Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be described in further detail with reference to the accompanying drawings, and it is apparent that the described embodiments are only a part of the embodiments of the present invention, not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Various aspects are described herein in connection with a terminal and/or a base station. Terminals, devices (devices) that provide voice and/or data connectivity to a user, including wireless terminals or wired terminals. The wireless terminal may be a handheld device having wireless connection capabilities, or other processing device connected to a wireless modem, a mobile terminal communicating with one or more core networks via a radio access network. For example, wireless terminals may be mobile telephones (or "cellular" telephones) and computers with mobile terminals. As another example, a wireless terminal may be a portable, pocket, hand-held, computer-included, or vehicle-mounted mobile device. For another example, the wireless terminal may be a mobile station (mobile station), an access point (access point), or a User Equipment (UE).
As shown in fig. 1, an embodiment of the present invention provides a novel system for implementing private network communication, where the system includes: a micro base station, a gateway and a shielding device;
the shielding device is used for shielding wireless signals of each frequency band of a non-private network type in the coverage area of the micro base station and shielding wireless signals of a private network type and a non-private network frequency band in the coverage area of the micro base station;
the micro base station is used for receiving an uplink signal sent by a first terminal, and if the first terminal is determined to be a terminal in a white list set, the uplink signal is sent to public network core network equipment through the gateway;
the micro base station is further configured to receive a downlink signal sent by the public network core network device, and send the downlink signal to a second terminal if it is determined that the second terminal corresponding to the downlink signal is a terminal in a white list set.
The core network device of the public network, namely the operator core network, is the core component of the system for providing normal wireless communication service, and the core network of the operator mainly has the functions of providing user interface connection, managing users and completing bearing of services, and is used as an interface for providing a bearing network to an external network. The establishment of the user connection includes mobility management, call management, switching/routing, voice notification (connection to intelligent network peripheral equipment is completed in conjunction with intelligent network services), and other functions. The user management includes the description of the user, Qos (Quality of Service), user communication record, and security (the provision of corresponding security measures by the authentication center includes security management for mobile services and security processing for external network access). Bearer connections include PSTN (Public Switched Telephone Network) to the outside, external circuit data networks and packet data networks, the internet and intranets, etc.
The micro base station is a single-mode micro base station and only serves for covering wireless signals of one system of one operator. In addition, in general, in the places needing shielding, such as prisons, examination rooms and the like, few users are allowed to communicate, and therefore, single-mode micro base station coverage is adopted. Moreover, the frequency points can be configured very rarely, so that a small section of frequency band of one standard is selected, the frequency spectrum resources are saved, and the cost is reduced. For example, the GSM standard 1M bandwidth of 900MHz of china mobile can be selected for wireless communication of private network. The single-mode micro base station can be connected with the gateway and the indoor distribution subsystem at the same time, and then is accessed to the public network core network equipment through the soft switch gateway, so that the downlink signal of the public network core network equipment covers the indoor terminal through the single-mode micro base station through the indoor distribution subsystem, and in addition, the single-mode micro base station transmits the uplink signal of the terminal in the indoor distribution subsystem to the operator core network, so that a normal and complete uplink and downlink wireless communication link is formed.
The shielding device can select a multi-mode signal shielding device, the multi-mode signal shielding device is a multi-mode multi-band signal source, and comprises 2G, 3G and 4G signal sources, all operators and frequency bands are covered, wireless signals of all systems and all frequency bands of various operators except the system and the frequency band where a private network is located can be shielded, and the shielded area is ensured to be covered without blind spots. If the specific frequency band of the multi-mode multi-band signal source comprises: moving in China: GSM: 890-909/935-954 MHz; TD-SCDMA: 2010-2025 MHz; TD-LTE: 1880-1920MHz, 2575-2635MHz and 2300M-24000M; china Unicom: GSM: 909-915/954-960 MHz; WCDMA: 1950-1955/2130-2145 MHz; FDD-LTE: 1755-1765/1850-1860 MHz; 1955-1980/2145-2170 MHz; china telecom: FDD-LTE: 1755-1785/1850-1880 MHz; 1920-1940/2110-2130 MHz; CDMA: 870 and 880 MHz.
When the multimode signal shielding device is connected with the indoor distribution subsystem, the multimode multi-band shielding signals can be covered to an indoor specific area without blind spots, and the shielding processing of the terminal signals in the area is realized. The first shielding method is as follows: the multimode signal shielding device can emit various standard signal interference noise levels to deteriorate the signal-to-noise ratio of a macro base station signal of a public network, and according to the wireless communication principle, when the signal-to-noise ratio is lower than a certain threshold, a terminal cannot normally analyze the signal-to-noise ratio, namely the terminal displays no signal. The second shielding method may be to shield the mobile phones in the target area by using a "virtual base station". The virtual base station utilizes the technology of the mobile communication protocol layer, a shielding network is superposed on the network coverage of an operator, and a terminal in a target area is transferred from the operator network to the shielding network in modes of reselection and the like by methods of fine coverage, parameter adjustment and the like, so that the way of transmitting information (including conversation, short multimedia messages and data services) to the outside by the terminal is cut off, and the purpose of shielding communication signals of the operator is achieved. The shielding device equipment adopting a high-power full-frequency-band signal or virtual base station mode uniformly distributes shielding signals in an area to be shielded through an indoor deployment distribution subsystem, so that the shielding effect of the area to be shielded is achieved, and meanwhile, the interference of public network signals outside the area to be shielded is avoided. The indoor distribution subsystem is composed of an RRU (remote radio unit), an antenna feeder system and the like, and indoor seamless coverage of wireless signals is achieved.
In addition, besides normal shielding, some scenes also need to accurately capture the terminal identification of the illegal user on the basis of signal shielding, and timely collect and pay the terminals such as the mobile phone of the illegal user, so that greater destructive behavior is avoided. In order to implement this function, the embodiment of the present invention further enhances the function of the masker, so that the masker has a function of capturing the identifier of the terminal of the illegal user. The specific principle is as follows: according to the principle that a terminal is accessed into a core network, a multimode signal shielding device is used as a virtual base station to continuously send signaling such as position updating and request, so that illegal users are induced to be accessed into the virtual base station, and the users are always resident in the virtual base station. However, the virtual base station is not connected to the operator core network, so that normal wireless communication service functions, such as telephone and short message, cannot be completed. However, since the illegal user can be allowed to access the virtual base station, information such as IMSI (International Mobile subscriber identity Number) of the user can be captured by collecting uplink signals of the terminal, and since the position information of the user can be approximately obtained through the virtual base station, the terminal of the illegal user can be captured quickly.
As shown in fig. 2, the indoor distribution subsystem corresponding to the private network communication includes an RRU and an antenna feeder system. The indoor distribution subsystem is provided with a plurality of terminals, including an authorized mobile terminal, an unauthorized mobile terminal, a communication telecommunication terminal and the like. The method comprises the following steps that a shielding device and a micro base station are deployed on one indoor side, wherein white list communication control is achieved on the single-mode micro base station, and configuration, adding and deleting and the like of a specific white list user are operated on a communication control operation platform. And the shielding device is used for shielding the non-private network signals. In this way, the unauthorized mobile terminal and the connected telecommunication terminal cannot communicate normally because no signal is displayed. Only the authorized mobile terminal displays a signal, an uplink signal can be normally sent to the micro base station, because the micro base station obtains a white list user list and a corresponding IMSI signal sent by the management and control server in advance, when a mobile phone user accesses the single mode micro base station, the single mode micro base station can compare the obtained user IMSI signal with a white list IMSI base, if the matching with one IMSI in the IMSI base is successful, the user is allowed to access the single mode micro base station, normal communication can be achieved, otherwise, the user is not allowed to access, and normal communication cannot be achieved.
Fig. 3 is a schematic diagram illustrating a core-side deployment of an authorized communication system in a novel indoor wireless communication system according to an embodiment of the present invention; the single mode micro base station is accessed to the gateway subsystem through a main PTN device and a standby PTN device of a Packet Transport Network (PTN) bearer Network, the gateway subsystem is also in main backup and standby, the reliability of a core side system is ensured, and the gateway subsystem is accessed to a main core Network pool and a standby core Network pool through an IP bearer Network. The communication management and control server is generally deployed in a cloud, such as a core computer room, so that all application scenes can share one server, and the communication management and control operation platform is accessed to the communication management and control server through a PTN (packet transport network). For the reliability of communication, the communication management and control server is also backup.
For the indoor distribution subsystem, the old indoor distribution subsystem which is already deployed indoors can be directly utilized without redeployment, so that the system deployment cost is greatly reduced, and the practicability is good.
Furthermore, the shielding device reports the detected business behaviors to the control server in real time, the business behaviors are displayed on the control operation client, and when the business behaviors of the unauthorized users appear, the private network communication system can give out sound and light alarm to prompt an administrator to quickly capture the mobile phone of the unauthorized user, so that greater harm is avoided. The management and control operation client is further configured to generate a white list set, and send the white list set to a management and control server, where the white list set includes an identifier of at least one terminal. In addition, the management and control server is further configured to receive and store the white list set sent by the management and control operation client, and issue the white list set to the micro base station.
Specifically, the management and control server is connected with the gateway and the management and control operation client, and some management and control strategies are operated and stored on the management and control server through remote processing and control of the management and control operation client. The processing such as white list setting, increase and decrease, and the like, and the communication policy setting of the white list user include: only voice or short message or data service is allowed, voice and short message service is allowed, voice and data service is allowed, and the like.
Further, the management and control operation client is further configured to generate a management and control policy, where the management and control policy is used to control the function permission of the internal application program of the terminal in the white list set. That is to say, for a terminal in the white list, the management and control server issues a management and control policy to the terminal in the white list, which may control the switching of some application programs of the terminal in the terminal, for example, turning off functions such as bluetooth and short message, and turning on a call function.
The private network communication system can also comprise a network management server which is simultaneously connected with the gateway, the single-mode micro base station and the multi-mode signal shielding device to realize the functions of user interface management, user group management, software management, log management, system maintenance, parameter setting, alarm reporting, system function switching and the like of the gateway, the single-mode micro base station and the multi-mode signal shielding device, wherein a common network management interface is based on a TR-069 protocol.
Based on the same inventive concept, an embodiment of the present invention provides a flowchart of a method for implementing private network communication, and as shown in fig. 4, the method specifically includes:
step S101, a micro base station receives an uplink signal which is shielded by a shielding device and sent by a first terminal in a coverage area of the micro base station, wherein the shielding device shields wireless signals of each frequency band of a non-private network system in the coverage area of the micro base station and shields wireless signals of a private network system and a non-private network frequency band in the coverage area of the micro base station.
And step S102, the micro base station determines that the first terminal is a terminal in a white list set according to the uplink signal, and then sends the uplink signal to public network core network equipment through the gateway.
It should be noted that, before executing step S101, the micro base station receives the white list set issued by the management and control server, where the white list set includes an identifier of at least one terminal.
Further, the micro base station receives a downlink signal sent by the public network core network device; and the micro base station determines that a second terminal corresponding to the downlink signal is a terminal in a white list set according to the downlink signal, and then sends the downlink signal to the second terminal.
Further, the management and control server issues a management and control policy to the terminals in the white list, so that the terminals in the white list set internally include the management and control policy, and the management and control policy is used for controlling the function permission of the internal application program of the terminals in the white list set.
Specifically, the implementation method for private network communication provided by the embodiment of the present invention includes the following implementation steps:
firstly, selecting information such as an operator, a communication system, a communication frequency band and the like for private network wireless communication, for example, a 1805-1806 MHz frequency band of China Mobile DCS1800, which can be used for private network communication;
and step b, determining that the white list mobile phone users which can carry out private network communication and non-white list mobile phone users can not normally communicate. A white list can be set on the single-mode micro base station (in practical application, a communication control server issues a white list user list and a corresponding IMSI signal, and automatically configures the single-mode micro base station system), only the mobile phone in the white list can reside in the micro base station cell and allow communication, and other mobile phones cannot normally reside; based on an operator core network, a gateway subsystem, a single-mode micro base station and an indoor distribution subsystem, realizing normal communication service of white list users;
and c, based on the multimode signal shielding device and the indoor distribution subsystem, all shielding all other operators, communication systems and communication frequency bands which do not allow normal communication outside the private network, such as 1805-1806 MHz frequency bands of China Mobile DCS1800, and can be used for indoor normal communication, wherein the shielding comprises the following steps: china Unicom full-system full-band signals including GSM, DCS, WCDMA, LTE, etc.; shielding China telecom full-system full-band signals including CDMA, LTE and the like; the method is used for shielding all band signals of TD-LTE, TD-SCDMA and GSM 900MHz of China mobile, and shielding signals of the band 1806-1840 MHz of DCS1800MHz of China mobile.
D, the administrator realizes the addition and deletion processing of the white list user through the management and control operation client, and the management and control strategy can also be configured through the management and control operation client, and the strategy comprises the following steps: only voice or short message or data service is allowed, voice and short message service is allowed, voice and data service is allowed, and the like, and specific strategies and data are stored in the communication management and control server. Each user unit manages a white list of authorized communication independently and increases and decreases in time according to needs; in addition, only the mobile phone number of the operator allowed to communicate openly can apply for authorization, and the mobile phone numbers of other unauthorized operators cannot authorize. For example, white list users can only authorize normal communication by mobile phone numbers of China Mobile;
e, realizing full-system full-frequency band shielding of signals in a specific area based on the multimode signal shielding device and the indoor distribution subsystem; based on an operator core network, a gateway subsystem, a single-mode micro base station and an indoor distribution subsystem, wireless coverage of specific standard signals of a specific operator is achieved. Therefore, the embodiment of the invention provides a novel indoor wireless communication system, which realizes the functions of signal shielding of full-system full frequency bands and wireless communication of specific-system signals of specific operators.
To sum up, on one hand, the micro base station provides a mobile communication private network with a specific system and a specific frequency band, and the terminals in the white list are connected to the public network core network through the gateway after being accessed to the micro base station, so that the purpose that the terminals covered by the private network are accessed to the public network to carry out normal communication is realized; on the other hand, the embodiment of the invention also provides a shielding device which can shield the public network signals in the coverage area of the micro base station, thereby avoiding the network communication of illegal users in the coverage area of the micro base station.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.