address
Subscriber identity information, and the third party is obtained from the response of the user identity inquiry request for receiving
The subscriber identity information of the terminal unit inquired about simultaneously is sent to the application interactive module;
The user identity inquiry request for being generated is sent to core net PCRF by the network interaction module,
And receive PCRF return user identity inquiry request response, by the user identity inquiry request
Response returns to the identification module.
Alternatively, in said apparatus, the subscriber identity information at least includes mobile subscriber's international number
MSISDN and international mobile subscriber identity IMSI.
Alternatively, in said apparatus, the user identity inquiry request is Rx interface message.
Alternatively, in said apparatus, the identification module, always according to user identity inquiry request
Subscriber identity information in response identifies other users identity information, by the subscriber identity information for receiving and
The other users identity information for identifying feeds back to the application interactive module together, wherein, it is described other
Subscriber identity information at least includes address of theenduser, user's name;
The application interactive module, all subscriber identity informations that the identification module is sent are together
Feed back to the third party.
Alternatively, said apparatus also include:
Identity information module, preserves all subscriber identity informations of terminal unit, and from the client of operator
Relationship management system obtains and updates the subscriber identity information of terminal unit, makes the subscriber identity information of preservation
The newest subscriber identity information for possessing actual with operator is consistent.
Alternatively, said apparatus also include:
Access authentication module, receives what third party was initiated for terminal unit in the application interactive module
When user identity identification is asked, access authentication is carried out to the client of the terminal unit and user authorizes;
The body identification module, only the client in the terminal unit passes through access authentication and user authorizes
When, just generate the user identity inquiry request.
The invention also discloses a kind of device of identification terminal equipment user identity, the device at least includes:
First module, when receiving the Rx interface message of only carried terminal IP address of equipment, it is determined that described
Rx interface message is identity lookup request message, according to the IP address in the identity lookup request message,
Inquire about the subscriber identity information corresponding to the IP address;
The subscriber identity information for being inquired is fed back to terminal by the second module.
Alternatively, in said apparatus, the subscriber identity information at least includes mobile subscriber's international number
MSISDN and international mobile subscriber identity IMSI.
Technical scheme provides a kind of method of identification terminal equipment user identity and its corresponding dress
Put, the user identity identification ability of operator is opened to third party APP, third party APP can lead to
Cross user identity identification ability API to operator to be called, you can to realize user's identification and user
Authentication function.By technical scheme, on the one hand, can be by the identity tag of provider customer
(MSISDN phone numbers and IMSI number) is extended in the various APP of third party, content, can be
Under various big data scenes, play an important role;On the other hand, can be by the identity of provider customer
Mark is applied to the scenes such as the user identity identification under various mobile Internet scenes, user authentication mandate,
APP is allowd directly to obtain MSISDN phone numbers and the IMSI number of user by network, will
Provider customer's account develops into across the general identification number in mobile network and internet, penetrates into each
Mobile Internet application is planted, can infinitely amplify MSISDN phone numbers and IMSI that operator is managed
The value of number, is made and is equal to super the Internet APP, or even surmounts super the Internet APP
Killer strategic resource.
Description of the drawings
Fig. 1 is a kind of apparatus structure schematic diagram of identification terminal equipment user identity in the present embodiment;
Fig. 2 is a kind of network site figure of identification terminal equipment user identity device in the present embodiment;
Fig. 3 is a kind of fundamental diagram of identification terminal equipment user identity in the present embodiment;
Fig. 4 is a kind of business process map of identification terminal equipment subscriber identity information in the present embodiment;
Fig. 5 is a kind of operation flow of the detailed identity information of identification terminal equipment user in the present embodiment
Figure.
Specific embodiment
For making the object, technical solutions and advantages of the present invention become more apparent, below in conjunction with accompanying drawing pair
Technical solution of the present invention is described in further detail.It should be noted that in the case where not conflicting, this
Feature in the embodiment and embodiment of application arbitrarily can be mutually combined.
Embodiment 1
The present embodiment provides a kind of method of identification terminal equipment user identity, only need to provide terminal unit and connect
Enter private network IP (the Private Internet protocol) address being allocated during mobile network, you can made
MSISDN (i.e. phone number, the full name registered at operator with the terminal unit of the IP address
Mobile Subscriber International ISDN, wherein ISDN is ISDN, is
The abbreviation of Integrated Service Digital Network) and IMSI (International Mobile
Subscriber Identification Number, i.e. international mobile subscriber identity, are stored in mobile phone SIM
It is in card, unique in the whole network and the whole world) and more detailed subscriber identity information, reach identification terminal and set
The purpose of standby user identity.
Specifically, said method includes following operation:
Step 100:When receiving the user identity identification request that third party is initiated for terminal unit, root
User identity inquiry request is generated according to the user identity identification request, please by the user identity for being generated inquiry
Ask and be sent to PCRF;
Wherein, the IP address of the terminal unit is only carried in the user identity inquiry request for being generated, with
Indicate that PCRF, according to the IP address in identity lookup request message, returns the use corresponding to the IP address
Family identity information.
Specifically, this user identity inquiry request can be Rx interface message, it is to be noted that, this Rx
The private network IP address of a carried terminal equipment in interface message, and business and media information is not carried, so,
PCRF will recognize this Rx interface message for user identity inquiry request, rather than once common charging
Or policy request message.
Step 200:When the subscriber identity information of PCRF feedbacks is received, the user identity for receiving is believed
The third party that breath feeds back to.
In the step, the subscriber identity information of PCRF feedbacks at least includes MSISDN and IMSI.
Some schemes have been proposed that except PCRF feedback subscriber identity information in addition to, acquisition can also be inquired about
To other users identity information, such as information such as user's name, address of theenduser, at this point it is possible to by PCRF
The subscriber identity information of feedback and the follow-up other users identity information for obtaining feed back to third party i.e. in the lump
Can.
Wherein, " other users identity information " above-mentioned can in real time from the customer relationship of operator
Management system is obtained and is updated, so that it is guaranteed that " the other users identity information " involved by this patent and reality
The synchronization of border user profile.
It should also be noted that in view of the safety of subscriber identity information, therefore third party is being received for eventually
When the user identity identification that end equipment is initiated is asked, access can be carried out to the client of this terminal unit and be recognized
Card and user authorize, only when the client of terminal unit has passed through access authentication and user authorizes, then root
User identity inquiry request is generated according to user identity identification request, and please by the user identity for being generated inquiry
Ask and be sent to PCRF.
Embodiment 2
The present embodiment provides a kind of device of identification terminal equipment user identity, and which is based on PCC frameworks
(PCC frameworks are defined in 23.203 specifications of 3GPP TS, and its full name is:Policy and
Charging control architecture), make full use of the PCRF nets of Operator Core Network PCC frameworks
Charging and policy control interface (the i.e. Rx of 29.214 specifications of 3GPP TS definition that unit is provided to operation layer
Interface, hereafter referred to collectively as Rx interface) function, by being extended on operational mode to Rx interface,
The letter such as private network IP address of a carried terminal equipment i.e. in the Rx request messages for issue core net PCRF
Breath, does not carry business and media information, and to allow core net PCRF to know, this is not once common meter
Take or policy request message, but want which according to private network IP address in request message, return private network IP
The MSISDN of the terminal user corresponding to address and IMSI information.Meanwhile, the present invention is realized
Identification terminal equipment user identity device to third party APP provide identification interface, receive the 3rd
Terminal user's identification request that square APP is initiated, extracts the private network IP ground in request message
Location, and base identity information identification, or detailed identification information identification is carried out according to requirement in request message,
After the MSISDN and IMSI information for obtaining terminal user by core net PCRF, specific aim
Carry out identification response, return corresponding base identity information (MSISDN and IMSI information)
Or detailed identification information (in addition to MSISDN and IMSI information, address of theenduser, user's name etc.),
Realize the identity recognition function to terminal unit.
Wherein, involved terminal unit can various placed operator SIM (subscriber
Identity module) card or similar user account card fixation or the electronic equipment of movement.Specifically,
The device that the present embodiment is provided at least is included using interactive module, identification module and network interaction module.
Using interactive module, identification interface is opened to third party, received from including setting positioned at terminal
What the identification request or external server background system that the client application of standby upper installation is initiated was initiated
Identification request message, after processing to identification request message, is sent to identification module,
And the user identity letter of the terminal unit inquired about by identification request message is fed back to the third party
Breath.
Identification module, the IP address of the terminal unit provided based on client, and according to operator's core
The AA-Request order features of the Rx interface of heart net PCRF systems, organizational identities inquiry request message,
Docked with core net PCRF by network interaction module, initiate identity lookup request, indicate PCRF roots
According to the IP address provided in AA-Request request messages, the user identity corresponding to the IP address is returned
Information (at least including MSISDN and IMSI information), and please from the user identity inquiry for receiving
The subscriber identity information of the terminal unit inquired about by the third party is obtained in the response asked and is sent to described
Using interactive module.
Wherein, when the IP address of terminal unit is that concrete terminal unit is surfed the Net by wireless network, core net
Distribute for which, core net saves distributed terminal device IP address and its corresponding MSISDN
And IMSI information.
Network interaction module, receives the request message of identification module, and adaptation core net PCRF is based on
The request message is issued PCRF by the Rx interface message of Diameter, meanwhile, receive PCRF
The response message of the user identity inquiry request of return, and disappear to the corresponding response of identification module return
Breath.
Preferably, above-mentioned identification module, can be with the response according to user identity inquiry request
Subscriber identity information identifies other users identity information (such as address of theenduser, user's name etc.),
And the subscriber identity information for receiving and the other users identity information for identifying are fed back to into the application together
Interactive module.Now, using interactive module, all subscriber identity informations that identification module is sent
Third party is fed back to together.
In addition, said apparatus also include identity information module, all user identity letters of terminal unit are preserved
Breath, and the subscriber identity information of terminal unit is obtained and is updated from the CRM system of operator,
Make the subscriber identity information and the actual newest subscriber identity information one for possessing of operator in identity information module
Cause.
Said apparatus can also include access authentication module, and now, body identification module, according to initiation identity
Client (including the client application and external system) information of identification request, calls access authentication module
Interface, carry out access authentication to client, and receive the authentication result of access authentication module return.If
Access authentication module returning result shows that certification passes through, then identification module just initiates follow-up identification
Operation.
Access authentication module, receives the access authentication request that identification module sends, according to request message
The client-side information of the identification request message of middle offer, determines whether legal client and is
The no request message for meeting rule requirement sent for legitimate client, next according to client case,
Determine whether to ask this identification, initiating terminal equipment user authorizes, i.e. access authentication mould
Block is initiated to be authorized with user and is interacted, and after obtaining user's agreement, just can be returned to identification module and be accessed
Certification success.Above-mentioned access authentication and user for client is authorized after all successfully completing, and is known to identity
Other module returns access authentication response, and confirmation result is success or failure.
Being embodied as said apparatus is illustrated below in conjunction with the accompanying drawings.
The device of the identification terminal equipment user identity that Fig. 1 is provided in showing priority scheme, its mainly by
Including using the friendship of interactive module, identification module, identity information module, access authentication module and network
Mutually totally 5 modules are constituted module.
Using interactive module, identification interface is opened to third party, reception is included on terminal unit
Client application or terminal user's body for initiating in interior client of external server background system
Part identification request, is used for carrying out the client-side information of access authentication and for carrying out in extracting request message
The terminal device IP address information of identification, verifies the client-side information form and IP in request message
Address format, after format check passes through, sends identification request message to identification module.
Identification module, receives the identification request message for carrying out self-application interactive module, and according to body
The client-side information of the request message is initiated in part identification request message, calls the interface of access authentication module,
Access authentication is carried out to client, and receives the authentication result of access authentication module return.If access authentication
Module returning result shows that certification passes through, then identification module determines whether the terminal that client is provided
IP address of equipment, judges IP address type for IPV4 address styles or IPV6 address styles, and root
According to the AA-Request order fill requests of the Rx interface of Operator Core Network PCRF systems, accordingly
Identity lookup request message is filled in, is docked with core net PCRF by network interaction module, initiate identity
Inquiry request, indicates that PCRF, according to the IP address provided in AA-Request request messages, is returned eventually
The identity information of end equipment user, the MSISDN and IMSI information including terminal unit.Due to often
Station terminal equipment access wireless network, when being surfed the Net, core net will be every station terminal equipment distribute its
IP address in wireless network, and core net saves the MSISDN and IMSI of every station terminal equipment simultaneously
Information, therefore, core net PCRF can return IP address in the response message and its corresponding terminal sets
Standby MSISDN and IMSI information, identification module by obtain terminal unit above-mentioned IP address,
After MSISDN and IMSI information, to the client of request, according to the requirement of request message, return
MSISDN or IMSI while returns MSISDN and IMSI.Preferably, can be by identity
Information module, returns detailed other users identity information (such as information such as user's name, address of theenduser),
The identification of the identity information registered in completing operator of the terminal unit corresponding to which.
Identity information module, preserves the identity information of terminal user, and supports the client from operator
Relationship management system updates and obtains newest terminal user's identity information, it is ensured that system information and reality
User profile is consistent.
Access authentication module, receives the access authentication request that identification module sends, according to request message
The client-side information of the identification request message of middle offer, determines whether legal client and is
The no request message for meeting rule requirement sent for legitimate client, next according to client case,
Determine whether to ask this identification, initiating terminal equipment user authorizes, i.e. access authentication mould
Block is initiated to be authorized with user and is interacted, and after obtaining user's agreement, just can be returned to identification module and be accessed
Certification success.Above-mentioned access authentication and user for client is authorized after all successfully completing, and is known to identity
Other module returns access authentication response, and confirmation result is success or failure.
Network interaction module, supports to internal identification module interface protocol and external core network PCRF
The interface protocol of system is adapted to, by the identification request message of the identification module for receiving,
Rx interface message based on Diameter that PCRF systems are supported is converted into, meanwhile, will
Core net PCRF returns the Rx interface notification message of Rx interface response message or initiation, is converted into inside
The interface protocol supported by identification module, realizes the interacting message between the system of inside and outside.
Fig. 2 show the position that the device of identification terminal equipment user identity is placed in network.201, it is located at
The client application of terminal unit passes through wireless network and the Internet and terminal user's identity recognition device
Between user identity identification request and response message interact;202, the background system in server leads to
The user identity identification request crossed between the Internet and terminal user's identity recognition device and response message
Interaction;203, terminal user's identity recognition device is by operator's internal network and core net PCRF
Between user identity identification request and response message interact;204, terminal user's identity recognition device
Interacted with the CRM system of operator by operator's internal network.
Fig. 3 is the fundamental diagram of the device of shown identification terminal equipment user identity.
301, the application interactive module opening identification of the device of identification terminal equipment user identity connects
Mouthful, while supporting two class interface of Restful agreements and soap protocol.Client positioned at terminal unit should
With calling using interactive module opening identification Restful protocol interfaces, identification terminal equipment is asked
The device of user identity is identified to the identity of terminal user, and obtains identification object information.
301 ', the application interactive module opening identification of the device of identification terminal equipment user identity
Interface, while support two class interface of Restful agreements and soap protocol.The backstage of externally-located server
System is called using interactive module opening identification Restful agreements or soap protocol interface, please
Ask the device of identification terminal equipment user identity to be identified the identity of terminal user, and obtain body
Part recognition result information.
302, after receiving the user identity identification request of client initiation using interactive module, perform this mould
The respective logic of block definition is processed, and then the identification interface between identification module is interacted,
Interacted by the identification interface between identification module using interactive module, known to identity
Other module sends identity and is identified request.
303, identification module performed this module definition respective logic process after, by with access
The exposed access authentication interface of authentication module is docked, for client this time identification ask into
Row access authentication, after access authentication module completes the respective logic process of this module definition, to identification
Module return authentication result.
304, identification module by the message passing interface between network interaction module, to core net
PCRF initiates identification request.Identification module is defined according to this internal interface, by terminal unit
User identity identification message transmission gives network interaction module, and is receiving core net by network interaction module
After the identification response that PCRF is returned, identification result is returned to by identification by this interface
Module.
305, the Rx interface between network interaction module and core net PCRF, network interaction module pass through
This interface, the Rx interface of the Diameter of adaptation docking core net PCRF, carries out inside and outside system
The protocol adaptation conversion of system, asks identification to core net PCRF, and receives core net PCRF to return
The identification response message returned.
306, the specific requirement (PCRF that identification module is asked according to terminal user's identification
The subscriber identity information of feedback, or other users identity information), it is determined whether with identity information module
Interact, by MSISDN, the in-depth identity letter of terminal user is obtained from identity information module
Breath.
307, identity information module by the interface between CRM system, from customer relationship pipe
Reason system obtains terminal user's detailed identification information.
Fig. 4 show the operation flow of identification terminal equipment subscriber identity information.
401, terminal user is in registration or using the client application on terminal unit or is located at
During external system on background server, client application or external system are needed defeated by hand without the need for user
Enter and phone number is provided, obtain the phone number MSISDN and IMSI of terminal unit, to confirm to use
Family identity, therefore client application or external system initiate to set terminal to terminal unit identity recognition device
The request of standby user identification.Client application or external system is carried in request message from terminal unit
Upper acquisition, accessed the private network IP address that distributed of wireless network and client application or outer by terminal unit
The information of portion's system, request return the MSISDN and IMSI of the terminal unit corresponding to the IP address;
402, the division of labor of the terminal unit identity recognition device according to internal each module, after completing corresponding process,
Ask to the identification of PCRF initiating terminals equipment identities, the private network IP ground of carried terminal equipment in request message
Location, does not carry business, media information, so that core net PCRF can know that this is not once common meter
Take or policy request message.If there are the feelings for repeating by the private network IP address that terminal unit distributes in core net
Condition, then carry IP address domain information, it is ensured that allow core net PCRF can by private network IP address and
IP address domain, uniquely determines terminal unit identity to be identified;
403, the request message that core net PCRF is sent according to terminal unit identity recognition device, in response
MSISDN and IMSI number is returned in message;
404, terminal unit identity recognition device returns terminal unit identity to client application or external system
Identification response message.
Wherein response message is required according to the specific object and its request of client application or external system,
MSISDN, or IMSI, or MSISDN and IMSI, or MSISDN and IMSI can be included
And user's detailed identification information.
Fig. 5 show the operation flow of other identity informations of identification terminal equipment user.
501, terminal user is in registration or using the client application on terminal unit or is located at
During external system on background server, client application or external system need core according to concrete scene
The phone number MSISDN and acquisition terminal user of real terminal unit owning user is in operator
The detailed identification information registered, initiates to terminal user's identity to terminal unit identity recognition device
The request of identification.Carry in request message it is that client application or external system are obtained from terminal unit,
The IP address distributed by terminal unit access wireless network and the information of client application or external system,
Request returns MSISDN, IMSI and terminal user of the terminal unit corresponding to the IP address and exists
The detailed identification information registered by operator;
502, after each module inside terminal unit identity recognition device completes corresponding process, to PCRF
The identification request of initiating terminal equipment identities, in request message, the private network IP address of carried terminal equipment, does not take
Band business, media information, so that core net PCRF can know that this is not once common charging or strategy
Request message.If be present situation about repeating by the private network IP address that terminal unit distributes in core net, then take
Band IP address domain information, it is ensured that core net PCRF can pass through private network IP address and IP address domain,
Uniquely determine terminal unit identity to be identified;
503, the request message that core net PCRF is sent according to terminal unit identity recognition device, in response
MSISDN and IMSI is returned in message.Terminal unit identity recognition device is returned by core net
MSISDN, inquires about its User Detail obtained from CRM system.If not finding,
Step 504 is turned to then;If having found User Detail, step 506 is turned to;
504, terminal unit identity recognition device according to the MSISDN information for being obtained, from customer relationship
Management system inquires about the detailed identification information of the user;
505, it is corresponding that CRM system returns MSISDN to terminal unit identity recognition device
Subscriber identity information;
506, terminal unit identity recognition device returns terminal unit identity to client application or external system
Identification response message, comprising MSISDN and IMSI number and other subscriber identity informations, other use
Family identity information may include the identity card of user or social security number information, set meal consumption information etc..
Embodiment 3
The present embodiment provides a kind of device of identification terminal equipment user identity, and which is placed in core net
PCRF sides, which is used in combination with the device in above-described embodiment 2, can recognize that user's body of terminal unit
Part.Which at least includes following two modules.
First module, when receiving the Rx interface message of only carried terminal IP address of equipment, determines Rx
Interface message is identity lookup request message, and according to the IP address in identity lookup request message, inquiry should
Subscriber identity information corresponding to IP address;
Wherein, as current Rx interface message generally comprises the private network IP address of terminal unit, and
Business and media information, and in the Rx interface message in the present embodiment a carried terminal equipment private network IP
Address, and when not carrying business and media information, you can determine that this Rx interface message is that user identity is looked into
Ask request.
The subscriber identity information for being inquired is fed back to terminal by the second module.
Wherein, the subscriber identity information for being inquired at least includes MSISDN and IMSI.
From above-described embodiment as can be seen that technical scheme creatively utilizes Operator Core Network
The function provided to the Rx interface message that operation layer is provided by PCRF network elements, by transporting to Rx interface
It is extended with mode, i.e., the carried terminal equipment in the Rx request messages for issue core net PCRF
Private network IP address, do not carry business, media information, to allow core net PCRF can know that, this is not
Once common charging or policy request message, as long as but return corresponding to the private network IP of terminal unit
The identity information of terminal user.The method and apparatus provided by the present invention, client application or outer
When portion's system is in user's registration or using its business, if desired confirms or subscriber phone number is provided
MSISDN, it is possible to obtain automatically the identity information of terminal unit, it is to avoid user manually enters cell-phone number
Code MSISDN, reduces the situation of interactive step, effectively improves current mobile Internet and apply
The friendly commenced business and ease for use, improve interactive experience of the user using application, meanwhile, also effectively
The user account number of operator as a kind of important identity account number in mobile Internet ecosystem, is carried by ground
Rise right of speech of the operator in mobile Internet value chain.
Importantly, provider customer's account can be developed into by the device provided by the application
Across the identification number that mobile network and internet are general, various mobile Internet applications are penetrated into, can be with
MSISDN phone numbers and the value of IMSI number that unlimited amplification operator is managed, make
It is equal to super the Internet APP, or even surmounts the Killer strategic resource of super the Internet APP.Can
Greatly to strengthen Consumer's Experience, network value is played to greatest extent, create profit, strengthen operator
The market competitiveness.
One of ordinary skill in the art will appreciate that all or part of step in said method can pass through program
To instruct related hardware to complete, described program can be stored in computer-readable recording medium, such as read-only
Memorizer, disk or CD etc..Alternatively, all or part of step of above-described embodiment can also be used
One or more integrated circuits are realizing.Correspondingly, each module/unit in above-described embodiment can be adopted
The form of hardware is realized, it would however also be possible to employ the form of software function module is realized.The application is not restricted to appoint
The combination of the hardware and software of what particular form.
The above, preferred embodiments only of the invention are not intended to limit the protection model of the present invention
Enclose.All any modification, equivalent substitution and improvements within the spirit and principles in the present invention, done etc.,
Should be included within the scope of the present invention.
Claims (14)
1. a kind of method of identification terminal equipment user identity, its feature exist, and the method includes:
When receiving the user identity identification request that third party is initiated for terminal unit, according to the user
Identification request generates user identity inquiry request, and the user identity inquiry request for being generated is sent to
Core net PCRF, wherein, carries the IP address of the terminal unit in the user identity inquiry request,
PCRF is indicated according to the IP address in the identity lookup request message, return the IP address institute right
The subscriber identity information answered;
When the subscriber identity information of the PCRF feedbacks is received, the subscriber identity information for receiving is fed back
The third party for giving.
2. the method for claim 1, it is characterised in that
The subscriber identity information is at least including mobile subscriber's international number MSISDN and international mobile use
Family identification code IMSI.
3. the method for claim 1, it is characterised in that
The user identity inquiry request is Rx interface message.
4. the method as described in any one of claims 1 to 3, it is characterised in that methods described also includes:
When the subscriber identity information of the PCRF feedbacks is received, according to the user of PCRF feedbacks
Identity information identifies other users identity information, by the subscriber identity information for receiving and identify other
Subscriber identity information feeds back to the third party together;
Wherein, the other users identity information at least includes address of theenduser, user's name.
5. method as claimed in claim 4, it is characterised in that methods described also includes:Preserve terminal
All subscriber identity informations of equipment, and obtain and more new terminal from the CRM system of operator
The subscriber identity information of equipment, makes the subscriber identity information of preservation and the actual newest user for possessing of operator
Identity information is consistent.
6. method as claimed in claim 4, it is characterised in that receive third party for terminal unit
When the user identity identification of initiation is asked, methods described also includes:
Access authentication is carried out to the client of the terminal unit and user authorizes;
When the client of the terminal unit passes through access authentication and user authorizes, further according to the user
Identification request generates user identity inquiry request, and the user identity inquiry request for being generated is sent
To the PCRF.
7. a kind of device of identification terminal equipment user identity, it is characterised in that the device at least includes should
With interactive module, identification module and network interaction module, wherein:
The application interactive module, opens identification interface to third party, receives third party and is directed to terminal
The identification request message that equipment is initiated, and to third party feedback identification request message institute
The subscriber identity information of the terminal unit of inquiry;
The identification module, generates user identity according to received identification request message and looks into
Request is ask, the IP address of the terminal unit wherein, in the user identity inquiry request, is carried, to refer to
Show that PCRF, according to the IP address in the identity lookup request message, is returned corresponding to the IP address
Subscriber identity information, and the third party is obtained from the response of the user identity inquiry request for receiving
The subscriber identity information of the terminal unit inquired about simultaneously is sent to the application interactive module;
The user identity inquiry request for being generated is sent to core net PCRF by the network interaction module,
And receive PCRF return user identity inquiry request response, by the user identity inquiry request
Response returns to the identification module.
8. device as claimed in claim 7, it is characterised in that
The subscriber identity information is at least including mobile subscriber's international number MSISDN and international mobile use
Family identification code IMSI.
9. device as claimed in claim 7, it is characterised in that
The user identity inquiry request is Rx interface message.
10. the device as described in any one of claim 7 to 9, it is characterised in that
The identification module, always according to the subscriber identity information in the response of user identity inquiry request
Other users identity information is identified, by the subscriber identity information for receiving and the other users identity for identifying
Information feeds back to the application interactive module together, and wherein, the other users identity information at least includes
Address of theenduser, user's name;
The application interactive module, all subscriber identity informations that the identification module is sent are together
Feed back to the third party.
11. devices as claimed in claim 10, it is characterised in that described device also includes:
Identity information module, preserves all subscriber identity informations of terminal unit, and from the client of operator
Relationship management system obtains and updates the subscriber identity information of terminal unit, makes the subscriber identity information of preservation
The newest subscriber identity information for possessing actual with operator is consistent.
12. devices as claimed in claim 10, it is characterised in that described device also includes:
Access authentication module, receives what third party was initiated for terminal unit in the application interactive module
When user identity identification is asked, access authentication is carried out to the client of the terminal unit and user authorizes;
The body identification module, only the client in the terminal unit passes through access authentication and user authorizes
When, just generate the user identity inquiry request.
13. a kind of devices of identification terminal equipment user identity, it is characterised in that the device at least includes:
First module, when receiving the Rx interface message of only carried terminal IP address of equipment, it is determined that described
Rx interface message is identity lookup request message, according to the IP address in the identity lookup request message,
Inquire about the subscriber identity information corresponding to the IP address;
The subscriber identity information for being inquired is fed back to terminal by the second module.
14. devices as claimed in claim 13, it is characterised in that the subscriber identity information is at least wrapped
Include mobile subscriber's international number MSISDN and international mobile subscriber identity IMSI.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510570314.XA CN106534040A (en) | 2015-09-09 | 2015-09-09 | Method and device for identifying subscriber identity of terminal equipment |
PCT/CN2016/086028 WO2017041562A1 (en) | 2015-09-09 | 2016-06-16 | Method and device for identifying user identity of terminal device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510570314.XA CN106534040A (en) | 2015-09-09 | 2015-09-09 | Method and device for identifying subscriber identity of terminal equipment |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106534040A true CN106534040A (en) | 2017-03-22 |
Family
ID=58239843
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510570314.XA Withdrawn CN106534040A (en) | 2015-09-09 | 2015-09-09 | Method and device for identifying subscriber identity of terminal equipment |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN106534040A (en) |
WO (1) | WO2017041562A1 (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106921957A (en) * | 2017-03-23 | 2017-07-04 | 中国联合网络通信集团有限公司 | The recognition methods of secondary number of distributing telephone numbers and device |
CN109768947A (en) * | 2017-11-09 | 2019-05-17 | 中国移动通信有限公司研究院 | A kind of method for authenticating user identity, device and medium |
CN110049106A (en) * | 2019-03-22 | 2019-07-23 | 口碑(上海)信息技术有限公司 | Service request processing system and method |
CN110856164A (en) * | 2018-08-21 | 2020-02-28 | 中国电信股份有限公司 | User identification method, server and system |
CN111132122A (en) * | 2019-12-18 | 2020-05-08 | 南京熊猫电子股份有限公司 | Method for recognizing multi-system terminal user information based on short distance and mobile terminal sensing system |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP3402238A1 (en) | 2017-05-09 | 2018-11-14 | Giesecke+Devrient Mobile Security GmbH | Efficient user authentications |
CN107798601A (en) * | 2017-12-08 | 2018-03-13 | 四川安亮科技有限公司 | A kind of financial information inquiry terminating machine |
CN112565053B (en) * | 2020-12-01 | 2022-06-10 | 武汉绿色网络信息服务有限责任公司 | Method, device, service system and storage medium for identifying private network user |
US11991525B2 (en) | 2021-12-02 | 2024-05-21 | T-Mobile Usa, Inc. | Wireless device access and subsidy control |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102857485A (en) * | 2012-03-22 | 2013-01-02 | 孙银海 | System and method capable of showing authentication success of website |
CN103107976A (en) * | 2011-11-10 | 2013-05-15 | 中国电信股份有限公司 | Content provider/service provider (CP/SP) user identification authentication method and system and authentication support device |
CN103812836A (en) * | 2012-11-12 | 2014-05-21 | 孙银海 | System and method for website to send user reserved information |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006016009A1 (en) * | 2004-07-07 | 2006-02-16 | France Telecom | Method and device for processing a domain name translation request |
WO2008092358A1 (en) * | 2007-01-29 | 2008-08-07 | Huawei Technologies Co., Ltd. | A strategy performing method, system and network element |
-
2015
- 2015-09-09 CN CN201510570314.XA patent/CN106534040A/en not_active Withdrawn
-
2016
- 2016-06-16 WO PCT/CN2016/086028 patent/WO2017041562A1/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103107976A (en) * | 2011-11-10 | 2013-05-15 | 中国电信股份有限公司 | Content provider/service provider (CP/SP) user identification authentication method and system and authentication support device |
CN102857485A (en) * | 2012-03-22 | 2013-01-02 | 孙银海 | System and method capable of showing authentication success of website |
CN103812836A (en) * | 2012-11-12 | 2014-05-21 | 孙银海 | System and method for website to send user reserved information |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106921957A (en) * | 2017-03-23 | 2017-07-04 | 中国联合网络通信集团有限公司 | The recognition methods of secondary number of distributing telephone numbers and device |
CN106921957B (en) * | 2017-03-23 | 2019-10-18 | 中国联合网络通信集团有限公司 | The recognition methods of secondary number of distributing telephone numbers and device |
CN109768947A (en) * | 2017-11-09 | 2019-05-17 | 中国移动通信有限公司研究院 | A kind of method for authenticating user identity, device and medium |
CN110856164A (en) * | 2018-08-21 | 2020-02-28 | 中国电信股份有限公司 | User identification method, server and system |
CN110856164B (en) * | 2018-08-21 | 2022-08-30 | 中国电信股份有限公司 | User identification method, server and system |
CN110049106A (en) * | 2019-03-22 | 2019-07-23 | 口碑(上海)信息技术有限公司 | Service request processing system and method |
CN111132122A (en) * | 2019-12-18 | 2020-05-08 | 南京熊猫电子股份有限公司 | Method for recognizing multi-system terminal user information based on short distance and mobile terminal sensing system |
Also Published As
Publication number | Publication date |
---|---|
WO2017041562A1 (en) | 2017-03-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106534040A (en) | Method and device for identifying subscriber identity of terminal equipment | |
CN102812665B (en) | Pluggable token provider model to implement authentication across multiple web services | |
CN102970362B (en) | The method of a kind of high in the clouds data sharing and device | |
US10320753B1 (en) | Method and system for providing persona masking in a computer network | |
US8756657B2 (en) | Mobile or user device authentication and tracking | |
CN103826226A (en) | Method and device for controlling wireless internet access | |
EP3162104B1 (en) | A method to authenticate calls in a telecommunication system | |
CN103944737A (en) | User identity authentication method, third-party authentication platform and operator authentication platform | |
CN101990183A (en) | Method, device and system for protecting user information | |
CN103414740B (en) | A kind of private cloud account configuration method and device | |
CN105307169A (en) | Access method, device and system for guest network | |
CN105681258B (en) | Session method and conversational device based on third-party server | |
CN108737585A (en) | The distribution method and device of IP address | |
CN106254319B (en) | Light application login control method and device | |
CN107534666A (en) | The conversion of domain in IMS network | |
CN104735027A (en) | Safety authentication method and authentication certification server | |
CN103716772A (en) | Service processing method, device and communication system | |
CN104125221B (en) | IMS (IP (Internet Protocol) multimedia subsystem) terminal equipment multiple soft-terminal resource sharing and application collaborative device and method | |
CN107889194A (en) | Obtain, provide method, equipment and the medium of WAP access information | |
CN102104603A (en) | Method, system and device for registering mobile terminal in WEB server | |
CN104009850B (en) | A kind of method for authenticating user identity and system | |
CN104469770B (en) | Towards WLAN authentication methods, platform and the system of third-party application | |
CN108696860A (en) | Virtual SIM card implementation method, device, SIM servers and terminal | |
CN109863790A (en) | The WLAN discovery and selection of cellular network auxiliary | |
CN102891831A (en) | Implement method of multimedia conferencing service and related equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20170322 |