CN102630376B - Method, apparatus and system for transferring control service - Google Patents
Method, apparatus and system for transferring control service Download PDFInfo
- Publication number
- CN102630376B CN102630376B CN201180003320.7A CN201180003320A CN102630376B CN 102630376 B CN102630376 B CN 102630376B CN 201180003320 A CN201180003320 A CN 201180003320A CN 102630376 B CN102630376 B CN 102630376B
- Authority
- CN
- China
- Prior art keywords
- business
- control
- transmission
- classification request
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/564—Enhancement of application control based on intercepted application data
Abstract
Embodiments of the present invention provide a method, an apparatus and a system for transferring a control service. The method includes: receiving a data message sent by a sending end; sending classification request information to a server, the classification request message including L34 layer information of the service extracted form the data message; receiving classification request response information sent by the server, the classification request response information including a control message determined by the L34 layer; and controlling the transference of the service. By determining the control message of the service by the server set outside the gateway device, the gateway device controls the transference of the service according to the control message, which can realize the control of all services including non-browsing type services and encrypted type services, reduce influence on performance of the gateway device by configuring L34 filters, and maintain continuous updating of black and white list data and reduce the workload of network maintenance.
Description
Technical field
The present invention relates to the communications field, relate in particular to the methods, devices and systems of the transmission of service control.
Background technology
In comprising the online class business fast developments such as mobile subscriber equipment online, client application, the illegal websites such as politics, pornographic, violence, gambling and application also increase thereupon, therefore also propose for the demand purifying Internet environment thereupon.
Gateway general grouping service wireless support node (GGSN, Gateway GPRS Support Node)/packet data serving node (PDSN, Packet Data Serving Network) etc. gateway device as last equipment of the core network before mobile broadband network access Internet, can survey (SPI based on shallow-layer message, Shallow Packet Inspection)/deep message parsing (DPI, Deep Packet Inspection) technology surveys the data message of business, obtains the L34 layer information of this business.Therefore, can in gateway device, configure L34 filter, by the L34 layer information of business is mated with business black and white lists rule, determine the processing policy to this business, the transmission of this business is controlled, realize the black and white lists function of business.
But, configuration L34 filter for gateway device performance require high, and, open filtering function and can produce a very large impact the performance of gateway device.In addition, due to the system resource constraints of gateway device, cause the specification of the filter that gateway device can support all very little, and need the manual black and white lists list of safeguarding, therefore, change and scene frequently for this website of existing network, network maintenance staff is had to very large workload, be difficult to maintain the continuous updating of black and white lists data.
Therefore, need suitable scheme to carry out the transmission of service control, to reduce impact gateway device performance being caused because of configuration L34 filter, maintain the continuous updating of black and white lists data, reduce the workload of network operation.
Summary of the invention
The embodiment of the present invention provides a kind of method and apparatus of transmission of service control, can reduce the impact on gateway device performance, maintains the continuous updating of black and white lists data.
On the one hand, provide a kind of method of transmission of service control, the method comprises: the data message that receiving end/sending end sends; Send classification request message to server, this classification request message comprises the L34 layer information of the business of extracting from this data message; Receive the classification request-reply message that this server sends, this classification request-reply message comprises that this server is according to the control information of this definite business of this L34 layer information; According to this control information, the transmission of this business is controlled.
On the other hand, provide a kind of method of transmission of service control, the method comprises: receive gateway device and send classification request message, this classification request message comprises the L34 layer information of the business that this gateway device extracts from data message; According to this L34 layer information, determine the control information of this business; Send classification request-reply message to this gateway device, this classification request-reply message comprises this control information, so that this gateway device, according to this control information, is controlled the transmission of this business.
Again on the one hand, provide a kind of device of transmission of service control, this device comprises: the first receiving element, the data message sending for receiving end/sending end; Transmitting element, for send classification request message to server, this classification request message comprises the L34 layer information of the business of extracting from this data message; The second receiving element, the classification request-reply message sending for receiving this server, this classification request-reply message comprises that this server is according to the control information of this definite business of this L34 layer information; Control unit, for according to this control information, controls the transmission of this business.
Again on the one hand, provide a kind of device of transmission of service control, this device comprises: receiving element, send classification request message for receiving gateway device, and this classification request message comprises the L34 layer information of the business that this gateway device extracts from data message; Determining unit, for according to this L34 layer information, determines the control information of this business; Transmitting element, for send classification request-reply message to this gateway device, this classification request-reply message comprises this control information that this determining unit is determined, so that this gateway device, according to this control information, is controlled the transmission of this business.
Again on the one hand, provide a kind of system of transmission of service control, having comprised: gateway device and server.This gateway device comprises: the first receiving element, the data message sending for receiving end/sending end; Transmitting element, for send classification request message to server, this classification request message comprises the L34 layer information of the business of extracting from this data message; The second receiving element, the classification request-reply message sending for receiving this server, this classification request-reply message comprises that this server is according to the control information of this definite business of this L34 layer information; Control unit, for according to this control information, controls the transmission of this business.This server comprises: receiving element, send classification request message for receiving gateway device, and this classification request message comprises the L34 layer information of the business that this gateway device extracts from data message; Determining unit, for according to this L34 layer information, determines the control information of this business; Transmitting element, for send classification request-reply message to this gateway device, this classification request-reply message comprises this control information that this determining unit is determined, so that this gateway device, according to this control information, is controlled the transmission of this business.
Therefore, according to the method and apparatus of the transmission of the service control of the embodiment of the present invention, determine the control information of this business by being arranged on the server of gateway device outside, gateway device is controlled the transmission of this business according to this control information, can realize all business including the non-type of service of browsing class and encryption are controlled, reduce impact gateway device performance being caused because of configuration L34 filter, and can maintain the continuous updating of black and white lists data, reduce the workload of network operation.
Brief description of the drawings
In order to be illustrated more clearly in the technical scheme of the embodiment of the present invention, to the accompanying drawing of required use in embodiment or description of the Prior Art be briefly described below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, do not paying under the prerequisite of creative work, can also obtain according to these accompanying drawings other accompanying drawing.
Fig. 1 is according to the indicative flowchart of the method for the transmission of the service control of the embodiment of the present invention.
Fig. 2 is the indicative flowchart of the method for the transmission of service control according to another embodiment of the present invention.
Fig. 3 is according to the interaction figure of the method for the transmission of the service control of the embodiment of the present invention.
Fig. 4 is according to the schematic block diagram of the device of the transmission of the service control of the embodiment of the present invention.
Fig. 5 is the schematic block diagram of the device of the transmission of service control according to another embodiment of the present invention.
Fig. 6 is according to the schematic block diagram of the system of the transmission of the service control of the embodiment of the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is the present invention's part embodiment, instead of whole embodiment.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtaining under creative work prerequisite, belong to the scope of protection of the invention.
Technical scheme of the present invention, can be applied to various communication systems, for example: global system for mobile telecommunications (GSM, Global System of Mobile communication) system, code division multiple access (CDMA, Code Division Multiple Access) system, Wideband Code Division Multiple Access (WCDMA) (WCDMA, Wideband Code Division Multiple Access) system, GPRS (GPRS, GeneralPacket Radio Service), Long Term Evolution (LTE, Long Term Evolution) system, LTE Frequency Division Duplexing (FDD) (FDD, Frequency Division Duplex) system, LTE time division duplex (TDD, Time Division Duplex), universal mobile telecommunications system (UMTS, Universal Mobile Telecommunication System) etc.
User, also can be referred to as subscriber equipment (UE, User Equipment), mobile terminal (Mobile Terminal), mobile subscriber equipment etc., can for example, through wireless access network (RAN, Radio Access Network) communicate with one or more core net, subscriber equipment can be mobile terminal, as mobile phone (or being called " honeycomb " phone) with there is the computer of mobile terminal, for example, can be portable, pocket, hand-hold type, built-in computer or vehicle-mounted mobile device, they and wireless access network exchange language and/or data.
Fig. 1 shows and describes from the angle of gateway device side, according to the indicative flowchart of the method 100 of the transmission of the service control of the embodiment of the present invention.As shown in Figure 1, the method 100 comprises:
S110, the data message that receiving end/sending end sends;
S120, sends classification request message to server, and this classification request message comprises the L34 layer information of the business of extracting from this data message;
S130, receives the classification request-reply message that this server sends, and this classification request-reply message comprises that this server is according to the control information of this definite business of this L34 layer information;
S140, according to this control information, controls the transmission of this business.
Gateway device is receiving after the data message of transmitting terminal transmission, can be according to this data message, obtain the L34 layer information of business, and send and comprise the classification request message of this L34 layer information to server, server can be determined according to this L34 layer information the control information of this business, and send the classification request-reply message that comprises this control information to this gateway device, receiving after the classification request-reply message of this server transmission, can, according to this control information, the transmission of this business be controlled.
According to the method for the transmission of the service control of the embodiment of the present invention, can be according to L34 layer information, all business including the non-type of service of browsing class and encryption are controlled, for example, mutual by gateway device and server, if based on Internet protocol (IP, Internet Procotol) address controls the transmission of this business, can reach all objects of controlling by the business of this IP address transfer including the non-type of service of browsing class and encryption.If the transmission of this business is controlled based on port, can realize the software or the instrument that use particular port to carry out business transmission to some and control, no matter this Software deployment is at what server, the control of can classifying.
Meanwhile, for gate performance, because only need to carry out SPI to data message just can obtain L34 layer information, therefore reduce the requirement of the performance to gateway, reduced the impact on gate performance.
Server can receive the L34 layer information of illegal website and the black and white lists list of categorical attribute that its tracking is confirmed that record of government or the transmission of other network supervision departments, can also pass through some self-defining web analytics algorithms, take the mode of traversal to externally providing the website of service to conduct interviews in existing network, carry out categorical attribute analysis based on visit data, the final categorical attribute of confirming this website, by these L34 layer information and categorical attribute are imported to black and white lists database, can maintain the continuous updating of black and white lists data.
Therefore, according to the method for the transmission of the service control of the embodiment of the present invention, determine the control information of this business by being arranged on the server of gateway device outside, gateway device is controlled the transmission of this business according to this control information, can realize all business including the non-type of service of browsing class and encryption are controlled, reduce impact gateway device performance being caused because of configuration L34 filter, and can maintain the continuous updating of black and white lists data, reduce the workload of network operation.
In embodiments of the present invention, L34 layer can comprise L3 layer, or L4 layer, or L3 layer and L4 layer.L3 layer information can comprise open system interconnection (OSI, Open System Interconnect) Internet protocol (IP of network layer in network model, Internet Procotol) address information, L4 layer information can comprise transmission control protocol/User Datagram Protoco (UDP) (TCP/UDP, Transfer Control Protocol/User Datagram Protocol) port information of the transport layer in OSI network model.Therefore, L34 layer information can comprise the information such as IP address, port of the service server that transmits this business.
Server also can be called content filter server, third-party server, is arranged on gateway device outside, independent mutually with gateway device.
Gateway device can comprise GGSN, PDSN and Wimax access service network (WASN, Wimax Access Service Network) etc., the gateway device that should be understood that the embodiment of the present invention can also comprise can be realized service set convergent point and can realize the network element that the Business Stream of end-user access is carried out to Context resolution and control in other networks.
The transmission of business between subscriber equipment and service server need to be passed through gateway device, and, the data message of same business (for example, the data message of this business that the data message of this business that subscriber equipment sends and service server occur) the L34 layer information that comprises is identical, therefore, transmitting terminal in the embodiment of the present invention can be subscriber equipment, can be also service server.
In embodiments of the present invention, server can comprise categorical attribute or the control strategy of business according to the definite classification request-reply message of L34 layer information, and wherein categorical attribute can comprise door, science and technology, social activity, politics, pornographic, violence, gambling etc.Control strategy can comprise normal access, block, is redirected to the prompting page etc.For door, science and technology, social activity etc., control strategy can correspond to normal access etc.; For politics, pornographic, violence, gambling etc., control strategy can correspond to block or be redirected to reminds the page etc.Should understand, above-mentioned categorical attribute in the embodiment of the present invention and the title of control strategy with and concise and to the point description just for reader understands the embodiment of the present invention better, the present invention is not limited to this, and, the concrete meaning of above-mentioned categorical attribute and control strategy, should understand in conjunction with the concrete operations of describing in the embodiment of the present invention.
For a certain categorical attribute, different users can have identical control strategy, also can have different control strategies, and for example, for the business of pornographic attribute, all users' control strategy can be obstruction.For the business of social attribute, if customization this business, control strategy can be for passing through, if this business of user's un-customized, control strategy can be for blocking.Therefore, different users may have different control strategies because of the difference of CAMEL-Subscription-Information, according to the method for the transmission of the service control of the embodiment of the present invention, can also determine on the basis of categorical attribute, further determine control strategy according to user's CAMEL-Subscription-Information and user ID, to realize, different user flexibility is formulated to different control strategies.
In the present embodiment, for a certain categorical attribute, if net in all users control strategy all identical (for example, for the business of pornographic attribute, all users' control strategy is obstruction), gateway device or server, only according to the categorical attribute of business, just can be determined the control strategy of this business.For example, if different user (is had to different control strategies, for the business of social attribute, different users may have different control strategies because of the difference of CAMEL-Subscription-Information), gateway device and server need to and transmit the user ID of the subscriber equipment of this business according to the categorical attribute of business, for this user formulates Service control strategy.
Specifically, in the case of the control strategy of all users in net is all identical, the classification request message that gateway device sends to server can only comprise the L34 layer information of this business, and the classification request-reply message that this server that gateway device receives sends can comprise the categorical attribute of this business, also can comprise the control strategy of this business.
In the case of different user being had different control strategies, if the classification request message that gateway device sends to server only comprises the L34 layer information of business, server only can be based on this L34 layer information, determine the categorical attribute of this business, gateway device also needs further according to this categorical attribute and transmits the user ID of the subscriber equipment of this business, for this user formulates control strategy.If the classification request message that gateway device sends to server comprises the user ID of the L34 layer information of business and the subscriber equipment of this business of transmission, server can be based on this L34 layer information, determine the categorical attribute of this business, and further formulate control strategy according to user ID for this user, thereby gateway device can directly be controlled to the transmission of business according to this control strategy.Below, omit the explanation to same or similar situation.
Therefore, alternatively, in embodiments of the present invention, gateway device can also be according to data message, obtains the user ID of the subscriber equipment of this business of transmission.The classification request message that gateway device sends to server can comprise the L34 layer information of this business, also can comprise L34 layer information and user ID, and, the classification request-reply message that the server that gateway device receives sends can comprise the categorical attribute of this business, also can comprise the control strategy of this business.
Specifically, in the time that this classification request-reply message comprises the categorical attribute of this business, gateway device can, according to this categorical attribute, be determined control strategy, and according to this control strategy, the transmission of this business is controlled.Therefore, this is controlled the transmission of this business according to this control information, can comprise:
The categorical attribute of this business comprising according to this control information, determines the control strategy of this business;
According to this control strategy, the transmission of this business is controlled.
Alternatively, in embodiments of the present invention, gateway device can also, further according to this L34 layer information and user ID, be determined the control strategy of this business.Therefore, this is controlled the transmission of this business according to this control information, can comprise:
The categorical attribute of this business comprising according to this control information, and the user ID of extracting from this data message, determine the control strategy of this business;
According to this control strategy, the transmission of this business is controlled.
In the time that this classification request-reply message comprises the control strategy of this business, gateway device can be controlled the transmission of this business according to this control strategy.Therefore, this is controlled the transmission of this business according to this control information, can comprise:
The control strategy of this business comprising according to this control information, controls the transmission of this business.
In embodiments of the present invention, this control strategy can be that the L34 layer information that server comprises according to this classification request message is determined, can be also that L34 layer information and the user ID that server comprises according to this classification request message determined.Therefore, this is controlled the transmission of this business according to this control information, can comprise:
The control strategy of this business comprising according to this business control information, controls the transmission of this business, and this control strategy is that the user ID of extracting from this data message that this server comprises according to this L34 layer information and this classification request message is determined.
Specifically, in embodiments of the present invention, in the case of determining the control strategy of this business according to the user's of this business of transmission CAMEL-Subscription-Information, the subscriber policy database that comprises relation between user ID and the dynamic programming of business black and white lists can be set in gateway device or content filter.
In the time that subscriber policy database is arranged in gateway device, gateway device can send to server by L34 layer information, server is determined the categorical attribute of this business according to this L34 layer information, and this categorical attribute is handed down to gateway device, gateway device can obtain according to data message the user ID of the subscriber equipment of this business of transmission, and based on this user ID inquiring user policy database, determine the control strategy that this subscriber equipment should be carried out for this categorical attribute, control (for example, block or pass through) according to this control strategy.
In the time that subscriber policy database is arranged in server, gateway device can send to server by L34 layer information and user ID, first server determines the categorical attribute of business according to this L34 layer information, then based on user ID inquiring user policy database, determine the control strategy (such as blocking or passing through) that this subscriber equipment should be carried out for this categorical attribute, then this control strategy is issued to gateway device, so that gateway device is controlled.
Therefore, according to the method for the transmission of the service control of the embodiment of the present invention, can, according to user ID, based on subscriber policy CAMEL-Subscription-Information, obtain the dynamic programming of a large amount of black and white lists, thereby can realize, different user flexibility be formulated to different control strategies.
In embodiments of the present invention, user ID (USER ID) can comprise mobile subscriber cellphone number (MSISDN, Mobile Subscriber Integrated Services Digital Network), IMSI International Mobile Subscriber Identity (IMSI, International Mobile Station Equipment Identity) and the information such as International Mobile Station Equipment Identity (IMEI, International Mobile Subscriber Identity).The user ID that should be understood that the embodiment of the present invention is not limited to above information, and the cell that other can unique embodiment user ID all falls in the scope of the embodiment of the present invention.
Fig. 2 show from server side describe, according to the indicative flowchart of the method 200 of the transmission of the service control of the embodiment of the present invention.As shown in Figure 2, the method 200 comprises:
S210, receives gateway device and sends classification request message, and this classification request message comprises the L34 layer information of the business that this gateway device extracts from data message;
S220, according to this L34 layer information, determines the control information of this business;
S230, sends classification request-reply message to this gateway device, and this classification request-reply message comprises this control information, so that this gateway device, according to this control information, is controlled the transmission of this business.
Gateway device is receiving after the data message of transmitting terminal transmission, can be according to this data message, obtain the L34 layer information of business, and send and comprise the classification request message of this L34 layer information to server, server can be determined according to this L34 layer information the control information of this business, and send the classification request-reply message that comprises this control information to this gateway device, receiving after the classification request-reply message of this server transmission, can, according to this control information, the transmission of this business be controlled.
According to the method for the transmission of the service control of the embodiment of the present invention, can be according to L34 layer information, all business including the non-type of service of browsing class and encryption are controlled, for example, mutual by gateway device and server, if based on Internet protocol (IP, Internet Procotol) address controls the transmission of this business, can reach all objects of controlling by the business of this IP address transfer including the non-type of service of browsing class and encryption.If the transmission of this business is controlled based on port, can realize the software or the instrument that use particular port to carry out business transmission to some and control, no matter this Software deployment is at what server, the control of can classifying.
Meanwhile, for gate performance, because only need to carry out SPI to data message just can obtain L34 layer information, therefore reduce the requirement of the performance to gateway, reduced the impact on gate performance.
Server can receive the L34 layer information of illegal website and the black and white lists list of categorical attribute that its tracking is confirmed that record of government or the transmission of other network supervision departments, can also pass through some self-defining web analytics algorithms, take the mode of traversal to externally providing the website of service to conduct interviews in existing network, carry out categorical attribute analysis based on visit data, the final categorical attribute of confirming this website, by these L34 layer information and categorical attribute are imported to black and white lists database, can maintain the continuous updating of black and white lists data.
Therefore, according to the method for the transmission of the service control of the embodiment of the present invention, determine the control information of this business by being arranged on the server of gateway device outside, gateway device is controlled the transmission of this business according to this control information, can realize all business including the non-type of service of browsing class and encryption are controlled, reduce impact gateway device performance being caused because of configuration L34 filter, and can maintain the continuous updating of black and white lists data, reduce the workload of network operation.
In embodiments of the present invention, L34 layer can comprise L3 layer, or L4 layer, or L3 layer and L4 layer.L3 layer information can comprise the IP address information of the network layer in OSI network model, and L4 layer information can comprise the TCP/UDP port information in OSI network model.Therefore, L34 layer information can comprise the information such as IP address, port of the service server that transmits this business.
Alternatively, in embodiments of the present invention, gateway device can also be according to data message, obtains the user ID of the subscriber equipment of this business of transmission.The classification request message that gateway device sends to server can comprise the L34 layer information of this business, also can comprise this L34 layer information and user ID, and, the classification request-reply message that the server that gateway device receives sends can comprise the categorical attribute of this business, also can comprise the control strategy of this business.
Specifically, when the classification request message that the gateway device receiving when server sends comprises the L34 layer information of this business, server can be determined according to this L34 layer information the categorical attribute of this business.Therefore, this,, according to this L34 layer information, determines the control information of this business, comprising:
According to this L34 layer information, determine the control information of this business of the categorical attribute that comprises this business.
And when the classification request message that the gateway device receiving when server sends comprises the L34 layer information of this business, server can also be determined according to this L34 layer information the control strategy of this business.Therefore, this,, according to this L34 layer information, determines the control information of this business, comprising:
According to this L34 layer information, determine the control information of this business of the control strategy that comprises this business.
When the classification request message that the gateway device receiving when server sends comprises the L34 layer information of this business and user ID, server can be determined according to this L34 layer information and user ID the control strategy of this business.Therefore, this,, according to this L34 layer information, determines the control information of this business, comprising:
According to this L34 layer information, and the user ID extracted from this data message of this gateway device of comprising of this classification request message, determine the control information of this business of the control strategy that comprises this business.
Specifically, in embodiments of the present invention, in the case of determining the control strategy of this business according to the user's of this business of transmission CAMEL-Subscription-Information, the subscriber policy database that comprises relation between user ID and the dynamic programming of business black and white lists can be set in gateway device or content filter.
In the time that subscriber policy database is arranged in gateway device, gateway device can send to server by L34 layer information, server is determined the categorical attribute of this business according to this L34 layer information, and this categorical attribute is handed down to gateway device, gateway device can obtain according to data message the user ID of the subscriber equipment of this business of transmission, and based on this user ID inquiring user policy database, determine the control strategy that this subscriber equipment should be carried out for this categorical attribute, control (for example, block or pass through) according to this control strategy.
In the time that subscriber policy database is arranged in server, gateway device can send to server by L34 layer information and user ID, first server determines the categorical attribute of business according to this L34 layer information, then based on user ID inquiring user policy database, determine the control strategy (such as blocking or passing through) that this subscriber equipment should be carried out for this categorical attribute, then this control strategy is issued to gateway device, so that gateway device is controlled.
Therefore, according to the method for the transmission of the service control of the embodiment of the present invention, can, according to user ID, based on subscriber policy CAMEL-Subscription-Information, obtain the dynamic programming of a large amount of black and white lists, thereby can realize, different user flexibility be formulated to different control strategies.
In embodiments of the present invention, user ID can comprise the information such as MSISDN, IMSI, IMEI.The user ID that should be understood that the embodiment of the present invention is not limited to above information, and the cell that other can unique embodiment user ID all falls in the scope of the embodiment of the present invention.
Fig. 3 shows according to the interaction figure of the method for the transmission of the service control of the embodiment of the present invention.Below, using IP address as L34 layer information, describe as gateway device using GGSN.As Fig. 3 shows, in S301, GGSN receives the data message of UE or service server transmission.
In S302, GGSN is receiving after the data message of business, can obtain based on SPI technology the L34 layer information of this business, for example IP address, therefore GGSN only needs data message to carry out shallow parsing, thereby reduce the requirement to gateway device, and, the impact on gateway device performance can be reduced.
Alternatively, GGSN can also be according to data message, obtains USER ID.Specifically, gateway can be this UE distribute data message and USER ID in the time that UE activates, to identify uniquely this UE, and, gateway can be notified the USER ID index of periphery network element for uplink data messages (UE sends the data message that is given to service server), set up the inquiry of the UE based on a UE IP address list item, for the USER ID index of downlink data message (sending to the data message of UE from service server).Uplink data messages is selected the contextual information of this business of carrying by UE, final data message can carry the ID that gateway is this UE distribution in the time that UE activates after sending to gateway in message header field, the context of gateway based on the local preservation of this ID index, thus USER ID obtained.The contextual information that downlink message carries this business by gateway device based on UE ID address choice obtains USER ID.The data message that should be understood that carrying USERID can be the same or different with the data message of carrying L34 layer information, and the present invention is also not particularly limited.
Alternatively, GGSN is receiving after the data message of business, can first determine whether to carry out the filtration based on L34 layer information to this business, specifically, can be in strategic server buffer memory transmit the CAMEL-Subscription-Information whether UE of this business needs to carry out the filtration based on L34 layer information, and in the time that this UE activates, strategic server can be according to this CAMEL-Subscription-Information, whether notice GGSN needs this business to carry out the filtration based on L34 layer information, if unlatching content filtering function, in the transmitting procedure of this business, GGSN and outside server carry out alternately.And, can also in gateway device, increase an overall situation or based on APN (APN, Access Point Name) configuration, whether need to carry out the filtration based on L34 layer information with the UE that determines this business of transmission, in the time that UE activates, based on this configuration, determine whether to carry out the filtration based on L34 layer information to this business, if unlatching content filtering function, in Operational Visit process, GGSN and outside server carry out alternately.Therefore, can, in the starting stage of controlling according to user signing contract information, determine the control mode to business, thereby can control neatly, improve the efficiency of the transmission of business.
In S303, GGSN can send classification request message to server, and wherein, this classification request message can comprise IP address, also can comprise IP address and USER ID.
In S304, server can be according to this classification request message, determine classification request-reply message, specifically, in the time that classification request message comprises IP address, server can contrast the IP address of illegal website and the black and white lists list of categorical attribute, it is Categorical data storehouse, determine the categorical attribute of this business, according to this categorical attribute, determine uniformly the control strategy to this business for netting interior all UE, for example, for door, science and technology, social activity etc., gateway device or server can correspond to its control strategy normal access etc.; For politics, pornographic, violence, gambling etc., gateway device or server can correspond to its control strategy to block or be redirected to reminds the page etc.And, in the time that classification request message comprises IP address and USER ID, first server can contrast the IP address of illegal website and the list of categorical attribute, determine the categorical attribute of this business, then based on USER ID inquiring user policy database, determine the control strategy that should carry out for this categorical attribute.
In S305, server can send this classification request-reply message to GGSN, and wherein, this classification request-reply message can comprise the categorical attribute of this business, also can comprise the control strategy of this business.
In S306, GGSN can, according to this classification request-reply message, determine the control strategy to this business, specifically, in the time that this classification request-reply message comprises the control strategy of this business, GGSN can directly extract this control strategy from this classification request-reply message.And, in the time that this classification request-reply message comprises the categorical attribute of this business, GGSN can, according to this categorical attribute, determine the control strategy to this business, also can, based on USER ID inquiring user policy database, determine the control strategy that should carry out for this categorical attribute.
In S307, GGSN is according to this control strategy, and service control is transmitted between UE and service server.
Therefore, according to the method for the transmission of the service control of the embodiment of the present invention, determine the control information of this business by being arranged on the server of gateway device outside, gateway device is controlled the transmission of this business according to this control information, can realize all business including the non-type of service of browsing class and encryption are controlled, reduce impact gateway device performance being caused because of configuration L34 filter, and can maintain the continuous updating of black and white lists data, reduce the workload of network operation.
And, can, according to user ID, based on subscriber policy CAMEL-Subscription-Information, obtain the dynamic programming of a large amount of black and white lists, thereby can realize, different subscriber equipmenies is formulated to different control strategies flexibly.
Above, in conjunction with Fig. 1 to Fig. 3, describe in detail according to the method for the transmission of the service control of the embodiment of the present invention, below in conjunction with Fig. 4 to Fig. 5, describe in detail according to the device of the transmission of the service control of the embodiment of the present invention.
Fig. 4 shows according to the schematic block diagram of the device 400 of the transmission of the service control of the embodiment of the present invention.As shown in Figure 4, this device 400 comprises:
The first receiving element 410, the data message sending for receiving end/sending end;
Transmitting element 420, for send classification request message to server, this classification request message comprises the L34 layer information of the business of extracting from this data message;
The second receiving element 430, the classification request-reply message sending for receiving this server, this classification request-reply message comprises that this server is according to the control information of this definite business of this L34 layer information;
Control unit 440, for according to this control information, controls the transmission of this business.
Therefore, according to the device of the transmission of the service control of the embodiment of the present invention, determine the control information of this business by being arranged on the server of gateway device outside, gateway device is controlled the transmission of this business according to this control information, can realize all business including the non-type of service of browsing class and encryption are controlled, reduce impact gateway device performance being caused because of configuration L34 filter, and can maintain the continuous updating of black and white lists data, reduce the workload of network operation.
In embodiments of the present invention, the classification request-reply message that the second receiving element 430 receives can comprise the categorical attribute of this business, can comprise the control strategy of this business.Therefore, in the time that classification request-reply message comprises the categorical attribute of this business,
This control unit 440, also for the categorical attribute of this business of comprising according to this control information, is determined the control strategy of this business; And
For according to this control strategy, the transmission of this business is controlled.
Alternatively, in embodiments of the present invention, gateway device can also, further according to this L34 layer information and user ID, be determined the control strategy of this business.Therefore,
This control unit is also for the categorical attribute of this business of comprising according to this control information, and the user ID of extracting from this data message, determines the control strategy of this business; And
For according to this control strategy, the transmission of this business is controlled.
In embodiments of the present invention, this control strategy can be that the L34 layer information that server comprises according to this classification request message is determined.Therefore,
This control unit also, for the control strategy of this business of comprising according to this control information, is controlled the transmission of this business.
In embodiments of the present invention, this control strategy can be also that L34 layer information and the user ID that server comprises according to this classification request message determined.Therefore,
This control unit is also for the control strategy of this business of comprising according to this business control information, transmission to this business is controlled, and this control strategy is that the user ID of extracting from this data message that this server comprises according to this L34 layer information and this classification request message is determined.
Therefore, according to the device of the transmission of the service control of the embodiment of the present invention, can be according to user ID, based on subscriber policy CAMEL-Subscription-Information, obtain the dynamic programming of a large amount of black and white lists, thereby can realize, different subscriber equipmenies is formulated to different control strategies flexibly.
And in embodiments of the present invention, this L34 layer information can comprise the information such as IP address, port of the service server that this business is provided.
This user ID can comprise the information such as MSISDN, IMSI and IMEI.
Can for example, corresponding to the gateway device in the method for the embodiment of the present invention (GGSN) according to the device 400 of the transmission of the service control of the embodiment of the present invention, and, each unit in the device 400 of the transmission of this service control and above-mentioned other operations and/or function are respectively in order to realize the corresponding flow process of the method 100 in Fig. 1, for simplicity, do not repeat them here.
Fig. 5 shows according to the schematic block diagram of the device 500 of the transmission of the service control of the embodiment of the present invention.As shown in Figure 5, this device 500 comprises:
Receiving element 510, sends classification request message for receiving gateway device, and this classification request message comprises the L34 layer information of the business that this gateway device extracts from data message;
Determining unit 520, for according to this L34 layer information, determines the control information of this business;
Transmitting element 530, for send classification request-reply message to this gateway device, this classification request-reply message comprises this control information that this determining unit 520 is determined, so that this gateway device, according to this control information, is controlled the transmission of this business.
Therefore, according to the device of the transmission of the service control of the embodiment of the present invention, determine the control information of this business by being arranged on the server of gateway device outside, gateway device is controlled the transmission of this business according to this control information, can realize all business including the non-type of service of browsing class and encryption are controlled, reduce impact gateway device performance being caused because of configuration L34 filter, and can maintain the continuous updating of black and white lists data, reduce the workload of network operation.
When the classification request message that the gateway device receiving when server sends comprises the L34 layer information of this business, server can be determined according to this L34 layer information the categorical attribute of this business.Therefore,
This determining unit 520 also, for according to this L34 layer information, is determined the control information of this business of the categorical attribute that comprises this business.
And when the classification request message that the gateway device receiving when server sends comprises the L34 layer information of this business, server can also be determined according to this L34 layer information the control strategy of this business.Therefore,
This determining unit 520 also, for according to this L34 layer information, is determined the control information of this business of the control strategy that comprises this business.
When the classification request message that the gateway device receiving when server sends comprises the L34 layer information of this business and user ID, server can be determined according to this L34 layer information and user ID the control strategy of this business.Therefore,
This determining unit 520 is also for according to this L34 layer information, and this classification request message comprises the user ID that this gateway device extracts from data message, determines the control information of this business of the control strategy that comprises this business.
Therefore, according to the device of the transmission of the service control of the embodiment of the present invention, can, based on subscriber policy CAMEL-Subscription-Information, obtain the dynamic programming of a large amount of black and white lists, thereby can realize, different subscriber equipmenies be formulated to different control strategies flexibly.
The L34 layer information of this business that the classification request message that the gateway device that in embodiments of the present invention, receiving element 510 receives sends comprises can comprise the information such as IP address, port of the service server that this business is provided.
The user ID that the classification request message that the gateway device that receiving element 510 receives sends comprises can comprise the information such as MSISDN, IMSI and IMEI.
Can be corresponding to the server in the method for the embodiment of the present invention according to the device 500 of the transmission of the service control of the embodiment of the present invention, and, each unit in the device 500 of the transmission of this service control and above-mentioned other operations and/or function are respectively in order to realize the corresponding flow process of the method 200 in Fig. 2, for simplicity, do not repeat them here.
Above, in conjunction with Fig. 1 to Fig. 5, describe in detail according to the method and apparatus of the transmission of the service control of the embodiment of the present invention, below in conjunction with Fig. 6, describe in detail according to the system of the transmission of the service control of the embodiment of the present invention.
Fig. 6 shows according to the schematic block diagram of the system 600 of the transmission of the service control of the embodiment of the present invention.As shown in Figure 6, this system 600 comprises: according to the device 400 of the embodiment of the present invention with according to the device 500 of the embodiment of the present invention.
This device 400 comprises: the first receiving element 410, the data message sending for receiving end/sending end; Transmitting element 420, for send classification request message to server, this classification request message comprises the L34 layer information of the business of extracting from this data message; The second receiving element 430, the classification request-reply message sending for receiving this server, this classification request-reply message comprises that this server is according to the control information of this definite business of this L34 layer information; Control unit 440, for according to this control information, controls the transmission of this business.
This device 500 comprises: receiving element 510, send classification request message for receiving gateway device, and this classification request message comprises the L34 layer information of the business that this gateway device extracts from data message; Determining unit 520, for according to this L34 layer information, determines the control information of this business; Transmitting element 530, for send classification request-reply message to this gateway device, this classification request-reply message comprises this control information that this determining unit 520 is determined, so that this gateway device, according to this control information, is controlled the transmission of this business.
Therefore, according to the system of the transmission of the service control of the embodiment of the present invention, determine the control information of this business by being arranged on the server of gateway device outside, gateway device is controlled the transmission of this business according to this control information, can realize all business including the non-type of service of browsing class and encryption are controlled, reduce impact gateway device performance being caused because of configuration L34 filter, and can maintain the continuous updating of black and white lists data, reduce the workload of network operation.
Said apparatus 400 can be corresponding to the gateway device in the method for the embodiment of the present invention, and the each unit in this device 400 and above-mentioned other operations and/or function are respectively in order to realize the corresponding flow process of the method 100 in Fig. 1.Said apparatus 500 can be corresponding to the server in the method for the embodiment of the present invention, and, the each unit in this device 500 and above-mentioned other operations and/or function respectively for the corresponding flow process that realizes the method 200 in Fig. 2 for simplicity, do not repeat them here.
And, in various embodiment of the present invention, the size of the sequence number of above-mentioned each process does not also mean that the priority of execution sequence, and the execution sequence of each process should determine with its function and internal logic, and should not form any restriction to the implementation process of the embodiment of the present invention.
Those of ordinary skill in the art can recognize, unit and the algorithm steps of each example of describing in conjunction with embodiment disclosed herein, can realize with the combination of electronic hardware or computer software and electronic hardware.These functions are carried out with hardware or software mode actually, depend on application-specific and the design constraint of technical scheme.Professional and technical personnel can realize described function with distinct methods to each specifically should being used for, but this realization should not thought and exceeds scope of the present invention.
Those skilled in the art can be well understood to, and for convenience and simplicity of description, the specific works process of the system of foregoing description, device and unit, can, with reference to the corresponding process in preceding method embodiment, not repeat them here.
In the several embodiment that provide in the application, should be understood that disclosed system, apparatus and method can realize by another way.For example, device embodiment described above is only schematic, for example, the division of described unit, be only that a kind of logic function is divided, when actual realization, can have other dividing mode, for example multiple unit or assembly can in conjunction with or can be integrated into another system, or some features can ignore, or do not carry out.Another point, shown or discussed coupling each other or direct-coupling or communication connection can be by some interfaces, indirect coupling or the communication connection of device or unit can be electrically, machinery or other form.
The described unit as separating component explanation can or can not be also physically to separate, and the parts that show as unit can be or can not be also physical locations, can be positioned at a place, or also can be distributed in multiple network element.Can select according to the actual needs some or all of unit wherein to realize the object of the present embodiment scheme.
In addition, the each functional unit in each embodiment of the present invention can be integrated in a processing unit, can be also that the independent physics of unit exists, and also can be integrated in a unit two or more unit.
If described function realizes and during as production marketing independently or use, can be stored in a computer read/write memory medium using the form of SFU software functional unit.Based on such understanding, the part that technical scheme of the present invention contributes to prior art in essence in other words or the part of this technical scheme can embody with the form of software product, this computer software product is stored in a storage medium, comprise that some instructions (can be personal computers in order to make a computer equipment, server, or the network equipment etc.) carry out all or part of step of method described in each embodiment of the present invention.And aforesaid storage medium comprises: USB flash disk, portable hard drive, read-only memory (ROM, Read-Only Memory), the various media that can be program code stored such as random access memory (RAM, Random Access Memory), magnetic disc or CD.
The above; be only the specific embodiment of the present invention, but protection scope of the present invention is not limited to this, any be familiar with those skilled in the art the present invention disclose technical scope in; can expect easily changing or replacing, within all should being encompassed in protection scope of the present invention.Therefore, protection scope of the present invention should described be as the criterion with the protection range of claim.
Claims (13)
1. a method for the transmission of service control, is characterized in that, described method comprises:
The data message that receiving end/sending end sends;
Send classification request message to server, described classification request message comprises the L34 layer information of the business of extracting from described data message;
Receive the classification request-reply message that described server sends, described classification request-reply message comprises that described server is according to the control information of the definite described business of described L34 layer information;
According to described control information, the transmission of described business is controlled, wherein
Described according to described control information, the transmission of described business is controlled, comprising:
The categorical attribute of the described business comprising according to described control information, and the user ID of extracting from described data message, determine the control strategy of described business, according to described control strategy, the transmission of described business controlled; Or
The control strategy of the described business comprising according to described business control information, transmission to described business is controlled, and the described control strategy user ID of extracting from described data message that to be described server comprise according to described L34 layer information and described classification request message is determined.
2. method according to claim 1, is characterized in that, described user ID comprises at least one in mobile subscriber cellphone number MSISDN, IMSI International Mobile Subscriber Identity IMSI and International Mobile Station Equipment Identity IMEI.
3. method according to claim 1, is characterized in that, described L34 layer information comprises at least one in server Internet protocol IP address and Service-Port.
4. a method for the transmission of service control, is characterized in that, described method comprises:
Receive gateway device and send classification request message, described classification request message comprises the L34 layer information of the business that described gateway device extracts from data message;
According to described L34 layer information, determine the control information of described business;
Send classification request-reply message to described gateway device, described classification request-reply message comprises described control information, so that described gateway device, according to described control information, is controlled the transmission of described business, wherein
Describedly determine the control information of described business according to described L34 layer information, comprising:
According to described L34 layer information, determine the control information of the described business of the categorical attribute that comprises described business; Or
According to described L34 layer information, and the user ID extracted from described data message of the described gateway device that comprises of described classification request message, determine the control information of the described business of the control strategy that comprises described business.
5. method according to claim 4, is characterized in that, described user ID comprises at least one in mobile subscriber cellphone number MSISDN, IMSI International Mobile Subscriber Identity IMSI and International Mobile Station Equipment Identity IMEI.
6. method according to claim 4, is characterized in that, described L34 layer information comprises at least one in server Internet protocol IP address and Service-Port.
7. a device for the transmission of service control, is characterized in that, described device comprises:
The first receiving element, the data message sending for receiving end/sending end;
Transmitting element, for send classification request message to server, described classification request message comprises the L34 layer information of the business of extracting from described data message;
The second receiving element, the classification request-reply message sending for receiving described server, described classification request-reply message comprises that described server is according to the control information of the definite described business of described L34 layer information;
Control unit, for according to described control information, controls the transmission of described business, wherein
Described control unit is specifically for the categorical attribute of the described business that comprises according to described control information, with the user ID of extracting from described data message, determine the control strategy of described business, according to described control strategy, the transmission of described business is controlled; Or
Described control unit is specifically for the control strategy of the described business that comprises according to described business control information, transmission to described business is controlled, and the described control strategy user ID of extracting from described data message that to be described server comprise according to described L34 layer information and described classification request message is determined.
8. device according to claim 7, is characterized in that, described user ID comprises at least one in mobile subscriber cellphone number MSISDN, IMSI International Mobile Subscriber Identity IMSI and International Mobile Station Equipment Identity IMEI.
9. device according to claim 7, is characterized in that, described L34 layer information comprises at least one in server Internet protocol IP address and Service-Port.
10. a device for the transmission of service control, is characterized in that, described device comprises:
Receiving element, sends classification request message for receiving gateway device, and described classification request message comprises the L34 layer information of the business that described gateway device extracts from data message;
Determining unit, for according to described L34 layer information, determines the control information of described business;
Transmitting element, for send classification request-reply message to described gateway device, described classification request-reply message comprises the described control information that described determining unit is determined, so that described gateway device is according to described control information, transmission to described business is controlled, wherein
Described determining unit, specifically for according to described L34 layer information, is determined the control information of the described business of the categorical attribute that comprises described business; Or
According to described L34 layer information, and described classification request message comprises the user ID that described gateway device extracts from data message, the control information of the described business of definite control strategy that comprises described business.
11. devices according to claim 10, is characterized in that, described user ID comprises at least one in mobile subscriber cellphone number MSISDN, IMSI International Mobile Subscriber Identity IMSI and International Mobile Station Equipment Identity IMEI.
12. devices according to claim 10, is characterized in that, described L34 layer information comprises at least one in server Internet protocol IP address and Service-Port.
The system of the transmission of 13. 1 kinds of service controls, is characterized in that, described system comprises:
The device of the transmission of the service control in claim 7 to 9 described in any one; With
The device of the transmission of the service control in claim 10 to 12 described in any one.
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/CN2011/083722 WO2013082793A1 (en) | 2011-12-08 | 2011-12-08 | Method, device and system for controlling service transmission |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102630376A CN102630376A (en) | 2012-08-08 |
| CN102630376B true CN102630376B (en) | 2014-11-05 |
Family
ID=46588267
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201180003320.7A Active CN102630376B (en) | 2011-12-08 | 2011-12-08 | Method, apparatus and system for transferring control service |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN102630376B (en) |
| WO (1) | WO2013082793A1 (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106789587B (en) * | 2016-12-28 | 2021-05-18 | 国家计算机网络与信息安全管理中心 | Communication device and method for reliable message in cloud computing environment |
| CN110024331B (en) * | 2017-01-26 | 2021-11-19 | 华为技术有限公司 | Data protection method, device and system |
| CN110324284B (en) * | 2018-03-30 | 2020-10-27 | 华为技术有限公司 | Method and communication device for accessing IMS |
| CN111695148B (en) * | 2020-05-15 | 2023-07-04 | 浙江信网真科技股份有限公司 | Security filtering method and device for self-learning of network node |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1585444A (en) * | 2004-06-12 | 2005-02-23 | 中兴通讯股份有限公司 | Method for filtering backward frame in mobile communication system |
| CN1726671A (en) * | 2002-12-17 | 2006-01-25 | 瑞通网络公司 | Adaptive classification of network traffic |
| CN1801760A (en) * | 2005-01-05 | 2006-07-12 | 阿尔卡特公司 | Method to configure a DSL connection |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8665892B2 (en) * | 2006-05-30 | 2014-03-04 | Broadcom Corporation | Method and system for adaptive queue and buffer control based on monitoring in a packet network switch |
-
2011
- 2011-12-08 WO PCT/CN2011/083722 patent/WO2013082793A1/en active Application Filing
- 2011-12-08 CN CN201180003320.7A patent/CN102630376B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1726671A (en) * | 2002-12-17 | 2006-01-25 | 瑞通网络公司 | Adaptive classification of network traffic |
| CN1585444A (en) * | 2004-06-12 | 2005-02-23 | 中兴通讯股份有限公司 | Method for filtering backward frame in mobile communication system |
| CN1801760A (en) * | 2005-01-05 | 2006-07-12 | 阿尔卡特公司 | Method to configure a DSL connection |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2013082793A1 (en) | 2013-06-13 |
| CN102630376A (en) | 2012-08-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9363388B2 (en) | Methods, systems, and computer readable media for providing targeted services to telecommunications network subscribers based on information extracted from network signaling and data traffic | |
| US9509628B2 (en) | Managing devices in a heterogeneouus network | |
| CN103051725B (en) | Application and identification method, data digging method, Apparatus and system | |
| CN103037314B (en) | The method of pocket transmission news on the mobile terminal in autonomous network | |
| JP6526834B2 (en) | Multiple security levels / traffic management across multiple network function instantiations | |
| CN102474520A (en) | Robust header compression for relay nodes | |
| CN102630376B (en) | Method, apparatus and system for transferring control service | |
| CN1839591B (en) | Method for discarding all segments corresponding to same packet in buffer | |
| CN102917443A (en) | Method and device for selecting gateway and transmitting information, and network system | |
| CN105050138A (en) | WLAN offloading using offload preference indication information | |
| Aranda et al. | 5G networks: A review from the perspectives of architecture, business models, cybersecurity, and research developments | |
| CN101309220A (en) | Flow control method and apparatus | |
| EP3096492B1 (en) | Page push method and system | |
| CN102427598A (en) | Method and device for limiting loading service in wireless communication | |
| CN102612825A (en) | Methods and apparatus for improving header compression | |
| CN105684381A (en) | Apparatus and method for lawful interception | |
| Gurusamy et al. | DDoS risk in 5G enabled IoT and solutions | |
| CN103986728A (en) | Method and device for processing user data | |
| US9130827B2 (en) | Sampling from distributed streams of data | |
| CN102075386A (en) | Identification method and device | |
| KR101740456B1 (en) | Fowarding scheme of packet in software defined network based internet of tings | |
| CN105309003A (en) | Method for managing base station and base station | |
| Chin et al. | E-BEB: enhanced binary exponential backoff algorithm for multi-hop wireless ad-hoc networks | |
| CN104813702A (en) | Method for controlling wireless local area network flow and wireless local area network gateway | |
| KR101351607B1 (en) | Methdo and apparatus for controlling packet transmission between server and a plurality of hosts, the server, and method for receiving packet from the apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |