CN101453528B - System and method for implementing call authentication gateway - Google Patents
System and method for implementing call authentication gateway Download PDFInfo
- Publication number
- CN101453528B CN101453528B CN2007101714140A CN200710171414A CN101453528B CN 101453528 B CN101453528 B CN 101453528B CN 2007101714140 A CN2007101714140 A CN 2007101714140A CN 200710171414 A CN200710171414 A CN 200710171414A CN 101453528 B CN101453528 B CN 101453528B
- Authority
- CN
- China
- Prior art keywords
- signaling
- signaling message
- call
- message
- calling
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Telephonic Communication Services (AREA)
Abstract
The invention relates to a system and a method for realizing a call authentication gateway. The system consists of a plurality of signaling message detection and processing modules MPM which are connected with related No. 7 signaling links, and a local service management server LSMS, wherein the MPMs detect and process passed signaling messages and transmit related messages to the LSMS; the LSMS generates a black list with telephone numbers or number segments required for control according to a call authentication requirement, and synchronizes the black list in various MPMs; and the MPMs realize control processing of subsequent call according to the black list and service rules. The system and the method can be independently implemented without modifying the prior network equipment, avoid the problems of equipment upgrade and data modification of the prior net elements, and are flexible to control services and convenient to deploy. The system provides an effective means for telecom operators to implement call barring service and black and white list service.
Description
Technical field
The present invention relates to a kind of Control on Communication and information security technology, especially refer to realize the system and method for call authentication gateway.Specifically, do not needing to transform under the prerequisite of conventional network equipment, independent enforcement calling authorization, and reach the standard calling number, the illegal purpose of calling out of restriction in real time.
Background technology
Unimpeded for the communication that guarantees internetworking, need the standard calling number, limit unreasonable calling in real time.Unreasonable calling comprises the calling subscriber's authentication leak that utilizes internetworking gateway exchange GW, is the illegal calling of purpose and the calling that internetworking should not occur with swindle, harassing and wrecking, escape charging etc.
Control unreasonable calling,, and control such calling generally in GW configuration black and white lists function.This mode needs that multi-section GW must possess this function in the network, but because the restriction of early stage equipment black and white lists capacity, or GW does not possess this function, again because the multiple variation combination of unreasonable calling numbers of calling and called parties scope, these GW can not in time adapt to the demand that limits unreasonable calling, and the GW of many producers that upgrades brings again and has high input, risk height, enforcement and complicated operation.
The applicant is on October 15th, 2003 in the applying date, application number is for providing " at identification processing method and the device of Signaling System Number 7 chain circuit function layer to signaling data " in 200310107935.1 the application for a patent for invention, that is: between Signaling System Number 7 chain circuit function layer, introduce the signaling message content services device, for implementing specific transactions, this device coupling is serially connected in the Signaling System Number 7 link, only by this device, do not transform the user data and the signaling equipment of communication online operation switch, just can realize the new business of communication network, this device makes and realizes that based on the Signaling System Number 7 net similar call authentication gateway becomes possibility simultaneously.To the concrete system and method for realizing this business is one of content of always studying of the applicant.
Summary of the invention
The object of the present invention is to provide a kind of system and method for realizing call authentication gateway, can be independent of the existing communication network implementation, the switching node equipment of avoiding upgrading, the black and white lists function not only is provided, can also be to making logic determines, with the unreasonable calling of effective restriction according to call direction and call information combination.
A kind of system that realizes call authentication gateway provided by the present invention, the communication network that it is formed based on several signalling points that are connected in the Signaling System Number 7 net by signaling link, wherein: signalling point comprises Signalling Transfer Point, SGW and telephone exchange node, the telephone exchange node comprises tandem exchange, gateway exchange, soft switch center, media gateway, toll switch, gateway MSC, visiting mobile switching centre, Service Switching Point and local telephone network end office (EO), it is characterized in that: this system also comprises some signaling message detection and processing devices and a local service management server, wherein: described each signaling message detection and processing device is connected in the signaling link that the Signaling System Number 7 net needs signalling message data is detected processing, and link to each other with described local service management server, this device is respectively applied for the analysis signaling message, detect the call source of having listed black and white lists in the call identifying message in, carry out control operation the black and white lists number call; The business rule and the black and white lists that are used to carry out from the local service management server are revised order synchronously, to the local service management server state of reporting; Described local service management server links to each other with described each signaling message detection and processing device by data-interface, and the black and white lists that need are controlled is updated to each signaling message detection and processing device synchronously; Be used to finish the data loading of signaling message detection and processing device or check request; Be used to receive and detect the operating state of each signaling message detection and processing device; The instruction of executable operations person's system command or modification black and white lists.
System at above-mentioned realization call authentication gateway, it is characterized in that: the described signaling message detection and processing device that in each signaling link, connects, can lay respectively at the signaling link that is connected with described Signalling Transfer Point, the signaling link that is connected with described SGW and/or with signaling link that described telephone exchange node is connected on.
System at above-mentioned realization call authentication gateway, it is characterized in that: described each signaling message detection and processing device is to be connected the no signaling point code on the signaling link of operation discerned and handled by need to signaling message equipment in coupling serial connection mode, and this signaling message detection and processing device detects the signaling message of this device of flowing through.
System at above-mentioned realization call authentication gateway, it is characterized in that: described signaling message detection and processing device is an index with the number of the calling subscriber in the initial address message when carrying out the calling authorization operation, first inquiring calling white list tables of data, if the white list user then transmits this message; If be not the white list user, inquiring calling blacklist tables of data then when recognizing the calling subscriber for the black list user, changes the called address of this message and operates to realize interception according to the rule of system's setting; If this number not in the blacklist then transmits this message.
System at above-mentioned realization call authentication gateway is characterized in that: described signaling message detection and processing device is a separate equipment, or is integrated in the telecommunication apparatus, or attached companion's formula equipment of making telecommunication apparatus.
The present invention also provides a kind of method that realizes call authentication gateway, it is characterized in that comprising the following steps: one) system is provided with some signaling message detection and processing devices, is serially connected with the relevant signaling link that needs calling authorization with no signaling point code working method; Two) system enters operating state: the first step: the signaling message in detect transmitting, recognize the signaling message type when being call, and then enter the calling authorization analysis and processing program in second step, otherwise transmit this signaling message; Second step: detect the heading code of this signaling message, if not initial address message then transmits this signaling message; If initial address message then extracts calling number, with the calling number search index black and white lists tables of data, divide 3 kinds of situations to handle set by step: 1), then to transmit this signaling message if number is a number in the white list; 2) if this number not in the blacklist then transmits this signaling message; 3) if number is a number in the blacklist, enter the call blocking operation sequence.
In above-mentioned a kind of method that realizes call authentication gateway, it is characterized in that, described call blocking operation sequence, revise called address, insert improper call identification prefix before called address, this sign prefix is a non-existent address prefix, or directly to revise called address be non-existent number, transmit amended message, stop this calling by network.
Adopted above-mentioned technical scheme to realize the system of calling authorization, system is made of some signaling message detection and processing device MPM and local service management server LSMS that are connected in relevant Signaling System Number 7 link.MPM detects processing to the signaling message of flowing through, and MPM collects LSMS with related news; LSMS is according to the calling authorization demand, and telephone number or number segment generation blacklist that need are controlled are synchronized to each MPM, and MPM realizes the control and treatment of subsequent calls according to black and white lists and business rule.The present invention can not transform conventional network equipment and independent enforcement, has avoided device upgrade and data modification problem to existing network element, professional control flexibly, and it is convenient to dispose.This system implements call blocking for telecom operators and the black and white lists business provides effective means.
Description of drawings
Fig. 1 is the system group network schematic diagram of call authentication gateway of the present invention;
Fig. 2 is one of networking mode example of the present invention: signaling message detection and processing device (MPM) inserts on tandem exchange (MS) or soft switch (SS) and signaling link that signaling network is connected;
Fig. 3 is two of a networking mode example of the present invention: signaling message detection and processing device (MPM) inserts on gateway exchange (GW) or toll switch (TS) and signaling link that signaling network is connected;
Fig. 4 is that the operation flow of call authentication gateway realizes schematic diagram.
Embodiment
Fig. 1 is the system group network schematic diagram of call authentication gateway, form by several mobile switching centres (MSC), soft switch (SS), tandem exchange (MS), gateway exchange (GW), local telephone network end office (EO) (LS) or the toll switch institutes such as (TS) that are connected on the Signaling System Number 7 net 3, this system also comprises some signaling message detection and processing devices (MPM) 1-and local service management server (LSMS) 2, wherein:
Each MPM is connected in the Signaling System Number 7 link that MSC/MS/SS/GW/TS is connected with signaling network, and link to each other with LSMS, MPM is used to analyze signaling message, detects the call source of having listed black and white lists in the call identifying message in, carries out the control operation to the black and white lists number call; The business rule and the black and white lists that are used to carry out from LSMS are revised order synchronously, to the LSMS state of reporting.
LSMS links to each other with described each MPM by data-interface, and the black and white lists that need are controlled is updated to each MPM synchronously; Finish the data of MPM and load or check request; Be used to receive and detect the operating state of each MPM; The instruction of executable operations person's system command or modification black and white lists.
Each MPM inserts the signaling link that detects processing in need in coupling serial connection mode.MPM equipment can adopt the applicant the applying date on October 15th, 2003, application number provide in for 200310107935.1 application for a patent for invention " at identification processing method and the device of Signaling System Number 7 chain circuit function layer to signaling data.”
MPM can be a separate equipment, also can be integrated in the telecommunication apparatus, also can attachedly make companion's formula equipment of telecommunication apparatus.MPM in the system adopts the biplane construction networking with the signaling network unanimity, and the load sharing mode is worked.
One of networking mode example: as shown in Figure 2: MPM inserts on tandem exchange (MS) or soft switch (SS) and signaling link that signaling network is connected,, realizes detecting and processing during through MPM at message flow.This kind networking is applicable to that fixed network is used for realizing calling authorization and control.
Fig. 3 is two of a networking mode example of the present invention:;
Two of networking mode example: as shown in Figure 3: MPM inserts on gateway exchange (GW) or toll switch (TS) and signaling link that signaling network is connected,, realizes detecting and processing during through MPM at message flow.This kind networking is applicable to and realizes calling authorization and control between net.
In actual applications, can adopt a kind of of aforesaid way or combination, but be not limited to the described networking method of attachment of embodiment.
Fig. 4 is that the operation flow of call authentication gateway realizes schematic diagram.The analyzing and processing step is as follows:
At first dispose the call authentication gateway system, MPM is serially connected with the relevant signaling link that needs calling authorization with no signaling point code working method.System enters operating state:
The first step: the signaling message in detect transmitting, recognize the signaling message type when being call, then enter the calling authorization analysis and processing program in second step, otherwise transmit this signaling message;
Second step: detect the heading code of this signaling message, if not initial address message then transmits this signaling message; If initial address message then extracts calling number, with the calling number search index black and white lists tables of data, divide 3 kinds of situations to handle:
1) if number is a number in the white list, then transmits this signaling message;
2) if this number not in the blacklist then transmits this signaling message;
3) if number is a number in the blacklist, then implement the call blocking operation: revise called address, before called address, insert improper call identification prefix, this sign prefix is a non-existent address prefix, or directly to revise called address be non-existent number, transmit amended message, stop this calling by network.
Claims (7)
1. system that realizes call authentication gateway, the communication network that it is formed based on several signalling points that are connected in the Signaling System Number 7 net by signaling link, wherein: signalling point comprises Signalling Transfer Point, SGW and telephone exchange node, the telephone exchange node comprises tandem exchange, gateway exchange, soft switch center, media gateway, toll switch, gateway MSC, visiting mobile switching centre, Service Switching Point and local telephone network end office (EO), it is characterized in that: this system also comprises some signaling message detection and processing devices and a local service management server, wherein:
Described each signaling message detection and processing device is connected in the signaling link that the Signaling System Number 7 net needs signalling message data is detected processing, and link to each other with described local service management server, this device is respectively applied for the analysis signaling message, detect the call source of having listed black and white lists in the call identifying message in, carry out control operation the black and white lists number call; The business rule and the black and white lists that are used to carry out from the local service management server are revised order synchronously, to the local service management server state of reporting;
Described local service management server links to each other with described each signaling message detection and processing device by data-interface, and the black and white lists that need are controlled is updated to each signaling message detection and processing device synchronously; Be used to finish the data loading of signaling message detection and processing device or check request: the operating state that is used to receive and detect each signaling message detection and processing device; The instruction of executable operations person's system command or modification black and white lists.
2. the system of realization call authentication gateway according to claim 1, it is characterized in that: the described signaling message detection and processing device that in each signaling link, connects, can lay respectively at the signaling link that is connected with described Signalling Transfer Point, the signaling link that is connected with described SGW and/or with signaling link that described telephone exchange node is connected on.
3. the system of realization call authentication gateway according to claim 1 and 2, it is characterized in that: described each signaling message detection and processing device is to be connected the no signaling point code on the signaling link of operation discerned and handled by need to signaling message equipment in coupling serial connection mode, and this signaling message detection and processing device detects the signaling message of this device of flowing through.
4. the system of realization call authentication gateway according to claim 1 and 2, it is characterized in that: described signaling message detection and processing device is when carrying out the calling authorization operation, number with the calling subscriber in the initial address message is an index, elder generation's inquiring calling white list tables of data, if the white list user then transmits this message; If be not the white list user, inquiring calling blacklist tables of data then when recognizing the calling subscriber for the black list user, changes the called address of this message and operates to realize interception according to the rule of system's setting; If this number not in the blacklist then transmits this message.
5. the system of realization call authentication gateway according to claim 1 and 2 is characterized in that: described signaling message detection and processing device is a separate equipment, or is integrated in the telecommunication apparatus, or attached companion's formula equipment of making telecommunication apparatus.
6. a method that realizes call authentication gateway is characterized in that: comprise the following steps:
One) system is provided with some signaling message detection and processing devices, is serially connected with the relevant signaling link that needs calling authorization with no signaling point code working method;
Two) system enters operating state:
The first step: the signaling message in detect transmitting, recognize the signaling message type when being call, then enter the calling authorization analysis and processing program in second step, otherwise transmit this signaling message;
Second step: detect the heading code of this signaling message, if not initial address message then transmits this signaling message; If initial address message then extracts calling number, with the calling number search index black and white lists tables of data, divide 3 kinds of situations to handle set by step:
1) if number is a number in the white list, then transmits this signaling message;
2) if this number not in the blacklist then transmits this signaling message;
3) if number is a number in the blacklist, enter the call blocking operation sequence.
7. a kind of method that realizes call authentication gateway according to claim 6, it is characterized in that, described call blocking operation sequence, revise called address, insert improper call identification prefix before called address, this sign prefix is a non-existent address prefix, or directly to revise called address be non-existent number, transmit amended message, stop this calling by network.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101714140A CN101453528B (en) | 2007-11-30 | 2007-11-30 | System and method for implementing call authentication gateway |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101714140A CN101453528B (en) | 2007-11-30 | 2007-11-30 | System and method for implementing call authentication gateway |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101453528A CN101453528A (en) | 2009-06-10 |
| CN101453528B true CN101453528B (en) | 2010-12-15 |
Family
ID=40735539
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2007101714140A Expired - Fee Related CN101453528B (en) | 2007-11-30 | 2007-11-30 | System and method for implementing call authentication gateway |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101453528B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101777995A (en) * | 2009-12-16 | 2010-07-14 | 中兴通讯股份有限公司 | Working state maintenance method and system of network elements |
| CN101888386A (en) * | 2010-07-14 | 2010-11-17 | 上海永为信息科技有限公司 | Firewall device for No.7 signaling network |
| CN102932316A (en) * | 2011-08-08 | 2013-02-13 | 上海粱江通信技术有限公司 | Signaling firewall system and implementation method |
| CN103188675B (en) * | 2011-12-29 | 2017-11-21 | 上海粱江通信系统股份有限公司 | A kind of processing method for the calling that is delayed |
| CN109740328B (en) * | 2019-01-08 | 2021-07-02 | 广州虎牙信息科技有限公司 | Authority identification method and device, computer equipment and storage medium |
| CN117857223B (en) * | 2024-03-07 | 2024-05-28 | 四川天邑康和通信股份有限公司 | Method, device, equipment and medium for realizing black-and-white list based on FTTR master-slave management |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1553722A (en) * | 2003-06-08 | 2004-12-08 | ��Ϊ��������˾ | Method for managing blacklist user |
| CN1582038A (en) * | 2003-08-15 | 2005-02-16 | 中兴通讯股份有限公司 | System and method for intelligent monitoring message center |
| CN1607789A (en) * | 2003-10-15 | 2005-04-20 | 上海粱江通信软件有限公司 | Signaling data identifying and processing method in signaling 7 link functional layer and equipment thereof |
-
2007
- 2007-11-30 CN CN2007101714140A patent/CN101453528B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1553722A (en) * | 2003-06-08 | 2004-12-08 | ��Ϊ��������˾ | Method for managing blacklist user |
| CN1582038A (en) * | 2003-08-15 | 2005-02-16 | 中兴通讯股份有限公司 | System and method for intelligent monitoring message center |
| CN1607789A (en) * | 2003-10-15 | 2005-04-20 | 上海粱江通信软件有限公司 | Signaling data identifying and processing method in signaling 7 link functional layer and equipment thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101453528A (en) | 2009-06-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101453528B (en) | System and method for implementing call authentication gateway | |
| US6195416B1 (en) | Method to trap a called number in a telecommunications network | |
| CN101453520A (en) | System and method for detecting and blocking disturbance call | |
| NO981333D0 (en) | Mobile communication system, as well as the procedure for establishing a data call | |
| JP2002513534A (en) | Signaling network gateway device and its use in signaling networks | |
| FI100083B (en) | The terminal | |
| CN101453522A (en) | Method for non-standardized dialing service monitoring between networks | |
| CN102438243A (en) | Method for identifying harassing phone call by analyzing frequency of phone call | |
| CN101472281A (en) | Device concatenated in signaling link for implementing call limitation | |
| CN101764892A (en) | System for detection and interception of harassing call | |
| CN101335788B (en) | System and method for detecting and limiting line resource occupation by calling back | |
| CN101764899A (en) | Method for realizing call authentication gateway | |
| US6181936B1 (en) | System and method for accessing mobile networks | |
| US6044141A (en) | Method and system for providing virtual agents for telephony services | |
| CN101277458A (en) | Control method for network across long-distance call | |
| CN101771536A (en) | Method for realizing calling authentication gateway | |
| CN101080042B (en) | A method for realizing closed group service | |
| CN103188675B (en) | A kind of processing method for the calling that is delayed | |
| CN101056471B (en) | Special network card implementation device and method | |
| JP2763082B2 (en) | Centralized management system for prepaid card balance and remaining credit | |
| CN100539619C (en) | A kind of system and method for realizing communication net bit number ascending | |
| CN1333557C (en) | A method for implementing call control | |
| CN101472244A (en) | Rubbish short message interception system implemented in signaling link layer | |
| CN102546969A (en) | System and method for resending short message in communication network | |
| JP2002133244A (en) | Communications services offering method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20101215 Termination date: 20171130 |