JP2010273255A - Network system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To construct a communication quality management system, in which waste is reduced, capable of being introduced from an existent system with a low burden without providing any authority management server or policy setting server. <P>SOLUTION: In an internal network that a telecommunications entrepreneur provides, a quality control device is provided which is capable of managing the communication quality of a user, who is authorized for use, based on a user ID identifying the user, communication quality designation information designating the communication quality, and authentication key information and the quality control device transmits, to an access accommodation device or a network termination device, communication quality control information for actual quality control on the network corresponding to the designated communication quality designation information and executes a quality control execution means for actual communication. The user dynamically designates the communication quality designation information corresponding to the communication quality required at that time. The communication quality designation information is designated by the telecommunications entrepreneur or a network service provider beforehand. <P>COPYRIGHT: (C)2011,JPO&INPIT

Description

  The present invention relates to communication quality management in a communication service via a network.

  When individuals and many companies connect an electronic computer to the Internet, they connect to an Internet service provider (ISP) that provides a connection point to the Internet, and connect to the Internet through the ISP. Specifically, a user who wants to connect to the Internet, from an individual electronic computer to a telephone number held by a remote access server (RAS) installed by an ISP through a telephone line provided by a telecommunications carrier, A method of dialing up by Point-to-Point Protocol (PPP) and connecting to the Internet has been used.

  In recent years, the connection environment between an ISP and a personal electronic computer has become broadband, and the number of users who connect using a method such as ADSL or FTTH is increasing. In this case as well, the user can use a technique called PPPover Ethernet (PPPoE) to access a broadband access server, which is a type of RAS installed by the ISP, and connect to the Internet through a network provided by a telecommunications carrier. It has become.

  By the way, conventionally, information exchanged over an IP network represented by the Internet has been mainly used for browsing HTML-based Web pages and sending / receiving text-based mails. However, as the connection between the user's terminal and the access point becomes broadband, a new usage form utilizing a constantly connected high-speed line is born, and online transactions of securities, online games, and Pear to Pear. Various applications such as (P2P), streaming distribution of voice and moving images, voice communication such as Voice over IP (VoIP), and videophone are increasing. Some of these applications not only require high-speed lines, but require stable data communication. However, on the other hand, the amount of information exchanged over the Internet has increased dramatically due to broadbandization, and stable data communication may not be possible simply by processing information according to a queue. For this reason, it has been studied to perform communication quality control with priorities set in such a manner that data transmission / reception that requires stable communication quality is preferentially sent, and data that is not so is postponed.

  Examples of techniques for performing communication quality control on an IP network include the following. Non-Patent Document 1 defines Type of Service (TOS) that records priority in the header of an IP packet. Based on the recorded priority order, the packet is transmitted from a packet having a high priority.

  Non-Patent Document 2 defines Differentiated Services (DiffServ) that classifies traffic and guarantees communication quality for each class. For example, the service is divided into high-priority services such as gold, silver, and copper, or divided into media such as voice, image, video, and text.

  Non-Patent Document 3 defines Resource Reservation Protocol (RSVP) that is transmitted after a resource such as a bandwidth to a transmission destination is reserved in advance. In this method, signals are exchanged in advance between two computers that perform transmission and reception, and a bandwidth is secured in a router or the like on the transmission path. It is used when a constant transfer speed is always required in an application that requires real-time performance such as a video conference.

  Non-Patent Document 4 defines Multi-Protocol Label Switching (MPLS), which is a label switching transfer technology that performs data transfer at high speed using labels attached to packets instead of IP headers for routing. As a result, it is possible to perform more advanced communication quality control that is impossible when using an IP header. In particular, use in communication quality control in IP-VPN is considered.

  Most of the concrete communication quality management systems currently proposed are those that control the communication of the entire service, and the system sets priorities as necessary. Such a system is based on the idea of minimizing the load. For example, Patent Document 1 describes a system in which the system calculates the user's quality of experience and the system determines the priority order of quality control. This is a system designed for use in quality control of interactive video communication services.

  Patent Document 2 describes a quality measurement system in which the system itself measures the distribution quality in order to reduce the load for streaming distribution, and a system for performing quality-controlled streaming distribution using this system. Is described.

  It should be noted that such communication quality management is generally possible only in a network within a range that can be managed by a supplier to be managed, and does not manage the communication quality of the entire Internet. Actually, this is particularly effective in a network managed by a telecommunications carrier at a previous stage connected to the Internet, such as NGN.

JP 2007-221318 A JP 2007-324783 A

RFC1349 RFC2474 RFC2205 RFC3031

  However, all the systems currently proposed such as Patent Documents 1 and 2 allocate network resources for the convenience of the system, and users including application service providers (ASPs) transmit with a certain communication quality. When it was determined that this was necessary, it was not possible to specify and obtain a high-quality communication environment.

  Even if a system capable of designating such communication quality management from the user is designed based on a conventionally known method, the parameters used for communication quality control in Non-Patent Documents 1 to 4 described above are static. It is a typical thing and cannot respond to the request from the user as it is. If an attempt is made to respond, it is first necessary to authenticate whether or not the user has the authority for the request. As authentication for that purpose, authentication by a Web server, authentication by an RSVP module, authentication by other unique communication methods, and the like can be considered, but none of them is used for applications in which dynamic authentication is performed and communication quality is controlled.

  Further, in order to set a specific policy relating to communication quality control on a communication device, a method for manually setting information on each device, Simple Network Management Protocol (SNMP), or Common Open Policy Service (COPS: RFC2748). However, any of these methods are set by the system and are not suitable for setting by the user. Also, RSVP is difficult to use for actual services because some authority management and the like are unspecified and lacks scalability.

  There are systems that allow users to switch between mobile phone lines and wireless LANs, and systems that switch between mobile phone lines and use them, but this is a change in connection route, resulting in communication quality. Changes, but does not guarantee quality.

  That is, methods for executing each element such as authority management for communication quality, network resource management, and policy setting are known, but all are set by the system side, and are dynamically set by the user. It was difficult. For this reason, it has been difficult to provide a service that guarantees a certain communication quality specified by the user. An object of the present invention is to overcome this difficulty and to construct a communication quality management system that can be easily introduced into a current system and has little waste.

This invention
In the internal network provided by the telecommunications carrier,
Connects to an access accommodating device that accommodates access from the user's terminal, and manages the communication quality of users with usage rights based on the user ID that identifies the user, the communication quality designation information that designates the communication quality, and the authentication key information Provided a quality control device that can
The access accommodating apparatus has a designation information transmitting means for transmitting the communication quality designation information transmitted from a user to the quality control apparatus,
Based on the received communication quality designation information, the quality control device has a quality management setting means for sending communication quality control information for actual quality control on the network to the access accommodating device,
Actual information about information transmitted by itself based on the communication quality control information transmitted from the quality control device to the access termination device or a network termination device connected to an external network transmitted from the access accommodation device through an internal network By providing the quality control execution means for executing the quality control, the above-mentioned problem has been solved.

  The present invention manages communication quality in an internal network provided by a telecommunications carrier that connects a user and an ISP and leads to the Internet, which is an external network. Unlike the Internet, this internal network is entirely managed by a telecommunications carrier, so comprehensive quality control can be achieved. In order to manage the communication quality, the communication quality control information for each user is transmitted to each access accommodating device or network terminating device, instead of individually setting a policy. Quality control is performed according to the information. The communication quality control information is set by the quality control device based on the communication quality designation information designated and transmitted by the user, and the priority can be determined according to the explicit designation from the user.

  The communication quality designation information is notified in advance to a user from a network service provider (that is, an ISP) that provides a service on an external network, and the user ID and authentication notified by the user from the network service provider. By being sent to the access accommodating device together with the key information (so-called password), communication quality can be set together with authentication as to whether or not the user can receive a communication quality management service. User authentication itself may be performed by the quality control device under the jurisdiction of the telecommunications carrier, or address management on an external network outside the network termination device provided by a network service provider that is an ISP. It may be by a device. In the case of using the address management device, the user ID and authentication key information are transmitted thereto. In either case, if the user can be confirmed to be legitimate and individual users can be identified, the information is sent to the quality control apparatus.

  In the quality control device, communication quality control information that determines the actual priority is sent to the access accommodating device and the network terminating device according to the specified information for the confirmed user, and communication with a predetermined quality is performed. To do. As a result, individual users can be identified and communication quality can be provided, so that business utilization of services such as collection of history information and billing according to history information can be performed. Further, by assigning an IP address to a user terminal by authentication, management after authentication can be performed using the IP address, and after authentication, the user terminal can be connected to an external network.

  In the internal network, the communication between the access accommodating device and the network termination device is connected by tunneling technology, and when quality-controlled information is exchanged through the established tunnel, the load in the internal network is reduced, All who receive the service will be able to benefit from a higher level of quality controlled communication services. By collecting information on quality control using this tunnel and transmitting it to the quality control apparatus as a usage history, it is possible to charge for receiving a quality management service using this tunnel.

  With the network system according to the present invention, a user can request a system for a high-quality and stable service, and can use a lower-level and inexpensive service when the quality is not particularly required. it can. That is, it is possible to receive a service with an optimal quality arbitrarily according to the scene where the user uses the network. As a result, it is possible to improve fairness and reduce the load on the entire system, as compared with the conventional network system that has ensured a high-quality band even when a high-quality service is unnecessary. In particular, when introducing Next Generation Network (NGN) connected to the Internet, it is possible to provide an efficient and fair communication service and charge users.

  In addition, the quality management grade changes dynamically according to the designation from the user, and authority management is performed so that quality management can be performed in a format that can be used by existing network hardware upon receipt of the designation. Without providing a server or policy setting server, the invention can be implemented by adding software functions to a server used for conventional user authentication, and can be easily introduced.

Network relationship diagram for carrying out the invention The figure which shows the initial flow on the network in 1st embodiment The figure which showed the means and communication contents exchanged in the first embodiment in chronological order The flowchart which shows the algorithm at the time of quality control apparatus providing communication quality control information in 1st embodiment The figure which shows the initial flow on the network in 2nd embodiment The figure which showed the contents exchanged with the means exchanged in the second embodiment in chronological order The figure which showed the contents exchanged with the means exchanged in the third embodiment in chronological order The figure which shows the initial flow on the network in 4th embodiment The figure which showed the contents exchanged with the means exchanged in 4th embodiment in time series order Table showing examples of history information collected by the quality control device Conceptual diagram listing the means each hardware can have Example 1 environment construction flow diagram User authentication flow diagram of embodiment 1 Quality Assurance Communication Flow Diagram of Example 1 Flow chart of resource management algorithm of embodiment 1 Example 2 environment construction flow diagram User authentication flow diagram of embodiment 2 Quality Assurance Communication Flow Diagram of Example 2

Hereinafter, the present invention will be described in detail with reference to embodiments.
First, as a premise, the configuration of a network in which the invention is introduced will be described. FIG. 1 is a diagram showing the relationship of networks currently used and managed by end users, telecommunications carriers, and network service providers.

  The present invention is a network system mainly used in an internal network 10 provided by a telecommunications carrier. Here, the internal network 10 means a network that can be managed by a telecommunications carrier. On the other hand, a network managed by another network service provider, a company, a local government, a nation, etc. and not directly managed by the telecommunications carrier is called an external network 20. A collection of external networks 20 is the Internet.

The telecommunications carrier accommodates access when a terminal 31 such as a personal computer, digital TV, or network-compatible game machine used by an end user (hereinafter simply referred to as “user”) is connected to the network. An access accommodating device 11 is provided at the end of the internal network 10. Strictly speaking, the access is through a customer device 32 (abbreviated as “CE” in the figure) such as a modem connected to the terminal 31. This access includes both access that reaches the external network 20 and access that fits within the internal network 10. This is because in any case, it is assumed that the connection is made to the internal network 10 managed by the telecommunications carrier. The access accommodating device 11 accesses an address management device managed by the telecommunications carrier or an address management device managed by the network service provider in response to an access from the customer device 32 (PPP / PPPoE connection). Get authenticated and access the network. That is, the grade of quality control is dynamically adjusted not for each user contract but for each PPP session.
A network including each user's terminal 31, customer device 32, and access accommodating device 11 is referred to as a customer network 30.

  The internal network 10 is formed by connecting a plurality of routers 12 (indicated by “RX” in the figure, X is a number) to each other. The communication in the internal network 10 can be managed by the telecommunications carrier, and the present invention particularly controls the communication quality between the routers 12. The access accommodating device 11 at the end of the internal network 10 is connected to a part of the router 12. The access accommodating device 11 is connected with a quality control device 15 which is a gist of the present invention.

  A network termination device 13 for connecting to the external network 20 is provided at another end of the internal network 10. The access accommodation device 11 and the network termination device 13 are connected via one or more routers 12.

  The external network 20 is a network that is individually managed by a plurality of operators, and there is no unified administrator. Access from the enterprise network termination device 13 is sent to the ISP server 21 (indicated by “ISPX” in the figure, X is a number) provided by each network service provider, and a response to that is returned. Come. Each ISP server 21 is connected to other servers to construct the Internet. The ISP server 21 managed by the network service provider is connected to an address management device 22 that performs authentication for providing an Internet connection service and other services managed by the network service provider.

Based on the above, an embodiment of the present invention will be described.
First, a first embodiment will be described with reference to FIGS. This embodiment controls the quality of upstream communication originating from the user terminal 31.

FIG. 2 shows the communication flow with the devices involved in this embodiment.
The system according to the present invention has a quality control device 15 connected to an access accommodation device. This quality control device determines the communication quality of a user who has a right to use based on a user ID for identifying individual users who use the quality control service, communication quality designation information for specifying communication quality by the user, and authentication key information. It is something to manage.

  The communication quality designation information is not information fixed for each user, but is provided to the user as a plurality of options. Options include, for example, first grade, second grade, third grade, and so on, such that communication quality control information with higher quality is simply received as higher grade communication quality designation information, VoIP, streaming, HTTP access , FTP access, e-mail transmission, etc., so as to receive communication quality control with quality suitable for the type of communication to be performed. Each time a user connects, the user designates and transmits the communication quality designation information, which is a grade and type considered necessary for the communication, and enjoys a communication service with quality suitable for the designation.

  FIG. 3 shows the contents of communication exchanged between the terminal 31, the access accommodating apparatus 11, and the quality control apparatus 15 in chronological order. The contents of communication will be described in order.

  (A1) First, the user accesses the access accommodating device 11 from the terminal 31 via the customer device 32 (not shown in FIG. 3). This access is for establishing a connection, and specifically can be performed by a PPPoE Session. At this time, the communication quality designation information (shown as “QoSCL” in the figure) is transmitted together with the user ID (shown as “UserID” in the figure). As a method of adding the communication quality designation information to the communication, as shown in FIG. 3, if the symbol “%” is added after the user ID and continued after that, the authentication process can proceed smoothly, and the communication From the common sense, it is highly versatile. However, this symbol is arbitrary, and an appropriate symbol may be selected according to the situation. Further, authentication key information (shown as “password” in the figure) is transmitted together with the information. This is to determine whether or not the operator of the terminal trying to access is the user himself / herself who wants to receive the service, thereby preventing unauthorized use. This authentication key information may be information for external authentication such as openID in addition to a password used for direct authentication. However, in the latter case, another server intervenes at the time of authentication.

  (A2) The access accommodation apparatus 11 includes designation information transmission means 41 that transmits the communication quality designation information transmitted from the user to the quality control apparatus 15. This is because the communication quality designation information is not the content that can be used for the actual quality control in the lower layer of the network as it is, and the actual quality control cannot be performed only by the access accommodating device 11. The designation information transmitting means 41 may simultaneously transmit the user ID and the authentication key information at the same time. When the number of users is limited, quality control can be performed separately from user authentication, but in many cases, how much service each individual user can receive This is because it is necessary to confirm information and collect a history of service received by individual users. In the embodiment of FIG. 3, the user ID and the authentication key information are also sent together, and the quality control device 15 has an address distribution function. That is, the connection authentication itself to the external network 20 is also under the jurisdiction of the telecommunications carrier.

  (A3) The quality control device 15 includes quality management setting means 51 that sends communication quality control information for actual quality control on the network to the access accommodating device 11 based on the received communication quality designation information. . While the communication quality designation information is information that the user expects and desires, this communication quality control information is a bit that can be used to determine the superiority or inferiority of the order when the network hardware control software actually transmits a packet. Information (shown as “DSCP Information” in the figure). The relationship between the communication quality designation information and the communication quality control information may be based on a conversion table fixed in advance, or may be elastically changeable according to the state of the network at that time. In particular, when the communication load is high, or when communication quality requirements at high grades overlap, it is desirable to be able to make an elastic change.

  In the embodiment shown in FIG. 3, the quality control device 15 also has a DHCP function for allocating an IP address necessary for network access to the terminal 31 from the user ID and the authentication key information. By allocating the IP address together with the communication quality control information, the terminal 31 can be recognized and discriminated from the allocated IP address thereafter, and quality management and history storage during IP communication are facilitated.

  (A4) Based on the communication quality control information transmitted from the quality control device 15, the access accommodating device 11 performs quality control execution for performing actual quality control on information transmitted by the user according to an instruction from the user. Means 42 are included. Specifically, first, an IP address is assigned to the terminal 31. Further, the quality control execution means 42 has a quality control table for storing the communication quality control information sent together with the IP address together with the IP address, and from the IP address of the terminal that has requested data transmission, Information for application of communication quality that is actually applied to data transmission from the terminal can be called.

  (A5) Next, the user assigned an IP address to the terminal 31 transmits data to the access accommodating apparatus 11. However, the destination actually designated by the user is the network terminating device 13 ahead or the computer on the external network 20 ahead. (A6) Regardless of where the data is sent, the data transmitted by the user always passes through the access accommodating device 11. In the access accommodating device 11, the terminal 31 that sent the data is identified by the IP address, and when the data is transmitted to the designated destination, the communication quality control information associated with the IP address is given first, Data is transmitted according to the priority indicated by the communication quality control information. For the execution of specific priority by the communication quality control information itself, a known quality control method such as adding a bit indicating the priority to the packet header can be applied, and the specific method is particularly limited. It is not something.

  In addition, the example of the information transmitted by said (A1) is shown. For example, it is assumed that the communication quality designation information is designated in three stages of “gold”, “Silver”, and “Bronze” in descending order of grade, in which case the transmitted information is as shown in Table 1 below.

  The information transmitted in this way is transmitted with a priority according to the communication quality control information in the internal network 10 until it reaches the network terminating device 13 through the router 12. The present invention can be managed up to here, and the communication quality management after coming to the external network 20 is another problem.

  Further, in the network system according to the present invention, when the user performs only HTTP access that does not particularly require quality, the terminal can access without the communication quality designation information. In this case, in FIG. 3, the “% QoS SCclass” portion of (A1) and the “DSCP Information” of (A3) do not exist. In this state, the quality control execution unit 42 performs control so that the communication of the user assigned with the IP address is transmitted with a lower priority than the communication of other users whose quality should be guaranteed.

  However, depending on the degree of congestion of the internal network 10, not all quality requirements can be met. In particular, when quality requests with high grades that have the highest priority overlap, unless the authentication itself is rejected, the quality of the communication accepted so far cannot be maintained. Specifically, FIG. 4 shows a selection algorithm when the quality control device 15 gives the communication quality control information.

  First, when there is a connection request from the terminal 31 through the access accommodating apparatus 11 (101), it is determined whether a communication quality request is given to the request (102). The case where it is not given means that quality control is not requested. Therefore, an IP address is assigned and a setting is made that the IP address does not guarantee communication quality (103).

  Next, if a communication quality request is given, it is determined whether the grade designated by the communication quality designation information has the highest priority (104). If it is not the highest priority service, the access accommodating device indicates whether the communication quality control information set in the communication quality designation information or the corresponding communication quality control information obtained by including the current network congestion level as a variable 11 is set as information for replying to 11 (105). In addition, the IP address assigned to the terminal 31 is also returned (105).

  In addition, if the specified grade is the highest priority, check the priority in the current access accommodating device and the number of services being executed, and whether communication quality at the highest priority grade can be guaranteed. (106). If it is acceptable, the communication quality control information set so as to be treated with the highest priority is set in the return information to the access accommodating apparatus 11 (108). In addition, the IP address assigned to the terminal 31 is also returned (108). However, if it is not acceptable, the authentication itself is rejected (107). This is to guarantee the quality of communication with high priority that has been previously authenticated.

Next, a second embodiment will be described with reference to FIGS.
In the first embodiment, the quality of upstream communication transmitted from the terminal 31 to the external network 20 is controlled. On the other hand, in the second embodiment, from the external network 20 according to an instruction from the user. The quality of downstream communication passing through the network terminating device 13 and reaching the access accommodating device 11 is controlled. FIG. 5 is a diagram showing the flow of communication on the network halfway. FIG. 6 shows the details of communication up to the transmission of data for which the communication quality is actually guaranteed in chronological order.

  Among these, the behavior of (B1) and (B2) in the figure is almost the same as the above (A1) and (A2), respectively. However, (B1) and (B2) include information on the terminal on the external network 20 that is the transmission source of the data that the terminal intends to receive. As a specific designation method, as shown in FIG. 6 (B1), designation is performed by an IP address or a domain name address via a symbol “@” after the user ID, and the communication quality designation information further includes Then continue via the symbol “%”.

  (B3) The quality management setting means 51 ′ of the quality control device 15 derives the address of the network termination device 13 connected to the terminal from the information of the terminal on the external network 20 that is the data transmission source, and performs the communication quality control. The information is sent to the access accommodating device 11 together with the information. This is because it is necessary to transmit the communication quality control information to a network terminating device that starts transmitting data in the internal network 10. When the network termination device 13 connected to the terminal on the external network 20 specified by the “@domain” is narrowed down to one, the network termination device 13 is automatically determined. On the other hand, although not shown, when there are a plurality of network termination devices 13 connected to the terminal on the external network 20, the access accommodating device 11 automatically selects from the network load, the route state, etc. according to a predetermined algorithm. You may do it. If there are a plurality of selectable network termination devices 13, between the (B3) and (B4), the access accommodating device 11 is connected to the terminal 31 from among the plurality of network termination devices 13. A step of selecting a suitable one by the user may be included.

  (B4) The setting information transmitting means 45 of the access accommodating apparatus 11 transmits the communication quality control information transmitted from the quality control apparatus 15 to the address of the network terminating apparatus 13 that has been transmitted.

  Here, it is particularly preferable to connect the access accommodation device 11 and the network termination device 13 by using the tunnel technology because communication within the internal network 10 is easy to control and a communication load is reduced. In that case, the access accommodating apparatus 11 has connection request means 46 for requesting the user's terminal 31 to connect to the external network 20 through the internal network 10 by tunneling technology (B2), and the request Later, it has a quality tunnel setting means 47 for transmitting the communication quality control information when establishing a tunnel to the network terminating device 13 by a tunneling technique (B4).

  (B5) The quality control execution means 61 of the network terminating device 13 sets so that quality control can be performed according to the transmitted communication quality control information. At this time, an IP address is assigned to the terminal 31 that is the destination of the communication that performs the corresponding quality control, and the quality control is performed on the communication addressed to the IP address according to the priority of the transmitted communication quality control information. Like that.

  (B6) Thereafter, a data transmission request is made from the terminal 31 to the terminal of the external network 20. (B7) When the data reaches the network terminating device 13, the network terminating device 13 is transmitted with communication quality according to the communication quality control information in communication to the access accommodating device 11.

  In addition, as a third embodiment, the second embodiment can be applied, and quality control can be performed for communication directed upstream from the terminal 31 to the external network 20, contrary to the second embodiment. The communication flow in the embodiment is shown in FIG. By establishing a tunnel, transmission toward the upstream can also use the tunnel. In this case, instead of the tunnel transmission unit 62 included in the network termination device 13 in the second embodiment, the tunnel transmission unit 48 included in the access accommodation device 11 is used (B8, B9).

  Furthermore, the second and third embodiments can be combined to perform quality management in bidirectional communication between the terminal 31 and the external network 20. This is suitable for applications that require high-quality communication with each other, such as VoIP.

Next, a fourth embodiment will be described with reference to FIGS.
In the first embodiment, user authentication is collectively performed by the quality control device 15 managed by the telecommunications carrier. In the fourth embodiment, the address management device 22 is managed by the network service provider. The quality of communication going from the external network 20 to the terminal 31 can be controlled. Here, the object with which the user contracts is a network service provider, and the telecommunications carrier mediates connection between them. FIG. 8 is a diagram showing the flow of communication on the network halfway. FIG. 9 shows the details of communication up to the transmission of data for which the communication quality is actually guaranteed in chronological order.

  8 and 9, (C1) to (C4) are substantially the same as (B1) to (B4) in FIGS. 5 and 6. However, it is necessary to designate (C1) the authentication destination information that is the destination of the ISP server 21 that performs authentication. Table 2 below shows a specific example of information in (C1) in which the format for specifying the contents and the communication quality specification information are combined. The authentication destination information after “@” and before “%” is specified by an IP address, a domain name, or the like. The access accommodating apparatus 11 sends the user ID and the authentication key information to the address management apparatus 22 (directly the ISP server 21 and the network termination apparatus 13 connected thereto) indicated by the specified authentication destination information. Authentication information transmitting means 44 for transmitting is provided.

  The communication quality designation information is transmitted after the authentication destination information. Here, an example is shown in which the grade and type of communication quality are divided according to the type of information that is actually transmitted. For example, the “VoIP” class is for constantly seeking high quality in both directions, and the “Stream” class is for constantly demanding high quality only in one direction from upstream to downstream, or from downstream to upstream, The “Online” class is suitable for receiving an online service such as the so-called Software as a service (SasS). Further, the “Internet” class is suitable for an Internet service based on a normal HTTP protocol, and this class can be assigned as a normal priority when there is no designation. However, the communication quality designation information is managed by the quality control device 15 and is sent to the access accommodating device 11 and the network terminating device 13 as the communication quality control information (C3, C4) and sent to the ISP server 21. There is no need. However, it may be transmitted for history collection or user management. The communication quality designation information may not only be notified to the user by the telecommunications carrier in advance, but may be previously notified to the user by the network service provider. In the latter case, management for both network use and quality control services can be unified.

  (C5) The network terminating device 13 that has established the tunnel by the tunneling technique sends the user ID and the authentication key information to the ISP server 21 connected to the network terminating device 13. These are information sent simultaneously from the access accommodation apparatus 11 when establishing a tunnel by the tunneling technique (C4). The ISP server 21 sends the information to the address management device 22 connected thereto. When the user uses the internal network, the address management device 22 performs network connection authentication means 71 for authenticating actual use based on the user ID and the authentication key information, and determines whether authentication is possible or not to the quality control device. Authentication confirmation transmission means 72 for transmission. That is, the address management device 22 has user information managed by the network service provider with whom the user has contracted.

  (C6) If authentication by the address management device 22 is possible, an IP address necessary for connecting the terminal 31 to the external network is assigned, and if authentication is impossible, error information to that effect is sent to the ISP server 21. The ISP server 21 returns it to the network terminating device 13. The network terminating device 13 sends the information to the access accommodating device 11 which is the original transmission source by the tunnel transmission means 62 using the previously established tunnel. When the authentication is possible, the terminal 31 can access the external network 20.

  (C7) The terminal 31 requests the ISP server 21 of the external network 20 to transmit information using the tunnel. The ISP server 21 is not limited to the ISP server 21 that has accepted the authentication, and may be any server that exists on the external network 20 that can be connected through the same network terminating device 13. (C8) The ISP server 21 returns data to the network terminating device 13. (C9) The network terminating device 13 uses the quality control execution means 61 to perform tunnel transmission using the tunnel transmission means 62 under quality control according to the communication quality control information received in advance in (C4).

  As yet another embodiment, instead of the above (C7) to (C9), in the upstream transmission from the terminal to the external network 20, the quality control execution means 42 and the tunnel transmission means 48 of the access accommodating apparatus 11 are used. It is also possible to guarantee communication quality. Furthermore, communication quality assurance may be performed for these two-way communications.

  As yet another embodiment, after performing the authentication of (C5) and (C6) in (C2) and (C3), a tunnel is established between the network terminating device 13 and the access accommodating device 11, Quality control may be performed for communication from the external network 20. This is effective, for example, when the telecommunication service provider performs authentication with the contractor performed by the network service provider. In this case, the quality control device 15 has network connection authentication means 52 and authentication confirmation transmission means 53 corresponding to those of the address management device 22 described above.

  In the system according to the present invention, the quality control of the communication quality itself is a service to the user. Therefore, it is desirable that the information and history can be collected in some form and reflected in the upper limit of usage, the contents of billing, and the like. For this reason, the access accommodating device 11, the network terminating device 13 or both may have communication quality information collecting means 49 and 64 for collecting information of communication transmitted and received by performing quality control. In addition to simply measuring the time from the start of use of the service to the end of use, it also records the amount of traffic that has actually received quality assurance, etc., for more detailed analysis of user behavior and the degree of enhancement to the required network. Can be investigated.

  Further, the access accommodating device 11, the network terminating device 13, or both have usage history transmission means 50 and 65 for transmitting the information collected by the communication quality information collecting means to the quality control device 15 as usage history. It is more desirable. From the start of authentication, the quality control content actually used by the user can be centrally managed by the quality control device 15 that records the user information.

  An example of such a history is shown in FIG. For each authenticated user, the service class that is the communication quality designation information requested at the time of authentication is recorded, and the use start time and use stop time are recorded. This is the minimum information. The service class item is blank when the communication quality designation information is not designated and quality assurance is not requested. Furthermore, it is easier to discriminate the usage status by recording from which access accommodating device 11 as a connection source and to which network termination device 13 as a connection destination. In addition, by recording and analyzing the traffic volume, the peak and average values of the communication speed, the protocol used for communication, etc., statistics on whether or not the selection of the service class used by the user is appropriate Can be judged automatically. This determination can be used as basic data for recommending use in a service class more suitable for the user.

  As shown in the above history, the quality control device 15 included in this system may manage quality control management requests from a plurality of access accommodating devices 11. This is because the quality control device 15 itself does not exchange a large amount of data, but the main functions are judgment at the time of authentication and collection of history, and therefore the load is smaller than that of the access accommodating device 11 or the like.

  Hereinafter, application of the further embodiment will be described with reference to FIG. FIG. 11 is a table listing the means embodied in each piece of hardware constituting the present invention by software.

  In the above embodiment, when information is transmitted using a tunnel established by the tunneling technology, the access accommodating device 11, the network termination device 13, or both use the tunnel established by the tunneling technology. Tunnel quality information collection means 49 ′ and 64 ′ for collecting information on the tunnel quality control of the transmitted information, and tunnel usage history transmission for transmitting the collected information to the quality control device 15 as user usage history With the means 50 'and 65', the history collection described above is more in line with the situation. This is particularly suitable for information exchanged in both directions through a tunnel.

  Furthermore, the quality control device 15 may include a charging unit 54 that charges the user according to the executed usage history. The usage history only needs to be collected in the quality control device 15 by the tunnel usage history transmission unit or the usage history transmission unit. The accounting calculation method is not particularly limited, and can be determined according to usage time, communication volume, average communication speed, the actually assigned communication quality control information, and the like.

  In the system according to the present invention, the quality control device 15 can collect and control user information and the allocation, usage history, and the like of the communication quality control information from the communication quality designation information. Is applied to a conventional network system, it is possible to cope with everything from quality control to history collection and billing by adding functions to a conventionally used Radius server without installing new hardware.

  Further, the communication quality service according to the present invention may be the Internet connection service for the terminal 31 itself. In particular, in the fourth embodiment described above, authentication is performed based on user information held by a network service provider that provides an Internet connection service, and hardware is added to a conventional system. Can be implemented without any problem.

  On the other hand, the communication quality service according to the present invention may be used to construct a Virtual Private Network (VPN). Alternatively, it may be used for using other services using VPN technology. When VPN is used, in particular, communication within the internal network 10 is preferably established by a tunneling technique.

  The communication quality designation information is for performing quality management in the internal network 10 managed by the telecommunications carrier, but the grant may be performed by the telecommunications carrier itself, The network service provider may make a contract with the telecommunications carrier and perform it in accordance with the intention. In this case, the telecommunications carrier can be entrusted with quality management services from the network service provider.

  The internal network 10 to which the system according to the present invention is applied can be applied not only to the telecommunications carrier network conventionally used, but also to the Next Generation Network (NGN) currently being used. That is, application is not limited as long as the telecommunications carrier can manage the entire network.

Hereinafter, a specific construction example when carrying out the above invention will be described.
First, specific configuration hardware will be described.
(1) Terminal: Terminal having PPP dial-up or PPPoE function (2) Access accommodating device: Device terminating PPP / PPPoE access from user (3) Quality control device: Quality requested by user A Radius server that sets information on quality information based on the information and sends a reply to the access accommodating device. When L2TP or MPLS is used, information on the network termination device for each ISP and company is returned based on a request from the access accommodating device.
(4) Network terminating device: Device used when connecting to ISP or company on external network (5) Address management device: Used when using tunnel technology. An IP address management device installed in ISPs and enterprises. Notify the address to be paid out when accessed by the user.

Example 1
The realization method in the case of quality control for upstream communication according to the first embodiment is shown in the flowcharts of FIGS.

The construction of the implementation environment will be described using the flowchart shown in FIG.
First (201), the telecommunications carrier constructs the internal network 10 which is an IP network (202). Communication quality management is performed within this IP network. Then, the telecommunications carrier installs a Radius (Remote Authentication Dial In Use Service) server as the quality control device 15 in the IP network (203). In this Radius server, communication quality designation information is registered as a service class in the format described in Tables 1 and 2 (204), and a conversion table or conversion algorithm between communication quality designation information and communication quality control information is created and registered. (205). Furthermore, the user ID of the user who provides the service and the password that is the authentication key information are registered in the user database (206). In addition, the access accommodating apparatus 11 that accommodates the access of the user terminal 31 is installed in the internal network 10 and can be connected from the terminal 31 (207). This completes the environment construction (208).

Next, actual quality control steps will be described with reference to the flowcharts shown in FIGS.
First, the user (221), if the communication quality requested by the application to be used in the terminal 31 specifically for a specific service such as VoIP is fixed (222), the optimum communication quality designation information is automatically determined. It will be decided (223). This determination may be automated as long as the service class notified from the telecommunications carrier is registered in advance. In this case as well, explicit designation according to the user's intention is included in the application selection stage. On the other hand, when the application is not such a specialized type and uses a Web browser or the like (222), the user selects the optimum service class notified from the telecommunications carrier as the communication quality designation information. Select (224). Note that “no service class is specified” is also an option.

  Then, the user performs PPP / PPPoE access from the terminal 31 to the access accommodating apparatus 11 (RAS, BRAS) (225). In this access, the designated communication quality designation information is transmitted together with the user ID and authentication key information which are issued when making a contract with the telecommunications carrier and registered in the user database. The access accommodating apparatus 11 makes an inquiry to the quality control apparatus 15 in the internal network 10 at the time of PPP / PPPoE access (226).

  The quality control device 15 performs authentication from the user ID and password (227), and if not recognized, returns an error and performs access again (228). If approved, the IP address assigned to the user is set in the reply packet (230). After accepting the user authentication, communication quality control information corresponding to the communication quality designation information designated by the user is allocated by the resource management algorithm (231). This resource management algorithm will be described later (FIG. 15, 261-). If allocation is not permitted on the resource (232), access from the user is denied (233). If the allocation is approved (232), the communication quality control information corresponding to the communication quality designation information designated by the user is returned to the access accommodating apparatus 11 together with the set IP address (234). The access accommodating apparatus 11 assigns the communication quality determined by the returned communication quality control information to the PPP / PPPoE session from the user terminal 31 (235). At the same time, the access accommodating apparatus 11 notifies the user's terminal 31 of the received IP address (236).

  The connection is thus established (237). The access accommodating apparatus 11 notifies the quality control apparatus 15 that the user connection is started (241). The quality control device 15 records the use start time together with the user ID (242).

  When the information is transmitted from the terminal 31 (243), the access accommodating apparatus 11 adds the communication quality control information assigned to the PPP / PPPoE session to the packet of the transmitted information (244), and the priority is given. Transmit according to the degree (245). This assigned communication quality control information continues as long as the PPP / PPPoE session continues (246).

  When the user finishes the communication (246) and disconnects (247), the access accommodation apparatus 11 notifies the quality control apparatus 15 of the end of the session (248). The quality control device 15 records the use end time, records that the user session is ended, and releases one of the assigned communication quality control information (249), and ends (250).

  Separately from this, the telecommunications carrier grasps the user's usage history from the records of the quality control device 15 at regular intervals, and charges by the charging means according to the method defined in the contract.

  The detailed contents of the resource management algorithm (231) executed by the quality control apparatus 15 will be supplemented with reference to the flowchart of FIG. First, it is determined whether or not the request sent from the access accommodating apparatus 11 includes designation of a service class that is communication quality designation information (262). If no designation is included, it is assumed that no quality request has been made, the same treatment as in the normal class is performed, and communication quality control information is not assigned (263). In this case, the algorithm ends there (264).

  Next, it is determined whether or not the designated communication quality designation information has the highest priority (corresponding to “% gold” in Table 1 above) (265). If it is other than the highest level, the communication quality control information that can be assigned at that time is assigned according to the grade of the designated service class (266, 267).

  When the highest communication quality is requested (265), the number of high priority services handled by the current access accommodating apparatus 11 is confirmed (268), and is the service (ie, guarantee of communication quality) possible? It is determined whether or not (269). If it is not possible, a decision is made to reject the connection itself (270, 271, hitting 233 above). If possible, communication quality control information having a higher priority is assigned (272, 273).

  Thereafter, the assigned communication quality control information is returned to the access accommodating apparatus 11 (234 in FIG. 13).

  As a specific content (245 in FIG. 14) of communication quality control information, Diffserv is used. In a Diffserv compatible communication device, a communication quality control operation can be defined for DSCP (Differentiated Service Code Point), which is communication quality control information given in an IP packet. In addition, the telecommunications carrier ensures the communication quality in the IP network, which is the internal network 10, by changing the value of the DSCP to a value that meets the requirements for the entire service.

(Example 2)
The realization method in the case of performing quality control for communication mainly in the downstream direction using the tunnel technology according to the above fourth embodiment is shown in the flowcharts of FIGS.

  First, the construction of the implementation environment will be described with reference to FIG. Of these, (301) to (307) are substantially equivalent to (201) to (207) of FIG. In addition to this, a network termination device 13 is provided at the end of the IP network which is the internal network 10 (308), and the ISP network, the corporate network or the Internet network which is the external network 20 connected to the network termination device 13 is provided. Next, a Radius server to be the address management device 22 is installed (309). The network termination device 13 and the Radius server are installed and controlled by the network service provider (ISP) contracted with the telecommunications carrier, other companies, public organizations, and the like, not the telecommunications carrier. The user ID and authentication key information that are the same as or associated with the user ID and authentication key information registered in the quality control device 15 are registered in this Radius server (310). This completes the environment construction (311).

  Next, an actual quality control process will be described with reference to flowcharts shown in FIGS. Among these, (321) to (328) are the same as (221) to (228) of the first embodiment. However, there is no IP address allocation by the quality control device 15 corresponding to (230). As described later, another IP address is assigned.

  The resource management algorithm (331) for allocating resources and subsequent allocation determinations (332, 333) are the same as (231) to (233) in the first embodiment. If the allocation is approved (332), the allocated communication quality control information is returned to the access accommodating apparatus 11 (334). The access accommodating apparatus 11 assigns the communication quality determined by the returned communication quality control information to the PPP / PPPoE session from the user terminal 31 (335).

The procedure from here is different from the first embodiment.
The access accommodating apparatus 11 extracts candidates for the network termination apparatus 13 that communicates with the address in the ISP network, the corporate network, or the Internet, which is the external network 20, designated at the time of the PPP / PPPoE access (336). If one or more network termination devices 13 are extracted and can be automatically determined in accordance with the algorithm for determining the priority order set in the access accommodation device 11, the selected network termination devices 13 are selected candidates. An IP tunnel is established for a certain network terminating device 13 (339). When there are a plurality of candidates (337), the terminal 31 selects the network termination device 13 for the network termination device 13 (338), and establishes an IP tunnel to the network termination device 13 (339). ). At this time, the access accommodating apparatus 11 simultaneously notifies the network terminating apparatus 13 of the communication quality control information determined from the quality control apparatus 15 together with the user ID and the authentication key information (340). For tunnel technology, L2TP (Layer 2 Tunneling Protocol) or MPLS is used.

  The network termination device 13 makes an inquiry to the Radius server which is the address management device 22 (341). The address management device 22 compares the notified user ID and authentication key information with its own database (342). If the user is not registered, exceeds the service usage upper limit, or does not satisfy other usage conditions, the user authentication is rejected, and a notification of access rejection is sent from the network terminating device 13 to the access accommodating device 11, and the terminal The access of 31 is refused (343). At this time, the IP tunnel is also cleared (344). If the user is a registered user and satisfies the usage conditions, the user is authenticated, and the address management device 22 allocates an IP address for the access (346 to 347). Then, the address management device 22 notifies the allocated IP address to the network terminating device 13 (348), and the network terminating device 13 notifies the access accommodating device 11 of the IP address via the IP tunnel (349). The access accommodating apparatus 11 notifies the received IP address to the user terminal 31 (350).

  The connection is established. The access accommodating apparatus 11 notifies the quality control apparatus 15 that the user connection is started (351). The quality control device 15 records the use start time together with the user ID (352).

  The terminal 31 requests the ISP server 21 on the external network 20 ahead of the network terminating device 13 to transmit information via the access accommodating device 11 and the network terminating device 13 (353). This includes not only an explicit request but also a request transmitted as part of the service received by the terminal 31. The ISP server 21 transmits information to the IP address assigned to the terminal 31, and the information reaches the network terminating device 13 (354). The network terminating device 13 adds the communication quality control information assigned to the PPP / PPPoE session of the terminal 31 to the packet of the transmitted information while transmitting the information while using the IP tunnel (355). ) And transmit according to the priority (356). When the communication quality control information to be assigned is DSCP, it may be rewritten here, unlike the value assigned in the upstream external network 20. However, this depends on the implementation of the external network 20 and the internal network 10 and may be adjusted in the same way. This assigned communication quality control information continues as long as the PPP / PPPoE session continues (357).

  When the user finishes the communication (357) and disconnects (358), the access accommodating device 11 notifies the quality control device 15 and the network terminating device 13 that the session has ended (359). Here, the IP tunnel is cleared (360). The quality control device 15 records the use end time, records that the user session is ended, and releases one of the assigned communication quality control information (361), and ends (362).

  In the second embodiment, similarly to the first embodiment, the telecommunications carrier can grasp the usage history of the user based on the record of the quality control device 15 and charge the user.

DESCRIPTION OF SYMBOLS 10 Internal network 11 Access accommodation apparatus 12 Router 13 Network termination apparatus 15 Quality control apparatus 20 External network 21 ISP server 22 Address management apparatus 30 Customer network 31 Terminal 32 Customer apparatus 41 Designated information transmission means 42 Quality control execution means 44 Authentication information transmission means 45 Setting information transmission means 46 Connection request means 47 Quality tunnel setting means 48 Tunnel transmission means 49 Communication quality information collection means 49 'Tunnel quality information collection means 50 Usage history transmission means 50' Tunnel usage history transmission means 51, 51 'Quality control setting Means 52 Network connection authentication means 53 Authentication confirmation transmission means 54 Accounting means 61 Quality control execution means 62 Tunnel transmission means 64 Communication quality information collection means 64 'Tunnel quality information collection means 65 Usage history transmission means 65' Tunnel usage history Transmission means 71 Network connection authentication means 72 Authentication confirmation transmission means

Claims (15)

In the internal network provided by the telecommunications carrier,
An access accommodation device for accommodating access from a user terminal;
User ID for identifying a user, communication quality designation information for designating communication quality by a user, and communication quality of a user who has a right to use based on authentication key information, and quality connected to the access accommodation device A control device,
The quality control device has quality management setting means for sending communication quality control information for actual quality control on the network to the access accommodating device based on the received communication quality designation information,
The access accommodating apparatus receives the communication quality designation information transmitted from the user from the user based on the designation information transmitting means for transmitting to the quality control apparatus and the communication quality control information transmitted from the quality control apparatus. Quality control execution means for executing actual quality control for information transmitted by the terminal according to the instructions of
A network system in which communication priority can be specified according to user specifications.   The communication quality designation information received from the user by the access accommodating device is notified in advance from a network service provider that provides a service on the external network, and is notified from the network service provider when the user connects to the external network. The network system according to claim 1, wherein the network is sent to the access accommodating device together with connection authentication to the network based on the user ID and authentication key information.   When the user uses the internal network, the quality control device provides network connection authentication means for authenticating actual use based on the user ID and the authentication key information, and whether the authentication is possible to the quality control device. The network system according to claim 2, further comprising authentication confirmation transmission means for transmitting. A network terminating device connected from the internal network to an external network;
An address management device on an external network outside the network termination device,
The access accommodating device has authentication information transmitting means for transmitting the user ID and the authentication key information to the address management device through the network terminating device,
When the user uses this internal network, the address management device includes network connection authentication means for authenticating actual use based on the user ID and the authentication key information, and whether the authentication is possible to the quality control device. The network system according to claim 2, further comprising authentication confirmation transmission means for transmitting.   5. The network system according to claim 1, wherein the access accommodating device, the network terminating device, or both have communication quality information collecting means for collecting information of communication for which quality control has been performed.   The network system according to claim 5, wherein the access accommodating device, the network terminating device, or both include use history transmission means for transmitting information of communication for which quality control has been performed to the quality control device as a use history. In the internal network provided by the telecommunications carrier,
An access accommodation device for accommodating access from a user terminal;
Quality control capable of managing the communication quality of a user who has a right to use based on the user ID for identifying the user, the communication quality designation information for designating the communication quality by the user, and the authentication key information, connected to the access accommodating device. Equipment,
A network terminating device connected to the external network from the internal network,
The quality control device has quality management setting means for sending communication quality control information for actual quality control on the network to the access accommodating device based on the received communication quality designation information,
The access accommodating apparatus transmits the communication quality designation information transmitted from the user to the quality control apparatus, and transmits the communication quality control information transmitted from the quality control apparatus to the network termination apparatus. Setting information transmitting means to
Based on the communication quality control information transmitted from the quality control device via the access accommodating device, the network terminating device actually transmits information to the access accommodating device according to an instruction from the user. Having quality control execution means for executing quality control of
A network system in which communication priority can be specified according to user specifications. A network terminating device connected to the external network from the internal network,
The access accommodating device has setting information transmitting means for transmitting the communication quality control information transmitted from the quality control device to the network terminating device,
Based on the communication quality control information transmitted from the quality control device via the access accommodating device, the network terminating device actually transmits information to the access accommodating device according to support from the user. Having quality control execution means for executing quality control of
The network system according to claim 1.   The communication quality designation information received from the user by the access accommodating device is notified in advance by a network service provider that provides a service on the external network, and is received from the network service provider when the user connects to the external network. 9. The network system according to claim 7, wherein the network system is sent to the access accommodating apparatus together with connection authentication to the network based on the notified user ID and authentication key information.   When the user uses the internal network, the quality control device provides network connection authentication means for authenticating actual use based on the user ID and the authentication key information, and whether the authentication is possible to the quality control device. The network system according to claim 9, further comprising: an authentication confirmation transmission unit for transmitting. Having an address management device on an external network outside the network termination device,
The access accommodating device has authentication information transmitting means for transmitting the user ID and the authentication key information to the address management device through the network terminating device,
When the user uses this internal network, the address management device includes network connection authentication means for authenticating actual use based on the user ID and the authentication key information, and whether the authentication is possible to the quality control device. The network system according to claim 9, further comprising: an authentication confirmation transmission unit for transmitting. A connection request means for requesting the access accommodating device to connect the accommodated user's terminal to another external network outside through the internal network by tunneling technology;
Quality tunnel setting means for transmitting the communication quality control information when establishing a tunnel by tunneling technology to the network terminating device after the request;
A tunnel transmission means for transmitting through the tunnel based on the communication quality control information in transmitting information to the external network after the establishment of the tunnel;
The network system according to any one of claims 7 to 11, wherein the communication quality from the access accommodating device to the network terminating device corresponds to the quality designated by the user in the communication quality designation information. The access accommodating device is a connection requesting means for requesting the accommodated user terminal to connect to another external network outside through the internal network by tunneling technology;
After the request, the network termination device has quality tunnel setting means for transmitting the communication quality control information when establishing a tunnel by a tunneling technique,
The network terminating device has tunnel transmission means for transmitting through the tunnel based on the communication quality control information in transmitting information from the external network to the access accommodating device after the tunnel is established,
The network system according to any one of claims 7 to 12, wherein communication quality from the network terminating device to the access accommodating device is performed with a quality designated by a user in the communication quality designation information.   The access accommodating device, the network terminating device, or both of them, tunnel quality information collecting means for collecting information obtained by performing tunnel quality control on information transmitted using a tunnel established by the tunneling technology, and collecting 12. The network system according to claim 10 or 11, further comprising a tunnel usage history transmission means for transmitting the obtained information as a user usage history to the quality control apparatus.   15. The network system according to claim 6 or 14, wherein the quality control apparatus includes a charging unit that charges a user according to an executed usage history.

Images