A kind of method that realizes Lawful Interception
Technical field
The present invention relates to monitoring technique, particularly relate to a kind of method that in mobile IP network, realizes Lawful Interception.
Background technology
Application along with development of internet technology and a large amount of movable terminations as notebook computer, PDA(Personal Digital Assistant), mobile phone, mobile unit etc., mobile IP technology occurred.The basic principle of mobile IP technology is to make mobile node can carry out IP communication with initial IP address all the time in moving process, thus not disruptive and the continuing property of the upper layer application that guarantees the IP network layer carrying in keeping moving.
Fig. 1 is the business realizing flow chart during mobile terminal roaming in mobile IP network.Referring to Fig. 1, in mobile IP network, when mobile terminal roaming arrives the other places, realize that the basic process of mobile IP service may further comprise the steps:
Step 101: when roaming took place mobile node, this mobile node was by the access device access roaming zone network of roaming place.
Step 102: the access device of roaming place is that mobile node is distributed in the Care-of Address in the network of roaming place.
Step 103: the home agent in the moving nodes local network (HA) receives the registration message that carries address information that mobile node is sent.
Step 104: the home agent message that will succeed in registration is sent to mobile node.
Step 105: after mobile node receives the message that succeeds in registration, carry out follow-up route adjustment process.
Here, if adopt the mobile IPv 4 technology, so, described route adjustment process is a triangle route forming process; If adopt the mobile IP v 6 technology, so, described route adjustment process is a route optimization process.
Step 106: mobile node is adjusted the result according to route, carries out service communication by roaming place network and opposite equip..
Here, Fig. 2 A is the schematic diagram that adopts the mobile IPv 4 technology to communicate with the triangle routing mode.Referring to Fig. 2 A, when mobile node and the opposite equip. that communicates with adopt the mobile IPv 4 technology to communicate, be to realize service communication in this step by the triangle routing mode, comprise: mobile node directly is sent to opposite equip. by the roaming place network with self business datum, herein, business datum need not the forwarding through home agent; And opposite equip. at first is sent to home agent with the business datum of self, after this home agent receives business datum, by the roaming place network this business datum is sent to mobile node.
Here, Fig. 2 B is the schematic diagram that adopts the mobile IP v 6 technology to communicate with routing optimization manner.Referring to Fig. 2 B, when mobile node and the opposite equip. that communicates with adopt the mobile IP v 6 technology to communicate, be to realize service communication by routing optimization manner in this step, comprise: mobile node is by the roaming place network, and self business datum directly is sent to opposite equip.; And opposite equip. is by the roaming place network, and self business datum directly is sent to mobile node, and wherein, both sides' data all need not the forwarding through home agent.
At present, for various communication networks, all must provide the function of Lawful Interception.Yet at mobile IP network, when roaming takes place in mobile node, no matter be to adopt the triangle routing mode of mobile IPv 4 technology or the routing optimization manner of mobile IP v 6 technology, all exist data to need not the problem of transmitting through the home agent in the moving nodes local network, like this, then can't obtain the data realization monitoring of mobile node by home agent.At this kind situation, the solution of prior art is: after the home agent in the moving nodes local network receives registration message, the message of not only carrying out among above-mentioned Fig. 1 that will succeed in registration is sent to the process of mobile node, but also the roaming notice message that will carry the mobile node address information is sent to the monitoring controller of law enforcement agency's side; Referring to Fig. 3, monitor controller and will monitor the audiomonitor that configuration distributing is given the mobile node roaming network again; After the audiomonitor of this roaming network is finished and monitored configuration, receive the business datum of mobile node, and be sent to the monitoring controller according to triangle route or routing optimization manner transmission.
Yet, in the prior art, thereby, home agent is sent to the process that controller triggers the audiomonitor execution monitoring configuration of roaming network of monitoring because will roaming notice message, be sent to mobile node thereby trigger to carry out the process of triangle route or routing optimality be the parallel procedure that is independent of each other with the home agent message that will succeed in registration, therefore, if the route adjustment process of triangle route or routing optimality is finished prior to monitoring layoutprocedure, so, before the monitoring layoutprocedure is finished, the audiomonitor of roaming network then can not send to the business datum corresponding to mobile node the monitoring controller, thereby cause the loss of monitoring service data, make law enforcement agency's side can't listen to all business datums.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of method that realizes Lawful Interception, so that guarantee to listen to all business datums that transmit by triangle route or routing optimization manner in mobile IP network.
In order to achieve the above object, technical scheme of the present invention is achieved in that
A kind of method that realizes Lawful Interception, this method comprises:
A, after monitoring controller and determining the network at the current place of mobile node, monitor the topological adjacency information of controller according to each mobile IP network, determine the peripheral network of the current place of mobile node network;
B, monitoring controller are monitored configuration to the audiomonitor of the peripheral network of determine;
C, when mobile node moves to described any one peripheral network, monitoring the business information corresponding to mobile node that audiomonitor that controller receives this periphery network is sent, should be that the audiomonitor of this periphery network is monitored according to completed monitoring configuration and obtained corresponding to business information of mobile node.
Before steps A, further comprise:
The home agent of A01, mobile node is sent to the monitoring controller with the address information of mobile node;
A02, monitor the address information of controller, determine the network at the current place of mobile node according to mobile node.
Described steps A 01 comprises: the home agent of mobile node receives the registration message that carries the mobile node address information, after definite mobile node is the eavesdropping target, from registration message, obtain the address information of mobile node, the mobile node address information that is obtained is carried in the roaming notice message is sent to the monitoring controller;
In steps A 02, the address information of monitoring the mobile node of controller institute basis is to obtain from received roaming notice message.
Described step B comprises:
B1, monitor monitoring configuration information that controller will carry the mobile node sign be sent to respectively determine the audiomonitor of peripheral network;
The audiomonitor of B2, described peripheral network is monitored configuration according to the monitoring configuration information that carries the mobile node sign.
The home address that is designated mobile node of described mobile node;
Further comprise between step B1 and step B2: the audiomonitor of described peripheral network is that mobile node is distributed in the Care-of Address in this periphery network;
In step B2, when monitoring configuration, the Care-of Address of the mobile node that audiomonitor distributed of described peripheral network in this periphery network is set to eavesdropping target's sign;
In step C, the audiomonitor of periphery network is monitored described business information corresponding to mobile node according to completed monitoring configuration, comprise: the audiomonitor of described peripheral network compares Care-of Address that carries in the received business information and the Care-of Address that has distributed for described mobile node that identifies as the eavesdropping target, after both are identical, determine to listen to business information corresponding to described mobile node.
The physical address that is designated mobile node of described mobile node;
In step B2, when monitoring configuration, the physical address that the audiomonitor of described peripheral network receives is set to eavesdropping target's sign;
In step C, the audiomonitor of periphery network is monitored described business information corresponding to mobile node according to completed monitoring configuration, comprise: the audiomonitor of described peripheral network compares physical address that carries in the received business information and the physical address that has distributed for described mobile node that identifies as the eavesdropping target, after both are identical, determine to listen to business information corresponding to described mobile node.
In step C, when mobile node moves to described any one peripheral network, further comprise: mobile node is carried out the route adjustment process, adjusts result and opposite equip. interactive service information according to route.
In step C, when mobile node moves to described any one peripheral network, further comprise: current determined peripheral network and the last peripheral network of determining are compared, draw different peripheral networks, then, monitor controller and will cancel the audiomonitor that the monitoring indication is sent to the different peripheral networks that drawn; Receive the various monitorings configurations of cancelling in the audiomonitor deletion self of monitoring indication.
Described business information corresponding to mobile node comprises: mobile node sends to the business information of opposite equip., and/or opposite equip. sends to the business information of mobile node.
The audiomonitor of described peripheral network is that mobile node is adjusted the routing device on the route, or is responsible for handling the gateway device of monitoring service in the roaming network.
This shows, in the present invention, by the peripheral network of the current place of mobile node network is monitored configuration in advance, realized the network that mobile node is about to move to is monitored configuration, like this, in subsequent process, when mobile node really moves to this periphery network, just can carry out the route adjustment process in this periphery network, be triangle route forming process or route optimization process, thereby make the monitoring layoutprocedure of peripheral network finish prior to triangle routing procedure or route optimization process, therefore, can guarantee that when mobile node passes through triangle route or routing optimization manner transport service information the audiomonitor of this periphery network can be according to completed monitoring configuration, the business information of this mobile node of identification reply is monitored, thereby business information is sent to the monitoring controller, therefore, avoid the loss of monitoring service data, guaranteed in mobile IP network, to listen to all business datums that transmit by triangle route or routing optimization manner.
Description of drawings
Fig. 1 is the business realizing flow chart during mobile terminal roaming in mobile IP network.
Fig. 2 A is the schematic diagram that adopts the mobile IPv 4 technology to communicate with the triangle routing mode.
Fig. 2 B is the schematic diagram that adopts the mobile IP v 6 technology to communicate with routing optimization manner.
Fig. 3 realizes the schematic diagram monitored when mobile node communicates according to triangle route or routing optimization manner in mobile IP network.
Fig. 4 is the flow chart of the embodiment of the invention.
Embodiment
After mobile node is roamed,, dispose the business information of obtaining mobile node thereby must monitor to the network that mobile node roams in order to monitor the business information of mobile node by triangle routing mode or routing optimization manner transmission.Yet in the prior art, be when mobile node roams into a network, just this network that roams into monitored configuration, like this, then cause monitoring layoutprocedure probably and after triangle routing procedure or route optimization process, just finish, thereby cause business information to run off.As seen, run off for fear of business information, the monitoring layoutprocedure that then must make network that mobile node roams into roams into triangle routing procedure or route optimization process in the network prior to mobile node at this.
Therefore, the present invention proposes a kind of method that realizes Lawful Interception in mobile IP network, its core concept is: topological adjacency information between each mobile IP network is set monitoring the controller side in advance; After the monitoring controller is determined the network at the current place of mobile node, monitor the topological adjacency information of controller according to each set mobile IP network, determine the peripheral network of the current place of mobile node network; Monitor controller the audiomonitor of the peripheral network of determine is monitored configuration; When mobile node moved to described any one peripheral network, the audiomonitor of this periphery network disposed according to completed monitoring, will be sent to the monitoring controller from the business information corresponding to mobile node that triangle route or routing optimality obtain.
For making the purpose, technical solutions and advantages of the present invention clearer, the present invention is described in further detail below in conjunction with drawings and the specific embodiments.
Fig. 4 is the flow chart of the embodiment of the invention.Referring to Fig. 4, when roaming took place mobile node, in order to guarantee that mobile node is all monitored by all data that triangle route or routing optimization manner transmit, implementation procedure of the present invention may further comprise the steps:
Step 401: in the monitoring controller side of law enforcement agency topological adjacency information between each mobile IP network is set in advance.
Step 402: after mobile node was roamed, the home agent in the moving nodes local network received the registration message that carries the mobile node address information.
In this step, if mobile node adopts the mobile IPv 4 technology to communicate, so, the specific implementation process of this step comprises:
After mode one, mobile node were roamed, the registration message that mobile node will carry self identification was sent to the Foreign Agent in the roaming network; Foreign Agent in the roaming network is that mobile node is distributed in the Care-of Address in the roaming network; Foreign Agent in the roaming network is carried at the address information that is distributed the home agent that sends in the registration message in the moving nodes local network; This home agent receives the registration message that carries the mobile node address information.
After mode two, mobile node were roamed, the registration message that mobile node will carry self identification was sent to the Foreign Agent in the roaming network; Foreign Agent in the roaming network is that mobile node is distributed in the Care-of Address in the roaming network; Foreign Agent in the roaming network is carried at the address information that is distributed and is sent to mobile node in the message that succeeds in registration; Mobile node obtains address information from the message that succeeds in registration that receives, the address information that is obtained is carried at sends to home agent in the registration message then; This home agent receives the registration message that carries the mobile node address information.
In this step, technology communicates if mobile node adopts mobile IP v 6, and so, the specific implementation process of this step comprises: after mobile node was roamed, the registration message that mobile node will carry self identification was sent to the access device in the roaming network; Access device in the roaming network is that mobile node is distributed in the Care-of Address in the roaming network, the Care-of Address that is distributed is carried at is sent to mobile node in the message that succeeds in registration; Mobile node obtains Care-of Address from the message that succeeds in registration that receives, then the address information that is obtained is carried at the home agent that sends in the registration message in the home network, this home agent receives the registration message that carries the mobile node address information.
Step 403: the home agent in the moving nodes local network obtains address information from received registration message.
Step 404: this home agent is carried at the address information that is obtained the monitoring controller that is sent to actuator's side in the roaming notice message after definite this mobile node is the eavesdropping target.
In this step, described home agent can according to the sign of the mobile node that carries in the registration message with self in the eavesdropping target's that preserves in advance sign whether identical, judge whether this mobile node is the eavesdropping target.After determining that described two signs are identical, can determine that then this mobile node is the eavesdropping target.
Step 405: monitor controller and from received roaming notice message, obtain address information, determine the network at the current place of mobile node according to this address information.
Step 406: monitor controller according to the topological adjacency information between each mobile IP network that sets in advance, determine each peripheral network of the current place of mobile node network.
Here, the topological adjacency information representation between each mobile IP network the whether adjacent information of each network, like this, the peripheral network of the current place of determined mobile node network must be the network that mobile node is about to move to.
Step 407: monitor monitoring configuration information that controller will carry the mobile node sign be sent to respectively determine the audiomonitor of peripheral network.
Here, can comprise the concrete various monitoring parameters of monitoring content of indication in the described monitoring configuration information, such as, the monitoring parameter of the initial termination time that indication is monitored is indicated the monitoring parameter of the required Media Stream type of obtaining etc.And the sign of described mobile node can be any one information that can identify this mobile node, such as, the home address information of mobile node or the physical address information of mobile node etc.
Step 408: the audiomonitor of this periphery network is monitored configuration according to the monitoring configuration information that carries the mobile node sign that receives.
Here, if the mobile node that the audiomonitor of described peripheral network is received be designated its home address information, so, in this step, the audiomonitor of described peripheral network can be according to the home address information of mobile node, for this mobile node is distributed in Care-of Address in this periphery network, when monitoring configuration, pre-assigned Care-of Address in this periphery network is identified as the eavesdropping target in advance.
If the mobile node that the audiomonitor of described peripheral network is received be designated its physical address information, so, in this step, when monitoring configuration, the physical address information of this mobile node is identified as the eavesdropping target.
Step 409: when mobile node roamed into any one peripheral network, this mobile node was carried out the route adjustment process.
Here, when mobile node adopted the mobile IPv 4 technology to communicate, performed was triangle route forming process; When mobile node adopted the mobile IP v 6 technology to communicate, performed was route optimization process.
In addition, if in above-mentioned steps 408, the peripheral network that this mobile node roamed into has distributed Care-of Address for mobile node in advance, be used as eavesdropping target's sign of this mobile node, so, in this step, when mobile node really roams in this periphery network, then with the described Care-of Address that has distributed as the Care-of Address of this mobile node in this periphery network.
Step 410: mobile node is adjusted the result according to route, promptly by triangle routing mode or routing optimization manner, with opposite equip. interactive service information.
Step 411: the audiomonitor of the peripheral network that mobile node roamed into obtains mobile node by triangle routing mode or routing optimization manner and the mutual business information of opposite equip..
Step 412: the audiomonitor of the peripheral network that mobile node roamed into, according to the eavesdropping target's sign that is provided with, identify the business information obtained for corresponding to as the business information eavesdropping target, described mobile node when monitoring configuration.
Here, if in above-mentioned steps 408, the peripheral network that this mobile node roamed into has distributed Care-of Address for mobile node in advance, be used as eavesdropping target's sign of this mobile node, so, in this step, the audiomonitor of the peripheral network that mobile node roamed into, pass through obtain the mobile node address information that carries in the business information with identical as Care-of Address eavesdropping target's sign, that distribute for mobile node in advance, identify the business information of being obtained and be corresponding to as the business information eavesdropping target, described mobile node.
If in above-mentioned steps 408, with the physical address information of mobile node sign as the eavesdropping target, so, in this step, the audiomonitor of the peripheral network that mobile node roamed into, pass through obtain the mobile node physical address information that carries in the business information with identical as the physical address information of eavesdropping target's sign, identify the business information obtained for corresponding to as the business information eavesdropping target, described mobile node.
Step 413: the audiomonitor of the peripheral network that mobile node roamed into is sent to the monitoring controller with the business information of being obtained.
In the present invention, the audiomonitor of described mobile node roaming network can be the triangle route set up of mobile node or a routing device in the routing optimality, also can be the gateway device of being responsible for handling monitoring service in the roaming network.
Need to prove, because mobile node is constantly roamed switching, that is to say, mobile node current place network and peripheral network thereof change, therefore, in step 406 according to above-mentioned process shown in Figure 4, determine after mobile node current place network and the peripheral network thereof, can also further current determined peripheral network and the last peripheral network of determining be compared, draw different peripheral networks, then, monitor controller and will cancel the audiomonitor that the monitoring indication is sent to the different peripheral networks that drawn; Receive the various monitorings configurations of cancelling in the audiomonitor deletion self of monitoring indication.
In a word, the above is preferred embodiment of the present invention only, is not to be used to limit protection scope of the present invention.Within the spirit and principles in the present invention all, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.