CN100355313C - Method for preventing terminal user from illegal roaming - Google Patents
Method for preventing terminal user from illegal roaming Download PDFInfo
- Publication number
- CN100355313C CN100355313C CNB2004100500530A CN200410050053A CN100355313C CN 100355313 C CN100355313 C CN 100355313C CN B2004100500530 A CNB2004100500530 A CN B2004100500530A CN 200410050053 A CN200410050053 A CN 200410050053A CN 100355313 C CN100355313 C CN 100355313C
- Authority
- CN
- China
- Prior art keywords
- user
- information
- roaming
- address
- address field
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention discloses a method for preventing terminal users from illegal roam, which comprises that corresponding relation between the user ID information of a roam authorized user and a registrable IP address domain of the user is established; a registrable IP address domain corresponding to the user ID information in a current registration request is looked up via the corresponding relation established between the ID information and the registrable IP address domain after a user registration request comprising the user ID information and the IP address is received; whether the user IP address in the current registration request is in the range of which can be looked up or not is judged, if the user IP address is in the range of the IP address domain which can be looked up, user registration is executed, or otherwise, the process is terminated. The project of the present invention can be used for limiting the access IP address of users and preventing the users from illegal roam.
Description
Technical field
The present invention relates to roaming technology, be meant the method that a kind of terminal use of preventing illegally roams by IP network especially based on Internet protocol (IP) network.
Background technology
Along with development of Communication Technique, various types of communication networks move towards to merge just gradually, and a lot of new business have been brought thus, such as: the services of roaming of IP based network, the user not only can realize voice call between the strange land by this services of roaming, can also carry out multiple information interchanges such as short message, multimedia, thereby be subjected to the generally attention of industry.
What development in recent years was got up is next generation network (NGN) technology of core with soft switch and packet-switch technology, because it has broad application prospects and can satisfy people's variation, personalized business demand, has become one of focus that industry pays close attention to most.
NGN is based on Internet protocol (IP) technique construction, and in principle, as long as can visit from the IP layer, the user just can be linked in the NGN network.Because the interoperability of IP network, as: transworld internet (Internet), so the natural characteristic with the roaming supported of NGN network, carry out the direction that services of roaming will be future development in NGN.
But because IP network, the NGN terminal use can insert the NGN system from the optional position, and the IP address that the user is adopted when inserting is fixing usually, can have certain mobility scale.Particularly in the occasion of having used agency (PROXY) equipment, terminal will be registered by PROXY, and the terminal address that the NGN system is seen all is the address of PROXY, and not have real user profile.In this case, though in present NGN system, for subscriber authorisation the time, write down the relevant attribute that whether allows the user to roam, but for above-mentioned reasons, still can't prevent the generation of some illegal browse phenomenons of user, such as: opened the user of services of roaming in a city, go on business the other places in addition abroad after, still can insert the NGN system by IP network and roam, and enjoy Freight Basis when roaming in former city.
Like this, will cause the confusion of chargeing and serving in the network operation, be unfavorable for Virtual network operator exploitation and development services of roaming.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of method of the terminal use's of preventing illegal browse, and user's access IP address is limited, and prevents the generation of user's illegal browse phenomenon.
According to above-mentioned purpose a kind of method that prevents terminal use's illegal browse provided by the invention, comprising:
A) corresponding relation of user identity (ID) information of foundation roaming authorized user and this user's registrable IP address field;
B) when receive include user ID information and IP address user register requirement after, judge whether the user ID information in the current register requirement is kept in the corresponding relation of described id information and registrable IP address field, if, then the id information of setting up by step a) is searched the corresponding registrable IP address field of user ID information, execution in step c then in the current register requirement with registrable IP address field corresponding relation); Otherwise, carry out the default process mechanism of non-roaming authorized user, jump out this flow process then;
C) judge the IP address that comprises in the current register requirement whether in the IP address field scope that step b) obtains, if, then carry out user registration process, otherwise, termination process.
If this method active user is not the roaming authorized user, judge then whether the default process mechanism of non-roaming authorized user allows registration, if then register; Otherwise, termination process.
This method further comprises: according to the different roaming authorities of roaming authorized user, the id information that will have identical roaming authority user is divided into same ID group;
Described step a) is to set up the corresponding relation of user's registrable IP address field in each ID group and this ID group;
Step b) is described to be comprised after receiving registration request from user: judge ID group under this user ID information according to the user ID information in the register requirement, search this ID according to the corresponding relation of the registrable IP address field of user in ID group and this ID group and organize corresponding registrable IP address field.
The id information that this method is provided with identical roaming authority user has identical ID feature, and described ID group is the id information set with identical ID feature of the identical roaming authority of representative.
The described id information of this method is that telephone number or domain names or the two comprise simultaneously.
From above as can be seen, the user ID information of the method that prevents terminal use's illegal browse provided by the invention by setting up the roaming authorized user and the corresponding relation of this user's registrable IP address field, and when the user carries out the registration of network insertion, judge whether the IP address that the user adopts belongs in the registrable IP address field scope of this user ID information correspondence, draw the whether legal conclusion in IP address that this user adopts, and forbid the mode that illegal IP address user registers, thereby prevented that the user from adopting illegal IP address to roam.The present invention program realizes simply, effectively, can be provided with flexibly according to different network condition, need not to increase operation cost, and, have stronger practicality applicable to the different situation of user's roaming authority.
Description of drawings
Fig. 1 is the classical group web frame schematic diagram of the employing PROXY of the preferred embodiment of the present invention;
Fig. 2 be in the preferred embodiment of the present invention PROXY to the handling process schematic diagram of user's register requirement.
Embodiment
The present invention is further described in more detail below in conjunction with drawings and the specific embodiments.
Consider that user terminal when operation such as starting shooting, needs to carry out the registration process of access network, and the id information and the IP address that in this process, need to submit to user terminal.Utilize these characteristics core concept of the present invention to be: the corresponding relation of the user ID information of foundation roaming authorized user and this user's registrable IP address field; When the user carried out register requirement, the id information that passes through to be set up was searched the corresponding registrable IP address field of user ID information in the current register requirement with registrable IP address field corresponding relation; And judge the IP address that comprises in the current register requirement whether in searching the IP address field scope that obtains, if, then carry out user registration process, otherwise, termination process.Access IP address when registering by limited subscriber like this, and then limited subscriber adopts illegal IP address to roam.
The preferred embodiments of the invention realize by PROXY equipment in the NGN net, this is for the terminal use because of PROXY equipment, can be regarded as the server end equipment of NGN network, such as being soft switch or gatekeeper, message such as the registration of terminal and calling all can be issued PROXY equipment earlier.PROXY equipment is transmitted to real server apparatus after treatment again.Simultaneously, PROXY equipment can be regarded as the terminal use again for server apparatus.Server is at first issued PROXY equipment to information such as call requests, and PROXY equipment is transmitted to real terminal use again through after handling.PROXY has participated in the full detail interaction flow between user terminal and the server.And in reciprocal process, PROXY can obtain terminal use's IP address information by the login request message of user terminal, and user's information such as ID.User's id information can be a number format, as: telephone number 82881008; Or Domain Name Form registering sites, as: email address user@huawei.com, can certainly take other form.Like this, the specific descriptions of this preferred embodiment are as follows:
At first, set up user's the id information and the binding relationship of registrable IP address field.
Consider for the non-roaming user who is not authorized to enjoy services of roaming, under most of situation, be only to allow in same city or roaming among a small circle in,, can have certain IP address field excursion though the IP address during access can be definitely unfixing.For the roamer, as a rule also should be divided into the claim limitation of different stage, roam at home such as allowing, do not allow international roaming or the like, also there is the corresponding IP address segment limit in the roamer of different stage.Like this in conjunction with present actual conditions, and it is put in order optimization, thus be the user of different rights, comprise the roamer and the non-roaming user of different stage, distribute different IP address field scopes, thereby the IP address field that makes user right and user allow to insert is mapped.Such as: the address field of international roaming is the IP address field with the 192.168.1 beginning; The address field of National roaming is the IP address field with the 10.2.0 beginning; Also can be with the form of a plurality of IP address fields combination, be respectively with 192.168.0 and the IP address field that starts with 10.2.9 such as: the address field of certain roaming authority.In addition, those skilled in the art should find out, can also take other form to divide the IP address field, so long as user's roaming authority and certain corresponding getting final product of IP address range.
For the user who authorizes roaming, according to the restriction rank difference of user roaming user's id information is divided into more than one group, identical authority user's id information is divided into one group, and identifies with a group number, thereby makes the ID group of authorized user corresponding with roaming authority.Consider in the actual conditions, user's id information also has certain rules according to user's roaming authority difference, such as: suffix be all the user may have same roaming authority, therefore preferably, the ID that has same characteristic features for user's distribution of identical roaming authority, such as preceding four of: the ID of number format is that 8288 user's roaming authority is international roaming, and preceding four of number ID is that 8284~8287 user's roaming authority is a National roaming; And the user's of Domain Name Form registering sites suffix suffix @huawei.com roaming authority is domestic part city roaming etc.Regular like this setting will make things convenient for later judgement and search.Certainly, each ID group also can be made up of the form of some ID set without any rule.
The user ID group and the IP address field that will have identical roaming authority are bound, and set up the user right table, and ginseng is shown in Table 1.
Authority | International roaming | National roaming | Domestic part roaming |
The user ID group number | 1 | 2 | 3 |
IP address field number | A | B | C |
Table 1
In the table 1, " 1,2,3 " represent corresponding ID group number respectively, are 8288 ID group such as preceding four of: " 1 " corresponding number, and preceding four of " 2 " corresponding number is 8284~8287 an ID group etc." A, B, C " represents IP address field number respectively, such as: the IP address field of " A " corresponding 192.168.1 network segment, the IP address field of " B " corresponding 10.2.0 network segment etc.
The classical group web frame of the employing PROXY of present embodiment is referring to shown in Figure 1.Same as the prior art, user terminal inserts NGN network of network phone (VoIP) server by PROXY, user terminal and PROXY, and be connected by IP network between PROXY and the VoIP server.Different is to be provided with ID group, the IP address field of authorized user and the user right table that comprises the corresponding relation of ID group and IP address field in the PROXY side.
When user terminal is started shooting, can initiate register requirement to PROXY by sending logon message to PROXY, the processing procedure of PROXY referring to shown in Figure 2, may further comprise the steps:
Here, if it is with the form setting of number segment or domain name suffix etc. comparatively clocklike that ID organizes, then can whether belong to the number segment or the domain name suffix scope of user's group by judging active user ID, whether very fast definite this user ID belongs to the ID group of certain mandate.If the ID group is to set up with the form of the set with identical authority user ID, then need to search for one by one each ID group, comprise the id information identical if find not have in the ID group with active user ID, then enter step 203; Otherwise, illustrate that this user ID is not through authorizing.
Setting up in the process in the user ID information of the foregoing description and the binding relationship of registrable IP address field, is to be divided into an ID group by the user ID with identical roaming authority, and again that the ID group is registrable with it IP address field binding realizes; In addition, also can take the mode of the IP address field binding that each authorized user ID is directly registrable with it.And, under extreme case, the roaming claim limitation that also may not have authorized user, promptly the user of Shou Quaning enjoys same roaming authority, only there is roamer and non-roaming user's difference, like this, can take the directly mode of binding of each authorized user ID IP address field registrable with it.
Mainly considered situation about realizing in the scheme of the foregoing description on PROXY, therefore the binding relationship with user ID and IP address is configured on the PROXY.In addition, the binding relationship of user ID and IP address (authority list) also can be arranged on other position, and when needs are inquired about, be issued to again in the PROXY equipment, such as: be arranged on the strategic server, PROXY is by specific protocol, as COPS, obtains corresponding configuration data or strategic server initiatively is issued on the PROXY from strategic server.
Under the other situation, these binding relationships may be based upon on the equipment such as soft switch.Such as: directly in user's configuration data of Softswitch, exist an expression to allow the information of the IP address field of user's access.Like this, be equivalent to set up corresponding relation between the registrable IP address field of each user ID information and this user.
In this case, if there is not PROXY equipment during networking, user's IP address information can be directly seen in soft switch just, then soft switch processing mode can be as follows: when receiving registration request from user, take out the IP address domain information of this user ID correspondence, IP address in user's register requirement and IP address field are compared, see whether belong to the address field that is limited.
If there is PROXY equipment, then because therefore the IP address that PROXY has made the IP address of terminal into PROXY needs to exist a cover agreement that user's IP address information is passed to soft switchcall server.The mode of transmitting can adopt the new proprietary protocol of definition to realize, also can expand prior protocols and realize.After real IP address information has been obtained in soft switch, can discern processing to IP address.In addition, also can remove directly to obtain user's id information, thereby take out the IP address domain information, compare by PROXY.
The present invention program not only can be applied to the NGN network, also can be applied in other by inserting the situation that IP network is roamed.
In addition, the present invention program can also prevent that user account number or password are stolen.Such as: software terminal is installed on the PC of public arenas such as Internet bar is carried out the VoIP business, when the user utilizes the computer of Internet bar to carry out services of roaming, the user can see some processes of running software on display, user's information like this, as id information etc., be easy to be illegally accessed, then these information taken to other local use.Like this, with all user ID and corresponding IP address, the IP address that be the Internet bar this moment bundlees, and just can prevent effectively that user ID is stolen by the inventive method.
The above only is preferred embodiment of the present invention, and is in order to restriction the present invention, within the spirit and principles in the present invention not all, any modification of being done, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (5)
1, a kind of method that prevents terminal use's illegal browse is characterized in that, comprising:
A) corresponding relation of the user ID information of foundation roaming authorized user and this user's registrable IP address field;
B) when receive include user ID information and IP address user register requirement after, judge whether the user ID information in the current register requirement is kept in the corresponding relation of described id information and registrable IP address field, if, then the id information of setting up by step a) is searched the corresponding registrable IP address field of user ID information, execution in step c then in the current register requirement with registrable IP address field corresponding relation); Otherwise, carry out the default process mechanism of non-roaming authorized user, jump out this flow process then;
C) judge the IP address that comprises in the current register requirement whether in the IP address field scope that step b) obtains, if, then carry out user registration process, otherwise, termination process.
2, method according to claim 1 is characterized in that, if the active user is not the roaming authorized user, judges then whether the default process mechanism of non-roaming authorized user allows registration, if then register; Otherwise, termination process.
3, method according to claim 1 is characterized in that, further comprises: according to the different roaming authorities of roaming authorized user, the id information that will have identical roaming authority user is divided into same ID group;
Described step a) is to set up the corresponding relation of user's registrable IP address field in each ID group and this ID group;
Step b) is described to be comprised after receiving registration request from user: judge ID group under this user ID information according to the user ID information in the register requirement, search this ID according to the corresponding relation of the registrable IP address field of user in ID group and this ID group and organize corresponding registrable IP address field.
4, method according to claim 3 is characterized in that, the id information that identical roaming authority user is set has identical ID feature, and described ID group is the id information set with identical ID feature of the identical roaming authority of representative.
According to claim 1 or 3 described methods, it is characterized in that 5, described id information is that telephone number or domain names or the two comprise simultaneously.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2004100500530A CN100355313C (en) | 2004-06-29 | 2004-06-29 | Method for preventing terminal user from illegal roaming |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2004100500530A CN100355313C (en) | 2004-06-29 | 2004-06-29 | Method for preventing terminal user from illegal roaming |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1717095A CN1717095A (en) | 2006-01-04 |
CN100355313C true CN100355313C (en) | 2007-12-12 |
Family
ID=35822442
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB2004100500530A Expired - Fee Related CN100355313C (en) | 2004-06-29 | 2004-06-29 | Method for preventing terminal user from illegal roaming |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN100355313C (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102695173B (en) * | 2012-06-15 | 2015-04-08 | 华为终端有限公司 | Safety control method for accessing wireless network and terminal |
CN103856941A (en) | 2012-12-05 | 2014-06-11 | 腾讯科技(深圳)有限公司 | Wireless network monitoring method and related device |
CN104581655B (en) * | 2014-12-31 | 2018-06-01 | 上海禹为通信技术有限公司 | Multimedia message sending control system and its method under a kind of contingency mode |
CN104602190B (en) * | 2014-12-31 | 2018-06-01 | 上海禹为通信技术有限公司 | A kind of multimedia message under contingency mode receives control system and its method |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2002025985A1 (en) * | 2000-09-21 | 2002-03-28 | Great Human Software Co., Ltd. | International mobile communication roaming servicing system over the internet protocol |
CN1353559A (en) * | 2001-11-13 | 2002-06-12 | 西安西电捷通无线网络通信有限公司 | Cross-IP internet roaming method for mobile terminal |
WO2002080491A1 (en) * | 2001-03-30 | 2002-10-10 | Nokia Corporation | Mechanism for managing mobility in telecommunication networks |
CN1437361A (en) * | 2002-02-07 | 2003-08-20 | 华为技术有限公司 | Network access control method based on network address |
WO2003075516A1 (en) * | 2002-03-04 | 2003-09-12 | Telenor Asa | A system and method for controlling the access to an external network |
KR20040054151A (en) * | 2002-12-17 | 2004-06-25 | 정찬익 | Apparatus for providing internet roaming service |
-
2004
- 2004-06-29 CN CNB2004100500530A patent/CN100355313C/en not_active Expired - Fee Related
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2002025985A1 (en) * | 2000-09-21 | 2002-03-28 | Great Human Software Co., Ltd. | International mobile communication roaming servicing system over the internet protocol |
WO2002080491A1 (en) * | 2001-03-30 | 2002-10-10 | Nokia Corporation | Mechanism for managing mobility in telecommunication networks |
CN1353559A (en) * | 2001-11-13 | 2002-06-12 | 西安西电捷通无线网络通信有限公司 | Cross-IP internet roaming method for mobile terminal |
CN1437361A (en) * | 2002-02-07 | 2003-08-20 | 华为技术有限公司 | Network access control method based on network address |
WO2003075516A1 (en) * | 2002-03-04 | 2003-09-12 | Telenor Asa | A system and method for controlling the access to an external network |
KR20040054151A (en) * | 2002-12-17 | 2004-06-25 | 정찬익 | Apparatus for providing internet roaming service |
Also Published As
Publication number | Publication date |
---|---|
CN1717095A (en) | 2006-01-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101379757B (en) | Methods and systems for providing telephony services and enforcing policies in a communication network | |
US7062253B2 (en) | Method and system for real-time tiered rating of communication services | |
US8375360B2 (en) | Provision of services over a common delivery platform such as a mobile telephony network | |
US8291077B2 (en) | Provision of services over a common delivery platform such as a mobile telephony network | |
CN100488098C (en) | Information-processing apparatus and method | |
CN100512161C (en) | Method for transmitting legal monitoring information | |
US9071505B2 (en) | Method and system for dynamically allocating services for subscribers data traffic | |
EP4302504A1 (en) | Methods, systems and computer readable media for resource object level authorization at a network function (nf) | |
US9036800B2 (en) | Billing for calls and routing of billing information in an internet protocol multimedia subsystem | |
EP1869870B1 (en) | Multi-operator telecommunication distribution of service content | |
US20080141355A1 (en) | Sharing network access capacities across internet service providers | |
US20060161616A1 (en) | Provision of services over a common delivery platform such as a mobile telephony network | |
CN102480487B (en) | Multi-user on-line video game method based on authentication and system thereof | |
CN100355313C (en) | Method for preventing terminal user from illegal roaming | |
SE524733C2 (en) | Procedure and systems for retransmitting mobile IP services in a telecommunications system | |
CN105915665A (en) | Method for managing a user in a telecommunication network, and associated device | |
CN104066086B (en) | The method and device of voice communication | |
JP2004166226A (en) | Method and system for controlling online access from terminal user to content service | |
WO2009006770A1 (en) | Method of p2p node management | |
KR101247336B1 (en) | Systm for providing network service and method thereof | |
CN100499838C (en) | Method for controlling terminal user roaming in NGN network system | |
KR20050116789A (en) | Policy based service management platform in the wireless internet | |
GB2422219A (en) | A software development system | |
CN116760801A (en) | IMS network-based data interaction system | |
GB2347045A (en) | Gateway discovery |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20071212 Termination date: 20150629 |
|
EXPY | Termination of patent right or utility model |