CN101047629A - Implementing method of customer multi-media tag service - Google Patents

Implementing method of customer multi-media tag service Download PDF

Info

Publication number
CN101047629A
CN101047629A CNA2006100779228A CN200610077922A CN101047629A CN 101047629 A CN101047629 A CN 101047629A CN A2006100779228 A CNA2006100779228 A CN A2006100779228A CN 200610077922 A CN200610077922 A CN 200610077922A CN 101047629 A CN101047629 A CN 101047629A
Authority
CN
China
Prior art keywords
media tag
user
network
conversation message
carry
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CNA2006100779228A
Other languages
Chinese (zh)
Inventor
施有铸
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CNA2006100779228A priority Critical patent/CN101047629A/en
Priority to PCT/CN2007/000417 priority patent/WO2007112642A1/en
Publication of CN101047629A publication Critical patent/CN101047629A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1069Session establishment or de-establishment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M3/00Automatic or semi-automatic exchanges
    • H04M3/42Systems providing special services or facilities to subscribers
    • H04M3/42025Calling or Called party identification service
    • H04M3/42034Calling party identification service
    • H04M3/42042Notifying the called party of information on the calling party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M7/00Arrangements for interconnection between switching centres
    • H04M7/006Networks other than PSTN/ISDN providing telephone service, e.g. Voice over Internet Protocol (VoIP), including next generation networks with a packet-switched transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Multimedia (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Telephonic Communication Services (AREA)

Abstract

A method realizing identification service of user multimedia includes receiving session message sent from opposite first network by the second network, judging whether multimedia identification of the first user is allowed to be displayed to the second user or not according to data preset by the second user if multimedia identification is carried by session message, sending said session message to he second user if it is or otherwise carrying display limitation indication of multimedia identification in said session message or deleting off said multimedia identification the sending said session message to the second user.

Description

A kind of implementation method of customer multi-media tag service
[technical field]
The present invention relates to communication technical field, particularly a kind of implementation method of customer multi-media tag service.
[background technology]
The user ID business is meant in the telecommunication service, the sign relevant with calling subscriber identification, CSI called subscriber identification shows, sign shows limit service, generally comprises: calling subscriber identification display business (calling subscriber identification is shown to the called subscriber), calling subscriber identification show that limit service (calling subscriber's restriction is shown to the called subscriber with its sign), CSI called subscriber identification display business (CSI called subscriber identification is shown to the calling subscriber), CSI called subscriber identification show limit service (called subscriber's restriction is shown to the calling subscriber with its sign).
At present, continuous maturation along with group technology, develop based on Circuit-switched conventional telecommunication network towards broadband telecommunication net based on packet switching, using SIP then is one of current technology trends as the call control signalling of grouping telecommunications core network, as ITU-T, ETSI, normal structures such as 3GPP are to IMS (IP Multimedia Subsystem, IP Multimedia System) research, IMS adopts the bearer path of IP packet domain as its control signaling and media delivery, adopt the agreement of Session Initiation Protocol as call control signalling, realize packet voice and grouped data, unified multimedia service and application is provided.The framework of IMS network as shown in Figure 1.Wherein the IMS core net comprises P-CSCF (Proxy-Call Session Control Function, Proxy-Call Session Control Function), I/S-CSCF (inquires/service-call session control function, Interrogating/Serving-Call Session Control Function) and other functional nodes of IMS, IMS application server (IMS AS, IMS Application Server) be connected with S-CSCF, user terminal is connected respectively with IMS AS with P-CSCF.
In conventional telecommunication network, above-mentioned user ID generally is meant user's number or name, and in new grouping telecommunications network, the user ID business is except inheriting the processing to user's number or name, also comprise expansion to customer multi-media tag, provide the target of multimedia service to adapt to IMS to the user, so the user ID business also needs to expand the processing to customer multi-media tag.
In the SIP standard manuscript RFC 3261 of normal structure IETF (the Internet engineering duty group-Internet Engineering Task Force) issue, a kind of use of Call-Info has been described, by this header field, the user can carry the image of oneself and give end subscriber, come the identity of identifying user by image, Here it is a kind of customer multi-media tag service generally is called " calling polychrome business " again.
But should business there be potential safety hazard at present, as described in RFC 3261, " Use of the Call-Info header fieldcan pose a security risk.If a callee fetches the URIs provided by a malicious caller; the calleemay be at risk for displaying inappropriate or offensive content; dangerous or illegal content; and so on ", the meaning that the words translation is come is: the use of Call-Info may cause security risk, if the image address that the called subscriber obtains is from a malice calling subscriber, then this image address may comprise inappropriate, or be with aggressive, or dangerous, or illegal content etc., the called subscriber need take risks and show it, or the like.In fact, even the calling subscriber is not a malice, its image that sends also may comprise a virus unintentionally.
In addition, customer multi-media tag is except image, it can also be the multimedia of forms such as music, as use by the Alert-Info header field described among the RFC3261, by this header field, caller can be to called appointment ring back tone, calledly can specify ring-back tone to caller, exists above-mentioned safety issue equally.
[summary of the invention]
The technical problem to be solved in the present invention is that existing customer multi-media tag service exists potential safety hazard when using, thereby a kind of customer multi-media tag method that can use safely is provided.
The present invention realizes by following technical scheme: a kind of implementation method of customer multi-media tag service may further comprise the steps: a kind of implementation method of customer multi-media tag service may further comprise the steps:
101, second network is received first user's that opposite end first network sends conversation message, if carry multi-media tag in this conversation message, then according to second user's initialize data, judge whether to allow to show first user's multi-media tag, if this conversation message that allows then to carry described multi-media tag sends to second user to second user; If do not allow, then in this conversation message, carry described multi-media tag and show the restriction indication or delete described multi-media tag, again this conversation message is sent to second user.
Further, the present invention is further comprising the steps of before step 101:
201, first network is received the first Client-initiated conversation message, according to first user's initialize data, judges whether to allow to carry the multi-media tag that this user presets in this conversation message, if allow then to carry, and send to second network at the second user place, opposite end.
Further, the present invention also comprises second user's network insertion node, if carry the network insertion node that described multi-media tag shows the restriction indication or is sent to second user from the conversation message of non-trust domain information and described multi-media tag, then this network insertion node is deleted described multi-media tag in described conversation message, and sends to second user.
Further, the present invention is further comprising the steps of: described first network or second network based certain inspection according to checking whether secure and trusted of the multi-media tag that carries in the conversation message that receives, if dangerous then handle accordingly, comprising: delete unsafe multi-media tag or keep unsafe multi-media tag and add from non-trust domain information or carry the foundation that multi-media tag shows the restriction indication or forbids this session.
Further, the present invention is further comprising the steps of:
The described foundation of checking comprises the source of multi-media tag or the black and white lists of working out according to carrier policy.
Further, the present invention is further comprising the steps of: the method in the source of described inspection multi-media tag comprises at least a in the following method: whether the interior perhaps chained address of checking multi-media tag can be trusted or be checked whether described conversation message source can be trusted or check whether described conversation message carries from trust domain or non-trust domain information.
Further, the present invention includes following steps:
In the step 201, described first network also is provided with data according to first user in the described conversation message of receiving temporarily, judge whether to allow in this conversation message, to carry multi-media tag that this user presets or this user multi-media tag in the data is set temporarily, if allow then to carry, and send to second network at the second user place, opposite end.
Further, the present invention includes following steps:
In the step 201, described first network is also according to described initialize data, judge whether to allow in this conversation message, to carry first user in the described conversation message multi-media tag in the data is set temporarily,, and send to second network at the second user place, opposite end if allow then to carry.
Further, the present invention includes following steps:
In the step 201, the described first network based described initialize data, and described conversation message in first user data are set temporarily, judge whether to allow in this conversation message, to carry multi-media tag that described user presets and described at least one of multi-media tag in the data of temporarily being provided with, if do not allow, then do not carry or carry multi-media tag and show the restriction indication or carry, and send or forbid the foundation of this session to second network at the second user place, opposite end from non-trust domain information.
Further, first user's of the present invention initialize data also comprises first user property sign.
Further, first user property sign of the present invention is group's group number of first Subscriber Number or the first user place group.
Further, first user's of the present invention initialize data also comprises first user's the present condition that is.
Further, first user's of the present invention initialize data also comprises second user's address.
Further, the present invention second user's initialize data comprises that the expression multi-media tag shows restriction or the indication that allows.
Further, second user's of the present invention initialize data comprises that also expression shows restriction or the indication that allows to the multi-media tag of certain medium type.
Further, second user's of the present invention initialize data also comprises the indication of first user's address being represented multi-media tag demonstration restriction or permission.
Further, second user's of the present invention initialize data also comprises the indication that the multi-media tag of separate sources is shown restriction.
Further, the multi-media tag that carries in conversation message of the present invention can carry by Call-Info or P-Asserted-Identity header field or expansion header field or message body.
Further, multi-media tag of the present invention is distinguishing different in described conversation message, and the multi-media tag of separate sources is carried by different header fields, or carries in same header field and distinguish by indication separate sources parameter.
Further, first user's the data that temporarily are provided with comprise that also certification mark or certification mark response or multi-media tag show restriction or the indication that allows in the conversation message of the present invention.
Further, the present invention includes following steps:
In the step 201, described first network also carries from trust domain information when judgement allows to carry described multi-media tag, and sends to second network at the second user place, opposite end.
Further, of the present inventionly comprise: from the specific header field of trust domain or the indication of non-trust domain, safe to carry or dangerous multi-media tag, effectively or the invalid authentication mark from trust domain information or non-trust domain information.
Further, the multi-media tag that carries in conversation message of the present invention shows the restriction indication, carries by Privacy header field or an expansion header field.
Further, conversation message of the present invention is sip request message or sip response sign indicating number or Email.
Further, sip response sign indicating number of the present invention is SIP 183 responses, SIP 180 responses or SIP 200 responses.
Further, the form of multi-media tag of the present invention is a unified resource sign or MIME media formats.
Further, the present invention is further comprising the steps of before step 201:
2701, described first user sends the configuration messages request authentication that carries multi-media tag to described first network, authentication success, and first network generates a certification mark.
Further, configuration messages of the present invention is sip message or HTTP message.
Further, the multi-media tag that carries in the configuration messages of the present invention, be carried on Call-Info or Authorization header field or expansion header field or message body, or the configuration data described with XML in.
Further, the present invention is further comprising the steps of after step 2701:
3001, the first networks return to first user with described certification mark.
Further, certification mark of the present invention or certification mark respond by Authorization header field or Authentication-Info header field or WWW-Authenticate header field or P-Media-Authorization header field or expand header field and carry.
Further, the present invention is further comprising the steps of after step 3001:
3201, described first user obtains described certification mark, calculates the certification mark response according to this certification mark.
A kind of implementation method of customer multi-media tag service may further comprise the steps:
3301, first network is received the first Client-initiated conversation message, at least according to first user in first user's initialize data or the described conversation message a kind of data in the data are set temporarily, judge whether to allow in this conversation message, to carry multi-media tag that this user presets or this at least a sign in the multi-media tag in data is set temporarily, if allow then to carry, and send to second network at the second user place, opposite end.
As preferred implementation, the present invention is further comprising the steps of after step 3501:
3401, second network is received first user's that opposite end first network sends conversation message, if carry multi-media tag in this conversation message, then according to second user's initialize data, judge whether to allow to show first user's multi-media tag, if this conversation message that allows then to carry described multi-media tag sends to second user to second user; If do not allow, then in this conversation message, carry described multi-media tag and show the restriction indication or delete described multi-media tag, again this conversation message is sent to second user.
As preferred implementation, first network of the present invention or second network based certain inspection according to checking whether secure and trusted of the multi-media tag that carries in the conversation message that receives, if dangerous then handle accordingly, comprising: delete unsafe multi-media tag or keep unsafe multi-media tag and add from non-trust domain information or forbid the foundation of this session.
As preferred implementation, inspection foundation of the present invention comprises the source of multi-media tag or the black and white lists of working out according to carrier policy.
As preferred implementation, the method in the source of inspection multi-media tag of the present invention comprises at least a or any kind combination in the following method: whether the interior perhaps chained address of checking multi-media tag can be trusted, whether the described conversation message of inspection source can be trusted, check whether described conversation message carries from trust domain or non-trust domain information.
As preferred implementation, the present invention also comprises second user's network insertion node, if carry the network insertion node that described multi-media tag shows the restriction indication or is sent to second user from the conversation message of non-trust domain information and described multi-media tag, then this network insertion node is deleted described multi-media tag in described conversation message, and sends to second user.
As preferred implementation, in the step 3501 of the present invention, described first network is judged when allowing to carry described multi-media tag, is also carried from trust domain information, and send to second network at the second user place, opposite end.
As preferred implementation, the present invention further may further comprise the steps:
In the step 3301, described first network judgement does not allow to carry described multi-media tag in described conversation message, then not carrying or carry multi-media tag shows the restriction indication or carries from non-trust domain information, and send to second network at the second user place, opposite end, perhaps forbid the foundation of this session.
As preferred implementation, of the present inventionly comprise: from the specific header field of trust domain or the indication of non-trust domain, safe to carry or dangerous multi-media tag, effectively or the invalid authentication mark from trust domain or non-trust domain information.
A kind of implementation method of customer multi-media tag service may further comprise the steps:
Network is received a conversation message that carries multi-media tag, according to certain inspection according to checking whether secure and trusted of this multi-media tag, if dangerous then handle accordingly, comprising: delete unsafe multi-media tag or keep unsafe multi-media tag and add from non-trust domain information or forbid the foundation of this session.
Further, the present invention is further comprising the steps of:
The described foundation of checking comprises the source of multi-media tag or the black and white lists of working out according to carrier policy.
Further, the present invention is further comprising the steps of: the method in the source of described inspection multi-media tag comprises at least a in the following method: whether the interior perhaps chained address of checking multi-media tag can be trusted, be checked whether described conversation message source can be trusted, check whether described conversation message carry from trust domain or non-trust domain information
Further, the present invention is further comprising the steps of: the described multi-media tag secure and trusted of described Network Check, then multi-media tag safe to carry or multi-media tag safe to carry and add from trust domain information in described conversation message perhaps generate a certification mark and return to the sender of this conversation message.
Further, the present invention is further comprising the steps of:
The conversation message that described network is received is from first user, at least according to first user in described first user's initialize data or the described conversation message a kind of data in the data are set temporarily, judge whether to allow in this conversation message, to carry multi-media tag that this user presets or this at least a sign in the multi-media tag in data is set temporarily, if allow then to carry, and to second network transmission to the second user place, opposite end.
Further, the present invention is further comprising the steps of:
Second network is received described conversation message, if carry multi-media tag in this conversation message, then according to described second user's initialize data, judge whether to allow to show first user's multi-media tag, if this conversation message that allows then to carry described multi-media tag sends to second user to second user; If do not allow, then in this conversation message, carry described multi-media tag and show the restriction indication or delete described multi-media tag, again this conversation message is sent to second user.
Further, the present invention also comprises second user's network insertion node, if carry the network insertion node that described multi-media tag shows the restriction indication or is sent to second user from the conversation message of non-trust domain information and described multi-media tag, then this network insertion node is deleted described multi-media tag in described conversation message, and sends to second user.
Further, of the present inventionly comprise: from the specific header field of trust domain or the indication of non-trust domain, safe to carry or dangerous multi-media tag, effectively or the invalid authentication mark from trust domain or non-trust domain information.
Owing to adopted above technical scheme, the invention solves the safety problem that multi-media tag service causes, make the multi-media tag that reciever can relieved use the other side.The conversation message that sends from the transmit leg network, or do not carry multi-media tag; Carry multi-media tag, simultaneously with the clear and definite expression professional satellite information of safety whether.The conversation message that sends to recipient's subscriber terminal equipment from recipient's network, or do not carry multi-media tag; Carry multi-media tag, simultaneously with the clear and definite expression professional satellite information of safety whether.If carry multi-media tag in the conversation message that recipient's subscriber terminal equipment is received, and and corresponding satellite information, can judge whether to accept this multi-media tag by recipient user oneself.
[description of drawings]
Fig. 1 is an IMS network frame schematic diagram.
Fig. 2 is that the calling subscriber shows its multi-media tag first embodiment realization flow figure to the called subscriber.
Fig. 3 is that the calling subscriber shows its multi-media tag second embodiment realization flow figure to the called subscriber.
Fig. 4 is that the calling subscriber shows its multi-media tag the 3rd embodiment realization flow figure to the called subscriber.
Fig. 5 is the called subscriber shows realization flow figure from its multi-media tag to the calling subscriber.
Fig. 6 is the user shows its multi-media tag by certification mark implementing procedure figure.
[embodiment]
The present invention is further elaborated below in conjunction with the drawings and specific embodiments:
Basic ideas of the present invention are: in view of using the risk of Call-Info to be that at first the user can add multi-media tags such as image in the relevant conversation message to by Call-Info in the prior art on its terminal, therefore to solve above-mentioned safety problem, at first, for transmit leg--
In the interpolation process of multi-media tag, need limited subscriber on its terminal, multi-media tag to be added in the relevant conversation message, and this operation of adding sign is changed into and can only be finished by network.The user will use multi-media tag service, need multi-media tag of configured in advance, network will be earlier can be checked whether safety of user configured multi-media tag like this, and as checking whether virus is arranged, the multi-media tag that only meets the network security regulation just is allowed to configuration; Even the multi-media tag of user's configured in advance all is that network provides, and the user can only select the sign of a conduct oneself in the multi-media tag that network provides.Network is allowed the multi-media tag of configuration, network can also distribute a certification mark of representing that safety certification is passed through for this multi-media tag, this certification mark can also further return to the user, wherein, network can generate at random or generates this certification mark according to special algorithm etc. this multi-media tag.The network element that carries out aforesaid operations can be AS in the IMS network.
Certainly, consider the exceptional situation in the reality operation, if the sending side terminal equipment that has possesses the ability of adding multi-media tag, the user may add multi-media tag by terminal equipment oneself temporarily in the conversation message that sends; Perhaps some operator is for purposes such as attraction users, allow terminal equipment in the conversation message that send interim the add multi-media tag of user by oneself, then the network of transmit leg must check whether the conversation message from terminal equipment comprises unsafe multi-media tag, and carry out corresponding safe handling, comprising: forbid that the foundation of this session or deletion are from the multi-media tag in the conversation message of subscriber terminal equipment or keep this multi-media tag and add from the indication of non-trust domain or agreement and keep this multi-media tag with specific header field.Concerning last a kind of mode, the multi-media tag that agreement is added with specific header field carried terminal equipment implies and has indicated it from unverified non-trust domain, is a kind of implicit expression indication.The network element that carries out aforesaid operations can be P-CSCF or AS in the IMS network.
As mentioned above, if the user in advance to network configuration a multi-media tag, and network has returned a certification mark that the expression safety certification is passed through, then the user also can add this multi-media tag and this certification mark by terminal equipment oneself in the conversation message that sends, in order to prevent that user oneself from forging certification mark, network also must be by checking to this certification mark whether through safety certification this multi-media tag, if this is an effective certification mark, then network allows to continue to carry this multi-media tag in conversation message, otherwise carries out corresponding safe handling; Perhaps the user also can only add this certification mark by terminal equipment in the conversation message that sends, and this is an effective certification mark for a Network Check, the multi-media tag that is associated with this certification mark on then adding in conversation message; Perhaps the user also can only add this multi-media tag by terminal equipment in the conversation message that sends, and this is a multi-media tag that has passed through authentication for a Network Check, then allow to continue to carry or add on the certification mark that is associated.
Like this, when the transmit leg network receives conversation message from the user, can check user's initialize data, user's initialize data comprises user's multi-media tag service CAMEL-Subscription-Information, multi-media tag.The multi-media tag service if the user has contracted, and be configured a multi-media tag, then the transmit leg network adds this multi-media tag in conversation message; If the user has disposed a multi-media tag, but user signing contract information shows multi-media tag and shows restriction, then network does not carry this multi-media tag in conversation message, perhaps adds this multi-media tag and multi-media tag and show the restriction indication in conversation message.
The processing of adding multi-media tag with terminal equipment is corresponding, the transmit leg network add multi-media tag can be regarded as through authentication from trust domain, therefore, for this multi-media tag or add indication from trust domain, be carried in another specific header field that expression authenticated, to show the difference of adding multi-media tag with terminal equipment, perhaps, if network then can also add this certification mark for this multi-media tag has distributed a certification mark that the expression safety certification is passed through.
Above-mentioned initialize data generally is at the transmit leg Subscriber Number multi-media tag to be set, if but the transmit leg user is in the group of group (as Centrex group), can also a multi-media tag be set at group's group number (as Centrex group number), promptly, use identical multi-media tag at this class user, the transmit leg network obtains corresponding multi-media tag with group's group number under the transmit leg user and initialize data coupling.
Further, transmit leg user signatory multi-media tag in initialize data shows that restriction can also be classification, as allow the multi-media tag that network adds but the multi-media tag that limiting terminal equipment adds, this moment, network can be deleted the multi-media tag that terminal equipment adds, or kept and carry multi-media tag and show the restriction indication.
Further, the transmit leg user can also indicate in initialize data and select to send different multi-media tags to different recipient users, and the transmit leg network obtains corresponding multi-media tag with recipient's destination address in the session message and initialize data coupling.
Further, the transmit leg user can also indicate in initialize data and be chosen in difference and present the different multi-media tag of transmission under (presnece) state, the user can use and present (presence) business the present condition that is of oneself is set, as " in session " etc., presenting business can be referring to IETF, OMA (Open Mobile Alliance, open wireless alliance) the relevant criterion manuscript of normal structure issue such as, the transmit leg network with the transmit leg user current be present condition and initialize data coupling, obtain corresponding multi-media tag.
In addition, the transmit leg network can also have the black and white lists according to the carrier policy formulation of oneself, black and white lists can be based on transmit leg user ID, multi-media tag chained address, multi-media tag content etc., the network based black and white lists of transmit leg is checked the conversation message that it is received, do not pass through if check, then need to carry out corresponding safe handling, comprising: deletion in the conversation message multi-media tag or keep this multi-media tag and add and keep this multi-media tag with specific header field or forbid the foundation of this session from the indication of non-trust domain or agreement.
Wherein, carrying out the above-mentioned network element of operating according to user and operator's initialize data can be AS in the IMS network.
In sum, the conversation message that sends from the transmit leg network, or do not carry multi-media tag; Carry multi-media tag, and the professional satellite information that may exist, this business satellite information comprises multi-media tag shows whether to limit indication, from the information of trust domain/non-trust domain, this information comprise multi-media tag from non-trust domain/trust domain indication, carry specific header field and invalid or effective certification mark dangerous or that secure multimedia identifies.Wherein when agreement when judging whether from non-trust domain from the indication of non-trust domain or certification mark, if when not carrying in the conversation message, can be regarded as indicating or the invalid authentication mark of a kind of " implicit expression " from non-trust domain from trust domain indication or certification mark.
Secondly, for the recipient--
If its conversation message that receives carries multi-media tag, to judge at first that then whether this conversation message is from trusted territory network, if not (as from the Internet etc.), even this multi-media tag is added by network, also need to carry out corresponding safe handling, comprise: the multi-media tag in the deletion conversation message, if perhaps carry multi-media tag in the message and, then keep this multi-media tag and add from non-trust domain indication not from the indication of non-trust domain, or agreement keeps this multi-media tag with specific header field, or forbid the foundation of this session.Wherein, the network element that carries out aforesaid operations can be I-CSCF or IBCF (Interconnectionion Border Control Function, Interconnection Border Control Function) or AS in the IMS network.
Most critical, recipient user can select to allow or restriction receives multi-media tag.Recipient's Network Check recipient user's initialize data, this initialize data comprises recipient user's multi-media tag service CAMEL-Subscription-Information, if limiting to receive, recipient user carries multi-media tag, then can from conversation message, delete multi-media tag, also can keep but multi-media tag demonstration restriction indication on adding.
Further, recipient's customer service CAMEL-Subscription-Information can also be distinguished only restriction reception from the multi-media tag of non-trust domain, and allows the multi-media tag from trust domain.
Further, recipient user's initialize data can also comprise the demonstration of the multi-media tag of certain medium type restriction or the indication that allows, as the multi-media tag to image type allow, to the multi-media tag restriction of sound-type.
Further, recipient user's initialize data can also be according to sender address to the demonstration restriction of multi-media tag or the indication that allows, recipient's network obtains sender address in the conversation message of receiving and initialize data coupling multi-media tag and shows restriction or the indication that allows.
In addition and like the transmit leg network class, recipient's network can also have the black and white lists of working out according to carrier policy of oneself, and carries out similar safe handling.
Wherein, carrying out the above-mentioned network element of operating according to user and operator's initialize data can be AS in the IMS network.
In addition, recipient's network can also further judge whether carried in its conversation message that receives that multi-media tag shows the restriction indication or from non-trust domain information, if, then can from conversation message, delete this multi-media tag, can certainly further keep.Noticing that the two may be that the transmit leg network adds, also may be that above-mentioned recipient's network oneself adds.Wherein, the network element that carries out aforesaid operations can be I-CSCF or IBCF or AS or P-CSCF in the IMS network.
In addition, when the conversation message that recipient's network receives in judgement carries from non-trust domain information, also can further carry out safety certification to multi-media tag, if pass through, then add and go up the certification mark that the expression safety certification is passed through, otherwise carry out corresponding safe handling, can certainly further not carry out safety certification and directly carry out corresponding safe handling.
In sum, the conversation message that sends to recipient's subscriber terminal equipment from recipient's network, or do not carry multi-media tag; Carry multi-media tag, and the professional satellite information that may exist, whether this business satellite information comprises multi-media tag shows whether limit indication, from the information of non-trust domain.If carry multi-media tag in the conversation message that recipient's subscriber terminal equipment is received, and multi-media tag shows the restriction indication or from the information of non-trust domain, then can judge whether to accept this multi-media tag by recipient user oneself.
Can see,, can solve the safety problem of the multi-media tag service initiation of mentioning in the background technology according to above-mentioned measure.
Below by four specific embodiment the present invention is how to solve the safety problem of multi-media tag service initiation.
Embodiment one:
As shown in Figure 2, comprise caller network and called network.The caller network side comprises calling subscriber and multimedia sign Service Processing Unit; Accordingly, the called network side also comprises called subscriber and multimedia sign Service Processing Unit.The calling subscriber initiates a calling, and the multi-media tag service processing unit of caller network side adds a multi-media tag according to the prior configuration data of calling subscriber in message related to calls; The multi-media tag service processing unit of called network side is received this message related to calls, judges that called subscriber's multi-media tag of having contracted shows limit service, this multi-media tag of deletion from this message related to calls then, and message related to calls sent to the called subscriber.In the present invention, the multi-media tag service processing unit provides the logic control function of multi-media tag service, is host's execution environment of multi-media tag service, in the IMS network, finishes this function by AS.Specifically may further comprise the steps:
The first step, the calling subscriber initiates a calling, sends SIP INVITE invitation message to caller network side multi-media tag service processing unit.
Second step, the multi-media tag service processing unit of caller network side is received this SIP INVITE, according to this user's initialize data, adds a multi-media tag in the SIP INVITE of breathing out, can still use Call-Info, example is as follows:
Call-Info:<http://www.example.com/alice/photo.jpg>;purpose=icon
This multi-media tag is an image file, form is absolute unified resource sign (absoluteURI) " http://www.example.com/alice/photo.jpg ", and represents that by purpose type (" purpose " parameter) medium type of this multi-media tag is an image (" icon ").
In addition, in order to represent that this is by the network interpolation, through multi-media tag network authentication, that can be trusted, also can adopt a new expansion header field to carry this multi-media tag, to show different with the Call-Info of RFC 3261 definition, example is as follows:
P-Media-Info:<http://www.example.com/alice/photo.jpg>;purpose=icon
In addition, because at present the Subscriber Number sign of adding through network authentication, by network is carried by the P-Asserted-Identity header field, therefore also can expand this header field carries customer multi-media tag, and example is as follows:
P-Asserted-Identity:<sip:mary@home.net>,<http://www.example.com/alice/photo.jpg>;purpose=icon
Wherein, " mary@home.net " is exactly user's number mark.
The 3rd step, the multi-media tag service processing unit of called network is received this INVITE, if carried multi-media tag in this message, then handle accordingly according to called subscriber's initialize data, multi-media tag shows restriction if the called subscriber has contracted, then in INVITE, delete multi-media tag, and send to the called subscriber.
Embodiment two:
As shown in Figure 3, comprise caller network and called network.Caller network side calling subscriber is connected with multimedia sign Service Processing Unit by the network insertion node; Accordingly, the called network side also comprises called subscriber and multimedia sign Service Processing Unit.The calling subscriber initiates a calling, in message related to calls, carried a multi-media tag temporarily, the network insertion node of caller network side adds the indication of going up from non-trust domain, the multi-media tag service processing unit of caller network side adds another multi-media tag according to calling subscriber's initialize data in message related to calls; The multi-media tag service processing unit of called network side is received this message related to calls, judge that called subscriber's non-trust domain multi-media tag of having contracted shows limit service, this multi-media tag of deletion from this message related to calls then, and the message related to calls that will carry from the multi-media tag of trust domain sends to the called subscriber.In the present invention, the network insertion node provides functions such as authentication for the user inserts grouping telecommunications territory, and in the IMS network, the network insertion node is P-CSCF.
Specifically may further comprise the steps:
(1) calling subscriber initiates a calling, sends SIP INVITE invitation message, has carried a multi-media tag in this message, can still use Call-Info, and example is as follows:
Call-Info:<http://www.alice.com/my/photo.jpg>;purpose=icon
(2) the network insertion node of caller network side is received this SIP INVITE, find to carry in this message from multi-media tag subscriber terminal equipment, unverified, foregoing, can delete this multi-media tag this moment or keep this multi-media tag and add and keep this multi-media tag with specific header field from the indication of non-trust domain or agreement, present embodiment will keep this multi-media tag, can arrange promptly to carry multi-media tag from non-trust domain with Call-Info; Perhaps add the indication parameter from non-trust domain in this header field, example is as follows:
Call-Info:<http://www.alice.com/my/photo.jpg>;purpose=icon;auth=false
This parameter is set to " false " and promptly represents corresponding multi-media tag from non-trust domain, is set to " true " and represents that promptly corresponding multi-media tag is from trust domain.
(3) the multi-media tag service processing unit of caller network side is received this SIP INVITE, according to this user's initialize data, adds another multi-media tag in the SIP INVITE of breathing out.As previously mentioned, if agreement is carried multi-media tag from non-trust domain with specific header field, as use Call-Info, then adopt another specific header field to carry multi-media tag by the network interpolation, example is as follows:
Call-Info:<http://www.alice.com/my/photo.jpg>;purpose=icon
P-Media-Info:<http://www.example.com/alice/photo.jpg>;purpose=icon
Or
Call-Info:<http://www.alice.com/my/photo.jpg>;purpose=icon
P-Asserted-Identity:<sip:mary@home.net>,<http://www.example.com/alice/photo.jpg>;purpose=icon
That is, the employing Call-Info carries the multi-media tag from non-trust domain, adopts the P-Media-Info header field of new expansion or P-Asserted-Identity header field to carry the multi-media tag that is added by network.
If with the multi-media tag of parameter indication from non-trust domain, then can adopt same header field to carry this two kinds of multi-media tags, example is as follows:
Call-Info:<http://www.alice.com/my/photo.jpg>;purpose=icon;auth=false,
<http://www.example.com/alice/photo.jpg>;purpose=icon;auth=true
The auth parameter is set to " false " and promptly represents corresponding multi-media tag from non-trust domain, is set to " true " and represents that promptly corresponding multi-media tag is from trust domain.
(4) the multi-media tag service processing unit of called network is received this INVITE, if carried multi-media tag in this message, then handle accordingly according to called subscriber's initialize data, non-trust domain multi-media tag shows restriction if the called subscriber has contracted, then in INVITE, delete this multi-media tag, and keep the multi-media tag that adds by network, and sending to the called subscriber, example is as follows:
P-Media-Info:<http://www.example.com/alice/photo.jpg>;purpose=icon
Or
P-Asserted-Identity:<sip:mary@home.net>,<http://www.example.com/alice/photo.jpg>;purpose=icon
Or
Call-Info:<http://www.example.com/alice/photo.jpg>;purpose=icon;auth=true
Embodiment three:
As shown in Figure 4, comprise caller network and called network.The caller network side comprises calling subscriber and caller network side multimedia sign Service Processing Unit; Accordingly, the called network side also comprises called subscriber and called network side multimedia sign Service Processing Unit; Also comprise the network insertion node, between called network side multimedia sign Service Processing Unit and called subscriber.The calling subscriber initiates a calling, and interim indication multi-media tag shows restriction in the message related to calls, and the multi-media tag service processing unit of caller network side adds a multi-media tag according to the prior configuration data of calling subscriber in message related to calls; The multi-media tag service processing unit of called network side is received this message related to calls, this message related to calls is sent to called subscriber's network insertion node, this network insertion node shows the indication of restriction according to the multi-media tag in the message related to calls, delete multi-media tag, and message related to calls is sent to the called subscriber.
Specifically may further comprise the steps:
(1) calling subscriber initiates a calling, send the SIP INVITE, carried multi-media tag in the message temporarily and shown the indication that limits, this multi-media tag demonstration restriction indication can be reused current Subscriber Number sign demonstration and be limited indication, be the parameter value in the Privacy header field, as
Privacy:id
In addition, also can adopt a new sign to show the restriction indication, this sign shows that the restriction indication can show the object of restriction by a new parameter (as following " the object ") expression in the expansion Privacy header field, with distinguish restriction to as if Subscriber Number sign, still multi-media tag, as:
Privacy:id;object=media
It is multi-media tag that the object parameter is set to " media " expression restriction object.
Or
Privacy:media
Directly the Privacy header field is set to new argument " media " expression multi-media tag demonstration restriction indication.
In addition, also can expand a new header field and represent the demonstration of multi-media tag is limited, as:
Media-Privacy:id
(2) the multi-media tag service processing unit of caller network side is received this SIP INVITE, according to this user's initialize data, adds a multi-media tag in the SIP INVITE of breathing out, and sends to called network.In addition, the multi-media tag service processing unit also can be according to receiving that the multi-media tag that carries in the message shows the restriction indication, and in the SIP INVITE of breathing out, do not add the multi-media tag that the user presets, the present embodiment flow process does not show this situation.
(3) the multi-media tag service processing unit of called network is received this SIP INVITE, handle accordingly according to called subscriber's initialize data, if the called subscriber allows multi-media tag to show, then the SIP INVITE is sent to called subscriber's network insertion node.
(4) this network insertion node is received this SIP INVITE, shows the indication that limits according to the multi-media tag in the message, deletes the multi-media tag in the message, and sends to the called subscriber.
Need to prove, provide the calling subscriber among the embodiment three and carried the message examples that multi-media tag shows the restriction indication temporarily, as previously mentioned, the multi-media tag service processing unit also can carry multi-media tag according to user's initialize data and show the restriction indication in message, at this moment, message examples is with the description of step 1 among the embodiment three.
Above-mentioned three embodiment are that the calling subscriber shows its multi-media tag to the called subscriber, conversely, the called subscriber can show its multi-media tag to the calling subscriber equally, the scene of processing in this case and above-mentioned two embodiment is similar, and just the processing on the user terminal of Calling Side, callee side, network insertion node, the multi-media tag service processing unit has taken place to put upside down; Simultaneously, multi-media tag and professional satellite information will be at the answer codes of SIP INVITE, as carrying in SIP 183 responses, SIP 180 responses, SIP 200 responses.
Embodiment four:
Figure 5 shows that a called subscriber shows the embodiment of its multi-media tag to the calling subscriber: the calling subscriber initiates a message related to calls, after the called subscriber receives this message related to calls, send answer code, the called subscriber is positioned on the internet, adds a multi-media tag in answer code; This message related to calls is received in the inter-domain intercommunicate unit of caller network side, judge that its conversation message that receives is from the internet, on in answer code, adding from the indication of non-trust domain, the multi-media tag service processing unit of caller network side is received this message related to calls, judge that calling subscriber's non-trust domain multi-media tag of having contracted shows limit service, then from this answer code, delete this multi-media tag, and answer code is sent to the calling subscriber.In the present invention, when caller, called when being positioned at different operators network or different type network, the inter-domain intercommunicate unit provides the internetwork route of calling and called, authentication, network topology function such as to hide, and in the IMS network, the inter-domain intercommunicate unit can be I-CSCF, IBCF.
Specifically may further comprise the steps:
(1) calling subscriber makes a call, and sends the SIP INVITE.
(2) the multi-media tag service processing unit of caller network is received this SIP INVITE, sends to called network.
(3) this SIP INVITE is received in the inter-domain intercommunicate unit of caller network, sends to the called subscriber.
(4) called subscriber receives this SIP INVITE, sends answer code, as ring answer code SIP 180.The called subscriber adds a multi-media tag in this answer code, and sends to the caller network, and example is as follows:
Alert-Info:<http://www.example.com/sounds/moo.wav>
The medium type of multi-media tag is a speech media type, and this voice document " moo.way " has been specified the ring-back tone of caller, i.e. " Ring Back Tone service ".
(5) this 180 answer code is received in the inter-domain intercommunicate unit of caller network, as previously mentioned, judge whether the opposite end network is trusted territory network, if not, as from the internet, and carry multi-media tag in the message, then delete from the multi-media tag in the conversation message of subscriber terminal equipment, perhaps keep this multi-media tag and add and keep this multi-media tag with specific header field from non-trust domain indication or agreement, in the present embodiment, keep this multi-media tag and add and indicate, and send to the multi-media tag service processing unit from non-trust domain.In message, add method from non-trust domain indication with the description among the embodiment two.
(6) the multi-media tag service processing unit of caller network is received this 180 answer code, if carried multi-media tag in this message, then handle accordingly according to called subscriber's initialize data, non-trust domain multi-media tag shows restriction if the calling subscriber has contracted, then in 180 answer codes, delete multi-media tag, and send to the calling subscriber.
Embodiment five:
Fig. 6 obtains showing by certification mark behind the certification mark flow chart of its multi-media tag for the user: the user is to the network configuration multi-media tag, safety certification is passed through, network returns a certification mark, subscriber terminal equipment is noted this certification mark, and the user initiates a message related to calls, carries this certification mark in the message, network is received this message related to calls, judge that this certification mark is effective, with the corresponding multi-media tag of this certification mark, send to the opposite end again on then in this message related to calls, adding.
Specifically may further comprise the steps:
(1) network registry: the user sends SIP REGISTER registration message to the network configuration multi-media tag to network, and message is carried multi-media tag to be configured, and message examples is as follows:
Call-Info:<http://www.example.com/alice/photo.jpg>;purpose=icon
Call-Info used herein also can replace with the new header field of an expansion, and expression is carried is to be configured registration, to ask to carry out the multi-media tag of safety certification to network from the user:
Media-Authoriaztion:useridentity=”http://www.example.com/alice/photo.jpg”
In addition, in current Session Initiation Protocol, the Authorization header field is used for authenticated user termination number sign, therefore can also expand the parameter of Authorization header field and carry this multi-media tag.
Can see, here the user is the multi-media tag in registration in network registry oneself, the user also can again to the network configuration multi-media tag, carry new header field of above-mentioned expansion or expansion Authorization header field parameter as the sip message by other after registration.
In addition, the user can also be after registration, by HTTP (HyperTextTransportProtocol, HTTP) message bearing XML (eXtended Markup Language, extending mark language) describes to the network configuration multi-media tag, XML has the concrete application of various ways, XCAP (XML Configuration Access Protocol, extending mark language configuration access agreement) is the concrete application of XML aspect the configuration data visit, use XCAP can describe the related data of user to the network configuration multi-media tag, except basic multi-media tag data, can also further describe other initialize data of described transmit leg user, as group's group number, recipient's destination address, be present condition etc.
In addition, the user can also directly carry the XML description to the network configuration multi-media tag in sip message.
(2) succeed in registration, network authentication generates a certification mark that is associated with this multi-media tag by user configured multi-media tag, network returns 200 answer codes to the user, carry the certification mark of this multi-media tag in the answer code, can carry by a new header field of expansion, as:
Media-Authenticate:djfdaf238635twe129
Can also expand and use in the current Session Initiation Protocol existing Authentication-Info header field or WWW-Authenticate header field or P-Media-Authorization header field to carry this certification mark.
In addition, if the user describes by aforesaid HTTP message bearing XML to dispose multi-media tag, then network returns 200 answer codes of HTTP message in this step, carries certification mark in the answer code.
If authentification failure, then network can return a failure response sign indicating number.
(3) subscriber terminal equipment is received this 200 answer code, notes this certification mark.
In addition, further, after subscriber terminal equipment obtains this certification mark, can also pass through this certification mark,, calculate a certification mark and respond and note with certain algorithm.Wherein, the title of this algorithm, calculating parameter can also pass through to be carried to subscriber terminal equipment together by 200 answer codes in the step (2).
In addition, consider that the user may change terminal equipment, therefore need the user data card that can insert in the terminal equipment, can independently carry, as ISIM (IP Multimedia Services Identity Module, IP multimedia service identity module) card this certification mark of record or certification mark response, after the user changes terminal equipment, this user data card is inserted new terminal equipment get final product.
(4) user initiates a calling, send the SIP INVITE, carry the response of this certification mark or certification mark in the message, as reuse the new header field Media-Authenticate of above-mentioned expansion or Media-Authoriaztion carries, perhaps the new header field of another different expansion carries or expands and use the existing Authorization header field of current Session Initiation Protocol or Authentication-Info header field or WWW-Authenticate header field or P-Media-Authorization header field to carry.
In addition, as previously mentioned, in this INVITE, the multi-media tag that the user can also carry and this certification mark is corresponding, be configured in step (1), can or reuse new expansion header field Media-Authoriaztion etc. by aforesaid Call-Info, P-Media-Info header field, P-Asserted-Identity header field, example is as follows:
Media-Authoriaztion:useridentity=”http://www.example.com/alice/photo.jpg”,
response=”6629face43759dfsf1”
What wherein, carry in the response parameter is exactly a certification mark response.
(5) network is received this INVITE, extracts the response of certification mark or certification mark from message, judges whether it is effective, if effectively, then obtain the multi-media tag that this certification mark is associated, and add in this INVITE, sends to the opposite end network again.
If carried the multi-media tag that the user adds in the INVITE that network is received, then after certification mark or certification mark response judgement effectively, and confirm that this multi-media tag and this certification mark are associated, then allow this INVITE to continue to carry this multi-media tag and send to the opposite end network.
Wherein, if network is judged certification mark or certification mark invalid response, then deletion certification mark or certification mark response in this INVITE, and carry out corresponding safe handling: do not carry multi-media tag or carry multi-media tag and add and carry multi-media tag with specific header field or forbid the foundation of this session from the indication of non-trust domain or agreement.
Need to prove that among the aforesaid embodiment, certification mark or response are to produce in the process of the pre-configured multi-media tag of network the user, and in the message related to calls of initiating, carry or when receiving message related to calls, add by network by the user.In addition, can also in the Client-initiated message related to calls, be provided with multi-media tag temporarily, this message after network is received, after authentication security passes through, certification mark of regeneration, and be added in this message.Promptly concerning the former, pre-configured multi-media tag can have certification mark or its response of " forever ", and concerning the latter, the interim multi-media tag that is provided with also can have the certification mark of " temporarily " in the message related to calls.
In the above-described embodiment, the conversation message that carries multi-media tag that the user sends is except that the SIPINVITE message of foregoing example, SIP REGISTER message, SIP 180 answer codes, HTTP message, can also be the sip request message of standards such as SIPMESSAGE instant message, SIP REFER Reference News, SIP SUBSCRIBE subscribe message, SIP NOTIFY notification message, SIP PUBLISH give out information, SIP INFO informational message, and various sip response sign indicating numbers such as 183,180,200.
To sum up, visible core concept of the present invention is:
The first, make multi-media tag recipient user can select to receive the multimedia mark based on permission or the restriction of subscriber policy Know. Further, subscriber policy can provide the permission of different stage or restriction (as limit all multi-media tags, Only restriction is from the multi-media tag of non-trust domain), restriction or permission to different media types can be provided, can carry For to the restriction of different sender address or permission etc.
The second, whether the multi-media tag that Network Check receives secure and trusted, checks according to comprising coming of multi-media tag Source (whether from subscriber terminal equipment, non-trust domain network etc.), the black and white lists worked out according to carrier policy etc., If can not be trusted, then carry out corresponding safe handling, comprising: deletion multi-media tag or reservation multi-media tag And add that indication or agreement from non-trust domain keep multi-media tag or forbid building of this session with specific header field Vertical.
Wherein, check that the method that multi-media tag is originated comprises: whether the interior perhaps chained address that checks multi-media tag can Trusted, checked whether the informed source address of carrying this multi-media tag can be trusted, checked and carry this multi-media tag Message whether carry this multi-media tag from trust domain or non-trust domain information etc.
If the inspection secure and trusted, then network allows to continue to carry this multi-media tag or generates a certification mark, its In, when continuing to carry this multi-media tag, can also add indication or a certification mark or about from trust domain The fixed specific header field that had authenticated with expression carries this multi-media tag.
If network has generated a certification mark, then this certification mark can also be returned to the user, the user is sending Carry this certification mark in the conversation message.
The 3rd, limit by multi-media tag transmit leg network and add the multi-media tag that the transmit leg user presets.
Further expand, the present invention is not limited only to above-mentioned user's multi-media tag service, and the present invention can be suitable for Safety issue during application in from all transmit leg users to recipient user's transferring multimedia information, the transmit leg user to Recipient user's transferring multimedia information, can there be safety issue in recipient user when carrying out this multimedia messages, Such as: in Session Initiation Protocol, the user can carry MIME (Multipurpose Internet by SIP MESSAGE message Mail Extensions, MIME (Multipurpose Internet Mail Extensions)) medium type, namely carry the MIME medium type such as Email Like that the MIME medium are carried in message body (message body) as an annex (appended document), such as literary composition Presents, audio files etc. are used core concept provided by the invention, can solve its safety issue equally. That is: The multi-media tag of indication of the present invention can be a chained address, can also be a multimedia file.
In addition, further expansion, the present invention is not limited only to the above-mentioned conversation message of realizing with Session Initiation Protocol, The present invention can also be applicable to the safety issue the when conversation message of realizing by variety of protocol transmits multi-media tag, Can also be the Email Email such as conversation message, the transmit leg user sends the Email Email to recipient user, Email can carry multi-media tag, uses core concept provided by the invention, can solve equally its security and ask Topic. The flow process diagram of doing among the present invention and the only explanation for key technology of the present invention is done of explanatory note are not shown Show a complete calling and Service control flow process, also do not have all possible branch of limit flow process; Anyly be subordinated to this Change the part that bright core concept and thinking are done or distortion must belong to protection scope of the present invention.

Claims (54)

1, a kind of implementation method of customer multi-media tag service may further comprise the steps:
101, second network is received first user's that opposite end first network sends conversation message, if carry multi-media tag in this conversation message, then according to second user's initialize data, judge whether to allow to show first user's multi-media tag, if this conversation message that allows then to carry described multi-media tag sends to second user to second user; If do not allow, then in this conversation message, carry described multi-media tag and show the restriction indication or delete described multi-media tag, again this conversation message is sent to second user.
2, the implementation method of customer multi-media tag service according to claim 1 is characterized in that before step 101 further comprising the steps of:
201, first network is received the first Client-initiated conversation message, according to first user's initialize data, judges whether to allow to carry the multi-media tag that this user presets in this conversation message, if allow then to carry, and send to second network at the second user place, opposite end.
3, the implementation method of customer multi-media tag service according to claim 1 is characterized in that:
The network insertion node that also comprises second user, if carry the network insertion node that described multi-media tag shows the restriction indication or is sent to second user from the conversation message of non-trust domain information and described multi-media tag, then this network insertion node is deleted described multi-media tag in described conversation message, and sends to second user.
4, according to the implementation method of the described customer multi-media tag service of 1,2 or 3 arbitrary claims, it is characterized in that further comprising the steps of: described first network or second network based certain inspection according to checking whether secure and trusted of the multi-media tag that carries in the conversation message that receives, if dangerous then handle accordingly, comprising: delete unsafe multi-media tag or keep unsafe multi-media tag and add from non-trust domain information or carry the foundation that multi-media tag shows the restriction indication or forbids this session.
5, the implementation method of customer multi-media tag service according to claim 4 is characterized in that further comprising the steps of:
The described foundation of checking comprises the source of multi-media tag or the black and white lists of working out according to carrier policy.
6, the implementation method of customer multi-media tag service according to claim 5 is characterized in that further comprising the steps of: the method in the source of described inspection multi-media tag comprises at least a in the following method: whether the interior perhaps chained address of checking multi-media tag can be trusted or be checked whether described conversation message source can be trusted or check whether described conversation message carries from trust domain or non-trust domain information.
7, according to the implementation method of the described customer multi-media tag service of 1,2,3,5 or 6 arbitrary claims, it is characterized in that further may further comprise the steps:
In the step 201, described first network also is provided with data according to first user in the described conversation message of receiving temporarily, judge whether to allow in this conversation message, to carry multi-media tag that this user presets or this user multi-media tag in the data is set temporarily, if allow then to carry, and send to second network at the second user place, opposite end.
8, according to the implementation method of the described customer multi-media tag service of 1,2,3,5 or 6 arbitrary claims, it is characterized in that further may further comprise the steps:
In the step 201, described first network is also according to described initialize data, judge whether to allow in this conversation message, to carry first user in the described conversation message multi-media tag in the data is set temporarily,, and send to second network at the second user place, opposite end if allow then to carry.
9, according to the implementation method of the described customer multi-media tag service of 1,2,3,5 or 6 arbitrary claims, it is characterized in that further may further comprise the steps:
In the step 201, the described first network based described initialize data, and described conversation message in first user data are set temporarily, judge whether to allow in this conversation message, to carry multi-media tag that described user presets and described at least one of multi-media tag in the data of temporarily being provided with, if do not allow, then do not carry or carry multi-media tag and show the restriction indication or carry, and send or forbid the foundation of this session to second network at the second user place, opposite end from non-trust domain information.
10, according to the implementation method of the described customer multi-media tag service of 1,2,3,5 or 6 arbitrary claims, it is characterized in that: described first user's initialize data also comprises first user property sign.
11, the implementation method of customer multi-media tag service according to claim 10 is characterized in that: described first user property sign is group's group number of first Subscriber Number or the first user place group.
12, the implementation method of customer multi-media tag service according to claim 10 is characterized in that: described first user's initialize data also comprises first user's the present condition that is.
13, according to the implementation method of the described customer multi-media tag service of arbitrary claim 10, it is characterized in that: described first user's initialize data also comprises second user's address.
14, according to the implementation method of the described customer multi-media tag service of 1,2,3,5 or 6 arbitrary claims, it is characterized in that: second user's initialize data comprises that the expression multi-media tag shows restriction or the indication that allows.
15, the implementation method of customer multi-media tag service according to claim 14 is characterized in that: described second user's initialize data comprises that also expression shows restriction or the indication that allows to the multi-media tag of certain medium type.
16, the implementation method of customer multi-media tag service according to claim 14 is characterized in that: described second user's initialize data also comprises represents that to first user's address multi-media tag shows restriction or the indication that allows.
17, the implementation method of customer multi-media tag service according to claim 14 is characterized in that: described second user's initialize data also comprises the indication that the multi-media tag of separate sources is shown restriction.
18, according to the implementation method of the described customer multi-media tag service of 1,2,3,5 or 6 arbitrary claims, it is characterized in that: the described multi-media tag that carries in conversation message, can carry by Call-Info or P-Asserted-Identity header field or expansion header field or message body.
19, the implementation method of customer multi-media tag service according to claim 18, it is characterized in that: described multi-media tag is distinguishing different in described conversation message, the multi-media tag of separate sources is carried by different header fields, or carries in same header field and distinguish by indication separate sources parameter.
20, the implementation method of customer multi-media tag service according to claim 7 is characterized in that: first user's the data that temporarily are provided with comprise that also certification mark or certification mark response or multi-media tag show restriction or the indication that allows in the described conversation message.
21, according to the implementation method of the described customer multi-media tag service of 1,2,3,5 or 6 arbitrary claims, it is characterized in that further may further comprise the steps:
In the step 201, described first network also carries from trust domain information when judgement allows to carry described multi-media tag, and sends to second network at the second user place, opposite end.
22, the implementation method of customer multi-media tag service according to claim 6 is characterized in that: describedly comprise from trust domain information or non-trust domain information: from the specific header field of trust domain or the indication of non-trust domain, safe to carry or dangerous multi-media tag, effectively or the invalid authentication mark.
23, according to the implementation method of the described customer multi-media tag service of 1,2,3,5,6 or 20 arbitrary claims, it is characterized in that: the described multi-media tag that carries in conversation message shows the restriction indication, carries by Privacy header field or an expansion header field.
24, according to the implementation method of the described customer multi-media tag service of 1,2,3,5 or 6 arbitrary claims, it is characterized in that: described conversation message is sip request message or sip response sign indicating number or Email.
25, the implementation method of customer multi-media tag service according to claim 24 is characterized in that: described sip response sign indicating number is SIP 183 responses, SIP 180 responses or SIP 200 responses.
26, according to the implementation method of the described customer multi-media tag service of 1,2,3,5 or 6 arbitrary claims, it is characterized in that: the form of described multi-media tag is a unified resource sign or MIME media formats.
27, according to the implementation method of the described customer multi-media tag service of 1,2,3,5 or 6 arbitrary claims, it is characterized in that before step 201 further comprising the steps of:
2701, described first user sends the configuration messages request authentication that carries multi-media tag to described first network, authentication success, and first network generates a certification mark.
28, the implementation method of customer multi-media tag service according to claim 27 is characterized in that: described configuration messages is sip message or HTTP message.
29, the implementation method of customer multi-media tag service according to claim 28, it is characterized in that: the multi-media tag that carries in the described configuration messages, be carried on Call-Info or Authorization header field or expansion header field or message body, or the configuration data described with XML in.
30, the implementation method of customer multi-media tag service according to claim 27 is characterized in that after step 2701 further comprising the steps of:
3001, the first networks return to first user with described certification mark.
31, according to the implementation method of the described customer multi-media tag service of 20 or 22 arbitrary claims, it is characterized in that: described certification mark or certification mark respond by Authorization header field or Authentication-Info header field or WWW-Authenticate header field or P-Media-Authorization header field or expand header field and carry.
32, the implementation method of customer multi-media tag service according to claim 30 is characterized in that after step 3001 further comprising the steps of:
3201, described first user obtains described certification mark, calculates the certification mark response according to this certification mark.
33, a kind of implementation method of customer multi-media tag service may further comprise the steps:
3301, first network is received the first Client-initiated conversation message, at least according to first user in first user's initialize data or the described conversation message a kind of data in the data are set temporarily, judge whether to allow in this conversation message, to carry multi-media tag that this user presets or this at least a sign in the multi-media tag in data is set temporarily, if allow then to carry, and send to second network at the second user place, opposite end.
34, the implementation method of customer multi-media tag service according to claim 33 is characterized in that after step 3301 further comprising the steps of:
3401, second network is received first user's that opposite end first network sends conversation message, if carry multi-media tag in this conversation message, then according to second user's initialize data, judge whether to allow to show first user's multi-media tag, if this conversation message that allows then to carry described multi-media tag sends to second user to second user; If do not allow, then in this conversation message, carry described multi-media tag and show the restriction indication or delete described multi-media tag, again this conversation message is sent to second user.
35, according to the implementation method of claim 33 or 34 described customer multi-media tag services, it is characterized in that further comprising the steps of: described first network or second network based certain inspection according to checking whether secure and trusted of the multi-media tag that carries in the conversation message that receives, if dangerous then handle accordingly, comprising: delete unsafe multi-media tag or keep unsafe multi-media tag and add from non-trust domain information or forbid the foundation of this session.
36, the implementation method of customer multi-media tag service according to claim 35 is characterized in that further comprising the steps of:
The described foundation of checking comprises the source of multi-media tag or the black and white lists of working out according to carrier policy.
37, the implementation method of customer multi-media tag service according to claim 36 is characterized in that further comprising the steps of: the method in the source of described inspection multi-media tag comprises at least a in the following method: whether the interior perhaps chained address of checking multi-media tag can be trusted, be checked whether described conversation message source can be trusted, check whether described conversation message carry from trust domain or non-trust domain information.
38, the implementation method of customer multi-media tag service according to claim 33 is characterized in that:
The network insertion node that also comprises second user, if carry the network insertion node that described multi-media tag shows the restriction indication or is sent to second user from the conversation message of non-trust domain information and described multi-media tag, then this network insertion node is deleted described multi-media tag in described conversation message, and sends to second user.
39, the implementation method of customer multi-media tag service according to claim 33 is characterized in that further may further comprise the steps:
In the step 3301, described first network is judged when allowing to carry described multi-media tag, is also carried from trust domain information, and send to second network at the second user place, opposite end.
40, the implementation method of customer multi-media tag service according to claim 33 is characterized in that further may further comprise the steps:
In the step 3301, described first network judgement does not allow to carry described multi-media tag in described conversation message, then not carrying or carry multi-media tag shows the restriction indication or carries from non-trust domain information, and send to second network at the second user place, opposite end, perhaps forbid the foundation of this session.
41, according to the implementation method of the described customer multi-media tag service of 37 to 40 arbitrary claims, it is characterized in that: describedly comprise: from the specific header field of trust domain or the indication of non-trust domain, safe to carry or dangerous multi-media tag, effectively or the invalid authentication mark from trust domain or non-trust domain information.
42, a kind of implementation method of customer multi-media tag service may further comprise the steps:
Network is received a conversation message that carries multi-media tag, according to certain inspection according to checking whether secure and trusted of this multi-media tag, if dangerous then handle accordingly, comprising: delete unsafe multi-media tag or keep unsafe multi-media tag and add from non-trust domain information or forbid the foundation of this session.
43,, it is characterized in that further comprising the steps of according to the implementation method of the described customer multi-media tag service of claim 42:
The described foundation of checking comprises the source of multi-media tag or the black and white lists of working out according to carrier policy.
44, according to the implementation method of the described customer multi-media tag service of claim 43, it is characterized in that further comprising the steps of: the method in the source of described inspection multi-media tag comprises at least a in the following method: whether the interior perhaps chained address of checking multi-media tag can be trusted, be checked whether described conversation message source can be trusted, check whether described conversation message carry from trust domain or non-trust domain information.
45, according to the implementation method of the described customer multi-media tag service of claim 42, it is characterized in that further comprising the steps of: the described multi-media tag secure and trusted of described Network Check, then multi-media tag safe to carry or multi-media tag safe to carry and add from trust domain information in described conversation message perhaps generate a certification mark and return to the sender of this conversation message.
46,, it is characterized in that further comprising the steps of according to the implementation method of the described customer multi-media tag service of claim 42:
The conversation message that described network is received is from first user, at least according to first user in described first user's initialize data or the described conversation message a kind of data in the data are set temporarily, judge whether to allow in this conversation message, to carry multi-media tag that this user presets or this at least a sign in the multi-media tag in data is set temporarily, if allow then to carry, and to second network transmission to the second user place, opposite end.
47,, it is characterized in that further comprising the steps of according to the implementation method of the described customer multi-media tag service of claim 46:
Second network is received described conversation message, if carry multi-media tag in this conversation message, then according to described second user's initialize data, judge whether to allow to show first user's multi-media tag, if this conversation message that allows then to carry described multi-media tag sends to second user to second user; If do not allow, then in this conversation message, carry described multi-media tag and show the restriction indication or delete described multi-media tag, again this conversation message is sent to second user.
48, according to the implementation method of the described customer multi-media tag service of claim 47, it is characterized in that:
The network insertion node that also comprises second user, if carry the network insertion node that described multi-media tag shows the restriction indication or is sent to second user from the conversation message of non-trust domain information and described multi-media tag, then this network insertion node is deleted described multi-media tag in described conversation message, and sends to second user.
49, according to the implementation method of the described customer multi-media tag service of 42 to 48 arbitrary claims, it is characterized in that: describedly comprise: from the specific header field of trust domain or the indication of non-trust domain, safe to carry or dangerous multi-media tag, effectively or the invalid authentication mark from trust domain or non-trust domain information.
CNA2006100779228A 2006-03-30 2006-04-26 Implementing method of customer multi-media tag service Pending CN101047629A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CNA2006100779228A CN101047629A (en) 2006-03-30 2006-04-26 Implementing method of customer multi-media tag service
PCT/CN2007/000417 WO2007112642A1 (en) 2006-03-30 2007-02-07 A method and device for implementing the user's multimedia identifier service

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CN200610034824 2006-03-30
CN200610034824.6 2006-03-30
CNA2006100779228A CN101047629A (en) 2006-03-30 2006-04-26 Implementing method of customer multi-media tag service

Publications (1)

Publication Number Publication Date
CN101047629A true CN101047629A (en) 2007-10-03

Family

ID=38563086

Family Applications (1)

Application Number Title Priority Date Filing Date
CNA2006100779228A Pending CN101047629A (en) 2006-03-30 2006-04-26 Implementing method of customer multi-media tag service

Country Status (2)

Country Link
CN (1) CN101047629A (en)
WO (1) WO2007112642A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102164178A (en) * 2011-03-28 2011-08-24 华为技术有限公司 Content acquiring method and client
CN101471938B (en) * 2007-12-27 2012-06-20 华为技术有限公司 Authentication method, system and device for point-to-point network
CN111163216A (en) * 2019-12-11 2020-05-15 维沃移动通信有限公司 Image transmission method and electronic equipment
CN113966011A (en) * 2020-07-03 2022-01-21 中国移动通信有限公司研究院 Call establishment method, device, equipment and storage medium

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113645361B (en) * 2020-05-11 2023-04-07 中国电信股份有限公司 Method, device and system for providing value added service before call and storage medium

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6782419B2 (en) * 2000-07-24 2004-08-24 Bandai Co., Ltd. System and method for distributing images to mobile phones
US7428580B2 (en) * 2003-11-26 2008-09-23 Aol Llc Electronic message forwarding
JP2004222094A (en) * 2003-01-17 2004-08-05 Hitachi Ltd Communication equipment and communication system
CN1820288A (en) * 2003-08-29 2006-08-16 诺基亚公司 Method and device for customized picture-based user identification and authentication

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101471938B (en) * 2007-12-27 2012-06-20 华为技术有限公司 Authentication method, system and device for point-to-point network
CN102164178A (en) * 2011-03-28 2011-08-24 华为技术有限公司 Content acquiring method and client
CN111163216A (en) * 2019-12-11 2020-05-15 维沃移动通信有限公司 Image transmission method and electronic equipment
CN113966011A (en) * 2020-07-03 2022-01-21 中国移动通信有限公司研究院 Call establishment method, device, equipment and storage medium

Also Published As

Publication number Publication date
WO2007112642A1 (en) 2007-10-11

Similar Documents

Publication Publication Date Title
CN1801810A (en) Conversation initialization protocol message body content processing method and network
CN1832473A (en) Method and device for processing session message in IMS network
CN1509577A (en) Existential server in IP multi-media
CN100343835C (en) Program, information processing method and device
CN1893427A (en) Method for conducting business support ability consultation
CN1747470A (en) Service signal processing system and method for group domain
CN101040497A (en) Firewall system and firewall control method
CN1382347A (en) Network architecture and method service script execution and management
CN101052154A (en) IP multimedia sub system and its coding and decoding switching control method
CN1852081A (en) Method for realizing muti-part meeting through uest generation network
CN1941933A (en) Method and telecommunication system for accessing IMS domain to circuit domain users
CN1773967A (en) Method for providing service to circuit field user via group field
CN101047628A (en) System and method for implementing block service of circuit field terminal access packet network
CN1801231A (en) Emergency call system and emergency call method
CN1901448A (en) Connecting identification system in communication network and realizing method
CN1422035A (en) Cipher key exchange equipment, method, program and recording medium for recording the same program
CN1870826A (en) Call release control system and its method
CN101047629A (en) Implementing method of customer multi-media tag service
CN101030931A (en) Method for transmitting service data and its applied packet terminal
CN1901550A (en) Subscribing method based on conversation start protocol and its system and device
CN1716953A (en) Method for identifying conversation initial protocol
CN101076198A (en) Method for multimedium color-image service
CN1897755A (en) Server, client, method for operating a server and method for operating a client
CN1859395A (en) Service realizing system and method for IP multimedia subsystem
CN1878388A (en) Method for confirming data transmission service quality in communication network

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Open date: 20071003