CN101345997A - Method for providing network service - Google Patents
Method for providing network service Download PDFInfo
- Publication number
- CN101345997A CN101345997A CNA2007101374628A CN200710137462A CN101345997A CN 101345997 A CN101345997 A CN 101345997A CN A2007101374628 A CNA2007101374628 A CN A2007101374628A CN 200710137462 A CN200710137462 A CN 200710137462A CN 101345997 A CN101345997 A CN 101345997A
- Authority
- CN
- China
- Prior art keywords
- user
- mobile
- authentication
- foreign agent
- msid
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention provides a network service method, which comprises the following steps: 1, a foreign agent (FA) receives an user access request; 2, the FA sends an authentication request message to the home authentication, authorization and charging server of the user; 3, the home authentication, authorization and charging server searches for the user information according to the authentication request message, acquires the user indicating information MSID, and sends the MSID to the FA by a authentication request responding message; 4, the FA adds the MSID into mobile IP login request, and forwards the mobile IP login request message to home agent (HA); 5, the HA sends mobile IP login responding message, and provides mobile IP data service to the user. The invention enables the FA to acquires user MSID information and send it to the FA while the user terminal can not provide the self MSID information, consequently improves the flexibility for user access.
Description
Technical field
The invention belongs to communication field, relate in particular to the method that mobile IP user inserts.
Background technology
Traditional IP technology is at intercoming mutually between the stationary nodes, is not suitable for mobile node.Therefore the network work group of IETF (the Internet engineering duty group) has proposed the RFC2002 standard in October, 1996, has wherein set forth principle, realization and the various detailed problem of mobile IP in more detail.Say that simply mobile IP can allow mobile node not disconnect connection when moving, and correct transceive data bag.
Mobile IP technology connects unbroken possibility for the user provides the across a network data service.When the user roams out ownership place,, can continue the service of using home network to provide if adopt the access way of mobile IP.At this moment, the user at first is connected to Foreign Agent, carries out the mobile IP registration information interaction by Foreign Agent and home agent, realizes user's access.
When the user adopted the mode access network of MIP (Mobile IP, mobile IP), HA (Home Agent, home agent) gave user's home address assignment when the user inserts.When the user carried out the data service process, the data that home agent will mail to user terminal were routed to FA (Foreign Agent, Foreign Agent), are transmitted to user terminal by Foreign Agent.The data forwarding that Foreign Agent can directly send user terminal is to the internet, also can be with the data forwarding of user terminal to home agent, by home agent the data of user terminal are sent to the internet.Thus, external agency cooperates the common user data service service that realizes with home agent.
When Foreign Agent was received user's MIP RRQ (Moile IP Registration Request, mobile IP login request), Foreign Agent need send to relevant information ownership authentication, mandate and accounting server, to realize authentication and the mandate to the user.When home agent is received the mobile IP login request that Foreign Agent transmits, can carry out authentication once more, think that the user provides the service of legal and required mobile IP the user.
Can carry some expansions in the register requirement of mobile IP, to realize carrying at the particular operator information needed.As at CDMA (Code Division Multiple Access, code division multiple access) operator, can pass through NVSE (Normal Vendor Specific Extension, regular operator's particular extension) expansion and carry information such as the required DNS of user (Domain Name Server) IP address.
In the prior art, the PDSN of cdma system (Packet Data Service Node, packet data serving node) receives user's MSID (Mobile Station Identifier from user terminal, user ID), and by the expansion in the MIP register requirement, bring home agent HA with MSID, HA can come to be user's distributing IP address according to this MSID.
In the practical business process, the user possibly can't provide MSID information in access procedure.In access procedure, adopt the mode of usemame/password to insert as the user, wherein user name can be used NAI (Network Access Identifier, network access Identifier).The present invention is this situation of solution and proposes a kind of network service method.
Simultaneously, the invention provides Foreign Agent under the situation to the MSID that does not carry the user in the message of Foreign Agent, home agent obtains the another kind of method of user MSID.
Summary of the invention
Technical problem to be solved by this invention provides a kind of network service method, to solve under mobile IP access situation, the MSID of self can't be provided when user terminal, and the Foreign Agent MSID information of not carrying the user is when giving home agent, and how home agent obtains the problem of user's MSID.
The user may directly be linked into access server, if this moment, the user adopted the mode of mobile IP to insert, access server will be born the function of Foreign Agent.In such cases, access server possibly can't obtain user's MSID information, for user's MSID information being sent to home agent, the invention provides a kind of realization network service method:
Step 1: Foreign Agent is received the access request of user terminal;
Step 2: Foreign Agent sends ownership authentication from authentication request message to user, mandate and accounting server, and request is carried out authentication and mandate to the user;
Step 3: ownership authentication, mandate and accounting server are searched user's information according to the message that Foreign Agent sends, and user's MSID information is sent to Foreign Agent by the authentication request response message;
Step 4: Foreign Agent is increased to user's MSID information in the mobile IP login request message, and login request message is transmitted to home agent;
Step 5: home agent response mobile IP registration response message, for the user provides the mobile IP data service.
Further, the user terminal that Foreign Agent is received in the step 1 inserts request and is mobile IP login request.
Further, Foreign Agent sends to ownership authentication, mandate and accounting server and belongs to the authentication request response message that authentication, mandate and accounting server send to Foreign Agent in authentication request message and the step 3 and transmit by acting on behalf of authentication, mandate and accounting server in the step 2.
Further, Foreign Agent sends the network access Identifier NAI that comprises the user in the authentication request message to ownership authentication, mandate and accounting server in the step 2, or the subscriber terminal equipment identification information.
Further, Foreign Agent can for the user produces mobile IP login request, be realized the function of proxy-mobile IP according to the access request of user terminal in the step 4.
Further, in the step 4, Foreign Agent is increased in the mobile IP login request by the MSID information of NVSE expansion with the user.
Further, comprise further after the step 4 that Foreign Agent distributes home IP address according to user's MSID information for the user.
In the above implementation, Foreign Agent is directly given home agent with user's MSID information by the mobile IP login request expansion bands.Because Foreign Agent is when transmitting mobile IP login request message to home agent, need to ownership authentication, mandate and accounting server authentication, can consider for subscription authentication the time, to distribute a user's access to identify (if can unique identification user access ID number) by ownership authentication, mandate and accounting server, Foreign Agent sends to home agent with this sign, when home agent carries out once more authentication the ground user, this sign is issued authentication, mandate and accounting server, identify the MSID that obtains the user by this.To achieve these goals, the invention provides another kind of network service method:
Step 1: Foreign Agent receives the access request of user terminal;
Step 2: Foreign Agent sends authentication request message to authentication, mandate and the accounting server of user attaching, and request is carried out authentication and mandate to the user;
Step 3: ownership authentication, mandate and accounting server are searched user's information according to the message that Foreign Agent sends, and for the user distributes one to insert ID number, and this is inserted ID number send to Foreign Agent by the authentication request response message;
Step 4: the access ID information that Foreign Agent will be received is increased in the mobile IP login request message, and mobile IP login request is transmitted to home agent;
Step 5: home agent sends authentication request message to ownership authentication, mandate and accounting server, band user's access ID information in the message, ownership authentication, mandate and accounting server insert the corresponding user who inserts ID number by this, send the authentication request response message to home agent;
Step 6: home agent response mobile IP registration response message, for the user provides the mobile IP data service.
Further, the user terminal that Foreign Agent is received in the step 1 inserts request and is mobile IP login request.
Further, Foreign Agent can for the user produces mobile IP login request, be realized the function of proxy-mobile IP according to the access request of user terminal in the step 1.
Further, Foreign Agent sends to ownership authentication, mandate and accounting server and belongs to the authentication request response message that authentication, mandate and accounting server send to Foreign Agent in authentication request message and the step 3 and transmit by acting on behalf of authentication, mandate and accounting server in the step 2.
Further, Foreign Agent sends the NAI that comprises the user in the authentication request message to ownership authentication, mandate and accounting server in the step 2, or the subscriber terminal equipment identification information.
Further, comprise in the step 5 that home agent is user's distributing IP address according to access ID number of the user.
Further, comprise in the step 5 that ownership authentication, mandate and accounting server send the MSID information that the authentication request response message comprises the user to home agent.
Further, comprise in the step 5 that Foreign Agent distributes home IP address according to the user MSID information that obtains from ownership authentication, mandate and accounting server for the user.
Home agent obtains user's MSID information, can realize that a plurality of users adopt the demand of identical NAI online.Adopt identical NAI to carry out network insertion as one family or group user, at this moment everybody can adopt identical NAI to insert, but can realize differentiation to each user at home agent.
Method provided by the invention, the system that solved is when user terminal can't provide the MSID information of self, and how Foreign Agent obtains user's MSID information and sends to home agent.For in this case, home agent provides by the MSID identifying user may.
The present invention provides another kind of network service method simultaneously, in the method, it is not user MSID information that Foreign Agent is given home agent information, but a user's access sign, home agent can insert MSID information or the identifying user that sign obtains the user by this.This method provides another kind of home agent to obtain the method for user MSID.
Description of drawings
Fig. 1 is user's network structure when adopting mobile IP to insert;
Fig. 2 is the flow chart of the network service that realizes of the present invention;
Fig. 3 is another flow chart of the network service that realizes of the present invention.
Embodiment
Be described in detail further combined with the enforcement of accompanying drawing below technical scheme.
Fig. 1 network structure when mobile IP inserts for the user adopts, wherein:
Foreign agent functionality when access server/Foreign Agent 12 can be the user and provides the user to move IP to insert can not have access and the management function that proxy-mobile IP is provided for the user under the situation of MIP function at user terminal yet.
Authentication, mandate and accounting server (aaa server) 13 storing subscriber information are for user terminal provides authentication, authorization service; Also can be the user billing function is provided.
Below describe respectively at two kinds of methods that realize that home agents obtain the MSID information.
Fig. 2 is the flow chart of the network service that realizes of the present invention.In the present embodiment, provide a kind of solution user directly to adopt the usemame/password access network, home agent obtains the method for user ID MSID.Concrete steps are as follows:
Step 21: Foreign Agent receives user's access request MIR rrq message, comprises user's network access Identifier NAI in the message;
Step 22: Foreign Agent sends ownership authentication from authentication request message to user, mandate and accounting server, and request is carried out authentication and mandate to the user;
Step 23: ownership authentication, mandate and accounting server are searched user's information according to the message that Foreign Agent sends, and obtain user's MSID, and user's MSID information is sent to Foreign Agent by the authentication request response message;
Step 24: Foreign Agent is increased in the MIP rrq message by the MSID information of NVSE expansion with the user, and MIP RRQ is transmitted to home agent;
Step 25: home agent distributes home IP address according to user's MSID for the user, and MIP RRP message is passed through to send to Foreign Agent in this IP address;
Step 26: Foreign Agent is transmitted MIP RRP message and is given terminal, and the user begins to carry out the MIP data service.
In step 23, ownership authentication, mandate and accounting server are searched user profile according to the user terminal identification information in the message of Foreign Agent transmission.
In some cases, the fail safe between Foreign Agent and the home agent can not guarantee.At this time, also wish not transmit between Foreign Agent and the home agent MSID information.Fig. 3 of the present invention just provides the solution of home agent acquisition MSID in this case.
In the present embodiment, the user that the authentication of user attaching, mandate and accounting server insert for request distributes one to insert ID number, transmits user profile with this between Foreign Agent and home agent.Concrete steps are as follows:
Step 31: Foreign Agent receives user's access request MIP rrq message;
Step 32: Foreign Agent sends ownership authentication from authentication request message to user, mandate and accounting server, and request is carried out authentication and mandate to the user;
Step 33: ownership authentication, mandate and accounting server are searched user's information according to the message that Foreign Agent sends, and for the user distributes one to insert ID number, and this is inserted ID number send to Foreign Agent by the authentication request response message;
Step 34: Foreign Agent will insert ID information and be increased in the MIP rrq message, and MIP RRQ is transmitted to home agent;
Step 35: home agent sends authentication request message to ownership authentication, mandate and accounting server, band user's access ID information in the message;
Step 36: ownership authentication, mandate and accounting server insert the corresponding user who inserts ID number by this, send the authentication request response message to home agent, comprise user's MSID information in the message;
Step 37: home agent distributes home IP address according to user's MSID for the user, and MIP RRP message is passed through to send to Foreign Agent in this IP address;
Step 38: Foreign Agent is transmitted MIP RRP message and is given terminal, and the user begins to carry out the MIP data service.
Certainly; the present invention also can have other various embodiments; under the situation that does not deviate from spirit of the present invention and essence thereof; being familiar with those of ordinary skill in the art ought can make various corresponding changes and distortion according to the present invention, but these corresponding changes and distortion all should belong to the protection range of the appended claim of the present invention.
Claims (13)
1. method of providing services on the Internet may further comprise the steps:
The S01 foreign agent FA receives user's access request;
The described Foreign Agent of S02 sends ownership authentication from authentication request message to described user, mandate and accounting server;
The described ownership authentication of S03, mandate and accounting server are searched user's information according to described authentication request message, obtain described user's identification information MSID, and described MSID is sent to described Foreign Agent by the authentication request response message;
The described Foreign Agent of S04 is increased to described MSID in the mobile IP login request, and described mobile IP login request message is transmitted to home agent HA;
The described home agent of S05 sends the mobile IP registration response message, for described user provides the mobile IP data service.
2. according to the described method of providing services on the Internet of claim 1, it is characterized in that the access request that the described Foreign Agent among the step S01 is received is a mobile IP login request message.
3. according to the described method of providing services on the Internet of claim 1, it is characterized in that, among the step S03, described ownership authentication, mandate and accounting server are according to the network access Identifier NAI of the user in the described authentication request message, or the subscriber terminal equipment identification information is searched described user's information.
4. according to the described method of providing services on the Internet of claim 1, it is characterized in that Foreign Agent described in the step S04 for described user produces mobile IP login request, is realized the function of proxy-mobile IP according to the access request of described user terminal.
5. according to the described method of providing services on the Internet of claim 1, it is characterized in that, among the step S04, described Foreign Agent is to transmit by the regular particular extension NVSE of operator is increased to described MSID in the described mobile IP login request message and to described home agent.
6. according to claim 1, any one the described method among 2,3,4 or 5 is characterized in that among the step S05, described home agent is that described user distributes home IP address according to described user's MSID information.
7. method of providing services on the Internet may further comprise the steps:
The S11 foreign agent FA receives user's access request;
The described Foreign Agent of S12 sends ownership authentication from authentication request message to described user, mandate and accounting server;
The described ownership authentication of S13, mandate and accounting server are searched user's information according to described authentication request message, for described user distributes an access sign, and described access sign are sent to described Foreign Agent by the authentication request response message;
The described Foreign Agent of S14 is increased to described access sign in the mobile IP login request, and described mobile IP login request is transmitted to described home agent HA;
The described home agent of S15 carries described access sign and sends authentication request to authentication, mandate and accounting server, and described authentication, mandate and accounting server are replied to the transmission authentication request of described home agent by the corresponding user of described access ID correspondence.
The described home agent of S16 sends the mobile IP registration response message, for described user provides the mobile IP data service.
8. the method for providing services on the Internet according to claim 7 is characterized in that, the access request that the described Foreign Agent among the step S11 is received is a mobile IP login request message.
9. according to the described method of providing services on the Internet of claim 7, it is characterized in that, among the step S13, described ownership authentication, mandate and accounting server are according to the network access Identifier NAI of the user in the described authentication request message, or the subscriber terminal equipment identification information is searched described user's information.
10. the method for providing services on the Internet according to claim 7 is characterized in that, Foreign Agent described in the step S14 for described user produces mobile IP login request, is realized the function of proxy-mobile IP according to the access request of described user terminal.
11., it is characterized in that the described ownership authentication of step S15, mandate and accounting server send the MSID information that the authentication request response message comprises the user for described home agent according to the described method of providing services on the Internet of claim 7.
12., it is characterized in that home agent distributed home IP address according to access ID number of described user for described user under step S16 comprised according to the described method of providing services on the Internet of claim 7.
13., it is characterized in that home agent was that described user distributes home IP address according to described user's MSID under step S16 comprised according to the described method of providing services on the Internet of claim 11.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2007101374628A CN101345997B (en) | 2007-07-12 | 2007-07-12 | Method for providing network service |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2007101374628A CN101345997B (en) | 2007-07-12 | 2007-07-12 | Method for providing network service |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101345997A true CN101345997A (en) | 2009-01-14 |
CN101345997B CN101345997B (en) | 2011-08-10 |
Family
ID=40247857
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2007101374628A Expired - Fee Related CN101345997B (en) | 2007-07-12 | 2007-07-12 | Method for providing network service |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101345997B (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2009129730A1 (en) * | 2008-04-25 | 2009-10-29 | 华为技术有限公司 | Method, device and system for registering in universal service interface system |
CN102026158B (en) * | 2009-09-11 | 2013-10-02 | 华为技术有限公司 | Method and device for obtaining user subscription information |
CN102045702B (en) * | 2009-10-12 | 2013-11-06 | 华为技术有限公司 | Method and device for configuring terminal |
CN104283861A (en) * | 2013-07-10 | 2015-01-14 | 中国移动通信集团公司 | Network access method, device and system for routing equipment in vehicle networking system |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7457289B2 (en) * | 2002-12-16 | 2008-11-25 | Cisco Technology, Inc. | Inter-proxy communication protocol for mobile IP |
KR100513863B1 (en) * | 2003-04-29 | 2005-09-09 | 삼성전자주식회사 | Wireless Local Area Network making a mobility of host possible and a method operating thereof |
DE102006008745A1 (en) * | 2005-11-04 | 2007-05-10 | Siemens Ag | Method and server for providing a mobility key |
-
2007
- 2007-07-12 CN CN2007101374628A patent/CN101345997B/en not_active Expired - Fee Related
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2009129730A1 (en) * | 2008-04-25 | 2009-10-29 | 华为技术有限公司 | Method, device and system for registering in universal service interface system |
US8706107B2 (en) | 2008-04-25 | 2014-04-22 | Huawei Technologies Co., Ltd. | Method, apparatus and system for registering in universal service interface system |
CN102026158B (en) * | 2009-09-11 | 2013-10-02 | 华为技术有限公司 | Method and device for obtaining user subscription information |
CN102045702B (en) * | 2009-10-12 | 2013-11-06 | 华为技术有限公司 | Method and device for configuring terminal |
CN104283861A (en) * | 2013-07-10 | 2015-01-14 | 中国移动通信集团公司 | Network access method, device and system for routing equipment in vehicle networking system |
CN104283861B (en) * | 2013-07-10 | 2018-09-25 | 中国移动通信集团公司 | The method, apparatus and system of routing device access network in car networking system |
Also Published As
Publication number | Publication date |
---|---|
CN101345997B (en) | 2011-08-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1166497B1 (en) | Mobile internet access | |
CN1186960C (en) | Mobile Internet access | |
FI110299B (en) | Changing a subscriber's first identifier to a second identifier | |
CN1813457B (en) | Apparatus and method for a single sign-on authentication through a non-trusted access network | |
US8493944B2 (en) | Terminal position managing server, access point, and call control server | |
EP1986447A1 (en) | Method and system for sending short message, and group main switchboard | |
CN103368949A (en) | A method of configuring a communication device | |
US7215943B2 (en) | Mobile terminal identity protection through home location register modification | |
CN102685712A (en) | Mapping server in identity position separating network and implementation method thereof | |
CN1968090B (en) | Method and system for obtaining user terminal authentication information by data service center | |
CN101345997B (en) | Method for providing network service | |
CN100405781C (en) | Method and system for providing network services | |
CN101160786B (en) | Method, system and apparatus for relating the information associated with user in NASS | |
CN101159924B (en) | Method and device for providing user information | |
CN101257707A (en) | Routing method when mobile terminal activating service in wireless network | |
EP1281269A2 (en) | Method of charging for resource usage in a gprs network | |
CN100563159C (en) | Generic authentication system and visit the method that Network in this system is used | |
CN101507251A (en) | Method for forwarding emergency messages from a terminal in a communication network | |
CN101009611A (en) | A method for terminal access to different service networks | |
CN101635956B (en) | Communication method and gateway apparatus | |
CN101489100A (en) | Method and system for implementing mobile phone television service roaming | |
CN100484057C (en) | A method for transmitting service data to WLAN user | |
CN100426934C (en) | Method, system and network element for obtaining GGSN address of user ascription area | |
JP5343796B2 (en) | Authentication apparatus, femtocell system, and accounting method used therefor | |
CN101779482B (en) | New diameter signaling for mobile ipv4 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20110810 Termination date: 20190712 |