TWI692221B - Network service providing system and network service providing method - Google Patents

Network service providing system and network service providing method Download PDF

Info

Publication number
TWI692221B
TWI692221B TW107144416A TW107144416A TWI692221B TW I692221 B TWI692221 B TW I692221B TW 107144416 A TW107144416 A TW 107144416A TW 107144416 A TW107144416 A TW 107144416A TW I692221 B TWI692221 B TW I692221B
Authority
TW
Taiwan
Prior art keywords
network
service request
information
client device
area network
Prior art date
Application number
TW107144416A
Other languages
Chinese (zh)
Other versions
TW202023240A (en
Inventor
蔡建麟
洪翊軒
吳季桓
Original Assignee
中華電信股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中華電信股份有限公司 filed Critical 中華電信股份有限公司
Priority to TW107144416A priority Critical patent/TWI692221B/en
Application granted granted Critical
Publication of TWI692221B publication Critical patent/TWI692221B/en
Publication of TW202023240A publication Critical patent/TW202023240A/en

Links

Images

Abstract

A network service providing method which is suitable for providing network service to a client device of a client by a local end device of an ISP. The network service providing method comprising includes: transmitting, by the client device, a network service request to the local end device, wherein the client device corresponds to a local area network, and the local end device corresponds to a wide area network; transmitting a service request response in response to the network service request; and monitoring first network information corresponding to the local area network and second network information corresponding to the wide area network according to the service request response.

Description

網路服務提供系統及網路服務提供方法Network service providing system and network service providing method

本發明是有關於一種網路通訊技術,且特別是有關於一種網路服務提供系統及網路服務提供方法。The invention relates to a network communication technology, and in particular to a network service providing system and a network service providing method.

傳統的網路監視系統中,區域網路(local area network,LAN)中的客戶端裝置並無法取得廣域網路(wide area network,WAN)或其他區域網路的真實監控資料。因此,縱使有多個客戶端裝置隸屬於相同的組織,只要該些客戶端裝置不屬於相同的區域網路,則使用者就無法確實地透過單一個客戶端裝置來取得每一個客戶端裝置及其對應的區域網路的網路狀態。因此,使用者將難以對網路進行整體性地評估。In a traditional network monitoring system, client devices in a local area network (LAN) cannot obtain real monitoring data of a wide area network (WAN) or other local area networks. Therefore, even if there are multiple client devices belonging to the same organization, as long as the client devices do not belong to the same local area network, the user cannot reliably obtain each client device and a single client device. The network status of the corresponding local area network. Therefore, it will be difficult for users to evaluate the network as a whole.

為了讓使用者能對所有的網路進行整體性地評估,需要提出一種可讓區域網路的客戶端裝置獲得廣域網路或其他區域網路之網路資訊的方法。In order to allow users to evaluate all networks in a holistic manner, it is necessary to propose a method that allows client devices of a local area network to obtain network information of a wide area network or other local area networks.

本發明提供一種網路服務提供系統,適於由電信商向客戶提供網路服務,網路服務提供系統包括客戶端裝置以及局端裝置。客戶端裝置對應於區域網路。局端裝置對應於廣域網路,並且通訊連接至客戶端裝置,其中客戶端裝置傳送網路服務請求至局端裝置。該局端裝置響應於網路服務請求而傳送服務請求回應至客戶端裝置。客戶端裝置根據服務請求回應監視對應於區域網路的第一網路資訊和對應於廣域網路的第二網路資訊。The present invention provides a network service providing system suitable for providing network services to customers by telecommunications providers. The network service providing system includes a client device and a central office device. The client device corresponds to the local area network. The central office device corresponds to a wide area network and is communicatively connected to the client device, where the client device sends a network service request to the central office device. The central office device sends a service request response to the client device in response to the network service request. The client device responds to monitor the first network information corresponding to the local area network and the second network information corresponding to the wide area network in response to the service request.

本發明提供一種網路服務提供方法,適於由電信商的局端裝置向客戶的客戶端裝置提供網路服務。網路服務提供方法包括:由客戶端裝置傳送網路服務請求至局端裝置,其中客戶端裝置對應於區域網路,並且局端裝置對應於廣域網路;響應於網路服務請求而傳送服務請求回應;以及根據服務請求回應監視對應於區域網路的第一網路資訊和對應於廣域網路的第二網路資訊。The invention provides a network service providing method, which is suitable for providing network services to a client device of a customer by a central office device of a telecommunications company. The network service providing method includes: sending a network service request from a client device to a local end device, wherein the client device corresponds to a local area network, and the local end device corresponds to a wide area network; and transmitting the service request in response to the network service request Response; and monitoring the first network information corresponding to the local area network and the second network information corresponding to the wide area network according to the service request response.

基於上述,本發明可使客戶端裝置能整合對應於客戶端裝置之區域網路、廣域網路以及其他區域網路的網路資訊,達到對網路的更完整的監視。Based on the above, the present invention enables the client device to integrate the network information corresponding to the client device's local area network, wide area network, and other local area networks to achieve a more complete monitoring of the network.

為讓本發明的上述特徵和優點能更明顯易懂,下文特舉實施例,並配合所附圖式作詳細說明如下。In order to make the above-mentioned features and advantages of the present invention more obvious and understandable, the embodiments are specifically described below in conjunction with the accompanying drawings for detailed description as follows.

為了讓區域網路的客戶端裝置獲得廣域網路或其他區域網路之網路資訊,本發明提出一種網路服務提供系統和網路服務提供方法。客戶端裝置可經由電信商的局端裝置取得對應於廣域網路或其他區域網路的網路資訊。In order for the client device of the local network to obtain the network information of the wide area network or other local networks, the present invention provides a network service providing system and a network service providing method. The client device can obtain the network information corresponding to the wide area network or other local area network through the central office device of the telecommunications provider.

圖1根據本發明的實施例繪示網路服務提供系統10的示意圖。網路服務提供系統10可包括局端(local end)裝置20和客戶端(client)裝置30。FIG. 1 is a schematic diagram of a network service providing system 10 according to an embodiment of the present invention. The network service providing system 10 may include a local end device 20 and a client device 30.

局端裝置20對應於廣域網路NW2,並且可以是廣域網路NW2的邊緣裝置(edge device)。供應網路服務之電信商(Internet service provider,ISP)可藉由局端裝置20來提供多樣化的網路服務給客戶端裝置30的使用者來使用。另一方面,客戶端裝置30對應於區域網路NW3,並且可以是區域網路NW3的邊緣裝置。客戶端裝置30可通訊連接至局端裝置20,並向局端裝置20傳送網路服務請求,以要求局端裝置20提供網路服務。局端裝置20及客戶端裝置30可例如是移動台、高級移動台(advanced mobile station,AMS)、伺服器、客戶端、桌上型電腦、筆記型電腦、網路型電腦、工作站、個人數位助理(personal digital assistant,PDA)、個人電腦機(personal computer,PC)、電話裝置、照相機、電視、掌上型遊戲機、音樂裝置或無線感測器等,本發明不限於此。The local end device 20 corresponds to the wide area network NW2, and may be an edge device of the wide area network NW2. An Internet service provider (ISP) that provides network services can use the central office device 20 to provide diversified network services to users of the client device 30 for use. On the other hand, the client device 30 corresponds to the local area network NW3, and may be an edge device of the local area network NW3. The client device 30 can be communicatively connected to the central office device 20 and send a network service request to the central office device 20 to request the central office device 20 to provide network services. The central office device 20 and the client device 30 may be, for example, mobile stations, advanced mobile stations (AMS), servers, clients, desktop computers, notebook computers, network computers, workstations, personal digital Assistants (personal digital assistants, PDAs), personal computers (PCs), telephone devices, cameras, televisions, handheld game consoles, music devices, wireless sensors, etc. The present invention is not limited thereto.

圖2根據本發明的實施例繪示局端裝置20的示意圖。局端裝置20可包括處理器210、儲存媒體220以及收發器230。FIG. 2 shows a schematic diagram of the central office device 20 according to an embodiment of the invention. The central office device 20 may include a processor 210, a storage medium 220, and a transceiver 230.

處理器210耦接儲存媒體220以及收發器230,並可存取及執行儲存於儲存媒體220中的多個模組。處理器210可例如是中央處理單元(central processing unit,CPU),或是其他可程式化之一般用途或特殊用途的微處理器(microprocessor)、數位信號處理器(digital signal processor,DSP)、可程式化控制器、特殊應用積體電路(application specific integrated circuit,ASIC)或其他類似元件或上述元件的組合,本發明不限於此。The processor 210 is coupled to the storage medium 220 and the transceiver 230, and can access and execute multiple modules stored in the storage medium 220. The processor 210 may be, for example, a central processing unit (CPU), or other programmable general-purpose or special-purpose microprocessor (microprocessor), digital signal processor (DSP), or A programmable controller, an application specific integrated circuit (ASIC) or other similar components or a combination of the above components, the invention is not limited thereto.

儲存媒體220用以儲存局端裝置20運行時所需的各項軟體、資料及各類程式碼。儲存媒體220可例如是任何型態的固定式或可移動式的隨機存取記憶體(random access memory,RAM)、唯讀記憶體(read-only memory,ROM)、快閃記憶體(flash memory)、硬碟(hard disk drive,HDD)、固態硬碟(solid state drive,SSD)或類似元件或上述元件的組合,本發明不限於此。在本實施例中,儲存媒體220可儲存多個模組,且該些模組包括應用程式介面(application programming interface,API)管控模組221、資料收集模組222、資料供應模組223以及認證授權資料模型224。The storage medium 220 is used to store various software, data, and various program codes required when the central office device 20 runs. The storage medium 220 may be, for example, any type of fixed or removable random access memory (RAM), read-only memory (ROM), flash memory (flash memory) ), hard disk drive (HDD), solid state drive (SSD) or similar components or a combination of the above components, the invention is not limited thereto. In this embodiment, the storage medium 220 can store multiple modules, and the modules include an application programming interface (API) management and control module 221, a data collection module 222, a data supply module 223, and authentication Authorization data model 224.

收發器230用以接收或傳送資料。在本實施例中,收發器230可基於超文本傳輸協定(hypertext transfer protocol,HTTP)來進行資料傳輸,但本發明不限於此。The transceiver 230 is used to receive or transmit data. In this embodiment, the transceiver 230 may perform data transmission based on a hypertext transfer protocol (HTTP), but the present invention is not limited thereto.

圖3根據本發明的實施例繪示客戶端裝置30的示意圖。客戶端裝置30可包括處理器310、儲存媒體320以及收發器330。FIG. 3 illustrates a schematic diagram of the client device 30 according to an embodiment of the present invention. The client device 30 may include a processor 310, a storage medium 320, and a transceiver 330.

處理器310耦接儲存媒體320以及收發器330,並可存取及執行儲存於儲存媒體320中的多個模組。處理器310可例如是中央處理單元,或是其他可程式化之一般用途或特殊用途的微處理器、數位信號處理器、可程式化控制器、特殊應用積體電路或其他類似元件或上述元件的組合,本發明不限於此。The processor 310 is coupled to the storage medium 320 and the transceiver 330, and can access and execute multiple modules stored in the storage medium 320. The processor 310 may be, for example, a central processing unit, or other programmable general-purpose or special-purpose microprocessors, digital signal processors, programmable controllers, application-specific integrated circuits, or other similar components or the aforementioned components The present invention is not limited to this combination.

儲存媒體320用以儲存客戶端裝置30運行時所需的各項軟體、資料及各類程式碼。儲存媒體320可例如是任何型態的固定式或可移動式的隨機存取記憶體、唯讀記憶體、快閃記憶體、硬碟、固態硬碟或類似元件或上述元件的組合,本發明不限於此。在本實施例中,儲存媒體220可儲存多個模組,且該些模組包括資料傳輸模組321、拓樸圖模組322、資料彙整模組323以及監控項目資料模型324。The storage medium 320 is used to store various software, data, and various program codes required by the client device 30 during operation. The storage medium 320 may be, for example, any type of fixed or removable random access memory, read-only memory, flash memory, hard disk, solid-state drive, or the like, or a combination thereof. The present invention Not limited to this. In this embodiment, the storage medium 220 can store multiple modules, and the modules include a data transmission module 321, a topology module 322, a data aggregation module 323, and a monitoring item data model 324.

收發器330用以接收或傳送資料。在本實施例中,收發器330可基於超文本傳輸協定來進行資料傳輸,但本發明不限於此。The transceiver 330 is used to receive or transmit data. In this embodiment, the transceiver 330 may perform data transmission based on the hypertext transmission protocol, but the present invention is not limited thereto.

回到圖1,在本實施例中,當客戶端裝置30欲使用特定的網路服務時,客戶端裝置30可傳送關聯於所述特定的網路服務的網路服務請求x至局端裝置20。舉例來說,客戶端裝置30可透過網路服務請求x向局端裝置20取得包括不同網路區域的網路資訊的服務請求回應y,諸如關聯於廣域網路MW2或各個區域網路(例如:區域網路NW3或區域網路NW4)的橋接狀態、服務品質、網路設備(例如:伺服器、路由器或防火牆等設備)的狀態、網路卡名稱、埠號、頻寬、網路卡對接關係、網路流量或拓樸資訊等屬於客戶端裝置30之監控項目的服務請求回應y。Returning to FIG. 1, in this embodiment, when the client device 30 wants to use a specific network service, the client device 30 may send a network service request x associated with the specific network service to the central office device 20. For example, the client device 30 may obtain the service request response y including network information of different network regions from the central office device 20 through the network service request x, such as associated with the wide area network MW2 or various regional networks (for example: LAN NW3 or LAN NW4) bridge status, service quality, status of network equipment (such as servers, routers, firewalls, etc.), network card name, port number, bandwidth, network card connection The service request response to the monitoring items of the client device 30, such as relationships, network traffic, or topology information, responds to y.

具體來說,客戶端裝置30的儲存媒體320可儲存監控項目資料模型324。監控項目資料模型324可包括可由使用者設定的多種參數,所述參數包括諸如客戶端裝置30之使用者欲監控之區域網路/廣域網路、欲監控之監控項目或欲進行監控之頻率等相關參數。客戶端裝置30可根據監控項目資料模型324產生對應於客戶端裝置30所欲監控之區域網路/廣域網路之網路資訊的網路服務請求x。接著,客戶端裝置30可透過資料傳輸模組321傳輸網路服務請求x,並且響應於傳輸網路服務請求x而透過資料傳輸模組321接收關聯於監控項目資料模型324的服務請求回應y,其中網路服務請求x或服務請求回應y可關聯於局端裝置20所在的廣域網路NW2或關聯於除了區域網路NW3以外的區域網路(例如:區域網路NW4)。Specifically, the storage medium 320 of the client device 30 can store the monitoring item data model 324. The monitoring item data model 324 may include various parameters that can be set by the user, such as the local network/wide area network that the user of the client device 30 wants to monitor, the monitoring items to be monitored, or the frequency to be monitored, etc. parameter. The client device 30 can generate a network service request x corresponding to the network information of the local network/wide area network to be monitored by the client device 30 according to the monitoring item data model 324. Then, the client device 30 can transmit the network service request x through the data transmission module 321, and receive the service request response y associated with the monitoring item data model 324 through the data transmission module 321 in response to the transmission network service request x, The network service request x or the service request response y may be associated with the wide area network NW2 where the central office device 20 is located or with a local area network other than the local area network NW3 (for example: local area network NW4).

一般來說,區域網路NW3中的客戶端裝置30並無法取得除了對應於區域網路NW3以外的相關網路資訊。然而,在本實施例中,客戶端裝置30可透過傳送網路服務請求x來請求ISP的局端裝置20提供關聯於於廣域網路NW2、區域網路NW4或其他由ISP所管理的區域網路的服務請求回應y,其中服務請求回應y對應於客戶端裝置30欲監控之監控項目。Generally speaking, the client device 30 in the local area network NW3 cannot obtain related network information other than that corresponding to the local area network NW3. However, in this embodiment, the client device 30 can request the ISP's central office device 20 to provide the WAN associated with the wide area network NW2, the local area network NW4, or other regional networks managed by the ISP by sending the network service request x Service request response y, where the service request response y corresponds to the monitoring item that the client device 30 wants to monitor.

在一些實施例中,客戶端裝置30可收集與區域網路NW3相關的網路資訊,並將該網路資訊上傳至局端裝置20以供查詢。舉例來說,若客戶端裝置40欲取得區域網路NW3的網路資訊,客戶端裝置40可向局端裝置20發出網路服務請求x1。局端裝置20可根據網路服務請求x1而將客戶端裝置30上傳的區域網路NW3的網路資訊轉發給客戶端裝置40。具體來說,客戶端裝置30可透過資料彙整模組323收集區域網路NW3的網路資訊,並將網路資訊傳送給資料傳輸模組321,上述的網路資訊可關聯於客戶端裝置30的監控項目資料模型324,換言之,所述網路資訊與客戶端裝置30之使用者所欲監控之監控項目有關。另一方面,局端裝置20也可以根據局端裝置20或客戶端裝置40的需求而發出訊息至客戶端裝置30,從而指定資料彙整模組323需收集的網路資訊的內容。資料傳輸模組321可透過收發器330將區域網路NW3的網路資訊上傳給局端裝置20。局端裝置20可將包括區域網路NW3的網路資訊的服務請求回應y1傳送給客戶端裝置40。In some embodiments, the client device 30 may collect network information related to the local area network NW3 and upload the network information to the central office device 20 for query. For example, if the client device 40 wants to obtain the network information of the local area network NW3, the client device 40 may send a network service request x1 to the central office device 20. The central office device 20 can forward the network information of the local network NW3 uploaded by the client device 30 to the client device 40 according to the network service request x1. Specifically, the client device 30 can collect the network information of the local area network NW3 through the data integration module 323 and send the network information to the data transmission module 321. The above network information can be associated with the client device 30 Monitoring item data model 324, in other words, the network information is related to the monitoring item that the user of the client device 30 wants to monitor. On the other hand, the central office device 20 can also send a message to the client device 30 according to the requirements of the central office device 20 or the client device 40 to specify the content of the network information that the data aggregation module 323 needs to collect. The data transmission module 321 can upload the network information of the local network NW3 to the central office device 20 through the transceiver 330. The central office device 20 may send a service request response y1 including network information of the local area network NW3 to the client device 40.

局端裝置20的API管控模組221可透過收發器230接收來自客戶端裝置30的網路服務請求x,並且響應於網路服務請求x而透過收發器230傳送服務請求回應y至客戶端裝置30。The API management module 221 of the central office device 20 can receive the network service request x from the client device 30 through the transceiver 230 and send a service request response y to the client device through the transceiver 230 in response to the network service request x 30.

具體來說,在網路服務請求x後,局端裝置20的資料收集模組222可判斷網路服務請求x關聯於廣域網路NW2、區域網路NW4及/或其他由局端裝置20所管理的區域網路。接著,資料收集模組222可根據網路服務請求x收集對應於廣域網路NW2、區域網路NW4及/或其他由局端裝置20所管理的區域網路的網路資訊。上述的網路資訊關聯於客戶端裝置30的監控項目資料模型324,換言之,所述網路資訊與客戶端裝置30之使用者所欲監控之監控項目有關。依據電路分類的不同,資料收集模組222可以虛擬私有網路(virtual private network,VPN)、軟體定義廣域網路(software-defined wide area network,SDWAN)或寬頻電路等技術實施,本發明不限於此。在一些實施例中,客戶端裝置30的資料傳輸模組321可根據監控項目資料模型324的設定而在每300秒將VPN、SDWAN、寬頻電路等三個監控項目當作參數,發送網路服務請求x至局端裝置20。Specifically, after the network service request x, the data collection module 222 of the central office device 20 can determine that the network service request x is associated with the wide area network NW2, the local area network NW4, and/or others managed by the central office device 20 Local area network. Then, the data collection module 222 may collect network information corresponding to the wide area network NW2, the local area network NW4, and/or other local area networks managed by the central office device 20 according to the network service request x. The above-mentioned network information is related to the monitoring item data model 324 of the client device 30. In other words, the network information is related to the monitoring items that the user of the client device 30 wants to monitor. According to different circuit classifications, the data collection module 222 can be implemented by technologies such as virtual private network (VPN), software-defined wide area network (SDWAN) or broadband circuit, and the invention is not limited to this . In some embodiments, the data transmission module 321 of the client device 30 can send the network service by using three monitoring items such as VPN, SDWAN, and broadband circuit as parameters every 300 seconds according to the setting of the monitoring item data model 324 Request x to the central office device 20.

在收集完網路資訊後,資料收集模組222可將網路資訊傳送給資料供應模組223。資料供應模組223可將網路資訊轉換為服務請求回應y,並將服務請求回應y供應給API管控模組221。API管控模組221可透過收發器230將服務請求回應y傳送至客戶端裝置30。After collecting the network information, the data collection module 222 can send the network information to the data supply module 223. The data supply module 223 can convert the network information into a service request response y, and supply the service request response y to the API management module 221. The API management module 221 can send the service request response y to the client device 30 through the transceiver 230.

在接收到服務請求回應y後,客戶端裝置30可根據服務請求回應y監視區域網路NW3的網路資訊以及廣域網路NW2(或區域網路NW4)的網路資訊。具體來說,服務請求回應y可包括廣域網路NW2(或區域網路NW4)的網路資訊。客戶端裝置30的拓樸圖模組322可根據服務請求回應y提供之廣域網路NW2(或區域網路NW4)的網路資訊以及由資料彙整模組323收集的區域網路NW3的網路資訊產生跨網區拓樸圖,跨網區拓樸圖可完整地呈現與區域網路NW3以及廣域網路NW2(或區域網路NW4)相關的監控項目之資訊,及/或區域網路NW3和廣域網路NW2(或區域網路NW4)之間的連接關係等網路資訊。After receiving the service request response y, the client device 30 can monitor the network information of the local area network NW3 and the network information of the wide area network NW2 (or the local area network NW4) according to the service request response y. Specifically, the service request response y may include network information of the wide area network NW2 (or local area network NW4). The topology module 322 of the client device 30 can respond to the network information of the wide area network NW2 (or the local area network NW4) provided by y and the network information of the local area network NW3 collected by the data aggregation module 323 according to the service request Generate cross-region topology maps, which can completely present the information of monitoring items related to the local area network NW3 and wide area network NW2 (or local area network NW4), and/or regional network NW3 and wide area network Network information such as the connection relationship between the road NW2 (or local area network NW4).

在一些實施例中,客戶端裝置30需通過局端裝置20的認證,才可自局端裝置20取得包括網路資訊的服務請求回應y。具體來說,客戶端裝置30的資料傳輸模組321可透過收發器330將客戶端裝置30的身分認證資訊傳送給局端裝置20。客戶端裝置30可響應於身分認證資訊正確而透過收發器330接收來自局端裝置20的服務請求回應y。In some embodiments, the client device 30 needs to pass the authentication of the central device 20 before it can obtain a service request response y including network information from the central device 20. Specifically, the data transmission module 321 of the client device 30 can transmit the identity authentication information of the client device 30 to the central office device 20 through the transceiver 330. The client device 30 can receive the service request response y from the central office device 20 through the transceiver 330 in response to the identity authentication information being correct.

另一方面,局端裝置20的API管控模組221可透過收發器230自客戶端裝置30接收客戶端裝置30的身分認證資訊,並且根據認證授權資料模型224判斷客戶端裝置30的身分認證資訊是否正確。若身分認證資訊正確,代表客戶端裝置30為合法的網路服務使用者。據此,API管控模組221可基於客戶端裝置30的身分認證資訊正確而透過收發器230傳送服務請求回應y至客戶端裝置30。On the other hand, the API management module 221 of the central office device 20 can receive the identity authentication information of the client device 30 from the client device 30 through the transceiver 230, and determine the identity authentication information of the client device 30 according to the authentication authorization data model 224 is it right or not. If the identity authentication information is correct, it means that the client device 30 is a legitimate network service user. According to this, the API management module 221 can send the service request response y to the client device 30 through the transceiver 230 based on the correct identity authentication information of the client device 30.

具體來說,局端裝置20的儲存媒體220可儲存授權資料模型224。授權資料模型224可包括由ISP設定的多種參數,所述參數包括諸如具有廣域網路或其他區域網路之網路資訊的查詢權限的客戶端裝置名稱、客戶端裝置被授權的拓樸查詢範圍等相關參數。API管控模組221可基於授權資料模型224而根據客戶端裝置30的身分認證資訊判斷客戶端裝置30是否具有查詢權限(即:客戶端裝置30為合法的網路服務使用者)以及其被授權的拓樸查詢範圍。表1記載了授權資料模型224的設定範例。 表1

Figure 107144416-A0305-0001
ISP定義出此授權資料模型,當客戶端所在的區域網路通過認證後,取得此由ISP 配發的授權資料,再用此授權資料,向ISP進行查詢,其中API管控模組221根據「auth」括弧內的「user/token」之內容來進行身分認證資訊的判斷、「Group_A」括弧內的「server」代表對應之區域網路被授權的拓樸查詢範圍。V、S及B分別代表VPN、SDWAN及寬頻電路。 Specifically, the storage medium 220 of the central office device 20 may store the authorization data model 224. The authorization data model 224 may include various parameters set by the ISP, such as the name of the client device with the query authority of the network information of the wide area network or other local area network, the topological query range of the client device that is authorized, etc. Related parameters. Based on the authorization data model 224, the API management module 221 can determine whether the client device 30 has a query authority (ie, the client device 30 is a legitimate network service user) and is authorized based on the identity authentication information of the client device 30 Of the topological query range. Table 1 describes setting examples of the authorization data model 224. Table 1
Figure 107144416-A0305-0001
 The ISP defines this authorization data model. After the client’s local area network passes the authentication, the authorization data distributed by the ISP is obtained, and then the authorization data is used to query the ISP. The API management and control module 221 is based on "auth The content of "user/token" in the brackets is used to judge the identity authentication information, and the "server" in the brackets of "Group_A" represents the authorized topology query range of the corresponding local area network. V, S, and B represent VPN, SDWAN, and broadband circuits, respectively.

若客戶端裝置30具有查詢權限,則API管控模組221可透過收發器230傳送服務請求回應y至客戶端裝置30,其中服務請求回應y包括了關聯於客戶端裝置30被授權的拓樸查詢範圍的相關資訊。If the client device 30 has query authority, the API management module 221 may send a service request response y to the client device 30 through the transceiver 230, where the service request response y includes the topology query associated with the client device 30 being authorized Information about the scope.

圖4根據本發明的實施例繪示網路服務提供方法400的流程圖,其中網路服務提供方法400適於由ISP的局端裝置向客戶的客戶端裝置提供網路服務,且網路服務提供方法400可由如圖1所示的網路服務提供系統10實施。在步驟S410,由客戶端裝置傳送網路服務請求至局端裝置,其中客戶端裝置對應於區域網路,並且局端裝置對應於廣域網路。在步驟S420,響應於網路服務請求而傳送服務請求回應。在步驟S430,根據服務請求回應監視對應於區域網路的第一網路資訊和對應於廣域網路的第二網路資訊。FIG. 4 illustrates a flowchart of a network service providing method 400 according to an embodiment of the present invention, wherein the network service providing method 400 is suitable for providing network services to client client devices of an ISP from a central office device of an ISP, and the network services The providing method 400 may be implemented by the network service providing system 10 shown in FIG. 1. In step S410, the client device sends a network service request to the local end device, where the client device corresponds to the local area network and the local end device corresponds to the wide area network. In step S420, a service request response is sent in response to the network service request. In step S430, the first network information corresponding to the local area network and the second network information corresponding to the wide area network are monitored in response to the service request.

綜上所述,本發明的局端裝置可開放API介面供客戶端裝置存取。經過授權的客戶端裝置可自局端裝置的API介面接收廣域網路或其他範圍之區域網路的拓樸資訊。此外,客戶端裝置可收集對應的區域網路的網路資訊,並將該網路資訊傳送給局端裝置。基於本發明,客戶端裝置可整合對應於客戶端裝置之區域網路、廣域網路以及其他區域網路的網路資訊,達到對網路的更完整的監視。In summary, the central device of the present invention can open an API interface for client devices to access. The authorized client device can receive the topology information of the wide area network or other area network from the API interface of the local end device. In addition, the client device can collect the network information of the corresponding local area network and send the network information to the central office device. Based on the present invention, the client device can integrate network information corresponding to the client device's local area network, wide area network, and other local area networks to achieve a more complete monitoring of the network.

雖然本發明已以實施例揭露如上,然其並非用以限定本發明,任何所屬技術領域中具有通常知識者,在不脫離本發明的精神和範圍內,當可作些許的更動與潤飾,故本發明的保護範圍當視後附的申請專利範圍所界定者為準。Although the present invention has been disclosed as above with examples, it is not intended to limit the present invention. Any person with ordinary knowledge in the technical field can make some changes and modifications without departing from the spirit and scope of the present invention. The scope of protection of the present invention shall be subject to the scope defined in the appended patent application.

10:網路服務提供系統 20:局端裝置 210、310:處理器 220、320:儲存媒體 221:應用程式介面管控模組 222:資料收集模組 223:資料供應模組 224:認證授權資料模型 230、330:收發器 30、40:客戶端裝置 321:資料傳輸模組 322:拓樸圖模組 323:資料彙整模組 324:監控項目資料模型 400:網路服務提供方法 NW2:廣域網路 NW3、NW4:區域網路 S410、S420、S430:步驟 x、x1:網路服務請求 y、y1:服務請求回應10: Network service providing system 20: central office device 210, 310: processor 220, 320: storage media 221: Application interface control module 222: Data collection module 223: Data supply module 224: Authentication and authorization data model 230, 330: transceiver 30, 40: client device 321: Data transmission module 322: Topology module 323: Data aggregation module 324: Monitoring project data model 400: Network service provision method NW2: Wide area network NW3, NW4: LAN S410, S420, S430: steps x, x1: network service request y, y1: service request response

圖1根據本發明的實施例繪示網路服務提供系統的示意圖。 圖2根據本發明的實施例繪示局端裝置的示意圖。 圖3根據本發明的實施例繪示客戶端裝置的示意圖。 圖4根據本發明的實施例繪示網路服務提供方法的流程圖。FIG. 1 is a schematic diagram of a network service providing system according to an embodiment of the present invention. FIG. 2 illustrates a schematic diagram of a central office device according to an embodiment of the present invention. FIG. 3 is a schematic diagram of a client device according to an embodiment of the invention. FIG. 4 illustrates a flowchart of a network service providing method according to an embodiment of the present invention.

10:網路服務提供系統 10: Network service providing system

20:局端裝置 20: central office device

30、40:客戶端裝置 30, 40: client device

NW2:廣域網路 NW2: Wide area network

NW3、NW4:區域網路 NW3, NW4: LAN

x、x1:網路服務請求 x, x1: network service request

y、y1:服務請求回應 y, y1: service request response

Claims (10)

一種網路服務提供系統,適於由電信商向客戶提供網路服務,該網路服務提供系統包括: 客戶端裝置,對應於區域網路;以及 局端裝置,對應於廣域網路,該局端裝置通訊連接至該客戶端裝置,其中 該客戶端裝置傳送網路服務請求至該局端裝置; 該局端裝置響應於該網路服務請求而傳送服務請求回應至該客戶端裝置;以及 該客戶端裝置根據該服務請求回應監視對應於該區域網路的第一網路資訊和對應於該廣域網路的第二網路資訊。A network service providing system suitable for providing network services to customers by telecommunications providers. The network service providing system includes: a client device corresponding to a local area network; and a local end device corresponding to a wide area network, the local end The device is communicatively connected to the client device, wherein the client device sends a network service request to the central office device; the central office device sends a service request response to the client device in response to the network service request; and the client The end device responds to monitor the first network information corresponding to the local area network and the second network information corresponding to the wide area network according to the service request. 如申請專利範圍第1項所述的網路服務提供系統,其中該客戶端裝置包括: 收發器,接收或傳送資料; 儲存媒體,儲存多個模組以及監控項目資料模型,其中該服務請求回應對應於該監控項目模型;以及 處理器,耦接該收發器和該儲存媒體,該處理器存取並執行該些模組,且該些模組包括: 資料傳輸模組,透過該收發器將該客戶端裝置的身分認證資訊傳送至該局端裝置,並響應於該身分認證資訊正確而透過該收發器接收來自該局端裝置的該服務請求回應;以及 拓樸圖模組,根據該第一網路資訊和該第二網路資訊產生跨網區拓樸圖,其中該服務請求回應包括該第二網路資訊,並且該第一網路資訊和該第二網路資訊對應於該監控項目資料模型。The network service providing system as described in item 1 of the patent application scope, wherein the client device includes: a transceiver to receive or transmit data; a storage medium to store multiple modules and a monitoring project data model, wherein the service request responds Corresponding to the monitoring item model; and a processor, coupled to the transceiver and the storage medium, the processor accesses and executes the modules, and the modules include: a data transmission module, through which the transceiver will The identity authentication information of the client device is sent to the central office device, and in response to the identity authentication information being correct, the service request response from the central office device is received through the transceiver; and the topology module, according to the first A network information and the second network information generate a cross-domain topology map, wherein the service request response includes the second network information, and the first network information and the second network information correspond to the monitoring Project data model. 如申請專利範圍第2項所述的網路服務提供系統,其中該些模組更包括: 資料彙整模組,根據該監控項目資料模型收集該區域網路的該第一網路資訊,並透過該資料傳輸模組將該第一網路資訊傳送至該局端裝置。The network service providing system as described in item 2 of the patent application scope, wherein the modules further include: a data aggregation module, which collects the first network information of the regional network according to the data model of the monitoring item, and through The data transmission module transmits the first network information to the central office device. 如申請專利範圍第1項所述的網路服務提供系統,其中該局端裝置包括: 收發器,接收或傳送資料; 儲存媒體,儲存多個模組以及認證授權資料模型;以及 處理器,耦接該收發器和該儲存媒體,該處理器存取並執行該些模組,且該些模組包括: 應用程式介面管控模組,透過該收發器自該客戶端裝置接收該網路服務請求及身分認證資訊,並根據該認證授權資料模型判斷該身分認證資訊是否正確,其中該應用程式介面管控模組基於該身分認證資訊正確而透過該收發器傳送該服務請求回應至該客戶端裝置; 資料收集模組,根據該網路服務請求收集該廣域網路的該第二網路資訊,其中該第二網路資訊對應於該監控項目資料模型;以及 資料供應模組,將該第二網路資訊轉換為該服務請求回應,並供應該服務請求回應給該應用程式介面管控模組。The network service providing system as described in item 1 of the patent application scope, wherein the central office device includes: a transceiver to receive or transmit data; a storage medium to store multiple modules and an authentication and authorization data model; and a processor to couple Connected to the transceiver and the storage medium, the processor accesses and executes the modules, and the modules include: an application program interface control module that receives the network service request from the client device through the transceiver And identity authentication information, and determine whether the identity authentication information is correct according to the authentication authorization data model, wherein the application interface management control module sends the service request response to the client device through the transceiver based on the identity authentication information is correct; The data collection module collects the second network information of the wide area network according to the network service request, wherein the second network information corresponds to the monitoring item data model; and the data supply module, the second network The information is converted into the service request response, and the service request response is supplied to the application interface management and control module. 如申請專利範圍第4項所述的網路服務提供系統,其中該資料收集模組根據該網路服務請求收集第二區域網路的網路資訊,其中該網路服務請求關聯於該第二區域網路,並且該服務請求回應包括對應於該第二區域網路的拓樸資訊。The network service providing system as described in item 4 of the patent application scope, wherein the data collection module collects network information of the second local area network according to the network service request, wherein the network service request is associated with the second A local area network, and the service request response includes topology information corresponding to the second local area network. 一種網路服務提供方法,適於由電信商的局端裝置向客戶的客戶端裝置提供網路服務,該網路服務提供方法包括: 由該客戶端裝置傳送網路服務請求至該局端裝置,其中該客戶端裝置對應於區域網路,並且該局端裝置對應於廣域網路; 響應於該網路服務請求而傳送服務請求回應;以及 根據該服務請求回應監視對應於該區域網路的第一網路資訊和對應於該廣域網路的第二網路資訊。A network service providing method suitable for providing network services to a client device of a customer by a central office device of a telecommunications provider, the network service providing method includes: transmitting a network service request from the client device to the central office device , Where the client device corresponds to a local area network, and the central office device corresponds to a wide area network; send a service request response in response to the network service request; and monitor the first corresponding to the local network based on the service request response One network information and the second network information corresponding to the wide area network. 如申請專利範圍第6項所述的網路服務提供方法,更包括: 傳送該客戶端裝置的身分認證資訊,並響應於該身分認證資訊正確而接收該服務請求回應;以及 根據該第一網路資訊和該第二網路資訊產生跨網區拓樸圖,其中該服務請求回應包括該第二網路資訊。The network service providing method as described in item 6 of the patent application scope further includes: transmitting identity authentication information of the client device and receiving the service request response in response to the identity authentication information being correct; and according to the first network The road information and the second network information generate a cross-network topology map, wherein the service request response includes the second network information. 如申請專利範圍第7項所述的網路服務提供方法,更包括: 收集該區域網路的該第一網路資訊。The network service providing method described in item 7 of the scope of the patent application further includes: collecting the first network information of the local area network. 如申請專利範圍第6項所述的網路服務提供方法,更包括: 接收該網路服務請求及身分認證資訊,並根據認證授權資料模型判斷該身分認證資訊是否正確; 基於該身分認證資訊正確而傳送該服務請求回應;以及 根據該網路服務請求收集該廣域網路的該第二網路資訊。The network service provision method as described in item 6 of the patent application scope further includes: receiving the network service request and identity authentication information, and judging whether the identity authentication information is correct according to the authentication authorization data model; based on the identity authentication information is correct Transmitting the service request response; and collecting the second network information of the wide area network according to the network service request. 如申請專利範圍第9項所述的網路服務提供方法,更包括: 根據該網路服務請求收集第二區域網路的網路資訊,其中該網路服務請求關聯於該第二區域網路,並且該服務請求回應包括對應於該第二區域網路的拓樸資訊。The network service providing method described in item 9 of the scope of the patent application further includes: collecting network information of the second local area network according to the network service request, wherein the network service request is associated with the second local area network And the service request response includes topology information corresponding to the second local area network.
TW107144416A 2018-12-11 2018-12-11 Network service providing system and network service providing method TWI692221B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW107144416A TWI692221B (en) 2018-12-11 2018-12-11 Network service providing system and network service providing method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW107144416A TWI692221B (en) 2018-12-11 2018-12-11 Network service providing system and network service providing method

Publications (2)

Publication Number Publication Date
TWI692221B true TWI692221B (en) 2020-04-21
TW202023240A TW202023240A (en) 2020-06-16

Family

ID=71134539

Family Applications (1)

Application Number Title Priority Date Filing Date
TW107144416A TWI692221B (en) 2018-12-11 2018-12-11 Network service providing system and network service providing method

Country Status (1)

Country Link
TW (1) TWI692221B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6067093A (en) * 1996-08-14 2000-05-23 Novell, Inc. Method and apparatus for organizing objects of a network map
US7706369B2 (en) * 2002-03-01 2010-04-27 Enterasys Networks, Inc. Location discovery in a data network
US20140321298A1 (en) * 2011-01-12 2014-10-30 Adaptive Spectrum And Signal Alignment, Inc. Systems and methods for jointly optimizing wan and lan network communications
TW201543847A (en) * 2014-05-06 2015-11-16 Silicon Image Inc Network topology discovery

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6067093A (en) * 1996-08-14 2000-05-23 Novell, Inc. Method and apparatus for organizing objects of a network map
US7706369B2 (en) * 2002-03-01 2010-04-27 Enterasys Networks, Inc. Location discovery in a data network
US20140321298A1 (en) * 2011-01-12 2014-10-30 Adaptive Spectrum And Signal Alignment, Inc. Systems and methods for jointly optimizing wan and lan network communications
TW201543847A (en) * 2014-05-06 2015-11-16 Silicon Image Inc Network topology discovery

Also Published As

Publication number Publication date
TW202023240A (en) 2020-06-16

Similar Documents

Publication Publication Date Title
KR102298268B1 (en) An apparatus for network monitoring based on edge computing and method thereof, and system
US10951495B2 (en) Application signature generation and distribution
CN105637805B (en) Enhance mobile alternate channel to solve the node failure in wired networks
EP2429122B1 (en) Method and apparatus for performing abstraction for logic topology information of peer to peer technology network
US8537709B2 (en) Network device, and multi-wide area network interface selection module and method
WO2017107780A1 (en) Method, device and system for recognizing illegitimate proxy for charging fraud
US8887243B2 (en) Integrated security platform
TW201204098A (en) Dynamic service groups based on session attributes
US20200329360A1 (en) Method and system for discovering user equipment in a network
US10374946B2 (en) Centralized wireless network management system
WO2015123990A1 (en) Page push method, device, server and system
WO2018039901A1 (en) Method, device and system for ip address allocation, and computer program product
WO2016202224A1 (en) Method and device for adjusting transport layer parameter
US20040054781A1 (en) Method for establishing point to point or point to multiple points internet connection(s)
CN112822208A (en) Internet of things equipment identification method and system based on block chain
TWI692221B (en) Network service providing system and network service providing method
CN109981462B (en) Message processing method and device
JP6975736B2 (en) How to manage bridges and networks
JP2018038002A (en) Policy management system, policy management method, and policy management device
WO2015192572A1 (en) Method, apparatus and system for configuring quality of service (qos) parameters
JP5778862B2 (en) Method and virtual IDM server for implementing cloud-based ID management (C-IDM)
JP5292335B2 (en) Connection destination node selection method, apparatus and program
CN115333885B (en) Smart home privacy protection method and device based on federal learning
JP2013168036A (en) Authentication method, edge node and authentication server
WO2018112796A1 (en) Service data policy control method, operator device and server