CN103200147B - The requesting method and device of third party's business - Google Patents
The requesting method and device of third party's business Download PDFInfo
- Publication number
- CN103200147B CN103200147B CN201210000761.8A CN201210000761A CN103200147B CN 103200147 B CN103200147 B CN 103200147B CN 201210000761 A CN201210000761 A CN 201210000761A CN 103200147 B CN103200147 B CN 103200147B
- Authority
- CN
- China
- Prior art keywords
- business
- party
- node
- service
- terminal device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a kind of requesting method and device of third party's business, this method includes:Business route network receives and the information of third party's business of preservation management server entity issue, wherein, the information of third party's business include third party's business task identifier and with the corresponding service node information of task identifier;Business route network receives the service request of the task identifier of carrying third party's business from terminal device, is determined and the most matched service node of the service request according to pre-defined rule according to the information of third party's business;Service request is sent to most matched service node by business route network.Solve the problems, such as not provide relevant treatment of the business route network for third party's business by the present invention, ensured the security of business route network, improved the performance of business route network.
Description
Technical field
The present invention relates to the communications field, in particular to a kind of requesting method and device of third party's business.
Background technology
In existing communication network, circuit domain speech business or IP multimedia subsystem (IP Multimedia
Subsystem, referred to as IMS) and dialogue-based initiation protocol in network (Session Initiation Protocol, referred to as
SIP business) is controlled by core net.Core net can be responsible for the road of the certification of user, mandate, charging and business
By well ensuring the runing of business, manageability.But in internet, non-SIP classes business is usually by client
The server of direct access service provider is held to be serviced.
Fig. 1 is according to the structure diagram of the Internet service system of correlation technique, as shown in Figure 1, user equipment (User
Equipment, is referred to as UE) run DNS between domain name system (Domain Name System, referred to as DNS) server
Agreement, UE by DNS Protocol by the domain name of Internet service be converted into corresponding Internet protocol (Internet Protocol,
Referred to as IP) address;Then, UE is using the IP address and Internet service server direct communication, connecing needed for operation business
Mouth agreement, for example, the agreement such as hypertext transfer protocol (HyperText Transfer Protocol, referred to as HTTP).
When providing business using the framework shown in Fig. 1, network provider can not be controlled business procedure.In addition, mutually
Networking service provider be generally deficient of close to terminal user marketing channel and charge channel, therefore its promoting service, profit mould
There are problem for formula etc..Using for reference more successful short message service provider at present, (Service Provider, are referred to as
SP operation experience), can build one and carry out Service control by network provider, provide the network of business route service, nothing
By being that SIP business is also that non-SIP business can be route and controlled by the network, business is counted by network provider
Expense and expense are withheld.
At present, IP address had not only served as addressing function in internet (Internet), but also served as mark communication apparatus node
Effect, this dual-use function is determined when IP address changes, and is not only route and is changed, but also the mark of communication equipment host
Knowledge is also changed, traffic affecting continuity.In order to solve this problem, IETF introduces host identity protocol (Host
Identity Protocol, referred to as HIP, i.e., the host identity protocol that IETF HIP working groups define), solve equipment mark
Know the binding with address.HIP require any equipment have unique host identification code in global range (Host Identifier,
Referred to as HI).Host identification label (Host Identity Tag, referred to as HIT) is defined, HIT can be route using superposition to be added
Close Hash identifier (Overlay Routable Cryptographic Hash Identifiers, referred to as ORCHID),
ORCHID is a kind of special IPV6 addresses, it cannot function as common routable IPV6 addresses, special by being used on head
The different mark of 28 distinguishes with common IPV6 addresses.The ORCHID of 128, is the Hash to host identification HI, in agreement
Middle with the benefit of host identification label is that can use the interface and the convenient system with 128 IPV6 addresses of fixed length in a program
One.
Fig. 2 is according to the structure diagram of the HIP network layers of correlation technique, as shown in Fig. 2, HIP agreements are for TCP/
The COMMUNICATION LAYER PROTOCOL of IP has been done and now different restrictions.In ICP/IP protocol, TCP and UDP connections are contacted with IP address
Get up.And once HIP frameworks are set up, these connections are connected with regard to same host id, rather than IP address.The institute of HIP
So as to being so because it changes the binding of network layer and transport layer in ICP/IP protocol, introduced between TCP, IP
HIP layers (referring to Fig. 1).Among HIP frameworks, IP address still has the function of station location marker.But HI instead of IP address
Device identification function.This allows for no matter how the IP address of a host converts, it can possess unique constant
Mark, so as to solve the problems, such as the mobility problem of host and more caves.
HIP agreements have the packet header of oneself on IP packet header.Wherein, the implication of each field is as follows:
Next Header fields are used for the position for describing additional header, and currently without use, fixation uses metric 59
Expression does not have Next Header.
The length in Header Length explanation of field HIP packet header, is counted, 8 not comprising beginning with the integral multiple of 8 bytes
Byte packet header.
Packet the type fields illustrate the type of HIP bags.
VER. the version number of explanation of field HIP agreements.
RES. field is reserved for later application, currently without use.
Checksum fields be HIP packet header verification and.
Controls fields are the fields of pack arrangement and master capability description, define only what host was sent with anonymity at present
A kind of situation of mode.
Sender ' s Host Identity Tag (HIT) field description HIT of sender, the ORCHID of 128.
Receiver ' s Host Identity Tag (HIT) field description HIT of recipient, the ORCHID of 128.
The HIP parameters that HIP Parameters field descriptions HIP bags carry.
Fig. 3 is the schematic diagram that basic interaction flow is established according to the connection of the HIP agreements of correlation technique, as shown in figure 3,
HIP basis interactions are the interaction of basic information between two hosts, for interacting the basic information of two host communications.
HIP bases interaction flow has the interaction of four bags, and the required parameter of interaction DH key algorithms in second and the 3rd bag, is used
In the negotiating about cipher key shared between two hosts, by the public key carried in second and the 3rd bag, signature and HIT recognize respectively
Demonstrate,prove the identity of other side.After the completion of the interaction of four bags, end-by-end security connection is established.HIP interactions are initiated in a network
The host of bag is promoter, and promoter thinks the interactive host person of being in response to, this after the basic interaction flow of four bags
Difference be just not present, in subsequent communications interaction either party be all likely to become promoter, notify other side oneself state
Change.In first bag I1 that promoter initiates, the only host identification label comprising promoter and the host identification of respondent
Label.Start actual information interactive process in second bag R1 that respondent sends.Contained in second bag R1
Secret challenge (being used for the threat for reducing Denial of Service attack) to promoter, initiator must be responsive to this challenge, and interaction is
It can continue.In the 3rd bag I2 that sender sends, response of the sender to secret challenge in R1 bags is contained.Respondent sends out
The 4th bag R2 sent includes the signature of respondent, while terminates the HIP bases interaction flow of four bags.
In the related art, there is provided a kind of distributed Service control network, i.e. business route network, to provide industry
Business routing function.In business route network, charging is carried out to business by network provider and expense is withheld.But in business
In route network, application server may provide for third party business provider, but in the related art, industry is not provided with
Route network of being engaged in is directed to the relevant treatment of third party's business, and third party's business generally existing in current practical application, institute
With, it is necessary to the solution that a kind of business route network is directed to third party's business is provided.
The content of the invention
For do not have in correlation technique offer business route network be directed to third party's business relevant treatment the problem of, this hair
It is bright to provide a kind of request program of third party's business, at least to solve the above problems.
To achieve these goals, according to an aspect of the invention, there is provided a kind of requesting method of third party's business.
The requesting method of third party's business according to the present invention, including:Business route network receives and preservation management service
The information of third party's business of device entity issued, wherein, the information of third party's business includes the task identifier of third party's business
With with the corresponding service node information of task identifier;Business route network receives carrying third party's industry from terminal device
The service request of the task identifier of business, determines with the service request most according to the information of third party's business according to pre-defined rule
The service node matched somebody with somebody;Service request is sent to most matched service node by business route network.
Preferably, business route network receives the business of the task identifier of carrying third party's business from terminal device
Before request, this method further includes:Access node in business route network receives the credible connection from terminal device and establishes
Request;Access node establishes in request and business route network the user information of the terminal device stored to end according to credible connection
End equipment is authenticated, and establishes the credible connection of access node and terminal device.
Preferably, business route network receives the business of the task identifier of carrying third party's business from terminal device
Before request, this method further includes:Access node in business route network receives the HIP bags from terminal device;Access section
Point is authenticated terminal device according to the user information of the terminal device stored in HIP bags and business route network, and establishes
The HIP of access node and terminal device connections.
Preferably, business route network is determined with the service request most according to the information of third party's business according to pre-defined rule
Matched service node includes:Access node in business route network obtains and third party's industry from the information of third party's business
The corresponding service node information of task identifier of business, and determined and the most matched industry of service request according to service node information
Business node, wherein, service node information includes at least one of:Business routing algorithm, business corresponding with task identifier
Node listing, service node address information corresponding with task identifier.
Preferably, access node determines to include with the most matched service node of service request according to service node information:Connect
Ingress establishes business route map record according to the host identification of terminal device and the task identifier of third party's business, its
In, business route map record is used to the service request of terminal device is transmitted to most matched business section in the specific term of validity
Point;Most matched business section is calculated according to business routing algorithm using the task identifier of third party's business in access node
Point.
Preferably, determined and the most matched business section of the service request according to pre-defined rule according to the information of third party's business
After point, this method further includes:Access node in business route network checks access node and most matched service node
Whether HIP connections have established;In the case where access node is connected without establishing with the HIP of most matched service node, access
Node sends triggering message to most matched service node, to trigger most matched service node initiation and the HIP of access node
Connection request, wherein, triggering message includes the host identification and network address of access node.
Preferably, after service request is sent to most matched service node by business route network, this method further includes:
Business route network receives the service response of the service request from most matched service node, wherein, service response carries the
The task identifier of three party service;Business route network route mapping note according to the task identifier inquiry business of third party's business
Record, to obtain terminal device corresponding with service request, and service response is connected by established with the HIP of the terminal device
Switch through and issue the terminal device.
Preferably, terminal device is user equipment or the service node server of offer third party's business.
To achieve these goals, according to another aspect of the present invention, there is provided a kind of request unit of third party's business.
The request unit of third party's business according to the present invention, is arranged on business route network, which includes:First connects
Module is received, for receiving the information of simultaneously third party's business of preservation management server entity issue, wherein, the letter of third party's business
Breath include third party's business task identifier and with the corresponding service node information of task identifier;Second receiving module,
Service request for the task identifier for receiving carrying third party's business from terminal device;Determining module, for basis
The most matched business section of service request that the information of third party's business determines to receive with the second receiving module according to pre-defined rule
Point;Sending module, for service request to be sent to most matched service node.
Preferably, determining module includes:Unit is established, for the host identification according to terminal device and third party's business
Task identifier establishes business route map record, wherein, business route map record is used for terminal in the specific term of validity
The service request of equipment is transmitted to most matched service node;Computing unit, for the task identifier using third party's business
Most matched service node is calculated according to business routing algorithm.
Preferably, which further includes:Module is checked, for checking the access node in business route network with most matching
The HIP connections of service node whether established;Trigger module, for the HIP in access node and most matched service node
In the case that connection is without establishing, access node sends triggering message to most matched service node, to trigger most matched industry
The HIP connection requests for node initiation and the access node of being engaged in, wherein, triggering message is with including host identification and the network of access node
Location.
By the present invention, using the business information of business route network storage third party's service distribution, according to carrying out self terminal
The service request of third party's business of equipment determine with the most matched service node of the service request, and the service request is sent
To the mode of most matched service node, solve and do not provide business route network for the relevant treatment of third party's business
Problem, has ensured the security of business route network, improves the performance of business route network.
Brief description of the drawings
Attached drawing described herein is used for providing a further understanding of the present invention, forms the part of the application, this hair
Bright schematic description and description is used to explain the present invention, does not form inappropriate limitation of the present invention.In the accompanying drawings:
Fig. 1 is the structure diagram according to the Internet service system of correlation technique;
Fig. 2 is the structure diagram according to the HIP network layers of correlation technique;
Fig. 3 is the schematic diagram that basic interaction flow is established according to the connection of the HIP agreements of correlation technique;
Fig. 4 is the flow chart of the requesting method of third party's business according to embodiments of the present invention;
Fig. 5 is the structure diagram of the request unit of third party's business according to embodiments of the present invention;
Fig. 6 is the structure diagram of the request unit of third party's business according to the preferred embodiment of the invention;
Fig. 7 is the flow chart of service routing method according to the preferred embodiment of the invention;
Fig. 8 is the flow chart according to the preferred embodiment of the invention for connecting and establishing certification.
Embodiment
Come that the present invention will be described in detail below with reference to attached drawing and in conjunction with the embodiments.It should be noted that do not conflicting
In the case of, the feature in embodiment and embodiment in the application can be mutually combined.
According to embodiments of the present invention, there is provided a kind of requesting method of third party's business.Fig. 4 is according to embodiments of the present invention
Third party's business requesting method flow chart, as shown in figure 4, this method includes:
Step S402, business route network receives and the information of third party's business of preservation management server entity issue,
Wherein, the task identifier of the information of third party's business including third party's business and with the corresponding service node of task identifier
Information;
Step S404, business route network receive the industry of the task identifier of carrying third party's business from terminal device
Business request, determines and the most matched service node of the service request according to the information of third party's business according to pre-defined rule;
The service request is sent to most matched service node by step S406, business route network.
By above-mentioned steps, using the business information of business route network storage third party's service distribution, according to from end
The service request of third party's business of end equipment determine with the most matched service node of the service request, and the service request is sent out
The mode of most matched service node is given, solves and the relevant treatment that business route network is directed to third party's business is not provided
The problem of, ensure the security of business route network, improve the performance of business route network.
In implementation process, in step S402, credible connection can be passed through between business route network and terminal device
Communicate, in step S406, between business route network and most matched service node can also by it is credible connect into
Row communication.
For example, before terminal device is according to service access message reference business, terminal device is needed with business route network
Establish credible connection.That is, access node of the terminal into business route network initiates credible connection and establishes request;Access node connects
Receive the credible connection from terminal device and establish request, establish in request and business route network what is stored according to the credible connection
The user information of the terminal device is authenticated the terminal device, and establishes the credible connection of access node and the terminal device
Connection.Then, the response of the service request and the service request that carry task identifier can be by the credible connection of foundation
Transmission.Credible connection (realizing credible connection using HIP connections) can be established using HIP agreements in implementation process.
Similarly, in step S406, before which is sent to most matched service node by business route network,
Credible connection can also be established between access node in the most matched service node and business route network.In access node
The certification to the most matched service node is completed, and establishes access node and the credible connection of the most matched service node
Connection.Then, the response of the service request and the service request that carry task identifier can be passed by the credible connection of foundation
It is defeated.Credible connection can be realized using HIP in implementation process.
Preferably, before step S404, the access node in business route network receives the HIP from terminal device
Bag;Access node recognizes terminal device according to the user information of the terminal device stored in HIP bags and business route network
Card, and establish the HIP connections of access node and terminal device.This method can improve the security of network.Wherein, in step
Before S404, terminal device can obtain the task identifier of third party's business with domain name mapping, or directly pass through Operational Visit
Interface obtains the task identifier of third party's business.
Preferably, in step s 404, business route network is determined according to the information of third party's business according to pre-defined rule
It can include with the most matched service node of the service request:The letter of access node in business route network from third party's business
Obtained in breath with the corresponding service node information of task identifier of third party's business, and according to service node information determine with
The most matched service node of service request, wherein, service node information includes at least one of:Business routing algorithm and industry
The corresponding service node list of business identifier, service node address information corresponding with task identifier.This method is simple and practical,
It is workable.
Wherein, access node determines to include with the most matched service node of service request according to service node information:
Access node establishes business route map record according to the host identification of terminal device and the task identifier of third party's business, its
In, business route map record is used to the service request of terminal device is transmitted to most matched business section in the specific term of validity
Point;Most matched business section is calculated according to business routing algorithm using the task identifier of third party's business in access node
Point.This method can improve flexibility and the treatment effeciency of system.
For example, the information of third party's business in step S404 is not limited to what is locally preserved from business route network,
It can also be that database preserves, local data base, distributed data base distributed storage, or independent preservation business information
Back end, is likely to.
Preferably, after step S404, the access node in business route network can check access node with most
Whether the HIP connections for the service node matched somebody with somebody have established;It is connected with the HIP of most matched service node in access node and does not establish
In the case of, access node sends triggering message to most matched service node, with trigger most matched service node initiate with
The HIP connection requests of access node, wherein, triggering message includes the host identification and network address of access node.This method can
So that terminal device safely and conveniently accesses third party's business, the validity and security of system are improved.
Preferably, after step S406, business route network receives the service request from most matched service node
Service response, wherein, service response carry third party's business task identifier;Business route network is according to third party's business
Task identifier inquiry business route map record, to obtain corresponding with service request terminal device, and by service response
The terminal device is transmitted to by established be connected with the HIP of the terminal device.This method can improve the processing effect of system
Rate.
Preferably, terminal device is user equipment or the service node server of offer third party's business.
Corresponding to the above method, the embodiment of the present invention additionally provides a kind of request unit of third party's business.Fig. 5 is basis
The structure diagram of the request unit of third party's business of the embodiment of the present invention, as shown in figure 5, business route network is arranged on, should
Device includes:First receiving module 52, for receiving the information of simultaneously third party's business of preservation management server entity issue, its
In, the information of third party's business includes the task identifier and service node corresponding with task identifier letter of third party's business
Breath;Second receiving module 54, the service request of the task identifier for receiving carrying third party's business from terminal device;
Determining module 56, coupled to the first receiving module 52 and the second receiving module 54, for the information according to third party's business according to
Pre-defined rule determines the most matched service node of service request received with the second receiving module;Sending module 58, is coupled to
Determining module 56, for the service request to be sent to most matched service node.
By above device, using the business information of business route network storage third party's service distribution, according to from end
The service request of third party's business of end equipment determine with the most matched service node of the service request, and the service request is sent out
The mode of most matched service node is given, solves and the relevant treatment that business route network is directed to third party's business is not provided
The problem of, ensure the security of business route network, improve the performance of business route network.
Fig. 6 is the structure diagram of the request unit of third party's business according to the preferred embodiment of the invention, as shown in fig. 6,
Determining module 56 includes:Unit 562 is established, for the host identification according to terminal device and the task identifier of third party's business
Business route map record is established, wherein, business route map record is used for the business of terminal device in the specific term of validity
Request is transmitted to most matched service node;Computing unit 564, for the task identifier using third party's business according to business
Most matched service node is calculated in routing algorithm.
Preferably, which further includes:Module 62 is checked, coupled to determining module 56, for checking business route network
In access node be connected and whether established with the HIP of most matched service node;Trigger module 64, coupled to inspection module 62
With sending module 58, in the case of being connected in access node with the HIP of most matched service node without establishing, access section
Point sends triggering message to most matched service node, initiates to connect with the HIP of access node to trigger most matched service node
Request is connect, wherein, triggering message includes the host identification and network address of access node.
The solution of the present invention is described further with reference to above-mentioned multiple preferred embodiments.
This preferred embodiment provides a kind of business route implementation method and operation system, and business is carried by network provider
For route service, effective load balancing can be carried out with relatively low cost, and Service control is carried out easy to network provider.
Business route implementation method provided in this embodiment comprises the following steps:
Step 1, there is provided business information is included the task identifier and and business of business by the management server entity of business
The host identification and network address of the corresponding service node of identifier, are published in business routing network;
Step 2, the service access information based on management server entity issued includes the task identifier of business, and terminal is set
It is standby to obtain service access information, according to service access message reference business.In implementation process, terminal device is probably one
A user equipment, it is also possible to which another provides the service node server of integrated service.Terminal device is there are host identification, only
One mark terminal device;Terminal device can obtain industry by task identifier access service, terminal device with domain name mapping
The task identifier of business, or the task identifier of business is directly obtained by Operational Visit interface;
In step 2, before terminal device is according to service access message reference business, terminal device is needed with business routing network
Establish credible connection.Specifically, the access node information of terminal device acquisition business routing network includes the access of access node
Address;The access node of terminal device and business routing network is established in connection procedure, and business routing network can verify terminal device body
Part, ensures the legitimacy of terminal device;Can be service identification after terminal device establishes connection with the access node of business routing network
Establish default route, all business accessed by task identifier, access that all can be by terminal device with business routing network
The connection that node is established accesses;Terminal device can be connected using HIP, and credible connection is established with business routing network;Terminal
After equipment gets the task identifier of third party's business, the company by terminal device with the access node foundation of business routing network
Connect, the service request for carrying the task identifier is sent to business routing network.
After access node in business routing network receives the service request of terminal device transmission, connecing in business routing network
Ingress is according to the task identifier of third party's business, the service node address of acquisition third party's business from business routing network,
And service request is sent to corresponding service node according to the address.Specifically, the access node in business routing network first from
Task identifier is obtained in service request;Access node in business routing network obtains the business of business according to task identifier
The host identification and network address of node;Access node in business routing network, which checks the need for establishing with service node, to be connected
Connect, if necessary to establish connection, check whether connection establishes, connection is established if connecting without establishing;In business routing network
Access node mapping relations are uniquely established according to the host identification of terminal and the task identifier of business, wherein, mapping relations
The task identifier of host identification and business including terminal, the specific industry that task identifier is calculated according to business routing algorithm
The host identification and network address of business node;Ensure in the mapping relations term of validity, which accesses above-mentioned third party's industry
The service request of business and response, all can be by access node with the established connection of service node;Access in business routing network
Node is by the service request of terminal device, the connection established by access node with service node, is transmitted to specific business section
Point.
In implementation process, the access node in business routing network can use the business routing algorithm specified first, obtain
Take the host identification and network address of the corresponding service node of service identification of third party's business;Access section in business routing network
Point issues the business information in business routing network from business in advance, obtains business routing algorithm and the corresponding business of service identification
Node listing, performs host identification and network address that business routing algorithm obtains specific service node.
Then, whether the access node inspection in business routing network establishes with the connection of specific service node, if even
Connect not establish and then establish connection;Access node is checked whether with specific according to the hostid of specific service node
Whether the connection of service node establishes;If not establishing connection, access node sends triggering message to specific service node,
Connection of the specific service node initiation with the access node in the business routing network is triggered, wherein, triggering message connects including this
The host identification and network address of ingress.
After specific service node receives triggering message, the host identification and net of the access node are included according to triggering message
Network address, initiates to connect to access node;Established in the access node with business routing network in connection procedure, business routing network meeting
Verify terminal device identity, ensure the legitimacy of terminal device;Specific service node is built with the access node of business routing network
After vertical connection, all Operational Visit requests carried out by the connection, corresponding Operational Visit response is replied also by the connection
To specific service node.
Access node in business routing network receives Operational Visit by the connection of specific service node access node and rings
Ying Hou, inquires about the established mapping relations of task identifier of the host identification and business of terminal device, according to specific business
The host identification of node, obtains the host identification for the terminal device for accessing the business;Access node in business routing network is by spy
The service response of fixed service node, the connection established by access node with terminal device, is transmitted to initiating business request
Terminal device.
As it can be seen that the present embodiment is somebody's turn to do in advance to business route network issuing service to be stored in business route network
The host identification and address information of the service node of business;After terminal device gets the task identifier of business, to business road
Initiated to carry the service request of task identifier by network, industry of the access node in business route network in service request
Business identifier obtains the host identification and address information of service node from business route network, and according to the host mark got
Know and address information is asked to service node forwarding service, and preserve forwarding record;Access node in business route network is received
The service response replied to service node, records according to forwarding, and service response is transmitted to the terminal device of initiating business request.
By the above-mentioned means, realizing third party's service access business route network, the certification to third party's service server is completed, is protected
Demonstrate,prove the legitimacy of access.
The solution of the present invention is described in detail with specific embodiment below in conjunction with the accompanying drawings.
Fig. 7 is the flow chart of service routing method according to the preferred embodiment of the invention, as shown in fig. 7, this method includes
Following steps:
Step S702, service distribution.Business information is published in business routing network by business A, and business information includes business A's
The host identification and network address information of task identifier and the service node information with business A, i.e. service server 1;Business
The node of route network according to the task identifier of business A, can inquire about the host identification and net of the service node of acquisition business A
Network address information;After business A issuing services, terminal a can be according to the service identification of the service access information acquisition business A of issue
Symbol, according to task identifier access service.
Step S704, terminal a establish HIP with business route network and are connected, and connection verification process is as shown in Figure 8.
Fig. 8 is the flow chart according to the preferred embodiment of the invention for connecting and establishing certification, which includes:
1) node of terminal a and business route network all supports hip agreements;
2) terminal a obtains the access address information of an access node 1 of business route network, including access node host
Mark and network address;Access address information can be obtained by dns resolution method, or be configured using configured in advance mode
On terminal a, or obtained according to specific access selection algorithm.
3) terminal a sends the I1 bags of HIP to the access node 1 that business is route, and the master of terminal device is carried in H1 bags
Machine mark, business route access node host identification, show to use authentication mode (such as 3GPPAKA certifications, or
HTTPdigest certifications) information;
4) terminal device that is stored according to business route network of access node 1 of business route user information (including
Shared authentication key), authentication challenge information and the information for the terminal device authentication business route network are generated, and carry
Terminal a is returned in the R1 bags of HIP;
5) user equipment is according to the shared authentication key with network, and what is received be used for user equipment certification network
Authentification of message network;And according to the shared authentication key with network and the authentication challenge information received, generation authentication challenge should
Information is answered, and carries and is sent to HIP nodes in the I2 bags of HIP;HIP nodes are according to the authentication challenge response message of acquisition to UE
Be authenticated, and to UE send carry UE authentication result HIP R2 bags;
6) after terminal a establishes HIP connections with the access node 1 of business routing network, default route is established, it is all to pass through business
The business that identifier accesses, can all be accessed by the HIP connections of foundation.
Step S706, terminal a access services A.Terminal a is connected by the 1 established HIP of access node of same business routing network
Connect, the service request for the business A for carrying task identifier is sent to business routing network.
Step S708, the service request of the 1 forwarding terminal a of access node in business routing network.
1) after the access node 1 in business routing network receives the service request of terminal a transmissions, included according to service request
Business A task identifier, business letter of the prior issue of business A in business routing network is obtained from business routing network
Breath, including business routing algorithm and the address information (host identification of the corresponding service node list of service identification and service node
And network address);Wherein, the service node of business A includes service server 1;
2) access node 1 in business routing network uses the business routing algorithm specified, and obtains the industry of most suitable business A
Business node, such as service server 1;Obtain the host identification and network address of service server 1;
3) access node 1 in business routing network, checks the need for establishing HIP with service server 1 and is connected, if needed
HIP connections are established, check whether HIP connections establish, new HIP connections are established if HIP connections are without establishing;
It is connected 4) if the access node 1 in business routing network and service server 1 need to establish new HIP, access section
Point 1 sends triggering message to service server 1, and triggering service server 1 is initiated with the access node 1 in the business routing network
HIP connections;Triggering message includes the host identification and network address of the access node 1;
5) access node 1 in business routing network establishes business route map record.Access node 1 is according to the master of terminal a
Machine is identified uniquely establishes business route map record as keyword with the task identifier of business A, and map record includes terminal a
Host identification and business A task identifier, the specific service node that task identifier is calculated according to business routing algorithm
The host identification and network address of address information, i.e. service server 1, the business route map record term of validity;Ensure in business
It route in the map record term of validity, the service request of terminal a access services A all can be by access node 1 with specific business section
Point (i.e. service server 1) established connection, is transmitted to specific service node (i.e. service server 1);
6) access node 1 in business routing network is by the service request of terminal a, by access node 1 with service server 1
The HIP connections of foundation, are transmitted to service server 1.
Step S710, if access node 1 in business routing network and service server 1 are needed to establish new HIP and are connected,
After specific service node (service server 1) receives triggering message, business route access node 1 is included according to triggering message
Host identification and network address, HIP connections are initiated to access node 1;Repeat the above steps the HIP connection procedures of S704, completes
Service server 1 is connected with the HIP of business route access node 1, completes the authentication to service server 1, ensures business
The legitimacy of server 1;Specific service node (service server 1) establishes HIP connections with the access node 1 of business routing network
Afterwards, the Operational Visit request of all access nodes 1 from business routing network, corresponding Operational Visit response is also by the HIP
Connection, replies to the access node 1 of business routing network.
Step S712, the service response that the forwarding of access node 1 in business routing network is replied.
1) access node 1 in business routing network is connected with the HIP that service server 1 is established by access node 1 and received
The service response of reply;
2) 1 inquiry business of the access node route map record in business routing network, according to the task identifier of business A and
The address information (host identification and network address) of service server 1, obtains corresponding business route map record, and inquiry obtains
The address information (host identification and network address) of terminal a;
3) access node 1 in business routing network is by service response, the HIP companies established by access node 1 with terminal a
Connect, be transmitted to the terminal a of initiating business request.
The HIP connections that step S714, terminal a are established by access node 1 with terminal a, receive the service response of reply.
In conclusion an embodiment of the present invention provides a kind of business route implementation method and service routing system, using simultaneously
HIP connection procedures are improved, the certification to third party's business is completed based on HIP connections, passes through HIP connection access service routing networks
Network, ensures the safety of business route network.
Obviously, those skilled in the art should be understood that above-mentioned each module of the invention or each step can be with general
Computing device realize that they can be concentrated on single computing device, or be distributed in multiple computing devices and formed
Network on, alternatively, they can be realized with the program code that computing device can perform, it is thus possible to which they are stored
Performed in the storage device by computing device, and in some cases, can be with different from shown in order execution herein
The step of going out or describing, they are either fabricated to each integrated circuit modules respectively or by multiple modules in them or
Step is fabricated to single integrated circuit module to realize.Combined in this way, the present invention is not restricted to any specific hardware and software.
The foregoing is only a preferred embodiment of the present invention, is not intended to limit the invention, for the skill of this area
For art personnel, the invention may be variously modified and varied.Within the spirit and principles of the invention, that is made any repaiies
Change, equivalent substitution, improvement etc., should all be included in the protection scope of the present invention.
Claims (8)
- A kind of 1. requesting method of third party's business, it is characterised in that including:Business route network receives and the information of third party's business of preservation management server entity issue, wherein, the described 3rd The task identifier of the information of square business including third party's business and with the corresponding service node of the task identifier Information;The business that the business route network receives the task identifier of carrying third party's business from terminal device please Ask, according to the information of third party's business according to pre-defined rule determine with the most matched service node of the service request, wherein, The terminal device is user equipment or the service node server of offer third party's business;The service request is sent to the most matched service node by the business route network;According to the information of third party's business according to pre-defined rule determine with after the most matched service node of the service request, Further include:Access node in the business route network checks that the access node and the HIP of the most matched service node connect Connect and whether established;In the case where the access node is connected without establishing with the HIP of the most matched service node, the access section Point sends triggering message to the most matched service node, is initiated and the access with most matched service node described in triggering The HIP connection requests of node, wherein, the triggering message includes the host identification and network address of the access node.
- 2. requesting method according to claim 1, it is characterised in that the business route network receives and comes from terminal device Carrying third party's business task identifier service request before, further include:Access node in the business route network receives the credible connection from the terminal device and establishes request;The access node is established in request and the business route network terminal stored according to the credible connection and is set Standby user information is authenticated the terminal device, and establishes the credible company of the access node and the terminal device Connect.
- 3. requesting method according to claim 1, it is characterised in that the business route network receives and comes from terminal device Carrying third party's business task identifier service request before, further include:Access node in the business route network receives the HIP bags from the terminal device;The access node is according to the user information of the terminal device stored in the HIP bags and the business route network The terminal device is authenticated, and establishes the access node and is connected with the HIP of the terminal device.
- 4. requesting method according to claim 1, it is characterised in that the business route network is according to third party's industry The information of business determines to include with the most matched service node of the service request according to pre-defined rule:Access node in the business route network obtains and third party's business from the information of third party's business The corresponding service node information of task identifier, and determined according to the service node information with the service request most The service node matched somebody with somebody, wherein, the service node information includes at least one of:Business routing algorithm and the business mark Know and accord with corresponding service node list, service node address information corresponding with the task identifier.
- 5. requesting method according to claim 4, it is characterised in that the access node is according to the service node information Determine to include with the most matched service node of the service request:The access node establishes industry according to the host identification of the terminal device and the task identifier of third party's business Business route map record, wherein, the business route map record is used for the institute of the terminal device in the specific term of validity State service request and be transmitted to the most matched service node;Institute is calculated according to the business routing algorithm using the task identifier of third party's business in the access node State most matched service node.
- 6. requesting method according to claim 1, it is characterised in that the business route network sends out the service request After giving the most matched service node, further include:The business route network receives the service response of the service request from the most matched service node, its In, the service response carries the task identifier of third party's business;The business route network inquires about the business according to the task identifier of third party's business and route map record, with Corresponding with service request terminal device is obtained, and the service response is passed through established and the terminal device HIP connections are transmitted to the terminal device.
- 7. a kind of request unit of third party's business, it is characterised in that be arranged on business route network, which includes:First receiving module, for receiving the information of simultaneously third party's business of preservation management server entity issue, wherein, it is described The task identifier of the information of third party's business including third party's business and with the corresponding business of the task identifier Nodal information;Second receiving module, please for receiving the business of task identifier of carrying third party's business from terminal device Ask, wherein, the terminal device is user equipment or the service node server of offer third party's business;Determining module, determines to connect with second receiving module for the information according to third party's business according to pre-defined rule The received most matched service node of the service request;Sending module, for the service request to be sent to the most matched service node;The device further includes:Module is checked, for checking the HIP of the access node in the business route network and the most matched service node Whether connection has established;Trigger module, for being connected in the access node with the HIP of the most matched service node without situation about establishing Under, the access node sends triggering message to the most matched service node, with most matched service node described in triggering Initiate with the HIP connection requests of the access node, wherein, the triggering message include the access node host identification and Network address.
- 8. request unit according to claim 7, it is characterised in that the determining module includes:Unit is established, the task identifier for the host identification according to the terminal device and third party's business establishes industry Business route map record, wherein, the business route map record is used for the institute of the terminal device in the specific term of validity State service request and be transmitted to the most matched service node;Computing unit, institute is calculated for the task identifier using third party's business according to the business routing algorithm State most matched service node.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210000761.8A CN103200147B (en) | 2012-01-04 | 2012-01-04 | The requesting method and device of third party's business |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210000761.8A CN103200147B (en) | 2012-01-04 | 2012-01-04 | The requesting method and device of third party's business |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103200147A CN103200147A (en) | 2013-07-10 |
CN103200147B true CN103200147B (en) | 2018-04-27 |
Family
ID=48722510
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210000761.8A Active CN103200147B (en) | 2012-01-04 | 2012-01-04 | The requesting method and device of third party's business |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103200147B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108173893B (en) | 2016-12-07 | 2021-07-09 | 诺基亚技术有限公司 | Method and apparatus for networking |
CN108243264A (en) * | 2016-12-27 | 2018-07-03 | 中国移动通信有限公司研究院 | A kind of sequence number generation method and system |
CN110502319B (en) * | 2019-08-23 | 2021-10-12 | 腾讯科技(深圳)有限公司 | Distributed transaction processing method and device, electronic equipment and storage medium |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101114993A (en) * | 2006-07-26 | 2008-01-30 | 华为技术有限公司 | Conversation inceptive protocol network system and method for controlling service routing |
CN101998227A (en) * | 2009-08-28 | 2011-03-30 | 华为技术有限公司 | Service routing method, device and system |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8489772B2 (en) * | 2010-03-09 | 2013-07-16 | At&T Intellectual Property I, L.P. | Method for mechanically generating content for messages |
-
2012
- 2012-01-04 CN CN201210000761.8A patent/CN103200147B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101114993A (en) * | 2006-07-26 | 2008-01-30 | 华为技术有限公司 | Conversation inceptive protocol network system and method for controlling service routing |
CN101998227A (en) * | 2009-08-28 | 2011-03-30 | 华为技术有限公司 | Service routing method, device and system |
Also Published As
Publication number | Publication date |
---|---|
CN103200147A (en) | 2013-07-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1880527B1 (en) | Method for distributing certificates in a communication system | |
CN103067385B (en) | The method of defence Hijack Attack and fire compartment wall | |
JP6526248B2 (en) | Server and program | |
CN103067337B (en) | Identity federation method, identity federation intrusion detection & prevention system (IdP), identity federation service provider (SP) and identity federation system | |
CN103023856B (en) | Method, system and the information processing method of single-sign-on, system | |
CN110035033A (en) | Cryptographic key distribution method, apparatus and system | |
CN103812960A (en) | Network address translation for application of subscriber-aware services | |
EP1415212A2 (en) | Modular authentication and authorization scheme for internet protocol | |
CN103973658A (en) | Static user terminal authentication processing method and device | |
CN110392128A (en) | The quasi- zero-address IPv6 method and system for disclosing web services are provided | |
CN104468619B (en) | A kind of method and authentication gateway for realizing double stack web authentications | |
CN103051598B (en) | Method, user equipment and packet access gateway for secure access to Internet services | |
CN103200147B (en) | The requesting method and device of third party's business | |
US8275987B2 (en) | Method for transmission of DHCP messages | |
US9112843B2 (en) | Method and system for subscriber to log in internet content provider (ICP) website in identity/location separation network and login device thereof | |
FI120927B (en) | Authentication and encryption protocols in a wireless communication system | |
CN102769621B (en) | Real user identity-oriented host moving method | |
CN103001927B (en) | A kind of position information processing method and system | |
CN108595941A (en) | A kind of data processing method, system and electronic equipment | |
CN103108325B (en) | A kind of information secure transmission method and system and access service node | |
JP2005333350A (en) | Communication system | |
Hartman et al. | Channel-Binding Support for Extensible Authentication Protocol (EAP) Methods | |
CN116405314A (en) | Method and device for authenticating source address identity of access network | |
Takahashi et al. | Design and Implementation of a Secure Public Wireless Internet Service Model Using Host Identity Protocol | |
Hoeper | Internet Engineering Task Force (IETF) S. Hartman, Ed. Request for Comments: 6677 Painless Security Category: Standards Track T. Clancy |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |