CN106534040A - Method and device for identifying subscriber identity of terminal equipment - Google Patents

Method and device for identifying subscriber identity of terminal equipment Download PDF

Info

Publication number
CN106534040A
CN106534040A CN201510570314.XA CN201510570314A CN106534040A CN 106534040 A CN106534040 A CN 106534040A CN 201510570314 A CN201510570314 A CN 201510570314A CN 106534040 A CN106534040 A CN 106534040A
Authority
CN
China
Prior art keywords
user
identification
subscriber identity
identity information
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN201510570314.XA
Other languages
Chinese (zh)
Inventor
周朝阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201510570314.XA priority Critical patent/CN106534040A/en
Priority to PCT/CN2016/086028 priority patent/WO2017041562A1/en
Publication of CN106534040A publication Critical patent/CN106534040A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention discloses a method and a device for identifying a subscriber identity of terminal equipment, and relates to the field of mobile communication. The method disclosed by the invention comprises the steps of when receiving a subscriber identity identification request initiated by a third party for the terminal equipment, generating a subscriber identity query request according to the subscriber identity identification request and sending the generated subscriber identity query request to a core network PCRF, wherein the subscriber identity query request carries an IP (Internet Protocol) address of the terminal equipment, so as to indicate the PCRF to return subscriber identity information corresponding to the IP address according to the IP address in an identity query request message; and when receiving the subscriber identity information fed back by the PCRF, feeding the received subscriber identity information back to the third party. The invention further discloses the device for identifying the subscriber identity of the terminal equipment. According to the technical scheme disclosed by the invention, identity labels (MSISDN (Mobile Subscriber International ISDN (Integrated Service Digital Network)) and IMSI (International Mobile Subscriber Identification Number)) of an operator subscriber are expanded to various APPs and contents of the third party; and the method and the device can play an important role in various big data scenes.

Description

A kind of method and apparatus of identification terminal equipment user identity
Technical field
A kind of the present invention relates to moving communicating field, more particularly to method of identification terminal equipment user identity And device.
Background technology
In the mobile Internet epoch, subscriber identity information and user account information are extremely important and have The resource of strategic value, Facebook possess 11.6 hundred million any active ues in the whole world, followed by Youtube, Any active ues 1,000,000,000, the social media network QQ spaces of largest domestic have 7.12 hundred million, WhatsAPP and Twitter also has 3.6 hundred million users, and it is huge that the maximum value of the APP of these Internet firms is which possesses User, and the registration that the basis of its market value of 10,000,000,000, hundred billion U.S. dollar ranks easily is exactly its more than one hundred million meter is used Family or online user, Internet firm are exactly to be won by this huge user base number, user's visit capacity Profit.Meanwhile, each Internet firm in order that its account have bigger value, one after another by its user's account Number opening, it is intended that its account becomes a general identification number in mobile Internet field.Than Such as, the Facebook accounts of user may be used for logging in internet site or the shifting of external major part main flow Dynamic the Internet APP, the deciding factor of its behind are that Facebook by its user account and based on which The identification capability of account is opened to third party, any to meet third party website, the APP that its rule is required User identity can be identified by the user identity identification ability of Facebook.
And its user group and user account institute are excavated far away by the operator with suitable user's magnitude therewith The extra value brought, is particularly which and possesses the MSISDN that virtual account more this than the Internet is more worth Phone number and IMSI number, not operatively by MSISDN phone numbers and IMSI number information so The resource of great strategic importance is used.Like a diamond mine, still buried underground, Deng Daofa Pick, waits a kind of effective method to go to excavate this resource, and can help operator by this resource Use.
The content of the invention
The technical problem to be solved is to provide a kind of method of identification terminal equipment user identity And device, to solve the problem of third party's None- identified terminal user's identity in prior art.
In order to solve above-mentioned technical problem, the invention discloses a kind of side of identification terminal equipment user identity Method, the method include:
When receiving the user identity identification request that third party is initiated for terminal unit, according to the user Identification request generates user identity inquiry request, and the user identity inquiry request for being generated is sent to Core net PCRF, wherein, carries the IP address of the terminal unit in the user identity inquiry request, PCRF is indicated according to the IP address in the identity lookup request message, return the IP address institute right The subscriber identity information answered;
When the subscriber identity information of the PCRF feedbacks is received, the subscriber identity information for receiving is fed back The third party for giving.
Alternatively, in said method, the subscriber identity information at least includes mobile subscriber's international number MSISDN and international mobile subscriber identity IMSI.
Alternatively, in said method, the user identity inquiry request is Rx interface message.
Alternatively, said method also includes:When the subscriber identity information of the PCRF feedbacks is received, Other users identity information is identified according to the subscriber identity information of PCRF feedbacks, by the use for receiving Family identity information and the other users identity information for identifying feed back to the third party together;
Wherein, the other users identity information at least includes address of theenduser, user's name.
Alternatively, said method also includes:All subscriber identity informations of terminal unit are preserved, and from fortune The CRM system of battalion business obtains and updates the subscriber identity information of terminal unit, makes the use of preservation The identity information newest subscriber identity information for possessing actual with operator in family is consistent.
Alternatively, in said method, receive the user identity identification that third party is initiated for terminal unit During request, methods described also includes:
Access authentication is carried out to the client of the terminal unit and user authorizes;
When the client of the terminal unit passes through access authentication and user authorizes, further according to the user Identification request generates user identity inquiry request, and the user identity inquiry request for being generated is sent To the PCRF.
The invention also discloses a kind of device of identification terminal equipment user identity, the device at least includes should With interactive module, identification module and network interaction module, wherein:
The application interactive module, opens identification interface to third party, receives third party and is directed to terminal The identification request message that equipment is initiated, and to third party feedback identification request message institute The subscriber identity information of the terminal unit of inquiry;
The identification module, generates user identity according to received identification request message and looks into Request is ask, the IP address of the terminal unit wherein, in the user identity inquiry request, is carried, to refer to Show that PCRF, according to the IP address in the identity lookup request message, is returned corresponding to the IP address Subscriber identity information, and the third party is obtained from the response of the user identity inquiry request for receiving The subscriber identity information of the terminal unit inquired about simultaneously is sent to the application interactive module;
The user identity inquiry request for being generated is sent to core net PCRF by the network interaction module, And receive PCRF return user identity inquiry request response, by the user identity inquiry request Response returns to the identification module.
Alternatively, in said apparatus, the subscriber identity information at least includes mobile subscriber's international number MSISDN and international mobile subscriber identity IMSI.
Alternatively, in said apparatus, the user identity inquiry request is Rx interface message.
Alternatively, in said apparatus, the identification module, always according to user identity inquiry request Subscriber identity information in response identifies other users identity information, by the subscriber identity information for receiving and The other users identity information for identifying feeds back to the application interactive module together, wherein, it is described other Subscriber identity information at least includes address of theenduser, user's name;
The application interactive module, all subscriber identity informations that the identification module is sent are together Feed back to the third party.
Alternatively, said apparatus also include:
Identity information module, preserves all subscriber identity informations of terminal unit, and from the client of operator Relationship management system obtains and updates the subscriber identity information of terminal unit, makes the subscriber identity information of preservation The newest subscriber identity information for possessing actual with operator is consistent.
Alternatively, said apparatus also include:
Access authentication module, receives what third party was initiated for terminal unit in the application interactive module When user identity identification is asked, access authentication is carried out to the client of the terminal unit and user authorizes;
The body identification module, only the client in the terminal unit passes through access authentication and user authorizes When, just generate the user identity inquiry request.
The invention also discloses a kind of device of identification terminal equipment user identity, the device at least includes:
First module, when receiving the Rx interface message of only carried terminal IP address of equipment, it is determined that described Rx interface message is identity lookup request message, according to the IP address in the identity lookup request message, Inquire about the subscriber identity information corresponding to the IP address;
The subscriber identity information for being inquired is fed back to terminal by the second module.
Alternatively, in said apparatus, the subscriber identity information at least includes mobile subscriber's international number MSISDN and international mobile subscriber identity IMSI.
Technical scheme provides a kind of method of identification terminal equipment user identity and its corresponding dress Put, the user identity identification ability of operator is opened to third party APP, third party APP can lead to Cross user identity identification ability API to operator to be called, you can to realize user's identification and user Authentication function.By technical scheme, on the one hand, can be by the identity tag of provider customer (MSISDN phone numbers and IMSI number) is extended in the various APP of third party, content, can be Under various big data scenes, play an important role;On the other hand, can be by the identity of provider customer Mark is applied to the scenes such as the user identity identification under various mobile Internet scenes, user authentication mandate, APP is allowd directly to obtain MSISDN phone numbers and the IMSI number of user by network, will Provider customer's account develops into across the general identification number in mobile network and internet, penetrates into each Mobile Internet application is planted, can infinitely amplify MSISDN phone numbers and IMSI that operator is managed The value of number, is made and is equal to super the Internet APP, or even surmounts super the Internet APP Killer strategic resource.
Description of the drawings
Fig. 1 is a kind of apparatus structure schematic diagram of identification terminal equipment user identity in the present embodiment;
Fig. 2 is a kind of network site figure of identification terminal equipment user identity device in the present embodiment;
Fig. 3 is a kind of fundamental diagram of identification terminal equipment user identity in the present embodiment;
Fig. 4 is a kind of business process map of identification terminal equipment subscriber identity information in the present embodiment;
Fig. 5 is a kind of operation flow of the detailed identity information of identification terminal equipment user in the present embodiment Figure.
Specific embodiment
For making the object, technical solutions and advantages of the present invention become more apparent, below in conjunction with accompanying drawing pair Technical solution of the present invention is described in further detail.It should be noted that in the case where not conflicting, this Feature in the embodiment and embodiment of application arbitrarily can be mutually combined.
Embodiment 1
The present embodiment provides a kind of method of identification terminal equipment user identity, only need to provide terminal unit and connect Enter private network IP (the Private Internet protocol) address being allocated during mobile network, you can made MSISDN (i.e. phone number, the full name registered at operator with the terminal unit of the IP address Mobile Subscriber International ISDN, wherein ISDN is ISDN, is The abbreviation of Integrated Service Digital Network) and IMSI (International Mobile Subscriber Identification Number, i.e. international mobile subscriber identity, are stored in mobile phone SIM It is in card, unique in the whole network and the whole world) and more detailed subscriber identity information, reach identification terminal and set The purpose of standby user identity.
Specifically, said method includes following operation:
Step 100:When receiving the user identity identification request that third party is initiated for terminal unit, root User identity inquiry request is generated according to the user identity identification request, please by the user identity for being generated inquiry Ask and be sent to PCRF;
Wherein, the IP address of the terminal unit is only carried in the user identity inquiry request for being generated, with Indicate that PCRF, according to the IP address in identity lookup request message, returns the use corresponding to the IP address Family identity information.
Specifically, this user identity inquiry request can be Rx interface message, it is to be noted that, this Rx The private network IP address of a carried terminal equipment in interface message, and business and media information is not carried, so, PCRF will recognize this Rx interface message for user identity inquiry request, rather than once common charging Or policy request message.
Step 200:When the subscriber identity information of PCRF feedbacks is received, the user identity for receiving is believed The third party that breath feeds back to.
In the step, the subscriber identity information of PCRF feedbacks at least includes MSISDN and IMSI.
Some schemes have been proposed that except PCRF feedback subscriber identity information in addition to, acquisition can also be inquired about To other users identity information, such as information such as user's name, address of theenduser, at this point it is possible to by PCRF The subscriber identity information of feedback and the follow-up other users identity information for obtaining feed back to third party i.e. in the lump Can.
Wherein, " other users identity information " above-mentioned can in real time from the customer relationship of operator Management system is obtained and is updated, so that it is guaranteed that " the other users identity information " involved by this patent and reality The synchronization of border user profile.
It should also be noted that in view of the safety of subscriber identity information, therefore third party is being received for eventually When the user identity identification that end equipment is initiated is asked, access can be carried out to the client of this terminal unit and be recognized Card and user authorize, only when the client of terminal unit has passed through access authentication and user authorizes, then root User identity inquiry request is generated according to user identity identification request, and please by the user identity for being generated inquiry Ask and be sent to PCRF.
Embodiment 2
The present embodiment provides a kind of device of identification terminal equipment user identity, and which is based on PCC frameworks (PCC frameworks are defined in 23.203 specifications of 3GPP TS, and its full name is:Policy and Charging control architecture), make full use of the PCRF nets of Operator Core Network PCC frameworks Charging and policy control interface (the i.e. Rx of 29.214 specifications of 3GPP TS definition that unit is provided to operation layer Interface, hereafter referred to collectively as Rx interface) function, by being extended on operational mode to Rx interface, The letter such as private network IP address of a carried terminal equipment i.e. in the Rx request messages for issue core net PCRF Breath, does not carry business and media information, and to allow core net PCRF to know, this is not once common meter Take or policy request message, but want which according to private network IP address in request message, return private network IP The MSISDN of the terminal user corresponding to address and IMSI information.Meanwhile, the present invention is realized Identification terminal equipment user identity device to third party APP provide identification interface, receive the 3rd Terminal user's identification request that square APP is initiated, extracts the private network IP ground in request message Location, and base identity information identification, or detailed identification information identification is carried out according to requirement in request message, After the MSISDN and IMSI information for obtaining terminal user by core net PCRF, specific aim Carry out identification response, return corresponding base identity information (MSISDN and IMSI information) Or detailed identification information (in addition to MSISDN and IMSI information, address of theenduser, user's name etc.), Realize the identity recognition function to terminal unit.
Wherein, involved terminal unit can various placed operator SIM (subscriber Identity module) card or similar user account card fixation or the electronic equipment of movement.Specifically, The device that the present embodiment is provided at least is included using interactive module, identification module and network interaction module.
Using interactive module, identification interface is opened to third party, received from including setting positioned at terminal What the identification request or external server background system that the client application of standby upper installation is initiated was initiated Identification request message, after processing to identification request message, is sent to identification module, And the user identity letter of the terminal unit inquired about by identification request message is fed back to the third party Breath.
Identification module, the IP address of the terminal unit provided based on client, and according to operator's core The AA-Request order features of the Rx interface of heart net PCRF systems, organizational identities inquiry request message, Docked with core net PCRF by network interaction module, initiate identity lookup request, indicate PCRF roots According to the IP address provided in AA-Request request messages, the user identity corresponding to the IP address is returned Information (at least including MSISDN and IMSI information), and please from the user identity inquiry for receiving The subscriber identity information of the terminal unit inquired about by the third party is obtained in the response asked and is sent to described Using interactive module.
Wherein, when the IP address of terminal unit is that concrete terminal unit is surfed the Net by wireless network, core net Distribute for which, core net saves distributed terminal device IP address and its corresponding MSISDN And IMSI information.
Network interaction module, receives the request message of identification module, and adaptation core net PCRF is based on The request message is issued PCRF by the Rx interface message of Diameter, meanwhile, receive PCRF The response message of the user identity inquiry request of return, and disappear to the corresponding response of identification module return Breath.
Preferably, above-mentioned identification module, can be with the response according to user identity inquiry request Subscriber identity information identifies other users identity information (such as address of theenduser, user's name etc.), And the subscriber identity information for receiving and the other users identity information for identifying are fed back to into the application together Interactive module.Now, using interactive module, all subscriber identity informations that identification module is sent Third party is fed back to together.
In addition, said apparatus also include identity information module, all user identity letters of terminal unit are preserved Breath, and the subscriber identity information of terminal unit is obtained and is updated from the CRM system of operator, Make the subscriber identity information and the actual newest subscriber identity information one for possessing of operator in identity information module Cause.
Said apparatus can also include access authentication module, and now, body identification module, according to initiation identity Client (including the client application and external system) information of identification request, calls access authentication module Interface, carry out access authentication to client, and receive the authentication result of access authentication module return.If Access authentication module returning result shows that certification passes through, then identification module just initiates follow-up identification Operation.
Access authentication module, receives the access authentication request that identification module sends, according to request message The client-side information of the identification request message of middle offer, determines whether legal client and is The no request message for meeting rule requirement sent for legitimate client, next according to client case, Determine whether to ask this identification, initiating terminal equipment user authorizes, i.e. access authentication mould Block is initiated to be authorized with user and is interacted, and after obtaining user's agreement, just can be returned to identification module and be accessed Certification success.Above-mentioned access authentication and user for client is authorized after all successfully completing, and is known to identity Other module returns access authentication response, and confirmation result is success or failure.
Being embodied as said apparatus is illustrated below in conjunction with the accompanying drawings.
The device of the identification terminal equipment user identity that Fig. 1 is provided in showing priority scheme, its mainly by Including using the friendship of interactive module, identification module, identity information module, access authentication module and network Mutually totally 5 modules are constituted module.
Using interactive module, identification interface is opened to third party, reception is included on terminal unit Client application or terminal user's body for initiating in interior client of external server background system Part identification request, is used for carrying out the client-side information of access authentication and for carrying out in extracting request message The terminal device IP address information of identification, verifies the client-side information form and IP in request message Address format, after format check passes through, sends identification request message to identification module.
Identification module, receives the identification request message for carrying out self-application interactive module, and according to body The client-side information of the request message is initiated in part identification request message, calls the interface of access authentication module, Access authentication is carried out to client, and receives the authentication result of access authentication module return.If access authentication Module returning result shows that certification passes through, then identification module determines whether the terminal that client is provided IP address of equipment, judges IP address type for IPV4 address styles or IPV6 address styles, and root According to the AA-Request order fill requests of the Rx interface of Operator Core Network PCRF systems, accordingly Identity lookup request message is filled in, is docked with core net PCRF by network interaction module, initiate identity Inquiry request, indicates that PCRF, according to the IP address provided in AA-Request request messages, is returned eventually The identity information of end equipment user, the MSISDN and IMSI information including terminal unit.Due to often Station terminal equipment access wireless network, when being surfed the Net, core net will be every station terminal equipment distribute its IP address in wireless network, and core net saves the MSISDN and IMSI of every station terminal equipment simultaneously Information, therefore, core net PCRF can return IP address in the response message and its corresponding terminal sets Standby MSISDN and IMSI information, identification module by obtain terminal unit above-mentioned IP address, After MSISDN and IMSI information, to the client of request, according to the requirement of request message, return MSISDN or IMSI while returns MSISDN and IMSI.Preferably, can be by identity Information module, returns detailed other users identity information (such as information such as user's name, address of theenduser), The identification of the identity information registered in completing operator of the terminal unit corresponding to which.
Identity information module, preserves the identity information of terminal user, and supports the client from operator Relationship management system updates and obtains newest terminal user's identity information, it is ensured that system information and reality User profile is consistent.
Access authentication module, receives the access authentication request that identification module sends, according to request message The client-side information of the identification request message of middle offer, determines whether legal client and is The no request message for meeting rule requirement sent for legitimate client, next according to client case, Determine whether to ask this identification, initiating terminal equipment user authorizes, i.e. access authentication mould Block is initiated to be authorized with user and is interacted, and after obtaining user's agreement, just can be returned to identification module and be accessed Certification success.Above-mentioned access authentication and user for client is authorized after all successfully completing, and is known to identity Other module returns access authentication response, and confirmation result is success or failure.
Network interaction module, supports to internal identification module interface protocol and external core network PCRF The interface protocol of system is adapted to, by the identification request message of the identification module for receiving, Rx interface message based on Diameter that PCRF systems are supported is converted into, meanwhile, will Core net PCRF returns the Rx interface notification message of Rx interface response message or initiation, is converted into inside The interface protocol supported by identification module, realizes the interacting message between the system of inside and outside.
Fig. 2 show the position that the device of identification terminal equipment user identity is placed in network.201, it is located at The client application of terminal unit passes through wireless network and the Internet and terminal user's identity recognition device Between user identity identification request and response message interact;202, the background system in server leads to The user identity identification request crossed between the Internet and terminal user's identity recognition device and response message Interaction;203, terminal user's identity recognition device is by operator's internal network and core net PCRF Between user identity identification request and response message interact;204, terminal user's identity recognition device Interacted with the CRM system of operator by operator's internal network.
Fig. 3 is the fundamental diagram of the device of shown identification terminal equipment user identity.
301, the application interactive module opening identification of the device of identification terminal equipment user identity connects Mouthful, while supporting two class interface of Restful agreements and soap protocol.Client positioned at terminal unit should With calling using interactive module opening identification Restful protocol interfaces, identification terminal equipment is asked The device of user identity is identified to the identity of terminal user, and obtains identification object information.
301 ', the application interactive module opening identification of the device of identification terminal equipment user identity Interface, while support two class interface of Restful agreements and soap protocol.The backstage of externally-located server System is called using interactive module opening identification Restful agreements or soap protocol interface, please Ask the device of identification terminal equipment user identity to be identified the identity of terminal user, and obtain body Part recognition result information.
302, after receiving the user identity identification request of client initiation using interactive module, perform this mould The respective logic of block definition is processed, and then the identification interface between identification module is interacted, Interacted by the identification interface between identification module using interactive module, known to identity Other module sends identity and is identified request.
303, identification module performed this module definition respective logic process after, by with access The exposed access authentication interface of authentication module is docked, for client this time identification ask into Row access authentication, after access authentication module completes the respective logic process of this module definition, to identification Module return authentication result.
304, identification module by the message passing interface between network interaction module, to core net PCRF initiates identification request.Identification module is defined according to this internal interface, by terminal unit User identity identification message transmission gives network interaction module, and is receiving core net by network interaction module After the identification response that PCRF is returned, identification result is returned to by identification by this interface Module.
305, the Rx interface between network interaction module and core net PCRF, network interaction module pass through This interface, the Rx interface of the Diameter of adaptation docking core net PCRF, carries out inside and outside system The protocol adaptation conversion of system, asks identification to core net PCRF, and receives core net PCRF to return The identification response message returned.
306, the specific requirement (PCRF that identification module is asked according to terminal user's identification The subscriber identity information of feedback, or other users identity information), it is determined whether with identity information module Interact, by MSISDN, the in-depth identity letter of terminal user is obtained from identity information module Breath.
307, identity information module by the interface between CRM system, from customer relationship pipe Reason system obtains terminal user's detailed identification information.
Fig. 4 show the operation flow of identification terminal equipment subscriber identity information.
401, terminal user is in registration or using the client application on terminal unit or is located at During external system on background server, client application or external system are needed defeated by hand without the need for user Enter and phone number is provided, obtain the phone number MSISDN and IMSI of terminal unit, to confirm to use Family identity, therefore client application or external system initiate to set terminal to terminal unit identity recognition device The request of standby user identification.Client application or external system is carried in request message from terminal unit Upper acquisition, accessed the private network IP address that distributed of wireless network and client application or outer by terminal unit The information of portion's system, request return the MSISDN and IMSI of the terminal unit corresponding to the IP address;
402, the division of labor of the terminal unit identity recognition device according to internal each module, after completing corresponding process, Ask to the identification of PCRF initiating terminals equipment identities, the private network IP ground of carried terminal equipment in request message Location, does not carry business, media information, so that core net PCRF can know that this is not once common meter Take or policy request message.If there are the feelings for repeating by the private network IP address that terminal unit distributes in core net Condition, then carry IP address domain information, it is ensured that allow core net PCRF can by private network IP address and IP address domain, uniquely determines terminal unit identity to be identified;
403, the request message that core net PCRF is sent according to terminal unit identity recognition device, in response MSISDN and IMSI number is returned in message;
404, terminal unit identity recognition device returns terminal unit identity to client application or external system Identification response message.
Wherein response message is required according to the specific object and its request of client application or external system, MSISDN, or IMSI, or MSISDN and IMSI, or MSISDN and IMSI can be included And user's detailed identification information.
Fig. 5 show the operation flow of other identity informations of identification terminal equipment user.
501, terminal user is in registration or using the client application on terminal unit or is located at During external system on background server, client application or external system need core according to concrete scene The phone number MSISDN and acquisition terminal user of real terminal unit owning user is in operator The detailed identification information registered, initiates to terminal user's identity to terminal unit identity recognition device The request of identification.Carry in request message it is that client application or external system are obtained from terminal unit, The IP address distributed by terminal unit access wireless network and the information of client application or external system, Request returns MSISDN, IMSI and terminal user of the terminal unit corresponding to the IP address and exists The detailed identification information registered by operator;
502, after each module inside terminal unit identity recognition device completes corresponding process, to PCRF The identification request of initiating terminal equipment identities, in request message, the private network IP address of carried terminal equipment, does not take Band business, media information, so that core net PCRF can know that this is not once common charging or strategy Request message.If be present situation about repeating by the private network IP address that terminal unit distributes in core net, then take Band IP address domain information, it is ensured that core net PCRF can pass through private network IP address and IP address domain, Uniquely determine terminal unit identity to be identified;
503, the request message that core net PCRF is sent according to terminal unit identity recognition device, in response MSISDN and IMSI is returned in message.Terminal unit identity recognition device is returned by core net MSISDN, inquires about its User Detail obtained from CRM system.If not finding, Step 504 is turned to then;If having found User Detail, step 506 is turned to;
504, terminal unit identity recognition device according to the MSISDN information for being obtained, from customer relationship Management system inquires about the detailed identification information of the user;
505, it is corresponding that CRM system returns MSISDN to terminal unit identity recognition device Subscriber identity information;
506, terminal unit identity recognition device returns terminal unit identity to client application or external system Identification response message, comprising MSISDN and IMSI number and other subscriber identity informations, other use Family identity information may include the identity card of user or social security number information, set meal consumption information etc..
Embodiment 3
The present embodiment provides a kind of device of identification terminal equipment user identity, and which is placed in core net PCRF sides, which is used in combination with the device in above-described embodiment 2, can recognize that user's body of terminal unit Part.Which at least includes following two modules.
First module, when receiving the Rx interface message of only carried terminal IP address of equipment, determines Rx Interface message is identity lookup request message, and according to the IP address in identity lookup request message, inquiry should Subscriber identity information corresponding to IP address;
Wherein, as current Rx interface message generally comprises the private network IP address of terminal unit, and Business and media information, and in the Rx interface message in the present embodiment a carried terminal equipment private network IP Address, and when not carrying business and media information, you can determine that this Rx interface message is that user identity is looked into Ask request.
The subscriber identity information for being inquired is fed back to terminal by the second module.
Wherein, the subscriber identity information for being inquired at least includes MSISDN and IMSI.
From above-described embodiment as can be seen that technical scheme creatively utilizes Operator Core Network The function provided to the Rx interface message that operation layer is provided by PCRF network elements, by transporting to Rx interface It is extended with mode, i.e., the carried terminal equipment in the Rx request messages for issue core net PCRF Private network IP address, do not carry business, media information, to allow core net PCRF can know that, this is not Once common charging or policy request message, as long as but return corresponding to the private network IP of terminal unit The identity information of terminal user.The method and apparatus provided by the present invention, client application or outer When portion's system is in user's registration or using its business, if desired confirms or subscriber phone number is provided MSISDN, it is possible to obtain automatically the identity information of terminal unit, it is to avoid user manually enters cell-phone number Code MSISDN, reduces the situation of interactive step, effectively improves current mobile Internet and apply The friendly commenced business and ease for use, improve interactive experience of the user using application, meanwhile, also effectively The user account number of operator as a kind of important identity account number in mobile Internet ecosystem, is carried by ground Rise right of speech of the operator in mobile Internet value chain.
Importantly, provider customer's account can be developed into by the device provided by the application Across the identification number that mobile network and internet are general, various mobile Internet applications are penetrated into, can be with MSISDN phone numbers and the value of IMSI number that unlimited amplification operator is managed, make It is equal to super the Internet APP, or even surmounts the Killer strategic resource of super the Internet APP.Can Greatly to strengthen Consumer's Experience, network value is played to greatest extent, create profit, strengthen operator The market competitiveness.
One of ordinary skill in the art will appreciate that all or part of step in said method can pass through program To instruct related hardware to complete, described program can be stored in computer-readable recording medium, such as read-only Memorizer, disk or CD etc..Alternatively, all or part of step of above-described embodiment can also be used One or more integrated circuits are realizing.Correspondingly, each module/unit in above-described embodiment can be adopted The form of hardware is realized, it would however also be possible to employ the form of software function module is realized.The application is not restricted to appoint The combination of the hardware and software of what particular form.
The above, preferred embodiments only of the invention are not intended to limit the protection model of the present invention Enclose.All any modification, equivalent substitution and improvements within the spirit and principles in the present invention, done etc., Should be included within the scope of the present invention.

Claims (14)

1. a kind of method of identification terminal equipment user identity, its feature exist, and the method includes:
When receiving the user identity identification request that third party is initiated for terminal unit, according to the user Identification request generates user identity inquiry request, and the user identity inquiry request for being generated is sent to Core net PCRF, wherein, carries the IP address of the terminal unit in the user identity inquiry request, PCRF is indicated according to the IP address in the identity lookup request message, return the IP address institute right The subscriber identity information answered;
When the subscriber identity information of the PCRF feedbacks is received, the subscriber identity information for receiving is fed back The third party for giving.
2. the method for claim 1, it is characterised in that
The subscriber identity information is at least including mobile subscriber's international number MSISDN and international mobile use Family identification code IMSI.
3. the method for claim 1, it is characterised in that
The user identity inquiry request is Rx interface message.
4. the method as described in any one of claims 1 to 3, it is characterised in that methods described also includes:
When the subscriber identity information of the PCRF feedbacks is received, according to the user of PCRF feedbacks Identity information identifies other users identity information, by the subscriber identity information for receiving and identify other Subscriber identity information feeds back to the third party together;
Wherein, the other users identity information at least includes address of theenduser, user's name.
5. method as claimed in claim 4, it is characterised in that methods described also includes:Preserve terminal All subscriber identity informations of equipment, and obtain and more new terminal from the CRM system of operator The subscriber identity information of equipment, makes the subscriber identity information of preservation and the actual newest user for possessing of operator Identity information is consistent.
6. method as claimed in claim 4, it is characterised in that receive third party for terminal unit When the user identity identification of initiation is asked, methods described also includes:
Access authentication is carried out to the client of the terminal unit and user authorizes;
When the client of the terminal unit passes through access authentication and user authorizes, further according to the user Identification request generates user identity inquiry request, and the user identity inquiry request for being generated is sent To the PCRF.
7. a kind of device of identification terminal equipment user identity, it is characterised in that the device at least includes should With interactive module, identification module and network interaction module, wherein:
The application interactive module, opens identification interface to third party, receives third party and is directed to terminal The identification request message that equipment is initiated, and to third party feedback identification request message institute The subscriber identity information of the terminal unit of inquiry;
The identification module, generates user identity according to received identification request message and looks into Request is ask, the IP address of the terminal unit wherein, in the user identity inquiry request, is carried, to refer to Show that PCRF, according to the IP address in the identity lookup request message, is returned corresponding to the IP address Subscriber identity information, and the third party is obtained from the response of the user identity inquiry request for receiving The subscriber identity information of the terminal unit inquired about simultaneously is sent to the application interactive module;
The user identity inquiry request for being generated is sent to core net PCRF by the network interaction module, And receive PCRF return user identity inquiry request response, by the user identity inquiry request Response returns to the identification module.
8. device as claimed in claim 7, it is characterised in that
The subscriber identity information is at least including mobile subscriber's international number MSISDN and international mobile use Family identification code IMSI.
9. device as claimed in claim 7, it is characterised in that
The user identity inquiry request is Rx interface message.
10. the device as described in any one of claim 7 to 9, it is characterised in that
The identification module, always according to the subscriber identity information in the response of user identity inquiry request Other users identity information is identified, by the subscriber identity information for receiving and the other users identity for identifying Information feeds back to the application interactive module together, and wherein, the other users identity information at least includes Address of theenduser, user's name;
The application interactive module, all subscriber identity informations that the identification module is sent are together Feed back to the third party.
11. devices as claimed in claim 10, it is characterised in that described device also includes:
Identity information module, preserves all subscriber identity informations of terminal unit, and from the client of operator Relationship management system obtains and updates the subscriber identity information of terminal unit, makes the subscriber identity information of preservation The newest subscriber identity information for possessing actual with operator is consistent.
12. devices as claimed in claim 10, it is characterised in that described device also includes:
Access authentication module, receives what third party was initiated for terminal unit in the application interactive module When user identity identification is asked, access authentication is carried out to the client of the terminal unit and user authorizes;
The body identification module, only the client in the terminal unit passes through access authentication and user authorizes When, just generate the user identity inquiry request.
13. a kind of devices of identification terminal equipment user identity, it is characterised in that the device at least includes:
First module, when receiving the Rx interface message of only carried terminal IP address of equipment, it is determined that described Rx interface message is identity lookup request message, according to the IP address in the identity lookup request message, Inquire about the subscriber identity information corresponding to the IP address;
The subscriber identity information for being inquired is fed back to terminal by the second module.
14. devices as claimed in claim 13, it is characterised in that the subscriber identity information is at least wrapped Include mobile subscriber's international number MSISDN and international mobile subscriber identity IMSI.
CN201510570314.XA 2015-09-09 2015-09-09 Method and device for identifying subscriber identity of terminal equipment Withdrawn CN106534040A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201510570314.XA CN106534040A (en) 2015-09-09 2015-09-09 Method and device for identifying subscriber identity of terminal equipment
PCT/CN2016/086028 WO2017041562A1 (en) 2015-09-09 2016-06-16 Method and device for identifying user identity of terminal device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510570314.XA CN106534040A (en) 2015-09-09 2015-09-09 Method and device for identifying subscriber identity of terminal equipment

Publications (1)

Publication Number Publication Date
CN106534040A true CN106534040A (en) 2017-03-22

Family

ID=58239843

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510570314.XA Withdrawn CN106534040A (en) 2015-09-09 2015-09-09 Method and device for identifying subscriber identity of terminal equipment

Country Status (2)

Country Link
CN (1) CN106534040A (en)
WO (1) WO2017041562A1 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106921957A (en) * 2017-03-23 2017-07-04 中国联合网络通信集团有限公司 The recognition methods of secondary number of distributing telephone numbers and device
CN109768947A (en) * 2017-11-09 2019-05-17 中国移动通信有限公司研究院 A kind of method for authenticating user identity, device and medium
CN110049106A (en) * 2019-03-22 2019-07-23 口碑(上海)信息技术有限公司 Service request processing system and method
CN110856164A (en) * 2018-08-21 2020-02-28 中国电信股份有限公司 User identification method, server and system
CN111132122A (en) * 2019-12-18 2020-05-08 南京熊猫电子股份有限公司 Method for recognizing multi-system terminal user information based on short distance and mobile terminal sensing system

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3402238A1 (en) 2017-05-09 2018-11-14 Giesecke+Devrient Mobile Security GmbH Efficient user authentications
CN107798601A (en) * 2017-12-08 2018-03-13 四川安亮科技有限公司 A kind of financial information inquiry terminating machine
CN112565053B (en) * 2020-12-01 2022-06-10 武汉绿色网络信息服务有限责任公司 Method, device, service system and storage medium for identifying private network user
US11991525B2 (en) 2021-12-02 2024-05-21 T-Mobile Usa, Inc. Wireless device access and subsidy control

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102857485A (en) * 2012-03-22 2013-01-02 孙银海 System and method capable of showing authentication success of website
CN103107976A (en) * 2011-11-10 2013-05-15 中国电信股份有限公司 Content provider/service provider (CP/SP) user identification authentication method and system and authentication support device
CN103812836A (en) * 2012-11-12 2014-05-21 孙银海 System and method for website to send user reserved information

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006016009A1 (en) * 2004-07-07 2006-02-16 France Telecom Method and device for processing a domain name translation request
WO2008092358A1 (en) * 2007-01-29 2008-08-07 Huawei Technologies Co., Ltd. A strategy performing method, system and network element

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103107976A (en) * 2011-11-10 2013-05-15 中国电信股份有限公司 Content provider/service provider (CP/SP) user identification authentication method and system and authentication support device
CN102857485A (en) * 2012-03-22 2013-01-02 孙银海 System and method capable of showing authentication success of website
CN103812836A (en) * 2012-11-12 2014-05-21 孙银海 System and method for website to send user reserved information

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106921957A (en) * 2017-03-23 2017-07-04 中国联合网络通信集团有限公司 The recognition methods of secondary number of distributing telephone numbers and device
CN106921957B (en) * 2017-03-23 2019-10-18 中国联合网络通信集团有限公司 The recognition methods of secondary number of distributing telephone numbers and device
CN109768947A (en) * 2017-11-09 2019-05-17 中国移动通信有限公司研究院 A kind of method for authenticating user identity, device and medium
CN110856164A (en) * 2018-08-21 2020-02-28 中国电信股份有限公司 User identification method, server and system
CN110856164B (en) * 2018-08-21 2022-08-30 中国电信股份有限公司 User identification method, server and system
CN110049106A (en) * 2019-03-22 2019-07-23 口碑(上海)信息技术有限公司 Service request processing system and method
CN111132122A (en) * 2019-12-18 2020-05-08 南京熊猫电子股份有限公司 Method for recognizing multi-system terminal user information based on short distance and mobile terminal sensing system

Also Published As

Publication number Publication date
WO2017041562A1 (en) 2017-03-16

Similar Documents

Publication Publication Date Title
CN106534040A (en) Method and device for identifying subscriber identity of terminal equipment
CN102812665B (en) Pluggable token provider model to implement authentication across multiple web services
CN102970362B (en) The method of a kind of high in the clouds data sharing and device
US10320753B1 (en) Method and system for providing persona masking in a computer network
US8756657B2 (en) Mobile or user device authentication and tracking
CN103826226A (en) Method and device for controlling wireless internet access
EP3162104B1 (en) A method to authenticate calls in a telecommunication system
CN103944737A (en) User identity authentication method, third-party authentication platform and operator authentication platform
CN101990183A (en) Method, device and system for protecting user information
CN103414740B (en) A kind of private cloud account configuration method and device
CN105307169A (en) Access method, device and system for guest network
CN105681258B (en) Session method and conversational device based on third-party server
CN108737585A (en) The distribution method and device of IP address
CN106254319B (en) Light application login control method and device
CN107534666A (en) The conversion of domain in IMS network
CN104735027A (en) Safety authentication method and authentication certification server
CN103716772A (en) Service processing method, device and communication system
CN104125221B (en) IMS (IP (Internet Protocol) multimedia subsystem) terminal equipment multiple soft-terminal resource sharing and application collaborative device and method
CN107889194A (en) Obtain, provide method, equipment and the medium of WAP access information
CN102104603A (en) Method, system and device for registering mobile terminal in WEB server
CN104009850B (en) A kind of method for authenticating user identity and system
CN104469770B (en) Towards WLAN authentication methods, platform and the system of third-party application
CN108696860A (en) Virtual SIM card implementation method, device, SIM servers and terminal
CN109863790A (en) The WLAN discovery and selection of cellular network auxiliary
CN102891831A (en) Implement method of multimedia conferencing service and related equipment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20170322