CN103200147B - The requesting method and device of third party's business - Google Patents

The requesting method and device of third party's business Download PDF

Info

Publication number
CN103200147B
CN103200147B CN201210000761.8A CN201210000761A CN103200147B CN 103200147 B CN103200147 B CN 103200147B CN 201210000761 A CN201210000761 A CN 201210000761A CN 103200147 B CN103200147 B CN 103200147B
Authority
CN
China
Prior art keywords
business
party
node
service
terminal device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201210000761.8A
Other languages
Chinese (zh)
Other versions
CN103200147A (en
Inventor
刘光远
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201210000761.8A priority Critical patent/CN103200147B/en
Publication of CN103200147A publication Critical patent/CN103200147A/en
Application granted granted Critical
Publication of CN103200147B publication Critical patent/CN103200147B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a kind of requesting method and device of third party's business, this method includes:Business route network receives and the information of third party's business of preservation management server entity issue, wherein, the information of third party's business include third party's business task identifier and with the corresponding service node information of task identifier;Business route network receives the service request of the task identifier of carrying third party's business from terminal device, is determined and the most matched service node of the service request according to pre-defined rule according to the information of third party's business;Service request is sent to most matched service node by business route network.Solve the problems, such as not provide relevant treatment of the business route network for third party's business by the present invention, ensured the security of business route network, improved the performance of business route network.

Description

The requesting method and device of third party's business
Technical field
The present invention relates to the communications field, in particular to a kind of requesting method and device of third party's business.
Background technology
In existing communication network, circuit domain speech business or IP multimedia subsystem (IP Multimedia Subsystem, referred to as IMS) and dialogue-based initiation protocol in network (Session Initiation Protocol, referred to as SIP business) is controlled by core net.Core net can be responsible for the road of the certification of user, mandate, charging and business By well ensuring the runing of business, manageability.But in internet, non-SIP classes business is usually by client The server of direct access service provider is held to be serviced.
Fig. 1 is according to the structure diagram of the Internet service system of correlation technique, as shown in Figure 1, user equipment (User Equipment, is referred to as UE) run DNS between domain name system (Domain Name System, referred to as DNS) server Agreement, UE by DNS Protocol by the domain name of Internet service be converted into corresponding Internet protocol (Internet Protocol, Referred to as IP) address;Then, UE is using the IP address and Internet service server direct communication, connecing needed for operation business Mouth agreement, for example, the agreement such as hypertext transfer protocol (HyperText Transfer Protocol, referred to as HTTP).
When providing business using the framework shown in Fig. 1, network provider can not be controlled business procedure.In addition, mutually Networking service provider be generally deficient of close to terminal user marketing channel and charge channel, therefore its promoting service, profit mould There are problem for formula etc..Using for reference more successful short message service provider at present, (Service Provider, are referred to as SP operation experience), can build one and carry out Service control by network provider, provide the network of business route service, nothing By being that SIP business is also that non-SIP business can be route and controlled by the network, business is counted by network provider Expense and expense are withheld.
At present, IP address had not only served as addressing function in internet (Internet), but also served as mark communication apparatus node Effect, this dual-use function is determined when IP address changes, and is not only route and is changed, but also the mark of communication equipment host Knowledge is also changed, traffic affecting continuity.In order to solve this problem, IETF introduces host identity protocol (Host Identity Protocol, referred to as HIP, i.e., the host identity protocol that IETF HIP working groups define), solve equipment mark Know the binding with address.HIP require any equipment have unique host identification code in global range (Host Identifier, Referred to as HI).Host identification label (Host Identity Tag, referred to as HIT) is defined, HIT can be route using superposition to be added Close Hash identifier (Overlay Routable Cryptographic Hash Identifiers, referred to as ORCHID), ORCHID is a kind of special IPV6 addresses, it cannot function as common routable IPV6 addresses, special by being used on head The different mark of 28 distinguishes with common IPV6 addresses.The ORCHID of 128, is the Hash to host identification HI, in agreement Middle with the benefit of host identification label is that can use the interface and the convenient system with 128 IPV6 addresses of fixed length in a program One.
Fig. 2 is according to the structure diagram of the HIP network layers of correlation technique, as shown in Fig. 2, HIP agreements are for TCP/ The COMMUNICATION LAYER PROTOCOL of IP has been done and now different restrictions.In ICP/IP protocol, TCP and UDP connections are contacted with IP address Get up.And once HIP frameworks are set up, these connections are connected with regard to same host id, rather than IP address.The institute of HIP So as to being so because it changes the binding of network layer and transport layer in ICP/IP protocol, introduced between TCP, IP HIP layers (referring to Fig. 1).Among HIP frameworks, IP address still has the function of station location marker.But HI instead of IP address Device identification function.This allows for no matter how the IP address of a host converts, it can possess unique constant Mark, so as to solve the problems, such as the mobility problem of host and more caves.
HIP agreements have the packet header of oneself on IP packet header.Wherein, the implication of each field is as follows:
Next Header fields are used for the position for describing additional header, and currently without use, fixation uses metric 59 Expression does not have Next Header.
The length in Header Length explanation of field HIP packet header, is counted, 8 not comprising beginning with the integral multiple of 8 bytes Byte packet header.
Packet the type fields illustrate the type of HIP bags.
VER. the version number of explanation of field HIP agreements.
RES. field is reserved for later application, currently without use.
Checksum fields be HIP packet header verification and.
Controls fields are the fields of pack arrangement and master capability description, define only what host was sent with anonymity at present A kind of situation of mode.
Sender ' s Host Identity Tag (HIT) field description HIT of sender, the ORCHID of 128.
Receiver ' s Host Identity Tag (HIT) field description HIT of recipient, the ORCHID of 128.
The HIP parameters that HIP Parameters field descriptions HIP bags carry.
Fig. 3 is the schematic diagram that basic interaction flow is established according to the connection of the HIP agreements of correlation technique, as shown in figure 3, HIP basis interactions are the interaction of basic information between two hosts, for interacting the basic information of two host communications. HIP bases interaction flow has the interaction of four bags, and the required parameter of interaction DH key algorithms in second and the 3rd bag, is used In the negotiating about cipher key shared between two hosts, by the public key carried in second and the 3rd bag, signature and HIT recognize respectively Demonstrate,prove the identity of other side.After the completion of the interaction of four bags, end-by-end security connection is established.HIP interactions are initiated in a network The host of bag is promoter, and promoter thinks the interactive host person of being in response to, this after the basic interaction flow of four bags Difference be just not present, in subsequent communications interaction either party be all likely to become promoter, notify other side oneself state Change.In first bag I1 that promoter initiates, the only host identification label comprising promoter and the host identification of respondent Label.Start actual information interactive process in second bag R1 that respondent sends.Contained in second bag R1 Secret challenge (being used for the threat for reducing Denial of Service attack) to promoter, initiator must be responsive to this challenge, and interaction is It can continue.In the 3rd bag I2 that sender sends, response of the sender to secret challenge in R1 bags is contained.Respondent sends out The 4th bag R2 sent includes the signature of respondent, while terminates the HIP bases interaction flow of four bags.
In the related art, there is provided a kind of distributed Service control network, i.e. business route network, to provide industry Business routing function.In business route network, charging is carried out to business by network provider and expense is withheld.But in business In route network, application server may provide for third party business provider, but in the related art, industry is not provided with Route network of being engaged in is directed to the relevant treatment of third party's business, and third party's business generally existing in current practical application, institute With, it is necessary to the solution that a kind of business route network is directed to third party's business is provided.
The content of the invention
For do not have in correlation technique offer business route network be directed to third party's business relevant treatment the problem of, this hair It is bright to provide a kind of request program of third party's business, at least to solve the above problems.
To achieve these goals, according to an aspect of the invention, there is provided a kind of requesting method of third party's business.
The requesting method of third party's business according to the present invention, including:Business route network receives and preservation management service The information of third party's business of device entity issued, wherein, the information of third party's business includes the task identifier of third party's business With with the corresponding service node information of task identifier;Business route network receives carrying third party's industry from terminal device The service request of the task identifier of business, determines with the service request most according to the information of third party's business according to pre-defined rule The service node matched somebody with somebody;Service request is sent to most matched service node by business route network.
Preferably, business route network receives the business of the task identifier of carrying third party's business from terminal device Before request, this method further includes:Access node in business route network receives the credible connection from terminal device and establishes Request;Access node establishes in request and business route network the user information of the terminal device stored to end according to credible connection End equipment is authenticated, and establishes the credible connection of access node and terminal device.
Preferably, business route network receives the business of the task identifier of carrying third party's business from terminal device Before request, this method further includes:Access node in business route network receives the HIP bags from terminal device;Access section Point is authenticated terminal device according to the user information of the terminal device stored in HIP bags and business route network, and establishes The HIP of access node and terminal device connections.
Preferably, business route network is determined with the service request most according to the information of third party's business according to pre-defined rule Matched service node includes:Access node in business route network obtains and third party's industry from the information of third party's business The corresponding service node information of task identifier of business, and determined and the most matched industry of service request according to service node information Business node, wherein, service node information includes at least one of:Business routing algorithm, business corresponding with task identifier Node listing, service node address information corresponding with task identifier.
Preferably, access node determines to include with the most matched service node of service request according to service node information:Connect Ingress establishes business route map record according to the host identification of terminal device and the task identifier of third party's business, its In, business route map record is used to the service request of terminal device is transmitted to most matched business section in the specific term of validity Point;Most matched business section is calculated according to business routing algorithm using the task identifier of third party's business in access node Point.
Preferably, determined and the most matched business section of the service request according to pre-defined rule according to the information of third party's business After point, this method further includes:Access node in business route network checks access node and most matched service node Whether HIP connections have established;In the case where access node is connected without establishing with the HIP of most matched service node, access Node sends triggering message to most matched service node, to trigger most matched service node initiation and the HIP of access node Connection request, wherein, triggering message includes the host identification and network address of access node.
Preferably, after service request is sent to most matched service node by business route network, this method further includes: Business route network receives the service response of the service request from most matched service node, wherein, service response carries the The task identifier of three party service;Business route network route mapping note according to the task identifier inquiry business of third party's business Record, to obtain terminal device corresponding with service request, and service response is connected by established with the HIP of the terminal device Switch through and issue the terminal device.
Preferably, terminal device is user equipment or the service node server of offer third party's business.
To achieve these goals, according to another aspect of the present invention, there is provided a kind of request unit of third party's business.
The request unit of third party's business according to the present invention, is arranged on business route network, which includes:First connects Module is received, for receiving the information of simultaneously third party's business of preservation management server entity issue, wherein, the letter of third party's business Breath include third party's business task identifier and with the corresponding service node information of task identifier;Second receiving module, Service request for the task identifier for receiving carrying third party's business from terminal device;Determining module, for basis The most matched business section of service request that the information of third party's business determines to receive with the second receiving module according to pre-defined rule Point;Sending module, for service request to be sent to most matched service node.
Preferably, determining module includes:Unit is established, for the host identification according to terminal device and third party's business Task identifier establishes business route map record, wherein, business route map record is used for terminal in the specific term of validity The service request of equipment is transmitted to most matched service node;Computing unit, for the task identifier using third party's business Most matched service node is calculated according to business routing algorithm.
Preferably, which further includes:Module is checked, for checking the access node in business route network with most matching The HIP connections of service node whether established;Trigger module, for the HIP in access node and most matched service node In the case that connection is without establishing, access node sends triggering message to most matched service node, to trigger most matched industry The HIP connection requests for node initiation and the access node of being engaged in, wherein, triggering message is with including host identification and the network of access node Location.
By the present invention, using the business information of business route network storage third party's service distribution, according to carrying out self terminal The service request of third party's business of equipment determine with the most matched service node of the service request, and the service request is sent To the mode of most matched service node, solve and do not provide business route network for the relevant treatment of third party's business Problem, has ensured the security of business route network, improves the performance of business route network.
Brief description of the drawings
Attached drawing described herein is used for providing a further understanding of the present invention, forms the part of the application, this hair Bright schematic description and description is used to explain the present invention, does not form inappropriate limitation of the present invention.In the accompanying drawings:
Fig. 1 is the structure diagram according to the Internet service system of correlation technique;
Fig. 2 is the structure diagram according to the HIP network layers of correlation technique;
Fig. 3 is the schematic diagram that basic interaction flow is established according to the connection of the HIP agreements of correlation technique;
Fig. 4 is the flow chart of the requesting method of third party's business according to embodiments of the present invention;
Fig. 5 is the structure diagram of the request unit of third party's business according to embodiments of the present invention;
Fig. 6 is the structure diagram of the request unit of third party's business according to the preferred embodiment of the invention;
Fig. 7 is the flow chart of service routing method according to the preferred embodiment of the invention;
Fig. 8 is the flow chart according to the preferred embodiment of the invention for connecting and establishing certification.
Embodiment
Come that the present invention will be described in detail below with reference to attached drawing and in conjunction with the embodiments.It should be noted that do not conflicting In the case of, the feature in embodiment and embodiment in the application can be mutually combined.
According to embodiments of the present invention, there is provided a kind of requesting method of third party's business.Fig. 4 is according to embodiments of the present invention Third party's business requesting method flow chart, as shown in figure 4, this method includes:
Step S402, business route network receives and the information of third party's business of preservation management server entity issue, Wherein, the task identifier of the information of third party's business including third party's business and with the corresponding service node of task identifier Information;
Step S404, business route network receive the industry of the task identifier of carrying third party's business from terminal device Business request, determines and the most matched service node of the service request according to the information of third party's business according to pre-defined rule;
The service request is sent to most matched service node by step S406, business route network.
By above-mentioned steps, using the business information of business route network storage third party's service distribution, according to from end The service request of third party's business of end equipment determine with the most matched service node of the service request, and the service request is sent out The mode of most matched service node is given, solves and the relevant treatment that business route network is directed to third party's business is not provided The problem of, ensure the security of business route network, improve the performance of business route network.
In implementation process, in step S402, credible connection can be passed through between business route network and terminal device Communicate, in step S406, between business route network and most matched service node can also by it is credible connect into Row communication.
For example, before terminal device is according to service access message reference business, terminal device is needed with business route network Establish credible connection.That is, access node of the terminal into business route network initiates credible connection and establishes request;Access node connects Receive the credible connection from terminal device and establish request, establish in request and business route network what is stored according to the credible connection The user information of the terminal device is authenticated the terminal device, and establishes the credible connection of access node and the terminal device Connection.Then, the response of the service request and the service request that carry task identifier can be by the credible connection of foundation Transmission.Credible connection (realizing credible connection using HIP connections) can be established using HIP agreements in implementation process.
Similarly, in step S406, before which is sent to most matched service node by business route network, Credible connection can also be established between access node in the most matched service node and business route network.In access node The certification to the most matched service node is completed, and establishes access node and the credible connection of the most matched service node Connection.Then, the response of the service request and the service request that carry task identifier can be passed by the credible connection of foundation It is defeated.Credible connection can be realized using HIP in implementation process.
Preferably, before step S404, the access node in business route network receives the HIP from terminal device Bag;Access node recognizes terminal device according to the user information of the terminal device stored in HIP bags and business route network Card, and establish the HIP connections of access node and terminal device.This method can improve the security of network.Wherein, in step Before S404, terminal device can obtain the task identifier of third party's business with domain name mapping, or directly pass through Operational Visit Interface obtains the task identifier of third party's business.
Preferably, in step s 404, business route network is determined according to the information of third party's business according to pre-defined rule It can include with the most matched service node of the service request:The letter of access node in business route network from third party's business Obtained in breath with the corresponding service node information of task identifier of third party's business, and according to service node information determine with The most matched service node of service request, wherein, service node information includes at least one of:Business routing algorithm and industry The corresponding service node list of business identifier, service node address information corresponding with task identifier.This method is simple and practical, It is workable.
Wherein, access node determines to include with the most matched service node of service request according to service node information: Access node establishes business route map record according to the host identification of terminal device and the task identifier of third party's business, its In, business route map record is used to the service request of terminal device is transmitted to most matched business section in the specific term of validity Point;Most matched business section is calculated according to business routing algorithm using the task identifier of third party's business in access node Point.This method can improve flexibility and the treatment effeciency of system.
For example, the information of third party's business in step S404 is not limited to what is locally preserved from business route network, It can also be that database preserves, local data base, distributed data base distributed storage, or independent preservation business information Back end, is likely to.
Preferably, after step S404, the access node in business route network can check access node with most Whether the HIP connections for the service node matched somebody with somebody have established;It is connected with the HIP of most matched service node in access node and does not establish In the case of, access node sends triggering message to most matched service node, with trigger most matched service node initiate with The HIP connection requests of access node, wherein, triggering message includes the host identification and network address of access node.This method can So that terminal device safely and conveniently accesses third party's business, the validity and security of system are improved.
Preferably, after step S406, business route network receives the service request from most matched service node Service response, wherein, service response carry third party's business task identifier;Business route network is according to third party's business Task identifier inquiry business route map record, to obtain corresponding with service request terminal device, and by service response The terminal device is transmitted to by established be connected with the HIP of the terminal device.This method can improve the processing effect of system Rate.
Preferably, terminal device is user equipment or the service node server of offer third party's business.
Corresponding to the above method, the embodiment of the present invention additionally provides a kind of request unit of third party's business.Fig. 5 is basis The structure diagram of the request unit of third party's business of the embodiment of the present invention, as shown in figure 5, business route network is arranged on, should Device includes:First receiving module 52, for receiving the information of simultaneously third party's business of preservation management server entity issue, its In, the information of third party's business includes the task identifier and service node corresponding with task identifier letter of third party's business Breath;Second receiving module 54, the service request of the task identifier for receiving carrying third party's business from terminal device; Determining module 56, coupled to the first receiving module 52 and the second receiving module 54, for the information according to third party's business according to Pre-defined rule determines the most matched service node of service request received with the second receiving module;Sending module 58, is coupled to Determining module 56, for the service request to be sent to most matched service node.
By above device, using the business information of business route network storage third party's service distribution, according to from end The service request of third party's business of end equipment determine with the most matched service node of the service request, and the service request is sent out The mode of most matched service node is given, solves and the relevant treatment that business route network is directed to third party's business is not provided The problem of, ensure the security of business route network, improve the performance of business route network.
Fig. 6 is the structure diagram of the request unit of third party's business according to the preferred embodiment of the invention, as shown in fig. 6, Determining module 56 includes:Unit 562 is established, for the host identification according to terminal device and the task identifier of third party's business Business route map record is established, wherein, business route map record is used for the business of terminal device in the specific term of validity Request is transmitted to most matched service node;Computing unit 564, for the task identifier using third party's business according to business Most matched service node is calculated in routing algorithm.
Preferably, which further includes:Module 62 is checked, coupled to determining module 56, for checking business route network In access node be connected and whether established with the HIP of most matched service node;Trigger module 64, coupled to inspection module 62 With sending module 58, in the case of being connected in access node with the HIP of most matched service node without establishing, access section Point sends triggering message to most matched service node, initiates to connect with the HIP of access node to trigger most matched service node Request is connect, wherein, triggering message includes the host identification and network address of access node.
The solution of the present invention is described further with reference to above-mentioned multiple preferred embodiments.
This preferred embodiment provides a kind of business route implementation method and operation system, and business is carried by network provider For route service, effective load balancing can be carried out with relatively low cost, and Service control is carried out easy to network provider.
Business route implementation method provided in this embodiment comprises the following steps:
Step 1, there is provided business information is included the task identifier and and business of business by the management server entity of business The host identification and network address of the corresponding service node of identifier, are published in business routing network;
Step 2, the service access information based on management server entity issued includes the task identifier of business, and terminal is set It is standby to obtain service access information, according to service access message reference business.In implementation process, terminal device is probably one A user equipment, it is also possible to which another provides the service node server of integrated service.Terminal device is there are host identification, only One mark terminal device;Terminal device can obtain industry by task identifier access service, terminal device with domain name mapping The task identifier of business, or the task identifier of business is directly obtained by Operational Visit interface;
In step 2, before terminal device is according to service access message reference business, terminal device is needed with business routing network Establish credible connection.Specifically, the access node information of terminal device acquisition business routing network includes the access of access node Address;The access node of terminal device and business routing network is established in connection procedure, and business routing network can verify terminal device body Part, ensures the legitimacy of terminal device;Can be service identification after terminal device establishes connection with the access node of business routing network Establish default route, all business accessed by task identifier, access that all can be by terminal device with business routing network The connection that node is established accesses;Terminal device can be connected using HIP, and credible connection is established with business routing network;Terminal After equipment gets the task identifier of third party's business, the company by terminal device with the access node foundation of business routing network Connect, the service request for carrying the task identifier is sent to business routing network.
After access node in business routing network receives the service request of terminal device transmission, connecing in business routing network Ingress is according to the task identifier of third party's business, the service node address of acquisition third party's business from business routing network, And service request is sent to corresponding service node according to the address.Specifically, the access node in business routing network first from Task identifier is obtained in service request;Access node in business routing network obtains the business of business according to task identifier The host identification and network address of node;Access node in business routing network, which checks the need for establishing with service node, to be connected Connect, if necessary to establish connection, check whether connection establishes, connection is established if connecting without establishing;In business routing network Access node mapping relations are uniquely established according to the host identification of terminal and the task identifier of business, wherein, mapping relations The task identifier of host identification and business including terminal, the specific industry that task identifier is calculated according to business routing algorithm The host identification and network address of business node;Ensure in the mapping relations term of validity, which accesses above-mentioned third party's industry The service request of business and response, all can be by access node with the established connection of service node;Access in business routing network Node is by the service request of terminal device, the connection established by access node with service node, is transmitted to specific business section Point.
In implementation process, the access node in business routing network can use the business routing algorithm specified first, obtain Take the host identification and network address of the corresponding service node of service identification of third party's business;Access section in business routing network Point issues the business information in business routing network from business in advance, obtains business routing algorithm and the corresponding business of service identification Node listing, performs host identification and network address that business routing algorithm obtains specific service node.
Then, whether the access node inspection in business routing network establishes with the connection of specific service node, if even Connect not establish and then establish connection;Access node is checked whether with specific according to the hostid of specific service node Whether the connection of service node establishes;If not establishing connection, access node sends triggering message to specific service node, Connection of the specific service node initiation with the access node in the business routing network is triggered, wherein, triggering message connects including this The host identification and network address of ingress.
After specific service node receives triggering message, the host identification and net of the access node are included according to triggering message Network address, initiates to connect to access node;Established in the access node with business routing network in connection procedure, business routing network meeting Verify terminal device identity, ensure the legitimacy of terminal device;Specific service node is built with the access node of business routing network After vertical connection, all Operational Visit requests carried out by the connection, corresponding Operational Visit response is replied also by the connection To specific service node.
Access node in business routing network receives Operational Visit by the connection of specific service node access node and rings Ying Hou, inquires about the established mapping relations of task identifier of the host identification and business of terminal device, according to specific business The host identification of node, obtains the host identification for the terminal device for accessing the business;Access node in business routing network is by spy The service response of fixed service node, the connection established by access node with terminal device, is transmitted to initiating business request Terminal device.
As it can be seen that the present embodiment is somebody's turn to do in advance to business route network issuing service to be stored in business route network The host identification and address information of the service node of business;After terminal device gets the task identifier of business, to business road Initiated to carry the service request of task identifier by network, industry of the access node in business route network in service request Business identifier obtains the host identification and address information of service node from business route network, and according to the host mark got Know and address information is asked to service node forwarding service, and preserve forwarding record;Access node in business route network is received The service response replied to service node, records according to forwarding, and service response is transmitted to the terminal device of initiating business request. By the above-mentioned means, realizing third party's service access business route network, the certification to third party's service server is completed, is protected Demonstrate,prove the legitimacy of access.
The solution of the present invention is described in detail with specific embodiment below in conjunction with the accompanying drawings.
Fig. 7 is the flow chart of service routing method according to the preferred embodiment of the invention, as shown in fig. 7, this method includes Following steps:
Step S702, service distribution.Business information is published in business routing network by business A, and business information includes business A's The host identification and network address information of task identifier and the service node information with business A, i.e. service server 1;Business The node of route network according to the task identifier of business A, can inquire about the host identification and net of the service node of acquisition business A Network address information;After business A issuing services, terminal a can be according to the service identification of the service access information acquisition business A of issue Symbol, according to task identifier access service.
Step S704, terminal a establish HIP with business route network and are connected, and connection verification process is as shown in Figure 8.
Fig. 8 is the flow chart according to the preferred embodiment of the invention for connecting and establishing certification, which includes:
1) node of terminal a and business route network all supports hip agreements;
2) terminal a obtains the access address information of an access node 1 of business route network, including access node host Mark and network address;Access address information can be obtained by dns resolution method, or be configured using configured in advance mode On terminal a, or obtained according to specific access selection algorithm.
3) terminal a sends the I1 bags of HIP to the access node 1 that business is route, and the master of terminal device is carried in H1 bags Machine mark, business route access node host identification, show to use authentication mode (such as 3GPPAKA certifications, or HTTPdigest certifications) information;
4) terminal device that is stored according to business route network of access node 1 of business route user information (including Shared authentication key), authentication challenge information and the information for the terminal device authentication business route network are generated, and carry Terminal a is returned in the R1 bags of HIP;
5) user equipment is according to the shared authentication key with network, and what is received be used for user equipment certification network Authentification of message network;And according to the shared authentication key with network and the authentication challenge information received, generation authentication challenge should Information is answered, and carries and is sent to HIP nodes in the I2 bags of HIP;HIP nodes are according to the authentication challenge response message of acquisition to UE Be authenticated, and to UE send carry UE authentication result HIP R2 bags;
6) after terminal a establishes HIP connections with the access node 1 of business routing network, default route is established, it is all to pass through business The business that identifier accesses, can all be accessed by the HIP connections of foundation.
Step S706, terminal a access services A.Terminal a is connected by the 1 established HIP of access node of same business routing network Connect, the service request for the business A for carrying task identifier is sent to business routing network.
Step S708, the service request of the 1 forwarding terminal a of access node in business routing network.
1) after the access node 1 in business routing network receives the service request of terminal a transmissions, included according to service request Business A task identifier, business letter of the prior issue of business A in business routing network is obtained from business routing network Breath, including business routing algorithm and the address information (host identification of the corresponding service node list of service identification and service node And network address);Wherein, the service node of business A includes service server 1;
2) access node 1 in business routing network uses the business routing algorithm specified, and obtains the industry of most suitable business A Business node, such as service server 1;Obtain the host identification and network address of service server 1;
3) access node 1 in business routing network, checks the need for establishing HIP with service server 1 and is connected, if needed HIP connections are established, check whether HIP connections establish, new HIP connections are established if HIP connections are without establishing;
It is connected 4) if the access node 1 in business routing network and service server 1 need to establish new HIP, access section Point 1 sends triggering message to service server 1, and triggering service server 1 is initiated with the access node 1 in the business routing network HIP connections;Triggering message includes the host identification and network address of the access node 1;
5) access node 1 in business routing network establishes business route map record.Access node 1 is according to the master of terminal a Machine is identified uniquely establishes business route map record as keyword with the task identifier of business A, and map record includes terminal a Host identification and business A task identifier, the specific service node that task identifier is calculated according to business routing algorithm The host identification and network address of address information, i.e. service server 1, the business route map record term of validity;Ensure in business It route in the map record term of validity, the service request of terminal a access services A all can be by access node 1 with specific business section Point (i.e. service server 1) established connection, is transmitted to specific service node (i.e. service server 1);
6) access node 1 in business routing network is by the service request of terminal a, by access node 1 with service server 1 The HIP connections of foundation, are transmitted to service server 1.
Step S710, if access node 1 in business routing network and service server 1 are needed to establish new HIP and are connected, After specific service node (service server 1) receives triggering message, business route access node 1 is included according to triggering message Host identification and network address, HIP connections are initiated to access node 1;Repeat the above steps the HIP connection procedures of S704, completes Service server 1 is connected with the HIP of business route access node 1, completes the authentication to service server 1, ensures business The legitimacy of server 1;Specific service node (service server 1) establishes HIP connections with the access node 1 of business routing network Afterwards, the Operational Visit request of all access nodes 1 from business routing network, corresponding Operational Visit response is also by the HIP Connection, replies to the access node 1 of business routing network.
Step S712, the service response that the forwarding of access node 1 in business routing network is replied.
1) access node 1 in business routing network is connected with the HIP that service server 1 is established by access node 1 and received The service response of reply;
2) 1 inquiry business of the access node route map record in business routing network, according to the task identifier of business A and The address information (host identification and network address) of service server 1, obtains corresponding business route map record, and inquiry obtains The address information (host identification and network address) of terminal a;
3) access node 1 in business routing network is by service response, the HIP companies established by access node 1 with terminal a Connect, be transmitted to the terminal a of initiating business request.
The HIP connections that step S714, terminal a are established by access node 1 with terminal a, receive the service response of reply.
In conclusion an embodiment of the present invention provides a kind of business route implementation method and service routing system, using simultaneously HIP connection procedures are improved, the certification to third party's business is completed based on HIP connections, passes through HIP connection access service routing networks Network, ensures the safety of business route network.
Obviously, those skilled in the art should be understood that above-mentioned each module of the invention or each step can be with general Computing device realize that they can be concentrated on single computing device, or be distributed in multiple computing devices and formed Network on, alternatively, they can be realized with the program code that computing device can perform, it is thus possible to which they are stored Performed in the storage device by computing device, and in some cases, can be with different from shown in order execution herein The step of going out or describing, they are either fabricated to each integrated circuit modules respectively or by multiple modules in them or Step is fabricated to single integrated circuit module to realize.Combined in this way, the present invention is not restricted to any specific hardware and software.
The foregoing is only a preferred embodiment of the present invention, is not intended to limit the invention, for the skill of this area For art personnel, the invention may be variously modified and varied.Within the spirit and principles of the invention, that is made any repaiies Change, equivalent substitution, improvement etc., should all be included in the protection scope of the present invention.

Claims (8)

  1. A kind of 1. requesting method of third party's business, it is characterised in that including:
    Business route network receives and the information of third party's business of preservation management server entity issue, wherein, the described 3rd The task identifier of the information of square business including third party's business and with the corresponding service node of the task identifier Information;
    The business that the business route network receives the task identifier of carrying third party's business from terminal device please Ask, according to the information of third party's business according to pre-defined rule determine with the most matched service node of the service request, wherein, The terminal device is user equipment or the service node server of offer third party's business;
    The service request is sent to the most matched service node by the business route network;
    According to the information of third party's business according to pre-defined rule determine with after the most matched service node of the service request, Further include:
    Access node in the business route network checks that the access node and the HIP of the most matched service node connect Connect and whether established;
    In the case where the access node is connected without establishing with the HIP of the most matched service node, the access section Point sends triggering message to the most matched service node, is initiated and the access with most matched service node described in triggering The HIP connection requests of node, wherein, the triggering message includes the host identification and network address of the access node.
  2. 2. requesting method according to claim 1, it is characterised in that the business route network receives and comes from terminal device Carrying third party's business task identifier service request before, further include:
    Access node in the business route network receives the credible connection from the terminal device and establishes request;
    The access node is established in request and the business route network terminal stored according to the credible connection and is set Standby user information is authenticated the terminal device, and establishes the credible company of the access node and the terminal device Connect.
  3. 3. requesting method according to claim 1, it is characterised in that the business route network receives and comes from terminal device Carrying third party's business task identifier service request before, further include:
    Access node in the business route network receives the HIP bags from the terminal device;
    The access node is according to the user information of the terminal device stored in the HIP bags and the business route network The terminal device is authenticated, and establishes the access node and is connected with the HIP of the terminal device.
  4. 4. requesting method according to claim 1, it is characterised in that the business route network is according to third party's industry The information of business determines to include with the most matched service node of the service request according to pre-defined rule:
    Access node in the business route network obtains and third party's business from the information of third party's business The corresponding service node information of task identifier, and determined according to the service node information with the service request most The service node matched somebody with somebody, wherein, the service node information includes at least one of:Business routing algorithm and the business mark Know and accord with corresponding service node list, service node address information corresponding with the task identifier.
  5. 5. requesting method according to claim 4, it is characterised in that the access node is according to the service node information Determine to include with the most matched service node of the service request:
    The access node establishes industry according to the host identification of the terminal device and the task identifier of third party's business Business route map record, wherein, the business route map record is used for the institute of the terminal device in the specific term of validity State service request and be transmitted to the most matched service node;
    Institute is calculated according to the business routing algorithm using the task identifier of third party's business in the access node State most matched service node.
  6. 6. requesting method according to claim 1, it is characterised in that the business route network sends out the service request After giving the most matched service node, further include:
    The business route network receives the service response of the service request from the most matched service node, its In, the service response carries the task identifier of third party's business;
    The business route network inquires about the business according to the task identifier of third party's business and route map record, with Corresponding with service request terminal device is obtained, and the service response is passed through established and the terminal device HIP connections are transmitted to the terminal device.
  7. 7. a kind of request unit of third party's business, it is characterised in that be arranged on business route network, which includes:
    First receiving module, for receiving the information of simultaneously third party's business of preservation management server entity issue, wherein, it is described The task identifier of the information of third party's business including third party's business and with the corresponding business of the task identifier Nodal information;
    Second receiving module, please for receiving the business of task identifier of carrying third party's business from terminal device Ask, wherein, the terminal device is user equipment or the service node server of offer third party's business;
    Determining module, determines to connect with second receiving module for the information according to third party's business according to pre-defined rule The received most matched service node of the service request;
    Sending module, for the service request to be sent to the most matched service node;
    The device further includes:
    Module is checked, for checking the HIP of the access node in the business route network and the most matched service node Whether connection has established;
    Trigger module, for being connected in the access node with the HIP of the most matched service node without situation about establishing Under, the access node sends triggering message to the most matched service node, with most matched service node described in triggering Initiate with the HIP connection requests of the access node, wherein, the triggering message include the access node host identification and Network address.
  8. 8. request unit according to claim 7, it is characterised in that the determining module includes:
    Unit is established, the task identifier for the host identification according to the terminal device and third party's business establishes industry Business route map record, wherein, the business route map record is used for the institute of the terminal device in the specific term of validity State service request and be transmitted to the most matched service node;
    Computing unit, institute is calculated for the task identifier using third party's business according to the business routing algorithm State most matched service node.
CN201210000761.8A 2012-01-04 2012-01-04 The requesting method and device of third party's business Active CN103200147B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210000761.8A CN103200147B (en) 2012-01-04 2012-01-04 The requesting method and device of third party's business

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210000761.8A CN103200147B (en) 2012-01-04 2012-01-04 The requesting method and device of third party's business

Publications (2)

Publication Number Publication Date
CN103200147A CN103200147A (en) 2013-07-10
CN103200147B true CN103200147B (en) 2018-04-27

Family

ID=48722510

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210000761.8A Active CN103200147B (en) 2012-01-04 2012-01-04 The requesting method and device of third party's business

Country Status (1)

Country Link
CN (1) CN103200147B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108173893B (en) 2016-12-07 2021-07-09 诺基亚技术有限公司 Method and apparatus for networking
CN108243264A (en) * 2016-12-27 2018-07-03 中国移动通信有限公司研究院 A kind of sequence number generation method and system
CN110502319B (en) * 2019-08-23 2021-10-12 腾讯科技(深圳)有限公司 Distributed transaction processing method and device, electronic equipment and storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101114993A (en) * 2006-07-26 2008-01-30 华为技术有限公司 Conversation inceptive protocol network system and method for controlling service routing
CN101998227A (en) * 2009-08-28 2011-03-30 华为技术有限公司 Service routing method, device and system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8489772B2 (en) * 2010-03-09 2013-07-16 At&T Intellectual Property I, L.P. Method for mechanically generating content for messages

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101114993A (en) * 2006-07-26 2008-01-30 华为技术有限公司 Conversation inceptive protocol network system and method for controlling service routing
CN101998227A (en) * 2009-08-28 2011-03-30 华为技术有限公司 Service routing method, device and system

Also Published As

Publication number Publication date
CN103200147A (en) 2013-07-10

Similar Documents

Publication Publication Date Title
EP1880527B1 (en) Method for distributing certificates in a communication system
CN103067385B (en) The method of defence Hijack Attack and fire compartment wall
JP6526248B2 (en) Server and program
CN103067337B (en) Identity federation method, identity federation intrusion detection & prevention system (IdP), identity federation service provider (SP) and identity federation system
CN103023856B (en) Method, system and the information processing method of single-sign-on, system
CN110035033A (en) Cryptographic key distribution method, apparatus and system
CN103812960A (en) Network address translation for application of subscriber-aware services
EP1415212A2 (en) Modular authentication and authorization scheme for internet protocol
CN103973658A (en) Static user terminal authentication processing method and device
CN110392128A (en) The quasi- zero-address IPv6 method and system for disclosing web services are provided
CN104468619B (en) A kind of method and authentication gateway for realizing double stack web authentications
CN103051598B (en) Method, user equipment and packet access gateway for secure access to Internet services
CN103200147B (en) The requesting method and device of third party's business
US8275987B2 (en) Method for transmission of DHCP messages
US9112843B2 (en) Method and system for subscriber to log in internet content provider (ICP) website in identity/location separation network and login device thereof
FI120927B (en) Authentication and encryption protocols in a wireless communication system
CN102769621B (en) Real user identity-oriented host moving method
CN103001927B (en) A kind of position information processing method and system
CN108595941A (en) A kind of data processing method, system and electronic equipment
CN103108325B (en) A kind of information secure transmission method and system and access service node
JP2005333350A (en) Communication system
Hartman et al. Channel-Binding Support for Extensible Authentication Protocol (EAP) Methods
CN116405314A (en) Method and device for authenticating source address identity of access network
Takahashi et al. Design and Implementation of a Secure Public Wireless Internet Service Model Using Host Identity Protocol
Hoeper Internet Engineering Task Force (IETF) S. Hartman, Ed. Request for Comments: 6677 Painless Security Category: Standards Track T. Clancy

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant