CN102158477A - Communication system and information interaction method - Google Patents
Communication system and information interaction method Download PDFInfo
- Publication number
- CN102158477A CN102158477A CN2011100454570A CN201110045457A CN102158477A CN 102158477 A CN102158477 A CN 102158477A CN 2011100454570 A CN2011100454570 A CN 2011100454570A CN 201110045457 A CN201110045457 A CN 201110045457A CN 102158477 A CN102158477 A CN 102158477A
- Authority
- CN
- China
- Prior art keywords
- server
- network
- information
- receiving equipment
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/1066—Session management
- H04L65/1073—Registration or de-registration
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Multimedia (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a communication system and an information interaction method. The communication system comprises transmission equipment, receiving equipment, an identifier (ID) server or ID network and a conventional communication network. The method comprises the following steps that: the receiving equipment registers a logical equipment identifier and an equipment address to the ID server or ID network; the transmission equipment obtains the equipment address of the receiving equipment from the ID server or ID network; the transmission equipment transmits information to the conventional communication network; the conventional communication network transmits the information to the receiving equipment; and the receiving equipment receives the information. By the communication system and the information interaction method, application layer development and maintenance cost is reduced, and the deep development of communication application is promoted.
Description
Technical field
The present invention describes a kind of traffic model system and information interacting method thereof, is specifically related to the information interaction system and the method for each node of communication network.
Background technology
Communication network has two great development train of thoughts, and one is communication network, and from the landline telephone to the mobile phone, the core of its technology is circuit switching substantially; Another is a data network, and from X.25 network is to IP network, its technological core is packet switching.Communication network and data network merge gradually now, and the IP technology is counted as the basis of new generation network.Because the restriction of the historical background when the IP technology occurs, it has exposed some defectives when tackling new now demand.Such as the shortage of IP address, unified data security sex service can't be provided, the service quality of transfer of data is difficult to guarantee or the like.
The NAT technology can be alleviated IP address shortage problem, but along with the popularizing of smart mobile phone, because some application needs are online always on the mobile phone, the NAT technology had just lost efficacy to this.The address space of IPv6 is wide, but also incompatible with IPv4, just makes that also upper layer application must exploitation again on IPv6.
In former IP technology the inside, Information Security guarantees and can only be finished by application layer oneself, but this makes to use and combine with the data security technology degree of depth, increased the weight of the technical difficulty and the workload of application layer exploitation, also makes the configuration of using and safeguard difficult more.Proposed ipsec technology for this reason, guaranteed but ipsec technology is more suitable for that in fact communication pipe is carried out Information Security, such as the encryption pipeline of enterprise VPN network, and to a large amount of personal user and inapplicable.
IP network is " doing one's best " to the processing of packet substantially, also just can not guarantee the service quality of transfer of data, has also just limited carrying out and transplanting of some application for this reason.IETF transforms the IP technology for this, has proposed two quality of service model, DiffServ model and intserv model.But above-mentioned model has just changed the processing of communication intermediate node, and original intermediate node carries out indifference to all messages to be transmitted, and then is to discern message earlier now, has difference to transmit then.Above-mentioned quality model can satisfy the quality requirement of part communication, but system and comprehensively not.
Summary of the invention
Goal of the invention: purpose of the present invention is exactly the problem that exists at prior art by introducing a kind of traffic model and information interacting method, is problems such as the address shortage of communication network, Information Security, service quality, and the solution of system is provided.Simultaneously, also the fusion for existing various communication networks provides technical support, provides technical foundation alternately for various communications applications.
Technical scheme: the present invention adopts following technical scheme for achieving the above object:
A kind of communication system of the present invention, comprise transmitting apparatus, receiving equipment, ID server or ID network and conventional communication networks, ID server or ID network link to each other with receiving equipment with transmitting apparatus respectively, receiving equipment registers to ID server or ID network with its access parameter, the access parameter of transmitting apparatus from ID server or ID network inquiry to receiving equipment, transmitting apparatus sends to receiving equipment by the traditional communication net with information.
Described conventional communication networks is telecommunications network or Packet Based Network.
Described transmitting and receiving device is the terminal or the server of access network.
A kind of information interacting method of communication system comprises the steps:
Step 1: receiving equipment is registered to ID server or ID network with logical device sign and access parameter thereof;
Step 2: transmitting apparatus obtains the access parameter of receiving equipment from ID server or ID network;
Step 3: transmitting apparatus sends to conventional communication networks with information;
Step 4: conventional communication networks sends to receiving equipment with information;
Step 5: receiving equipment receives information.
Described transmitting apparatus is registered to ID server or ID network with self access parameter before transmission information; After the receiving equipment reception information, the information that the access parameter of transmitting apparatus receives in order to authentication or deciphering in visit ID server or the ID network.
Described logical device sign---ID comprises administrative area coding, subscriber-coded, device type, device coding (104) four parts.
Described access parameter promptly refers to address information, data security information, the quality of service information of equipment.
The address information of described equipment, data security information, the subsidiary term of validity of quality of service information, then information is invalid to surpass the term of validity, need re-register or retrieve.
Described ID network is made up of ID server or ID server and ID router, ID server in the network and ID router contain static configuration or protocol dynamic generates and { the ID of maintenance, mask } tabulation---ID routing table, after ID server or ID router receive the request or response message of access parameter, ID server or the ID router id field in the message, adopt long code mask matching algorithm retrieval ID routing table to obtain route, transmit or handle according to route.
Beneficial effect: the present invention introduces device identification server and network by introducing the notion of logical device sign, has provided a kind of new traffic model and system.Add the logical device label layer in the middle of application layer and transport layer or network layer, make upper layer application and lower layer network isolate, the upgrading of lower layer network does not need to develop again upper layer application; Finish concrete Information Security operation and network quality operation in the logical device label layer, make the exploitation of upper layer application more concentrate on application-level logic, reduced the application layer development and maintenance cost; Each upper layer application occurs with the notion of logical device, and the concrete function of logical device and interface are determined by normal structure, and what make types of applications becomes possibility alternately, can greatly promote the in-depth development of communications applications.
Description of drawings
Fig. 1: the format chart of logical device sign;
Fig. 2: new traffic stratification model exemplary graph;
Fig. 3: new traffic net system construction drawing;
Fig. 4: new traffic net information transmission flow figure;
Fig. 5: secure data transmission flow figure;
Fig. 6: use the present invention and solve the exemplary system figure of IPv4 address shortage;
Fig. 7: use the present invention and solve system's primary information interaction diagrams of IPv4 address shortage;
Fig. 8: use the exemplary system figure that the present invention solves the service access quality;
Fig. 9: use the primary information transmission flow figure of system that the present invention solves the service access quality;
Figure 10: the application interoperability exemplary plot of logic-based device identification layer;
Figure 11: the application interoperability sequential exemplary plot of logic-based device identification layer;
Figure 12: ID network struction exemplary plot 1;
Figure 13: ID network struction exemplary plot 2;
Figure 14: the protocol massages format chart of visit ID server;
Figure 15: the message format figure between the ID router.
Embodiment
Below in conjunction with the drawings and specific embodiments, further illustrate the present invention, should understand these embodiment only is used to the present invention is described and is not used in and limit the scope of the invention, after having read the present invention, those skilled in the art all fall within the application's claims institute restricted portion to the modification of the various equivalent form of values of the present invention.
Embodiment
The format chart of Fig. 1 logical device sign;
The logical device sign is 16 bytes altogether, divide four parts from high to low by syllable sequence.
101 for the administrative area coding, takies 4 bytes, and concrete form is as follows---
Highest byte is a national coding, is distributed by International Standards Organization.Wherein 0x0 ~ 0x20 keeps, and 0x21 ~ 0x7f distributes to each power, maximum 95 big countries.0x80 ~ 0x8f distributes to each small country, and this moment, time high byte also was a national coding, i.e. 0x8000 ~ 0x8fff, totally 4096 each micro state.0x91 ~ 0xff keeps, and 0x90 is the United Nations's coding.
Each national administrative area coding of two or three bytes after national coding is distributed by various countries' normal structure.The national coding of big country takies highest byte, and back to back three bytes are then divided according to this national administrative area, take successively from big to small; The national coding of micro state takies the highest and time high byte, and back to back two bytes are then divided according to this national administrative area, take successively from big to small.
Can regulation economize or municipality directly under the Central Government's coding takies 8 bits such as, Chinese Industrial Standards (CIS) tissue, city's coding takies 8 bits, and district or county's coding take 8 bits.Suppose that China national is encoded to 0x21, Jiangsu Province is encoded to 0x25, Nanjing be encoded to 0x01, Gulou District is encoded to 0x08, then the administrative area of Nanjing Gulou District coding is 0x21250108.
102 is subscriber-coded, takies 4 bytes, during for the user applies user ID, by system assignment.Suggestion 0x0 keeps, and 0x000001 ~ 0x100000 fixed allocation is given some users, such as fire-fighting, and public security etc.Need to prove in addition, the user generally is ordinary individual, enterprise, tissue etc., and clear and definite entity correspondence is arranged, but under specific circumstances, the user also can be a kind of group of individuals that certain attribute is arranged, such as subscriber-coded 0x00000004 of being of the user's correspondence that has IPv4 equipment.
103 is device type, takies 4 bytes, is distributed by International Standards Organization.The corresponding one group of function set of a kind of device type, promptly corresponding a kind of logical device.Network also can be regarded as a kind of special equipment.The device type of 0x00000000 ~ 0x7fffffff keeps, other can distribute.For example: the device type of web server---0x80000010, the device type of IPv4 network---0x90000021, the device type of web browser---0x80000011.What specify is that because network is regarded as a kind of special equipment, all-network can come unique sign to come out with the logical device sign.Such as, the IPv4 network of China just can identify with digital 0x21000000-0x00000001-0x90000021-0x00000001,4 the highest bytes are the administrative area coding of China, inferior 4 high bytes are the subscriber-coded of government, inferior 4 low bytes are device type, and 4 minimum bytes are device numbering.
104 is device coding, takies 4 bytes, when a user has a plurality of equipment of the same type, just can distinguish by device coding.The device coding of each equipment can be fixed, and also can dynamically obtain by visit ID server.In some occasion, device coding also can be by obtaining according to some other information calculations.
Fig. 2 new traffic stratification model exemplary graph;
By introducing the notion and the ID server of logical device sign, the present invention has increased " logical device label layer " in the stratification model of communication.This figure is the ICP/IP protocol stack and is introducing " logical device label layer " stratification illustraton of model afterwards.
201 application are developed based on label layer, finish information interaction.Using at first needs the user bound sign, and promptly which user's service is current application be.Which device type application need clearly will bind then, information processing capability and mode that different device types is corresponding different.Use the number of decision establishment equipment then, the corresponding logical device sign of equipment also is application layer and the mutual major parameter of logical device label layer.It is any type that the communications applications of this moment does not need to understand lower layer network, does not also need to understand those authentications, cryptographic algorithm or parameter.Use the logical device sign that needs clear and definite receiving terminal correspondence when sending message, when using reception information, the logical device label layer also can be informed the logical device sign of this message sending end correspondence.
202 logical device label layer are application layer services.When receiving a message send request, the logical device label layer can be on this locality or ID server query logic device identification corresponding address, data security parameter, QoS parameter, according to these message is encrypted, authenticated then, the service quality associative operation, and then call lower floor's service, finish the transmission of message.What specify is the network support of satisfying the demand of some service quality.When receiving a message from lower floor, the logical device label layer can be resolved message, finishes deciphering, the authentication of message, determines transmitting terminal corresponding equipment sign, is delivered to application layer then.
203,204,205 is transport layer, network layer, data link layer, also provides the same function and interface.
Fig. 3 new traffic net system construction drawing;
ID server or ID network that the present invention introduces link to each other with transmitting apparatus, also link to each other with receiving equipment.The message that transmitting apparatus sends still sends to receiving equipment by the traditional communication net.The address of equipment on the network, the DEA of equipment support or requirement and parameter thereof, the identifying algorithm of equipment support or requirement and parameter thereof, the service quality of equipment support or requirement, the present invention is referred to as access parameter.301 ID servers or ID network promptly provide functions such as the registration, modification, inquiry, deletion of device access parameter.Receiving equipment registers to ID server or ID network with its access parameter, and transmitting apparatus to the access parameter of receiving equipment, sends to receiving equipment with message by communication network according to these access parameter transmitting apparatus from ID server or ID network inquiry.
Fig. 4 new traffic net information transmission flow figure;
Suppose that information interaction does not have the demand of data security and service quality, then the step of primary information transmission is as follows---
Step 1: receiving equipment sends register requirement to the ID server, with self the logical device sign and address registration to server.
Step 2:ID server receives register requirement, and the typing of completion logic device identification and address sends the registration response message to receiving equipment.
Step 3: transmitting apparatus sends query requests to the ID server, provides the logical device sign of receiving equipment.
Step 4:ID server receives query requests, retrieves the address according to the logical device sign, and the address is encapsulated in the inquiry response message, sends it back transmitting apparatus.
Step 5: transmitting apparatus obtains the address of receiving equipment, and information is sent.
Fig. 5 secure data transmission flow figure;
Suppose that information interaction has the demand of data security, then the step of primary information transmission is as follows---
Step 1: receiving equipment sends register requirement to the ID server, and self logical device sign, address, PKI registered to server.
Step 2:ID server receives register requirement, finishes the typing of the logical device sign of receiving equipment and address, PKI, sends the registration response message to receiving equipment.
Step 3: transmitting apparatus sends query requests to the ID server, provides the logical device sign of receiving equipment.
Step 4:ID server receives query requests, retrieves address, PKI according to the logical device sign, and address and PKI are encapsulated in the inquiry response message, sends it back transmitting apparatus.
Step 5: transmitting apparatus resolution response message, the address and the PKI of acquisition receiving equipment.Transmitting apparatus sends a request for registration to the ID server again, and self logical device sign, address and PKI registered to server.
Step 6:ID server receives register requirement, finishes the typing of the logical device sign of transmitting apparatus and address, PKI, sends the registration response message to transmitting apparatus.
Step 7: transmitting apparatus advances information with the logical device sign encapsulation of self, and generates authentication information with self private key, and the PKI of usefulness receiving equipment sends above-mentioned information encryption at last with information.
Step 8: receiving equipment receives information, finishes deciphering to data with the private key of self, obtains the logical device sign of transmitting apparatus, this logical device sign encapsulation is advanced in the query requests again, sends the query requests message to the ID server.
Step 9:ID server will send logical device sign corresponding address, PKI is encapsulated into the inquiry response message, send message to receiving equipment.Receiving equipment resolution response message, the PKI and the address of acquisition transmitting apparatus, receiving equipment is finished the authentication of the information that step 8 is received again with this PKI.
What specify is that ID server and reception, transmitting apparatus also can be arranged some keys, and request and response message are encrypted and authenticated.
Fig. 6 uses the exemplary system figure that the present invention solves the shortage of IPv4 address;
In the face of the situation of IPv4 address shortage, the present invention has provided a solution.
601 conventional client are generally PC, terminals such as mobile phone, and the software and hardware on these equipment is without any need for transformation.It is in the IPv4 local area network (LAN), obtains a private net address, such as 10.10.10.100.When the server of client-access on public network, the IPv4 source IP of face in front is a private net address, and purpose IP is a public network address.
602 IPv4 local area network (LAN)s are the Access Network of telecom operators, and this Access Network is a private network, might as well the corresponding network segment be 10.*.*.*.This network segment can hold general 1,500 ten thousand IP address.Can allow a plurality of such IPv4 local area network (LAN)s.
603 gateway C link to each other with ID server, IPv4 public network, IPv4 local area network (LAN).It has the function of common NAT gateway, and the specially appointed function of the present invention is also arranged, and is about to the IPv4 message and encapsulates again.Private network moves to the encapsulation again of public network, adds a new IPv4 head at former IPv4 head, and the purpose IP in the new IPv4 head is with the purpose IP in the former IPv4 head, and the source IP in the new IPv4 head is the public network IP of gateway C, and the protocol number in the new IPv4 head is 4.Public network moves to the encapsulation again of private network, peels outer IPv4 head off, and internal layer IPv4 head and message remain unchanged.The IP address of supposing the IPv4 public network is x, and the present invention stipulates that its corresponding logical device sign can be 0x90000000-0x10000000-0x90000021-x.0x90000000 wherein is the administrative area coding of the United Nations, and 0x10000000 has the user of equipment for those on global public network, and 0x90000021 is the device type of the equipment of support IPv4 agreement, and x is the IPv4 address of 4 bytes.Gateway C knows that by inquiry ID server the IP address is the access parameter of the equipment of x.
604 IPv4 public networks, promptly existing the Internet, function and interface are constant.
605 gateway S link to each other with traditional server, ID server, IPv4 public network.Its function is to discern the message of gateway C encapsulation, and be encapsulated as the message that server can be handled again; Resolve the message that traditional server sends, in case of necessity, be encapsulated as the message that gateway C can handle again.It is as follows that server is received the packet parsing process, if find that protocol number is 4, then get the public network IP address of outer source IP(gateway C) and IP(client private network IP address, internal layer source) form one 64 key assignments, search mapping table, obtain one 24 mapping value.Add the 0x10 prefix with this mapping value and promptly generate a private network IP, divest outer IPv4 head, replace IP(client private network IP address, source) with this new private network IP.As follows to the packet parsing that server sends, if the message purpose IP address that sends is that prefix is the private network IP of 0x10, then back 24 with purpose IP search mapping table, obtain public network IP address and the client private network IP address of gateway C, replace former purpose IP address with client private network IP address, and then before former IPv4 heading, add an IPv4 heading, purpose IP address in the outer IPv4 heading is the public network IP address of gateway C, source IP address is got the source IP address of former message, and protocol number is 4.Gateway S can also act on behalf of traditional server carries out logical device sign and access parameter thereof to the ID server registration except above-mentioned functions.The pairing logical device sign of traditional server can be with reference to the part explanation of gateway C, the IPv4 map addresses that is server becomes the device numbering part that logical device identifies, and user ID and device type are fixed as 0x90000000-0x10000000-0x90000021 by normal structure.
606 traditional servers are generally equipment such as web server, and its software and hardware does not need to revise yet, and only requires and inserts the IPv4 public network, and an IPv4 public network address is arranged.
607 ID servers provide the registration and the query function of device access parameter.Link to each other with gateway S with gateway C.
At this specific networking, the ID server also can remove, and the server address after gateway C discerns those and is in gateway S by ACL the message that mails to these servers is carried out the tunnel encapsulation of 4in4, and other messages is still walked common NAT flow process.The characteristics of this scheme can be saved public network IP address exactly in a large number, do not need to transform simultaneously the software and hardware of client and server, also do not need to carry out what upgrading or transformation for the IPv4 routing device in the network.Gateway S also can carry out step at an IDC machine room, and is simultaneously online above 1,500 ten thousand people as long as the server of these IDC machine rooms does not have.
Fig. 7 uses system's primary information interaction diagrams that the present invention solves the shortage of IPv4 address;
Step 1: gateway S sends logon message to the ID server, and pairing logical device sign of gateway S acting server and access parameter thereof are registered.
Step 2:ID server returns the registration response, represents whether this registration is successful.
Step 3: conventional client is sent the IPv4 message to server.
Step 4: gateway C receives the IPv4 message that user end to server sends, and forms the pairing logical device sign of server with purpose IP and 0x90000000-0x10000000-0x90000021, sends query message to the ID server.
Step 5:ID server is retrieved according to the logical device sign, obtains the corresponding access parameter of logical device sign, and these access parameters are encapsulated into inquiry response message, the inquiry of response gateway C.
Step 6: the message that the access parameter that gateway C returns according to inquiry sends client encapsulates again, adds an IPv4 head before former message again, and purpose IP is a server ip, and source IP is the public network IP of gateway C, and protocol number is 4.
Step 7: it is server ip address that gateway S receives purpose IP, and protocol number is 4 message, and the outer source IP and the internal layer source IP that get this message form 64 key assignments, search mapping table, obtain 24 mapping value.Divest outer IPv4 head, with internal layer IP in front the source IP address of face add 24 mapping value with 0x10 and substitute.
Step 8: the client message that server response gateway S encapsulated again, the server response message sends to gateway S
Step 9: gateway S receives the response message of server, finds that its purpose IP address is 0x10.*.*.*, searches mapping table for back 24 that then get this purpose IP, obtains corresponding gateway C public network IP address and client private network IP address.Replace purpose IP with client private network IP address, encapsulate an IPv4 heading then again before the IPv4 message, purpose IP is the public network IP address of gateway C, and source IP address still is the source IP address of former message, and protocol number is 4.
Step 10: gateway C receives the finished server response message of gateway S, finds that protocol number is 4, and purpose IP address is self public network IP, then divests outer IPv4 head, sends to client by the IPv4 private network.
Fig. 8 uses the exemplary system figure that the present invention solves the service access quality;
Loaded service is more and more on communication network, and from speech business at first, enterprise's private line service finally arrives data service more again, multimedia service till now again, and miscellaneous service differs widely to the quality of service requirement of communication network.The present invention binds different quality of service requirements by introducing the logical device label layer with certain logical device sign, for the expression of above-mentioned various quality of service requirements with a kind of uniform way and the approach of providing is provided.Certainly, the realization of last network service quality also needs the all-network node of the information of transmitting to finish together.This figure supposes a kind of networking situation, describes each network node function relevant with service quality under this networking situation.
801 video transmitting apparatus link to each other with ID server, router one, Qos gateway, it can be according to the ability or the requirement of video reception apparatus, determine it to send bandwidth, the time delay of data, and drive the resource allocation that the Qos gateway is finished interdependent node in the network, can be met the demand of service quality to guarantee video reception apparatus.
802 Qos gateways link to each other with video transmitting apparatus, router one, and it is appreciated that the requirement description of transmitting apparatus to service quality, and interdependent node is carried out associative operation in the driving network.
803 804 router ones and router two, for connecting the network node of video transmitting apparatus and video reception apparatus, it can provide different service quality to different data flow, further can also be specific data flow customize services quality.
805 video reception apparatus link to each other with ID server, router two, and it can provide describes the QoS requirement that receives data, and these information are registered to the ID server.
806 ID servers link to each other with the video transmitting apparatus with video reception apparatus, registration and query requests that can response apparatus.The requirement description of service quality promptly transmits by the ID server.
Further, the Qos gateway can link to each other with aaa server, and when receiving equipment obtained different service quality, its corresponding user chargeed difference is also arranged.
Further, the requirement description of service quality can be issued by normal structure, such as, the QoS requirement of common TV, HDTV (High-Definition Television), three-dimensional television, mobile TV, Web TV is formulated various criterion.
Fig. 9 uses the primary information transmission flow figure of system that the present invention solves the service access quality;
Step 1: video reception apparatus disposes the specific descriptions that provide service quality according to self-ability or user, and these information are sent to the ID server by the register requirement message.
Step 2:ID server receives register requirement, record logical device sign and corresponding address, and access parameters such as QoS requirement description send the registration response message to device registration.
Step 3: the video transmitting apparatus sends the query requests message to the ID server, and the pairing logical device sign of its receiving equipment can obtain by other information interactive process.
Step 4:ID server is retrieved according to logical device sign, obtains corresponding access parameter, and these access parameters are encapsulated in the inquiry response message, sends back to query facility.
Step 5: the video transmitting apparatus is resolved access parameter, obtains the QoS requirement descriptor, and this information is encapsulated in the Qos request message, sends to the Qos gateway.
Step 6:Qos gateway receives the QoS requirement descriptor, and these information are translated into the Qos request message that router one can be understood, and sends to router one.
Step 7: router one delivering service quality requirement description information is to router two
Step 8: router two finds that receiving equipment is coupled, and has resource to guarantee the service quality of its requirement, then distributes respective resources, and returns the Qos response message and give router one.
Step 9: router one receives the Qos response message, and checks that its resource also can guarantee the service quality of its requirement, then distributes respective resources, and returns the Qos response message and give the Qos gateway.
Step 10:Qos gateway receives the Qos response message of router one, knows that router one is the resource that guarantees service quality and distributed, and it puts into Qos response message 3 with these resource description information, sends to the video transmitting apparatus.
Step 11: the video transmitting apparatus is resolved Qos response message 3, obtains the resource description information of corresponding with service qualitative data stream, then by this information encapsulate video message, sends video message to router one.
Step 12: router one receives message, finds that this message has corresponding resource description, then guarantees to transmit message to router two according to the service quality of this resource description correspondence.
Step 13: router two receives message, finds the corresponding resource description of this message, guarantees to transmit message to video reception apparatus according to the service quality of this resource description correspondence.
The application interoperability exemplary plot of Figure 10 logic-based device identification layer;
The application of logic-based device identification layer exploitation can be operated mutually, and its basis is exactly that the function collection and the interface of a certain device type correspondence can be by the normal structure specified in more detail.
1001 multimedia clients, the user can be with this device access multimedia server, and the latter can provide various multimedia messagess, such as film, music etc.This types of logical devices is generally by the software creation on the equipment such as user PC, notebook, mobile phone.
1002 multimedia servers, the user can provide multimedia service to other users with this equipment, as film, music etc.
1003 identity information ends provide the inquiry service of subscriber identity information.So-called identity information is enterprise, individual, commonweal organizations such as the user, if the individual then can also comprise information such as date of birth, sex, identification card number.This types of logical devices generally can be created and safeguarded by government's specified entity or enterprise, and the user can only hold imitates certificate is handled identity information to the window of mechanism or enterprise's appointment typing or modification.Not all user can inquiring user identity information, what class user can inquire about what class user profile must with relevant laws and regulations unanimity.Such as, whether the user that multimedia messages is provided grows up to judge the client user only to obtain multimedia client user's date of birth information, further determines whether the client user is provided requested service.This types of logical devices is generally with regard to one, and the device numbering in the logical device sign generally is fixed as 1 at this moment.
1004 e-bank's server ends provide the management and the services such as inquiry, Instant Transfer of user's fund.This types of logical devices generally can be created and maintenance by bank, and the user can select the bank of its trust that this service is provided.Concrete equipment and service details are formulated by normal structure.The present invention's suggestion can be arranged one or more keys by off-line between the server and client side of e-bank, and this type of key can promote the fail safe that authenticates and encrypt between the server and client side.Generally also with regard to one, device numbering is fixed as 1 to this types of logical devices.
1005 e-bank's clients with server communication, are finished the management and the inquiry of user's fund.If e-bank's server end receives an Instant Transfer request, then send to e-bank's client and confirm, after the user confirmed by client, e-bank's server end just came into force and this time transfers accounts, and echoed and should give the equipment of Instant Transfer request that sends.This types of logical devices can be the software on user's PC, also can be user mobile phone software, perhaps other specific combination thereof.When a plurality of client, can stipulate to have only a client can confirm that the device numbering of this client is fixed as 1 to Instant Transfer.
The application interoperability flow example figure of Figure 11 logic-based device identification layer;
Step 1: the multimedia client is sent service request to multimedia server, such as watching film A.The logical device sign of multimedia server can manually be imported by the user, also can be that client is resolved the configuration file acquisition, can also be other approach.The content of service request the inside except watching of sending also has the logical device of multimedia client to identify.
Step 2: multimedia server is received service request, and then the logical device identification (RNC-ID) analytic from client goes out user ID, adds permanent plant type and device numbering then, obtains the logical device sign of subscriber identity information end.Server sends the identity information request to the identity information end.
Step 3: the identity information end is received the identity information request, checks the authority of multimedia server, responds this identity request, promptly returns user's information such as date of birth.
Step 4: multimedia server judges that by identity information the active user is adult, can watch film A, then further send transfer request to e-bank's server end, e-bank's server logical device identification also is to add permanent plant type and device numbering acquisition by user ID.Transfer request generally comprises the amount of money of transferring accounts, the date of generation, the information such as reason of transferring accounts.
Step 5: e-bank's server end is received transfer request, then this request is sent to client and confirms.
Step 6: information such as the amount of money that e-bank's client acquisition is transferred accounts, date, reason, it is errorless that the user checks above-mentioned information, then beams back acknowledge message by client.
Step 7: e-bank's server end is received the affirmation of client, admits that then this transfer request is effective, carries out the actual operation of transferring accounts, and sends the acknowledge message of transferring accounts to multimedia server.
Step 8: multimedia server is received the acknowledge message of transferring accounts, and begins to provide service, sends the multimedia messages of film A to client.
Figure 12 ID network struction exemplary plot 1;
1 ID server can only be given limited user's service, such as an enterprise or a school.When the user is many, needs a plurality of ID servers to form network and finish service.This figure has promptly provided a kind of composition mode of network, according to the administrative area coding in the logical device sign, the establishment ID server network of tree-like layering.
As, user's logical device sign and access parameter information in the ID server of the enterprise 1 storage and maintenance enterprise 1, it links to each other with the ID server in higher level city 1, when the ID of enterprise 1 server receives a registration or query requests, if its logical device sign then is given to this request the ID server of upper level---the ID server in city 1 not in the ID of enterprise 1 server compass of competency.The ID server in city 1 is user's logical device sign and access parameter information in the storage and maintenance city 1 also, and it is economized 1 ID server with the higher level and links to each other, and also links to each other with the ID server of enterprise of subordinate 1, the ID server of school 1.When the ID in city 1 server is received registration or query requests, then judge whether in the book server compass of competency according to the logical device sign, perhaps whether in certain ID server compass of competency of subordinate, if not in the compass of competency of subordinate, also not in the book server compass of competency, then this request is passed to the higher level.By that analogy, up to top ID server, i.e. global level ID server.The difference of global level ID server and other ID servers is exactly that it does not have the higher level, if the logical device of current request sign also not in the book server compass of competency, then abandons this request not in certain ID server compass of competency of its subordinate.
The corresponding logical device sign of each ID server, the ID server that receives registration or query requests at first is referred to as source ID server, and the ID server of finishing this registration or query requests at last is referred to as purpose ID server.The equipment that sends registration or query requests just links to each other with source ID server, after source ID server receives request, if this request of discovery need pass to other ID server process, then the logical device sign encapsulation of self can be advanced request message, source service logic device identification in other words encapsulates into request message, after purpose ID server response registration or the query requests, according to the transmission of source service logic device identification decision response message, other ID servers are like this too.
Figure 13 ID network struction exemplary plot 2;
The compass of competency of an ID server can represent that ID wherein is the logical device sign, and 16 bytes are arranged with { ID, mask }, and mask then is a mask, from 0 to 128 value.For example, { 0x21250100-0x01-0x80000010-0x01,32 }, the logical device sign scope of expression administration is 0x21250100-0x*-0x*-0x*.Copy the network segment of IP agreement the inside, this also can be referred to as the ID network segment.An ID server service is in an ID network segment, and the ID of its subordinate server network segment mask is longer than ID server network segment mask at the corresponding levels.When handling a logical device identifier register or query requests, check the ID server of its subordinate earlier, and then check ID server at the corresponding levels that the long code mask that is similar in the IP route preferentially mates.In general, each ID server can be issued two routes, a correspondence be its compass of competency, another correspondence be himself.The former represents and is called the administrative area route with { ID.x, mask }, and the latter represents and be called the server route with { ID.y, 128 }.Need to prove that ID.x and ID.y can be identical, also can be different, decide according to the networking situation of each ID network.That is to say that the logical device sign of an ID server itself can be irrelevant fully with the ID scope of its administration.
According to above-mentioned principle, the ID server links to each other by the ID router, constitutes the ID network.ID router itself does not respond registration or query requests, just disposes by ID Routing Protocol and user and generates and safeguard the ID routing table---and comprise administrative area routing table and server routing table, when receiving message, inquiry ID routing table is transmitted message.When receiving request message, inquiry administrative area routing table obtains outgoing interface and next jumping of this message, then message is forwarded; When receiving response message, the querying server routing table obtains outgoing interface and next jumping of this message, then message is forwarded.Specify that the ID router can be with issue again after the ID route aggregation that receives, its logic class is like the polymerization of IP route.The administrative area route can only with the administrative area route aggregation, the server route can only with the server route aggregation.Concrete ID Routing Protocol and polymerization algorithm etc. are not described within the scope in the present invention.
Describe the concrete function of ID router for example, this figure ID router one links to each other with the ID2 server, and then the ID1 router at first obtains two routes, { ID2.x, mask2 } and { ID2.y, 128 }.The ID1 router is distributed to other ID routers with these two routes again, the ID1 router also obtains routing iinformation from other ID routers simultaneously, such as { ID1.x, mask1 }, { ID1.y, 128 }, { ID3.x, mask3 }, { ID3.y, 128 }, { ID4.x, mask4 }, { ID4.y, 128 }.These routing iinformations are formed the routing table of ID1 router, i.e. { ID1.x, mask1 }, { ID2.x, mask2 }, { ID3.x, mask3}, { ID4.x, mask4 } composition administrative area routing table, { ID1.y, 128 }, { ID2.y, 128 }, { ID3.y, 128 }, { ID4.y, 128 } form the server routing table.When the ID1 router receives request message, promptly, make message can accurately be distributed to corresponding ID server according to its administrative area routing table of long code mask matching principle inquiry; When the ID1 router receives response message, promptly, make message can accurately be distributed to corresponding ID server according to its server routing table of long code mask matching principle inquiry.
Supplementary notes, physical equipment are the function of real ID server and ID router simultaneously, and the networking mode of this figure and can mixing with the networking mode that Figure 12 describes constitutes the networking mode of the third ID network.
Figure 14 visits the protocol massages format chart of ID server
The version of 1401 protocol massages, this fields account 4 bits, current is 1.
1402 option, this fields account 14 bits, from 0 to 4095 value, the length of expression option area, unit is 4 bytes, i.e. Long Word.If 0, then represent no option area (1408), if 1, represent that then option area length is 1 Long Word, by that analogy.
1403 keep the position, and this fields account 13 bits currently are fixed as 0.
1404 message directions, this fields account 1 bit, 0 is expressed as request message, and 1 is expressed as response message.
1405 message identifications, this fields account 16 bits are distinguished the message that same equipment sends with this field.Equipment guaranteed in a period of time, the different messages that it sends, and this field can not repeat.
1406 TTL, this fields account 8 bits, the expression message is wished the number of times that transmitted, every transmission once just subtracts 1, prevents that message from circulating in the ID network incessantly.
1407 source ID, this fields account is with 4 Long Word, i.e. 128 bits, expression sends the logical device sign of request message equipment.Such as, Fig. 5 step 1, the source ID in the register requirement message that receiving equipment sends is the logical device sign of receiving equipment; Source ID in the query requests message that Fig. 5 step 3, transmitting apparatus are sent is the logical device sign of transmitting apparatus.The ID server can judge according to this field whether current request is legal, and how relevant safety operation carries out, or the like.
1408 purpose ID, this fields account is with 4 Long word, i.e. and 128 bits are represented the logical device sign of requested equipment.Such as, Fig. 5 step 1, the purpose ID in the register requirement message that receiving equipment sends is the logical device sign of receiving equipment; Purpose ID in the query requests message that Fig. 5 step 3, transmitting apparatus are sent is the logical device sign of receiving equipment.The ID server is finished corresponding access parameter and is write or read according to the corresponding data record of this field index.In addition, the ID router is then got this field and is searched the administrative area routing table for request message, finishes the forwarding of request message.
1409 option area, this zone are variable length, are that the subregion of TLV is formed by a plurality of forms.So-called TLV, i.e. type (Type), length (Length), value (Value).These subregions can be filled in by source device, also can be filled in to the intermediate equipment of ID server by source device.Particular type illustrates in the back.
1410 Code, this fields account is with 1 byte, and promptly 8 bits are represented concrete request action, represent register requirement such as 0x11, and 0x21 represents query requests.
1411 parameter regions, this zone is the same with options region to be variable length, its form is TLV, i.e. type, length, value.Concrete form is the same with option area, and different is that this zone can only be filled in by source device or ID server.
Type field in parameter region and the options region takies 16 bits, and the present invention is defined as follows several types earlier:
0x9000---expressly set, its Value district combines for several TLV subregions, and its Length is the total length of above-mentioned several TLV subregions.
0x9001---ciphertext set, its Value district combines for several TLV subregions, and should pass through encryption in the zone, so the Value district also comprises some relevant information of cryptographic algorithm, concrete form can be formulated by normal structure.
0x9002---authentication set, isolog collection class seemingly, different is that value district has also added authentication information, specifically form can be formulated by normal structure.
0x9003---authentication and encrypt set, isolog collection class seemingly, but value district for encrypt and authentication after the TLV data block, specifically form is formulated by normal structure.
0x8001---network numbering, the residing network of expression source device, available 16 byte unique identifications can be filled in this option by source device or intermediate equipment.If this option not, then giving tacit consent to network of living in is globally unique public network.
0x8002---the network address, the Internet resources that the presentation logic device identification is shared, length and form are formulated by normal structure.This TLV generally appears in register requirement message and the inquiry response message, and the former is filled in by source device, and the latter is filled in by the ID server.
0x8002---data security parameter, data security algorithm and relevant parameter that presentation logic device identification corresponding device is supported or required, concrete form is also formulated by normal structure.This TLV generally appears in register requirement message and the inquiry response message, and the former is filled in by source device, and the latter is filled in by the ID server.
0x8003---QoS parameter, the network quality-of-service parameters that presentation logic device identification institute corresponding device is supported or required, concrete form is also formulated by normal structure.This TLV generally appears in register requirement message and the inquiry response message, and the former is filled in by source device, and the latter is filled in by the ID server.
0x8004---error message, expression ID server fails to finish registration or query requests, provides the reason of concrete failure, such as authentification failure, Insufficient privilege etc., concrete form is also formulated by normal structure.This TLV generally appears in registration response and the inquiry response message, is all filled in by the ID server.
Message format figure between Figure 15 ID router;
Between the ID router or the message format that transmits between ID server and ID router as shown in the figure.Each field is identical with each field among Figure 14.Just increased by 1507 server ID, this zone is 128 bits, expression be the ID server logical device identification that links to each other with source device.This field is filled in by the ID server that links to each other with source device, and the ID router is then got this field and searched the server routing table for response message, finishes the forwarding of response message.
The above only is a preferred implementation of the present invention; should be pointed out that for those skilled in the art, under the prerequisite that does not break away from the principle of the invention; can also make some improvements and modifications, these improvements and modifications also should be considered as protection scope of the present invention.
Claims (9)
1. communication system, it is characterized in that comprising transmitting apparatus (301), receiving equipment (302), ID server or ID network (303) and conventional communication networks (304), ID server or ID network (303) link to each other with receiving equipment (302) with transmitting apparatus (301) respectively, receiving equipment (302) registers to ID server or ID network (303) with its access parameter, transmitting apparatus (301) inquires the access parameter of receiving equipment (302) from ID server or ID network (303), and transmitting apparatus (301) sends to receiving equipment (302) by traditional communication net (304) with information.
2. a kind of communication system according to claim 1 is characterized in that described conventional communication networks (304) is telecommunications network or Packet Based Network.
3. a kind of communication system according to claim 1 is characterized in that described transmitting and receiving device is the terminal or the server of access network.
4. the information interacting method based on the described a kind of communication system of claim 1 is characterized in that comprising the steps:
Step 1: receiving equipment (302) is registered to ID server or ID network (303) with logical device sign and access parameter thereof;
Step 2: transmitting apparatus (301) obtains the access parameter of receiving equipment (302) from ID server or ID network (303);
Step 3: transmitting apparatus (301) sends to conventional communication networks (304) with information;
Step 4: conventional communication networks (304) sends to receiving equipment (302) with information;
Step 5: receiving equipment (302) reception information.
5. the information interacting method of a kind of communication system according to claim 4 is characterized in that described transmitting apparatus (301) before transmission information, and self access parameter is registered to ID server or ID network (303); After receiving equipment (302) the reception information, the information that the access parameter of visit ID server or the interior transmitting apparatus of ID network (303) (301) receives in order to authentication or deciphering.
6. the information interacting method of a kind of communication system according to claim 4, it is characterized in that described logical device sign---ID, comprise administrative area coding (101), subscriber-coded (102), device type (103), device coding (104) four parts.
7. according to the information interacting method of claim 4 or 5 described a kind of communication systems, it is characterized in that described access parameter promptly refers to address information, data security information, the quality of service information of equipment.
8. the information interacting method of a kind of communication system according to claim 4, the subsidiary term of validity of address information, data security information, quality of service information that it is characterized in that described equipment, then information is invalid to surpass the term of validity, need re-register or retrieve.
9. the information interacting method of a kind of communication system according to claim 4, it is characterized in that described ID network (303) is made up of ID server or ID server and ID router, ID server in the network and ID router contain static configuration or protocol dynamic generates and { the ID of maintenance, mask } tabulation---ID routing table, after ID server or ID router receive the request or response message of access parameter, ID server or the ID router id field in the message, adopt long code mask matching algorithm retrieval ID routing table to obtain route, transmit or handle according to route.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011100454570A CN102158477A (en) | 2011-02-25 | 2011-02-25 | Communication system and information interaction method |
| PCT/CN2011/077252 WO2012113198A1 (en) | 2011-02-25 | 2011-07-18 | Communication system and information interaction method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011100454570A CN102158477A (en) | 2011-02-25 | 2011-02-25 | Communication system and information interaction method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102158477A true CN102158477A (en) | 2011-08-17 |
Family
ID=44439660
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011100454570A Pending CN102158477A (en) | 2011-02-25 | 2011-02-25 | Communication system and information interaction method |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN102158477A (en) |
| WO (1) | WO2012113198A1 (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106534156A (en) * | 2016-11-30 | 2017-03-22 | 北京洋浦伟业科技发展有限公司 | Identity authentication method and device between vehicle electronic control units (ECU), and equipment |
| CN112019940A (en) * | 2020-09-08 | 2020-12-01 | 南京云照乐摄影有限公司 | Image transmission system, image uploading device, cloud server and image receiving device |
| CN112016466A (en) * | 2020-08-28 | 2020-12-01 | 中移(杭州)信息技术有限公司 | Face recognition method, face recognition system, electronic device and computer storage medium |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP4147150A4 (en) | 2020-05-08 | 2024-05-15 | Wane, Brian | Using keyboard app to encrypt e-mail and other digital data |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101155196A (en) * | 2006-09-27 | 2008-04-02 | 中国电信股份有限公司 | Service-oriented IPv6 address specification and distribution method, terminal and system for implementing the same |
| CN101237442A (en) * | 2007-01-29 | 2008-08-06 | 华为技术有限公司 | Terminal identifier parsing and service transmission method, system and device in integrated network |
| CN101415129A (en) * | 2007-10-16 | 2009-04-22 | 中兴通讯股份有限公司 | Method for configuring service quality parameter of Ethernet passive optical network |
| CN101572718A (en) * | 2008-04-30 | 2009-11-04 | 张文 | IP QoS unified strategic system based on oriented application and method thereof |
| CN101667913A (en) * | 2009-09-18 | 2010-03-10 | 重庆邮电大学 | Authenticated encryption method and encryption system based on symmetric encryption |
-
2011
- 2011-02-25 CN CN2011100454570A patent/CN102158477A/en active Pending
- 2011-07-18 WO PCT/CN2011/077252 patent/WO2012113198A1/en active Application Filing
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101155196A (en) * | 2006-09-27 | 2008-04-02 | 中国电信股份有限公司 | Service-oriented IPv6 address specification and distribution method, terminal and system for implementing the same |
| CN101237442A (en) * | 2007-01-29 | 2008-08-06 | 华为技术有限公司 | Terminal identifier parsing and service transmission method, system and device in integrated network |
| CN101415129A (en) * | 2007-10-16 | 2009-04-22 | 中兴通讯股份有限公司 | Method for configuring service quality parameter of Ethernet passive optical network |
| CN101572718A (en) * | 2008-04-30 | 2009-11-04 | 张文 | IP QoS unified strategic system based on oriented application and method thereof |
| CN101667913A (en) * | 2009-09-18 | 2010-03-10 | 重庆邮电大学 | Authenticated encryption method and encryption system based on symmetric encryption |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106534156A (en) * | 2016-11-30 | 2017-03-22 | 北京洋浦伟业科技发展有限公司 | Identity authentication method and device between vehicle electronic control units (ECU), and equipment |
| CN106534156B (en) * | 2016-11-30 | 2019-06-04 | 北京梆梆安全科技有限公司 | Identity identifying method and device and equipment between Vehicle Electronic Control Unit |
| CN112016466A (en) * | 2020-08-28 | 2020-12-01 | 中移(杭州)信息技术有限公司 | Face recognition method, face recognition system, electronic device and computer storage medium |
| CN112016466B (en) * | 2020-08-28 | 2024-05-28 | 中移(杭州)信息技术有限公司 | Face recognition method, face recognition system, electronic equipment and computer storage medium |
| CN112019940A (en) * | 2020-09-08 | 2020-12-01 | 南京云照乐摄影有限公司 | Image transmission system, image uploading device, cloud server and image receiving device |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2012113198A1 (en) | 2012-08-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9667713B2 (en) | Apparatus and method for managing peer-to-peer connections between different service providers | |
| JP6014297B2 (en) | Communication between applications on different terminals | |
| US9246819B1 (en) | System and method for performing message-based load balancing | |
| US8958559B2 (en) | System and method for secure instant messaging | |
| CN101127606B (en) | Method and device for transmitting data object | |
| US20120311686A1 (en) | System and method for secure identity service | |
| US8462925B2 (en) | User-defined identity mapping for directed communications | |
| CN101939971A (en) | Combining locally addressed devices and wide area network (WAN) addressed devices on a single network | |
| CN110278181A (en) | A kind of instant protocol conversion technology about inter-network data exchange | |
| CN102035813A (en) | End-to-end call realizing method, end-to-end call terminal and system | |
| CN109672664A (en) | A kind of authentication method and system regarding networked terminals | |
| CN103338213A (en) | Method, system and access gateway for intercommunication between local equipment and IMS (IP Multimedia Subsystem) network | |
| CN105871698B (en) | A kind of management method and system of instant messaging service | |
| CN102158477A (en) | Communication system and information interaction method | |
| CN112887339B (en) | Distributed grouping management method of terminal equipment | |
| CN106533894A (en) | Brand new secure instant messaging system | |
| Lyons et al. | Blocks as digital entities: A standards perspective | |
| WO2011032471A1 (en) | Method and system for subscriber to log in internet content provider (icp) website in identity/location separation network and login device thereof | |
| US12052266B2 (en) | Secure streaming media based on updating hypercontent in a secure peer-to-peer data network | |
| EP3849144A2 (en) | Network architecture with fixed routing | |
| CN112995139B (en) | Trusted network, trusted network construction method and trusted network construction system | |
| WO2021223097A1 (en) | Authentication and authorization method for data content in network and computer readable storage medium | |
| CN109561080B (en) | Dynamic network access communication method and device | |
| CN103200211B (en) | A kind of method of data synchronization, system and equipment | |
| Krohn et al. | ConCom–A language and Protocol for Communication of Context |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20110817 |