CN101237456A - System and method for processing network service quality information - Google Patents
System and method for processing network service quality information Download PDFInfo
- Publication number
- CN101237456A CN101237456A CNA2008100831118A CN200810083111A CN101237456A CN 101237456 A CN101237456 A CN 101237456A CN A2008100831118 A CNA2008100831118 A CN A2008100831118A CN 200810083111 A CN200810083111 A CN 200810083111A CN 101237456 A CN101237456 A CN 101237456A
- Authority
- CN
- China
- Prior art keywords
- information
- service quality
- network
- qos
- network service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a system for processing the network service quality, comprising an information receiving unit for receiving the network service quality information and the network security information from the external part, an information processing unit for modifying the network service quality information according to the network security information to generate the network service quality information of the modified network service quality under the circumstance that the network security requirement is satisfied, and an information output unit for outputting the modified network service quality information to the external part. The system can quantify the influence of the network security on the network service quality, thereby avoiding the situation that the network service quality performance decreases drastically due to the addition of the network security mechanism.
Description
Technical field
The present invention relates to the communications field, relate more specifically to a kind of system and method that is used to handle network service quality information.
Background technology
Network service quality (Quality of Service is called for short QoS) and network security, the two was taken as independent entity in the past and studied in different separately fields.Deep day by day along with what study, find that gradually QoS and safety are to influence each other, get in touch each other.QoS needs the support of safety on the one hand, could resist various attack, prevents to make QoS not reach requirement owing to the fragility of network; On the other hand, because the adding of security mechanism makes QoS be subjected to bigger influence, such as the overhead that the additional networks that causes because of encryption postpones and authentication causes.Especially more obvious in Ad Hoc network environment, the expense that the security mechanisms of introducing in order to ensure the communication security in the open wireless network such as authentication cause tends to produce significantly influence to QoS.
The key issue that the foundation of next generation network platform need solve is to guarantee QoS safely and effectively.In next generation network, business is separated with carrying, and miscellaneous service can insert same network, for different user provides service.The safety requirements of different business may be different with qos requirement.If the influence of different safety mechanisms to QoS do not considered in the setting of qos parameter, may cause under lower security requirement situation, QoS is met.And when safety requirements improved, its QoS effect of identical qos parameter just may obviously descend.Therefore, more security mechanism can make QoS parameters decreased performance; And very few security mechanism can make QoS can not get ensureing.When a network environment had only the protection that the requirement of QoS is not had safety, such QoS was unsettled.
For instance, bandwidth is the important indicator of QoS.When network environment does not have safeguard protection, have a large amount of junk information and pour in, occupy massive band width, even cause periods of network disruption, network and professional QoS also can not get ensureing.Therefore, in order to obtain secure QoS, safe protection must be arranged.Say from another point of view, introduce safeguard protection, as access authentication etc., must take resource again, same bandwidth is because the introducing of safety must make bandwidth reduce, and postponing increases, and shows as the QoS decreased performance.
Therefore, no matter be design of protocol or practical application, the QoS and the consideration that must combine safely can be satisfied user's the QoS and the dual requirements of safety preferably, still, also do not have such implementation method to guarantee at present.
Summary of the invention
One or more problems in view of the above the invention provides a kind of system and method that is used to handle network service quality information, require and network security requirement with the network service quality that satisfies the user preferably.
The system that is used to handle network service quality information according to the embodiment of the invention comprises: information receiving unit is used for receiving from the outside network service quality information and network safety information; Information process unit is used for according to network safety information, and network service quality information is carried out correcting process, to guarantee network service quality satisfying under the condition of network security requirement; And information output unit, be used for the network service quality information after the correcting process is outputed to the outside.
Wherein, information receiving unit comprises: first receiving element is used for from outside reception network service quality information; Second receiving element is used for from outside reception network safety information.Wherein, first receiving element can comprise one or more logic OR physical interfaces.Second receiving element can comprise one or more logic OR physical interfaces.And first and second receiving elements do not have sequencing in time, spatially are arranged side by side.
Wherein, network service quality information comprises one or more in the following information: QoS parameter, quality of service request, quality of service policy, relate to the signaling of service quality.Network safety information comprises one or more in the following information: security parameter, security request, security strategy, relate to safe signaling.
The method that is used to handle network service quality information according to the embodiment of the invention comprises: receive network service quality information and network safety information from the outside; According to network safety information, network service quality information is carried out correcting process, to guarantee network service quality satisfying under the condition of network security requirement.
Wherein, network service quality information comprises one or more in the following information: QoS parameter, quality of service request, quality of service policy, relate to the signaling of service quality.Network safety information comprises one or more in the following information: security parameter, security request, security strategy, relate to safe signaling.
By the present invention, can quantize the influence of network security, thereby can avoid the generation of the situation that the network service quality performance declines to a great extent because of the increase of network security mechanism network service quality.
Description of drawings
Accompanying drawing described herein is used to provide further understanding of the present invention, constitutes the application's a part, and illustrative examples of the present invention and explanation thereof are used to explain the present invention, do not constitute improper qualification of the present invention.In the accompanying drawings:
Fig. 1 is the schematic diagram of the process network QoS information handled according to the system that is used to handle network service quality information of the embodiment of the invention;
Fig. 2 is used for handling the schematic diagram that the system of network service quality information implements at next generation network according to the embodiment of the invention;
Fig. 3 (a) is the flow chart that sends the secure resources request according to the service control function module (SCF) of the embodiment of the invention to tactful decision module (PD-FE);
Fig. 3 (b) is the flow chart that sends the secure resources request according to the network internet control function module (NACF) of the embodiment of the invention to tactful decision module;
Fig. 3 (c) is the policy enforcement module (PE-FE) according to the embodiment of the invention sends a flow chart from the secure resources request to tactful decision module;
Fig. 4 is used for handling a kind of application scenarios schematic diagram of the system of network service quality information at next generation network according to the embodiment of the invention; And
Fig. 5 is used for handling the another kind of application scenarios schematic diagram of the system of network service quality information at next generation network according to the embodiment of the invention.
Embodiment
The input/output interface (that is, information receiving module and message output module) that comprises QoS correcting module (that is message processing module), QoS correcting module according to the system that is used to handle network service quality information of the embodiment of the invention.
Wherein, the input/output interface of QoS correcting module has 3 classes at least, is respectively QoS information input class interface, QoS information output class interface and security information input class interface.Each class interface can comprise one or more physical or logical interfaces according to practical situations.QoS information can be qos parameter, QoS request, qos policy, relate to one or more the combination in the signaling etc. of QoS.Security information can be security parameter, security request, security strategy, relate to one or more the combination in safe signaling etc.
Wherein, the function of QoS correcting module is as follows: according to the security information of security information input class interface, revise the information from QoS information input class interface, and export revised information by QoS information output class interface.The method of work of this system is as follows:
Security information is transferred to the QoS correcting module by security information input class interface; QoS information is transferred to the QoS correcting module by QoS information input class interface; Security information and QoS message transmission do not have specific sequencing between the process of QoS correcting module; The QoS correcting module, is revised the QoS information of input by approach such as algorithm, strategy or human configuration according to security information; And the QoS correcting module is externally exported revised QoS information by QoS information output class interface.
Below with reference to accompanying drawing, describe the specific embodiment of the present invention in detail.
Considering that separately QoS asks by certain changing the mechanism under the situation of QoS mechanism, form qos parameter, act on the relevant Executive Module of network, realize qos feature.Under the situation of considering security mechanism,, between QoS request and QoS Executive Module, need to increase a QoS correcting module in order to ensure the QoS performance not because of the execution of security mechanism changes.The QoS correcting module is according to received security request information, and necessary correction is carried out in request to QoS.
Fig. 1 shows the schematic diagram of the process of network QoS information being handled according to the system that is used to handle network service quality information of the embodiment of the invention.As shown in Figure 1, security mechanism mainly is deployed in terminal and above the security gateway.Security mechanism according to terminal and security gateway are triggered forms security request information, sends to the QoS correcting module.By the correction of QoS correcting module, make the QoS performance not change because of the variation of security mechanism.
Fig. 2 is used for handling the schematic diagram that the system of network service quality information implements at next generation network, i.e. the schematic diagram revised in conjunction with QoS of next generation network according to the embodiment of the invention.Wherein, the functional description of each functional module is as follows:
Network internet control function module (NACF) is used to provide the management of user access network and the multiple function that is configured based on the user characteristics clauses and subclauses.
Resource and permission control function module (RACF) are used to support diversified access and core network (for example, access network fixing and that move).
Service control module (SCF) is used for being the Media Stream request QoS resource of a given service and allowing control via the Rs reference point.
Transmit resource control module (TRC-FE) and be used for collecting and keeping the network information and state of resources information, handle the diversity of lower floor's tranmission techniques, provide resource-based permission to control the result who judges to tactful decision module (PD-FE).
Strategy decision module (PD-FE) is used for regard to Internet resources and allows control to make final decision.Here, the QoS correcting module is deployed on the PD-FE, be responsible for the decision of final strategy, the result that the resource-based permission that being based on NACF provides in information on services that the policing rule, SCF etc. of network provide, the access network transmission subscription information and TRC-FE provides is judged.In addition, PD-FE critical point in the control strategy Executive Module (PE-FE) on the basis of letter flow one by one.And PD-FE will be in relevant transmission network via the example of Rt reference point request TRC-FE, so that the QoS resource that on the path of Media Stream, detects and determine to be asked.
Policy enforcement module (PE-FE) is the gateway of a bag, is on the border and/or the border between CPE and the access network of different pieces of information packet network.PE-FE is at per user and carry out network strategy rule by the PD-FE indication one by one on the basis of IP letter flow.
Be that the reference point that connects between each module is described below:
Rs is the reference point that connects PD-FE and SCF.SCF submits the grade of QoS by Rs to PD-FE, and the parameter index of corresponding QoS grade (such as, delay, bandwidth and throughput) and needed network resource request information.The security parameter that has comprised corresponding qos requirement in the solicited message.
Ru is the reference point that connects NACF and PD-FE.The Ru reference point makes PD-FE to check that the transmission subscription information of user terminal (CPE) and logical port address are to institute's distributing IP with the NACF interaction.NACF sends the request that comprises the gateway security parameter by Ru to PD-FE.
Rt is the reference point that connects PD-FE and TRC-FE.PD-FE transmits revised QoS parameters by Rt to TRC-FE.Both interactions, the QoS resource that detects medium stream information and determine to be asked.
Rc is the reference point that connects TRC-FE and core net (CN), also is the reference point that connects TRC-FE and Access Network (AN).By Rc, TRC-FE can obtain the network topology structure and the resource state information of Access Network and core net.It is relevant with the transmitting function entity at network boundary or network internal.Rc can be connected with any entity with transmitting function according to needs, comprises PE-FE, TRE-FE etc., with the QoS information that obtains to be correlated with.
Rw is the reference point that connects PE-FE and PD-FE.The function of Rw is that the decision of PD-FE is passed to above the PE-FE by propelling movement or pulling mode.
T-U1 connects the reference point of user terminal to PE-FE, and the request that CPE sends to PE-FE by T-U1 comprises the security parameter of user terminal.
Fig. 2 is used for handling the schematic diagram that the system of network service quality information implements at next generation network according to the embodiment of the invention.In the Access Network module of Fig. 2, the interaction flow between each module is as follows:
CPE links to each other with PE-FE among the AN, by T-U1 security parameter is passed to PE-FE, and PE-FE passes to PD-FE by Rw with this security parameter then; NACF passes to PD-FE by Ru with security parameter; SCF passes to PD-FE by Rs with security parameter and qos parameter etc.; And PD-FE carries out QoS according to the security parameter that is imported into to qos parameter and revises, and the result passed to TRC-FE by Rt, and then pass to PE-FE by Rc, carries out negotiation result.
Fig. 3 (a) is the flow chart that transmits between the relevant reference point of security parameter to Fig. 3 (c), specifically describe as follows: Fig. 3 (a) has described the process of SCF to the request of PD-FE transmission secure resources, and SCF comprises security parameter etc. in the request that PD-FE sends in this process; Fig. 3 (b) has described the process of NACF to the request of PD-FE transmission secure resources, and NACF comprises security parameter etc. in the request that PD-FE sends in this process; Fig. 3 (c) has described the process of PE-FE to the request of PD-FE transmission secure resources, and PE-FE comprises security parameter etc. in the request that PD-FE sends in this process.
Fig. 4 is used for handling a kind of application scenarios schematic diagram of the system of network service quality information at next generation network according to the embodiment of the invention.In scene shown in Figure 4, the process of carrying out the QoS correction may further comprise the steps:
S402, CPE inserts NACF, i.e. accessing user terminal to network.
S404, NACF sends announcement to PD-FE, and the inside comprises security parameter and other information.
S406, CPE sends service request to SCF, includes the desired security parameter of user and other information.
S408, the SCF trigger event.Receive such as SCF, perhaps produce the signaling message of a service.SCF will determine or derive the parameter (such as bandwidth, the grade of service etc.) of qos requirement for the Media Stream of a given service.
S410, SCF sends resource to PD-FE and initiates solicited message, and information comprises the required security parameter of user and a RIR (reservation) who has Media Stream description and its qos parameter, is used for the mandate and the reservation of QoS resource.
S412, PD-FE take all factors into consideration QoS request and the safety requirements of receiving, consider the influence of safety to QoS, by the QoS correcting module, change the parameters of QoS.
S414, other negotiations processes.
S416 determines (Policy Decision) to satisfy the strategy of QoS and security request through the revised strategy of QoS.Receiving reservation (RIR) afterwards, PD-FE should authorize for the desired QoS resource of Media Stream.PD-FE will check: the QoS resource that this Media Stream requires, the network strategy rule that PD-FE held, and whether the transmission subscription information of holding among the NACF is consistent.
Fig. 5 is used for handling the another kind of application scenarios schematic diagram of the system of network service quality information at next generation network according to the embodiment of the invention.In scene shown in Figure 5, the process of carrying out the QoS correction may further comprise the steps:
S502, CPE inserts NACF, i.e. accessing user terminal to network.
S504, NACF sends announcement to PD-FE, and the inside includes the security parameter and other information of reaching of gateway.
S506, CPE directly send the transport layer negotiation result to PE-FE, and the inside comprises the desired security parameter of user.
S508, PE-FE send a resource announcement to PD-FE on one's own initiative.Comprise security parameter etc. in the announcement.
S510, PD-FE take all factors into consideration QoS request and the safety requirements of receiving, by the influence of QoS correcting module computationally secure to QoS, revise the parameters of QoS then.
S512, other negotiations processes.
S514 revises the strategy that QoS and security request are satisfied in back PD-FE decision through QoS.Receiving RIR (reservation) afterwards, PD-FE should authorize for the QoS resource that Media Stream requires.PD-FE will check: the desired QoS resource of this Media Stream, the network strategy rule that PD-FE held, and whether the transmission subscription information of holding among the NACF is consistent.
By the present invention, can quantize safety to the influence of QoS, thereby can avoid the network QoS performance to take place because of the situation that the increase of security mechanism declines to a great extent.In addition, the present invention revises on original QoS solution basis, disposes easily.
The above is embodiments of the invention only, is not limited to the present invention, and for a person skilled in the art, the present invention can have various changes and variation.Within the spirit and principles in the present invention all, any modification of being done, be equal to replacement, improvement etc., all should be included within the claim scope of the present invention.
Claims (10)
1. a system that is used to handle network service quality information is characterized in that, comprising:
Information receiving unit is used for from outside reception network service quality information and network safety information;
Information process unit is used for according to described network safety information, and described network service quality information is carried out correcting process, to guarantee network service quality satisfying under the condition of network security requirement.
2. system according to claim 1 is characterized in that, also comprises:
Information output unit is used for the network service quality information after the correcting process is outputed to the outside.
3. system according to claim 1 and 2 is characterized in that, described information receiving unit comprises:
First receiving element is used for receiving from the outside described network service quality information;
Second receiving element is used for receiving from the outside described network safety information.
4. system according to claim 3 is characterized in that, described first receiving element comprises one or more logic OR physical interfaces.
5. system according to claim 3 is characterized in that, described second receiving element comprises one or more logic OR physical interfaces.
6. system according to claim 5 is characterized in that, described network service quality information comprises one or more in the following information: QoS parameter, quality of service request, quality of service policy, relate to the signaling of service quality.
7. system according to claim 5 is characterized in that, described network safety information comprises one or more in the following information: security parameter, security request, security strategy, relate to safe signaling.
8. a method that is used to handle network service quality information is characterized in that, comprising:
Receive network service quality information and network safety information from the outside;
According to described network safety information, described network service quality information is carried out correcting process, to guarantee network service quality satisfying under the condition of network security requirement.
9. method according to claim 8 is characterized in that, described network service quality information comprises one or more in the following information: QoS parameter, quality of service request, quality of service policy, relate to the signaling of service quality.
10. method according to claim 8 is characterized in that, described network safety information comprises one or more in the following information: security parameter, security request, security strategy, relate to safe signaling.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008100831118A CN101237456A (en) | 2008-03-03 | 2008-03-03 | System and method for processing network service quality information |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008100831118A CN101237456A (en) | 2008-03-03 | 2008-03-03 | System and method for processing network service quality information |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101237456A true CN101237456A (en) | 2008-08-06 |
Family
ID=39920814
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2008100831118A Pending CN101237456A (en) | 2008-03-03 | 2008-03-03 | System and method for processing network service quality information |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101237456A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101854337B (en) * | 2009-04-03 | 2012-10-03 | 深圳大学 | System and method for optimizing and controlling network based on safety and service quality |
-
2008
- 2008-03-03 CN CNA2008100831118A patent/CN101237456A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101854337B (en) * | 2009-04-03 | 2012-10-03 | 深圳大学 | System and method for optimizing and controlling network based on safety and service quality |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10616934B2 (en) | User plane function selection for isolated network slice | |
| WO2018201630A1 (en) | Communication method and related apparatus | |
| WO2021018021A1 (en) | Charging method, charging system, and communication device | |
| CN107710812B (en) | User plane enhancement to support intra-bearer sub-flow QOS differentiation | |
| EP2802170B1 (en) | Method, system and device for service rate control | |
| CN110099370B (en) | Service layer southbound interface and quality of service | |
| JP4852044B2 (en) | Method for preemptively managing radio resources in a mobile communication network | |
| CN103404102B (en) | A kind of load creating method, device and system | |
| JP6907261B2 (en) | Improved priority handling for data flow transport in communication systems | |
| CN110063084A (en) | The method and device thereof of selection session and service modulus of continuity formula in a wireless communication system | |
| CN109314887A (en) | It is connected to the mobile core network of virtualization | |
| CN111357309A (en) | Method and computing device for performing data integrity protection | |
| WO2020034864A1 (en) | User plane security policy implementation method, apparatus, and system | |
| CN114531958A (en) | Method and apparatus for controlling data rate in wireless communication system | |
| CN112313996A (en) | Quality of service implementation in multi-hop data forwarding | |
| US10959130B2 (en) | Quality of service class indicator structure and corresponding controllers and control methods | |
| CN113938904A (en) | Data transmission method and device | |
| EP2904749A1 (en) | Network resource modification | |
| WO2024026028A2 (en) | Configuration and reporting for deterministic networks | |
| Hallahan et al. | Policies for public safety use of commercial wireless networks | |
| WO2013053376A1 (en) | A method of and apparatus for establishing bearer attributes | |
| CN105580425B (en) | Data connection for UE to 3GPP data access net provides the method and apparatus of on-demand QoS | |
| WO2023212175A2 (en) | Deterministic networks | |
| CN101237456A (en) | System and method for processing network service quality information | |
| CN107920029B (en) | Method and device for changing QoS of IP flow |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20080806 |