CN103686719B - It is determined that carrying the method and system of control strategy - Google Patents
It is determined that carrying the method and system of control strategy Download PDFInfo
- Publication number
- CN103686719B CN103686719B CN201210323245.9A CN201210323245A CN103686719B CN 103686719 B CN103686719 B CN 103686719B CN 201210323245 A CN201210323245 A CN 201210323245A CN 103686719 B CN103686719 B CN 103686719B
- Authority
- CN
- China
- Prior art keywords
- control strategy
- information
- user terminal
- strategy
- acquisition approach
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The present invention discloses a kind of method and system for determining to carry control strategy.Wherein it is determined that in the method for carrying control strategy, the access request information that user terminal sends being transmitted into certification authority server and being authenticated.After the Certificate Authority information for receiving certification authority server transmission, control strategy acquisition approach configured information is obtained from Certificate Authority information.According to the control strategy acquisition approach configured information, the carrying control strategy of the user terminal is obtained.The user terminal access service net is controlled using control strategy is carried.Carrying control strategy is obtained by control strategy acquisition approach configured information, rather than the carrying control strategy for all obtaining user by the strategy control unit outside access in each accessing business network, therefore it is effectively reduced the information exchange with external policy control unit, simplify service access process, Internet resources are saved, and improves Consumer's Experience.
Description
Technical field
The present invention relates to the communications field, more particularly to a kind of method and system for determining to carry control strategy.
Background technology
PCC can be introduced in the following framework of mobile network(Policy Control and Charging, policy control
And charging)System, by existing PCC technologies, when user uses business, such as PDSN(Packet Data Serving
Node, packet data serving node)Or PGW(Packet Data Network Gateway, grouped data network gateway)Plan
Slightly execution unit must access such as PCRF(Policy and Charging Rules Function, strategy and charging regulation
Function)The strategy control unit of unit obtains the carrying control strategy of user.
From the point of view of current network application, most of users apply identical strategy, that is, the control strategy given tacit consent to.At this
In the case of kind, if the carrying control of user is obtained yet by the strategy control unit outside accessing in each accessing business network
System strategy, then can bring unnecessary information exchange, and cause service access process to complicate, so as to cause network resources waste
With Consumer's Experience reduction.
The content of the invention
The technical problem to be solved in the present invention is to provide a kind of method and system for determining to carry control strategy.By judging
Whether user directly uses the predefined acquiescence control strategy of strategy execution unit, so as to be effectively reduced and external policy control
The information exchange of unit, therefore service access process can be simplified and signing process of the user in strategy control unit is omitted, save
Internet resources are saved, and has improve Consumer's Experience.
According to an aspect of the present invention, there is provided it is a kind of determine carry control strategy method, including:
The access request information that user terminal sends is received, wherein access request information includes user terminal identification information;
The access request information is transmitted to certification authority server, so that certification authority server is according to the user
Terminal identification information is authenticated to the user terminal;
After the Certificate Authority information for receiving certification authority server transmission, control plan is obtained from Certificate Authority information
Omit acquisition approach configured information;
According to the control strategy acquisition approach configured information, the carrying control strategy of the user terminal is obtained;
The user terminal access service net is controlled using control strategy is carried.
According to an aspect of the present invention, there is provided it is a kind of determine carry control strategy method, including:
The access request information that strategy execution unit sends is received, wherein access request information includes the identification of user terminal
Information;
Using the identification information of the user terminal, the user terminal is authenticated;
In certification success, Certificate Authority information is sent to strategy execution unit, wherein Certificate Authority information includes control
Tactful acquisition approach configured information, so that strategy execution unit is according to the control strategy acquisition approach configured information, obtains institute
State the carrying control strategy of user terminal.
According to an aspect of the present invention, there is provided it is a kind of determine carry control strategy strategy execution unit, including:
First receiving device, the access request information for receiving user terminal transmission, wherein access request information includes
User terminal identification information;
First sends equipment, for the access request information to be transmitted into certification authority server, so as to Certificate Authority
Server is authenticated according to the user terminal identification information to the user terminal;
Path indicates acquisition equipment, the Certificate Authority for receiving certification authority server transmission in the first receiving device
After information, control strategy acquisition approach configured information is obtained from Certificate Authority information;
Tactful acquisition equipment, for according to the control strategy acquisition approach configured information, obtaining the user terminal
Carry control strategy;
Service access equipment, the control strategy control user terminal access service net is carried for utilizing.
According to an aspect of the present invention, there is provided it is a kind of determine carry control strategy certification authority server, including:
Second receiving device, wherein the access request information for receiving the transmission of strategy execution unit, access request information
Identification information including user terminal;
Authenticating device, for the identification information using the user terminal, is authenticated to the user terminal;In certification
During success, indicate second to send equipment and send Certificate Authority information to strategy execution unit, wherein Certificate Authority information includes control
The tactful acquisition approach configured information of system;
Second sends equipment, for the instruction according to authenticating device, sends the Certificate Authority to strategy execution unit and believes
Breath, so that strategy execution unit is according to the control strategy acquisition approach configured information, obtains the carrying control of the user terminal
System strategy.
According to an aspect of the present invention, there is provided it is a kind of determine carry control strategy system, including:Strategy execution unit
And certification authority server, wherein:
Strategy execution unit, receives the access request information that user terminal sends, and wherein access request information includes user
Terminal identification information, certification authority server is transmitted to by the access request information, is receiving certification authority server hair
After the Certificate Authority information sent, control strategy acquisition approach configured information is obtained from Certificate Authority information, according to the control
Tactful acquisition approach configured information, obtains the carrying control strategy of the user terminal, and using carrying, control strategy control is described
User terminal access service net;
Certification authority server, the access request information for receiving the transmission of strategy execution unit, using user's end
The identification information at end, is authenticated to the user terminal, in certification success, sends Certificate Authority to strategy execution unit and believes
Breath, wherein Certificate Authority information include control strategy acquisition approach configured information.
The present invention includes user terminal by receiving the access request information that user terminal sends, wherein access request information
Identification information.The access request information is transmitted to certification authority server, so that certification authority server is according to the use
Family terminal identification information is authenticated to the user terminal.Receiving the Certificate Authority information of certification authority server transmission
Afterwards, control strategy acquisition approach configured information is obtained from Certificate Authority information.Indicated according to the control strategy acquisition approach
Information, obtains the carrying control strategy of the user terminal.The user terminal access service is controlled using control strategy is carried
Net.By obtaining the carrying control strategy of the user terminal according to control strategy acquisition approach configured information, rather than
The carrying control strategy of user is all obtained during each accessing business network by the strategy control unit outside access.Therefore can have
Effect reduces the information exchange with external policy control unit, can simplify service access process and omit user in strategy control unit
In signing process, save Internet resources, and improve Consumer's Experience.
Brief description of the drawings
Fig. 1 is present invention determine that carrying the schematic diagram of control strategy method one embodiment.
Fig. 2 is present invention determine that carrying the schematic diagram of another embodiment of control strategy method.
Fig. 3 is the schematic diagram of user terminal register method one embodiment of the present invention.
Fig. 4 is present invention determine that carrying the schematic diagram of the another another embodiment of control strategy method.
Fig. 5 is the schematic diagram of another embodiment of user terminal register method of the present invention.
Fig. 6 is the schematic diagram of strategy execution unit one embodiment of the present invention.
Fig. 7 is the schematic diagram of another embodiment of strategy execution unit of the present invention.
Fig. 8 is the schematic diagram of certification authority server one embodiment of the present invention.
Fig. 9 is the schematic diagram of another embodiment of certification authority server of the present invention.
Figure 10 is present invention determine that carrying the schematic diagram of control strategy system one embodiment.
Figure 11 is present invention determine that carrying the network diagram of control strategy system one embodiment.
Specific embodiment
The present invention is described more fully with reference to the accompanying drawings, wherein illustrating exemplary embodiment of the invention.
Fig. 1 is present invention determine that carrying the schematic diagram of method one embodiment of control strategy.As shown in figure 1, this implementation
It is as follows that the determination of example carries control strategy method and step:
Step 101, receives the access request information that user terminal sends, and wherein access request information is known including user terminal
Other information.
Step 102, certification authority server is transmitted to by the access request information, so as to certification authority server according to
The user terminal identification information is authenticated to the user terminal.
Step 103, after the Certificate Authority information for receiving certification authority server transmission, obtains from Certificate Authority information
Take control strategy acquisition approach configured information.
Step 104, according to the control strategy acquisition approach configured information, obtains the carrying control plan of the user terminal
Slightly.
Step 105, the user terminal access service net is controlled using control strategy is carried.
Based on the method that the determination that the above embodiment of the present invention is provided carries control strategy, sent by receiving user terminal
Access request information, wherein access request information include user terminal identification information.The access request information is transmitted to
Certification authority server, so that certification authority server is recognized the user terminal according to the user terminal identification information
Card.After the Certificate Authority information for receiving certification authority server transmission, acquisition control strategy is obtained from Certificate Authority information
Take path configured information.According to the control strategy acquisition approach configured information, the carrying control plan of the user terminal is obtained
Slightly.The user terminal access service net is controlled using control strategy is carried.Letter is indicated by according to control strategy acquisition approach
Cease to obtain the carrying control strategy of the user terminal, rather than the plan all passed through in each accessing business network outside accessing
Control unit is omited to obtain the carrying control strategy of user.Therefore it is effectively reduced and is handed over the information of external policy control unit
Mutually, service access process can be simplified and signing process of the user in strategy control unit is omitted, Internet resources are saved, and carry
Consumer's Experience high.
Fig. 2 is present invention determine that carrying the schematic diagram of another embodiment of method of control strategy.As shown in Figure 2:
Step 201, receives the access request information that user terminal sends, and wherein access request information is known including user terminal
Other information.
Step 202, certification authority server is transmitted to by the access request information, so as to certification authority server according to
The user terminal identification information is authenticated to the user terminal.
Step 203, after the Certificate Authority information for receiving certification authority server transmission, in judging Certificate Authority information
Whether control strategy acquisition approach configured information is included.If not including in Certificate Authority information, control strategy acquisition approach indicates letter
Breath, then perform step 204;If Certificate Authority information includes control strategy acquisition approach configured information, step 205 is performed.
Step 204, rule is sent according to the control strategy acquisition approach configured information for pre-setting, and determines that control strategy is obtained
Take path configured information.
Preferably, rule is sent according to the control strategy acquisition approach configured information for pre-setting, when Certificate Authority information
In do not include control strategy acquisition approach configured information correspond to from it is local obtain carry control strategy when, generation is from local acquisition
Carry the control strategy acquisition approach configured information of control strategy.
And rule is sent according to the control strategy acquisition approach configured information for pre-setting, do not wrapped when in Certificate Authority information
When including control strategy acquisition approach configured information corresponding to carrying control strategy is obtained from strategy control unit, generate from strategy control
Unit processed obtains the control strategy acquisition approach configured information for carrying control strategy.
Step 205, plan is controlled according to the carrying that the control strategy acquisition approach configured information obtains the user terminal
Slightly.
Preferably, when the control strategy acquisition approach configured information indicates to carry control strategy from local acquisition, then
Using locally carrying control strategy of the default acquiescence control strategy as the user terminal.
And when the control strategy acquisition approach configured information is indicated to be obtained from strategy control unit and carries control strategy,
The carrying control strategy being associated with the user terminal is then obtained from strategy control unit.
Step 206, the user terminal access service net is controlled using control strategy is carried.
Fig. 3 is the schematic diagram of user terminal register method one embodiment of the present invention.As shown in figure 3,
Step 301, receives the registration information that user terminal sends.
Step 302, certification authority server is transmitted to by registration information, and wherein registration information includes user's end
End identification information and control strategy acquisition approach configured information, so that certification authority server utilizes user terminal identification information pair
The user terminal carries out authentication registration, and can store control strategy acquisition approach configured information in authentication registration success.
Step 303, after the authentication registration success response information for receiving certification authority server transmission, obtains and stores
The control strategy acquisition approach configured information that authentication registration success response information includes sends rule.
By above-mentioned logon mode, the control strategy acquisition approach that certification authority server can obtain user's setting indicates letter
Breath, so as to certification authority server for strategy execution unit provides control strategy acquisition approach configured information.While Certificate Authority
Server can also send rule for strategy execution unit provides control strategy acquisition approach configured information, so as to strategy execution unit
The carrying control strategy of user terminal is can determine when there is no control strategy acquisition approach configured information.
Fig. 4 is present invention determine that carrying the schematic diagram of the another another embodiment of control strategy method.As shown in Figure 4:
Step 401, receives the access request information that strategy execution unit sends, and wherein access request information includes user's end
The identification information at end.
Step 402, using the identification information of the user terminal, is authenticated to the user terminal.
Step 403, in certification success, Certificate Authority information, wherein Certificate Authority information is sent to strategy execution unit
Including control strategy acquisition approach configured information, so that strategy execution unit indicates to believe according to the control strategy acquisition approach
Breath, obtains the carrying control strategy of the user terminal.
Control strategy method is carried based on the determination that the above embodiment of the present invention is provided, is sent out by receiving strategy execution unit
The access request information sent, wherein access request information include the identification information of user terminal.Using the knowledge of the user terminal
Other information, is authenticated to the user terminal.In certification success, Certificate Authority information is sent to strategy execution unit, its
Middle Certificate Authority information includes control strategy acquisition approach configured information, so that strategy execution unit is obtained according to the control strategy
Path configured information is taken, the carrying control strategy of the user terminal is obtained.Control strategy is sent by strategy execution unit
Acquisition approach configured information, so that strategy execution unit can obtain the user according to control strategy acquisition approach configured information
The carrying control strategy of terminal, is all obtained rather than in each accessing business network by the strategy control unit outside access
The carrying control strategy of user.Therefore the information exchange with external policy control unit is effectively reduced, service access can be simplified
Process simultaneously omits signing process of the user in strategy control unit, saves Internet resources, and improve Consumer's Experience.
Fig. 5 is the schematic diagram of another embodiment of user terminal register method of the present invention.As shown in Figure 5:
Step 501, receives the registration information that strategy execution unit sends.
Step 502, the user terminal identification information included according to registration information carries out registration and recognizes to user terminal
Card.
Step 503, when authentication registration success, the control strategy acquisition approach that storage registration information includes is indicated
Information, and authentication registration success response information is sent to strategy execution unit, wherein authentication registration success response information includes
Control strategy acquisition approach configured information sends rule, refers to there is no control strategy acquisition approach so as to strategy execution unit
When showing information, rule is sent according to control strategy acquisition approach configured information and determines control strategy acquisition approach configured information.
Fig. 6 is the schematic diagram of strategy execution unit one embodiment of the present invention.As shown in fig. 6, strategy execution unit includes:
First receiving device 601, wherein the access request information for receiving user terminal transmission, access request packet
Include user terminal identification information.
First sends equipment 602, for the access request information to be transmitted into certification authority server, so that certification is awarded
Power server is authenticated according to the user terminal identification information to the user terminal.
Path indicates acquisition equipment 603, for receiving recognizing for certification authority server transmission in the first receiving device 601
After card authorization message, control strategy acquisition approach configured information is obtained from Certificate Authority information.
Tactful acquisition equipment 604, for according to the control strategy acquisition approach configured information, obtaining the user terminal
Carrying control strategy.
Service access equipment 605, the control strategy control user terminal access service net is carried for utilizing.
The strategy execution unit of control strategy is carried based on the determination that the above embodiment of the present invention is provided, by receiving user
The access request information that terminal sends, wherein access request information include user terminal identification information.By access request letter
Breath is transmitted to certification authority server, so as to certification authority server according to the user terminal identification information to user's end
End is authenticated.After the Certificate Authority information for receiving certification authority server transmission, control is obtained from Certificate Authority information
The tactful acquisition approach configured information of system.According to the control strategy acquisition approach configured information, holding for the user terminal is obtained
Carry control strategy.The user terminal access service net is controlled using control strategy is carried.Road is obtained by according to control strategy
Footpath configured information obtains the carrying control strategy of the user terminal, rather than in each accessing business network all by accessing
Outside strategy control unit obtains the carrying control strategy of user.Therefore it is effectively reduced and external policy control unit
Information exchange, can simplify service access process and omit signing process of the user in strategy control unit, save network money
Source, and improve Consumer's Experience.
Preferably, tactful acquisition equipment 604 is additionally operable to be indicated from local in the control strategy acquisition approach configured information
When obtaining carrying control strategy, using locally carrying control strategy of the default acquiescence control strategy as the user terminal.
Preferably, tactful acquisition equipment 604 is additionally operable to be indicated from strategy in the control strategy acquisition approach configured information
Control unit is obtained when carrying control strategy, and the carrying that obtained from strategy control unit is associated with the user terminal controls plan
Slightly.
Fig. 7 is the schematic diagram of another embodiment of strategy execution unit of the present invention.Compared with embodiment illustrated in fig. 6, in Fig. 7 institutes
Show in embodiment, strategy execution unit also includes that path indicates determination equipment 701.Wherein:
Path indicates acquisition equipment 603 to be additionally operable to do not have control strategy acquisition approach configured information in Certificate Authority information
When, indicate path to indicate determination equipment 701 to determine control strategy acquisition approach configured information;
Path indicates determination equipment 701, the instruction for indicating acquisition equipment 603 according to path, according to what is pre-set
Control strategy acquisition approach configured information sends rule, determines control strategy acquisition approach configured information, then indicates strategy to obtain
Taking equipment 604 performs the carrying control strategy according to the control strategy acquisition approach configured information acquisition user terminal
Operation.
Preferably, path indicates determination equipment 701 with specific reference to the control strategy acquisition approach configured information for pre-setting
Rule is sent, control is carried when not including that control strategy acquisition approach configured information corresponds to from local acquisition in Certificate Authority information
During system strategy, generation carries the control strategy acquisition approach configured information of control strategy from local acquisition.
Preferably, path indicates determination equipment 701 with specific reference to the control strategy acquisition approach configured information for pre-setting
Rule is sent, is obtained from strategy control unit when not including that control strategy acquisition approach configured information corresponds in Certificate Authority information
When taking carrying control strategy, generation obtains the control strategy acquisition approach instruction letter for carrying control strategy from strategy control unit
Breath.
Preferably, in the strategy execution unit shown in Fig. 7, also including Rule equipment 702 and first memory
703.Wherein:
First receiving device 601 is additionally operable to when the registration information that the user terminal sends is received, and indicates the
Registration information is transmitted to certification authority server by one transmission equipment 602, and wherein registration information includes user terminal
Identification information and control strategy acquisition approach configured information, so as to certification authority server using user terminal identification information to institute
Stating user terminal carries out authentication registration, and stores control strategy acquisition approach configured information in authentication registration success;Receiving
After the authentication registration success response information sent to certification authority server, Rule equipment 702 is indicated to obtain authentication registration
The control strategy acquisition approach configured information that success response information includes sends rule.
Rule equipment 702, for the instruction according to the first receiving device 601, obtains authentication registration success response letter
The control strategy acquisition approach configured information that breath includes sends rule, and control strategy acquisition approach configured information is sent into rule
Then store in first memory 703.
First memory 703, rule is sent for storing control strategy acquisition approach configured information.
Preferably, path instruction determination equipment 701 can obtain corresponding control strategy acquisition approach from first memory 703
Configured information sends rule.
Fig. 8 is the schematic diagram of certification authority server one embodiment of the present invention.As shown in figure 8, determining to carry control plan
Certification authority server slightly includes:
Second receiving device 801, wherein the access request information for receiving the transmission of strategy execution unit, access request letter
Breath includes the identification information of user terminal.
Authenticating device 802, for the identification information using the user terminal, is authenticated to the user terminal;
During certification success, indicate second to send equipment 803 and send Certificate Authority information, wherein Certificate Authority information to strategy execution unit
Including control strategy acquisition approach configured information.
Second sends equipment 803, for the instruction according to authenticating device 802, the certification is sent to strategy execution unit
Authorization message, so that strategy execution unit is according to the control strategy acquisition approach configured information, obtains the user terminal
Carry control strategy.
The certification authority server of control strategy is carried based on the determination that the above embodiment of the present invention is provided, by receiving plan
The access request information that slightly execution unit sends, wherein access request information include the identification information of user terminal.Using described
The identification information of user terminal, is authenticated to the user terminal.In certification success, certification is sent to strategy execution unit
Authorization message, wherein Certificate Authority information include control strategy acquisition approach configured information, so that strategy execution unit is according to institute
Control strategy acquisition approach configured information is stated, the carrying control strategy of the user terminal is obtained.By giving strategy execution unit
Send control strategy acquisition approach configured information so that strategy execution unit can according to control strategy acquisition approach configured information come
The carrying control strategy of the user terminal is obtained, is all controlled by the strategy outside access rather than in each accessing business network
Unit processed obtains the carrying control strategy of user.Therefore the information exchange with external policy control unit is effectively reduced, can
Simplify service access process and omit signing process of the user in strategy control unit, save Internet resources, and improve
Consumer's Experience.
Fig. 9 is the schematic diagram of another embodiment of certification authority server of the present invention.Compared with embodiment illustrated in fig. 8, in Fig. 9
In illustrated embodiment, certification authority server also includes second memory 901.Wherein:
Second receiving device 801 is additionally operable to, when the registration information of strategy execution unit transmission is received, indicate to recognize
Card equipment 802 carries out authentication registration according to the user terminal identification information that registration information includes to user terminal.
Authenticating device 802 is additionally operable to the instruction according to the second receiving device 801, according to the use that registration information includes
Family terminal identification information carries out authentication registration to user terminal;When authentication registration success, registration information is included
Control strategy acquisition approach configured information is stored in second memory 901, and indicates second to send equipment 803 to strategy execution
Unit sends authentication registration success response information, and wherein authentication registration success response information includes that control strategy acquisition approach refers to
Show that information sends rule, so that strategy execution unit is when there is no control strategy acquisition approach configured information, according to control
Tactful acquisition approach configured information sends rule and determines control strategy acquisition approach configured information.
Second memory 901, for storing control strategy acquisition approach configured information.
Figure 10 is present invention determine that carrying the schematic diagram of control strategy system one embodiment.As shown in Figure 10, the system
Including strategy execution unit 1001 and certification authority server 1002.Wherein:
Strategy execution unit 1001, receives the access request information that user terminal sends, and wherein access request information includes
User terminal identification information, certification authority server 1002 is transmitted to by the access request information, is receiving Certificate Authority
After the Certificate Authority information that server 1002 sends, control strategy acquisition approach configured information is obtained from Certificate Authority information,
According to the control strategy acquisition approach configured information, the carrying control strategy of the user terminal is obtained, using carrying control
User terminal access service net described in policy control.
Certification authority server 1002, the access request information for receiving the transmission of strategy execution unit 1001, using institute
The identification information of user terminal is stated, the user terminal is authenticated, in certification success, sent out to strategy execution unit 1001
Sending Certificate Authority information, wherein Certificate Authority information includes control strategy acquisition approach configured information.
Based on the system that the determination that the above embodiment of the present invention is provided carries control strategy, received by strategy execution unit
The access request information that user terminal sends, wherein access request information include user terminal identification information.Strategy execution unit
The access request information is transmitted to certification authority server, so that certification authority server is recognized according to the user terminal
Information is authenticated to the user terminal.After the Certificate Authority information for receiving certification authority server transmission, strategy is held
Row unit obtains control strategy acquisition approach configured information from Certificate Authority information.Referred to according to the control strategy acquisition approach
Show information, obtain the carrying control strategy of the user terminal.Strategy execution unit controls the use using control strategy is carried
Family terminal accessing business network.Controlled by the carrying that the user terminal is obtained according to control strategy acquisition approach configured information
Strategy, is controlled rather than the carrying for all being obtained user by the strategy control unit outside access in each accessing business network
Strategy.Therefore the information exchange with external policy control unit is effectively reduced, service access process can be simplified and user is omitted
Signing process in strategy control unit, saves Internet resources, and improve Consumer's Experience.
Preferably, the strategy execution unit that strategy execution unit 1001 is related to for any embodiment in Fig. 6 or Fig. 7, certification
The certification authority server that authorization server is related to for any embodiment in Fig. 8 or Fig. 9.
Figure 11 is present invention determine that carrying the network diagram of control strategy system one embodiment.As shown in figure 11, use
Access request is transmitted to certification authority server and is carried out by family terminal by wireless access network core network access, strategy execution unit
Certification.Certificate Authority information is sent to strategy execution unit, strategy execution unit by certification authority server after the authentication has been successful
The control strategy acquisition approach configured information included according to Certificate Authority information obtains the carrying control strategy of user terminal.Its
In, according to rule is sent, certification authority server can send control strategy acquisition approach configured information using following several ways:
1)Configured information is indicated respectively to carry control strategy and obtained from strategy control unit from local acquisition and carries control
Strategy
Configured information is 1, and control strategy is carried from local acquisition
Configured information is 0, is obtained from strategy control unit and carries control strategy
Strategy execution unit does not receive configured information, is obtained by predetermined way and carries control strategy
2)Configured information is represented from local acquisition and carries control strategy
Strategy execution unit receives configured information, and control strategy is carried from local acquisition
Strategy execution unit does not receive configured information, is obtained from strategy control unit and carries control strategy
3)Configured information is represented to be obtained from strategy control unit and carries control strategy
Strategy execution unit receives configured information, is obtained from strategy control unit and carries control strategy
Strategy execution unit does not receive configured information, and control strategy is carried from local acquisition
Strategy execution unit obtains carrying control by the carrying control strategy from local acquisition, or from strategy control unit
Strategy, controls user terminal access service net.
Preferably, strategy execution unit can be PDSN, SGSN(Serving GPRS SUPPORT NODE, GPRS services
Supporting node)、GGSN(Gateway GPRS Support Node, Gateway GPRS Support Node)、SGW(Serving
Gateway, gateway), PGW, certification authority server can be AAA(Authentication、Authorization、
Accounting, checking, authorization and accounting)Server, HSS(Home Subscriber Server, home subscriber server),
Strategy control unit can be PCRF.
Description of the invention is given for the sake of example and description, and is not exhaustively or by the present invention
It is limited to disclosed form.Many modifications and variations are for the ordinary skill in the art obvious.Select and retouch
State embodiment and be to more preferably illustrate principle of the invention and practical application, and one of ordinary skill in the art is managed
The solution present invention is suitable to the various embodiments with various modifications of special-purpose so as to design.
Claims (15)
1. a kind of method that determination carries control strategy, it is characterised in that including:
The access request information that user terminal sends is received, wherein access request information includes user terminal identification information;
The access request information is transmitted to certification authority server, so that certification authority server is according to the user terminal
Identification information is authenticated to the user terminal;
After the Certificate Authority information for receiving certification authority server transmission, acquisition control strategy is obtained from Certificate Authority information
Take path configured information;
According to the control strategy acquisition approach configured information, the carrying control strategy of the user terminal is obtained;
The user terminal access service net is controlled using control strategy is carried;
Wherein, control strategy acquisition approach configured information is obtained from Certificate Authority information includes:
If there is no control strategy acquisition approach configured information in Certificate Authority information, obtained according to the control strategy for pre-setting
Path configured information sends rule, determines control strategy acquisition approach configured information;
Then the carrying control strategy that the user terminal is obtained according to the control strategy acquisition approach configured information is performed
Step.
2. method according to claim 1, it is characterised in that
The step of obtaining the carrying control strategy of the user terminal according to the control strategy acquisition approach configured information includes:
When the control strategy acquisition approach configured information indicates to carry control strategy from local acquisition, will be local default silent
Recognize carrying control strategy of the control strategy as the user terminal.
3. method according to claim 1, it is characterised in that
The step of obtaining the carrying control strategy of the user terminal according to the control strategy acquisition approach configured information includes:
When the control strategy acquisition approach configured information indicates to be obtained from strategy control unit carries control strategy, from strategy
Control unit obtains the carrying control strategy being associated with the user terminal.
4. the method according to any one of claim 1-3, it is characterised in that
Rule is sent according to the control strategy acquisition approach configured information for pre-setting and determines that control strategy acquisition approach indicates letter
The step of breath, includes:
Rule is sent according to the control strategy acquisition approach configured information that pre-sets, when not including control in Certificate Authority information
Tactful acquisition approach configured information corresponds to when carrying control strategy is locally obtained, and generation carries control strategy from local acquisition
Control strategy acquisition approach configured information.
5. the method according to any one of claim 1-3, it is characterised in that
Rule is sent according to the control strategy acquisition approach configured information for pre-setting and determines that control strategy acquisition approach indicates letter
The step of breath, includes:
Rule is sent according to the control strategy acquisition approach configured information that pre-sets, when not including control in Certificate Authority information
When tactful acquisition approach configured information from strategy control unit corresponding to carrying control strategy is obtained, generate from strategy control unit
Obtain the control strategy acquisition approach configured information for carrying control strategy.
6. the method according to any one of claim 1-3, it is characterised in that
When the registration information that the user terminal sends is received, registration information is transmitted to Certificate Authority service
Device, wherein registration information include user terminal identification information and control strategy acquisition approach configured information, so that certification is awarded
Power server by utilizing user terminal identification information carries out authentication registration to the user terminal, and is stored in authentication registration success
Control strategy acquisition approach configured information;
After the authentication registration success response information for receiving certification authority server transmission, authentication registration success is obtained and stored
The control strategy acquisition approach configured information that response message includes sends rule.
7. a kind of method that determination carries control strategy, it is characterised in that including:
The access request information that strategy execution unit sends is received, wherein access request information includes that the identification of user terminal is believed
Breath;
Using the identification information of the user terminal, the user terminal is authenticated;
In certification success, Certificate Authority information is sent to strategy execution unit, wherein Certificate Authority information includes control strategy
Acquisition approach configured information, so that strategy execution unit is according to the control strategy acquisition approach configured information, obtains the use
The carrying control strategy of family terminal;
Wherein, when the registration information of strategy execution unit transmission is received, according to the use that registration information includes
Family terminal identification information carries out authentication registration to user terminal;
When authentication registration success, the control strategy acquisition approach configured information that storage registration information includes, and to plan
Slightly execution unit sends authentication registration success response information, and wherein authentication registration success response information includes that control strategy is obtained
Path configured information sends rule, so that strategy execution unit is when there is no control strategy acquisition approach configured information, root
Rule is sent according to control strategy acquisition approach configured information determine control strategy acquisition approach configured information.
8. a kind of determination carries the strategy execution unit of control strategy, it is characterised in that including:
First receiving device, wherein the access request information for receiving user terminal transmission, access request information include user
Terminal identification information;
First sends equipment, for the access request information to be transmitted into certification authority server, so as to Certificate Authority service
Device is authenticated according to the user terminal identification information to the user terminal;
Path indicates acquisition equipment, the Certificate Authority information for receiving certification authority server transmission in the first receiving device
Afterwards, control strategy acquisition approach configured information is obtained from Certificate Authority information;
Tactful acquisition equipment, for according to the control strategy acquisition approach configured information, obtaining the carrying of the user terminal
Control strategy;
Service access equipment, the control strategy control user terminal access service net is carried for utilizing;
Strategy execution unit also includes that path indicates determination equipment, wherein:
When path indicates acquisition equipment to be additionally operable to not have in Certificate Authority information control strategy acquisition approach configured information, indicate
Path indicates determination equipment to determine control strategy acquisition approach configured information;
Path indicates determination equipment, the instruction for indicating acquisition equipment according to path, is obtained according to the control strategy for pre-setting
Take path configured information and send rule, determine control strategy acquisition approach configured information, then indicate tactful acquisition equipment to perform
The operation of the carrying control strategy of the user terminal is obtained according to the control strategy acquisition approach configured information.
9. strategy execution unit according to claim 8, it is characterised in that
Tactful acquisition equipment is additionally operable to indicate to carry control plan from local acquisition in the control strategy acquisition approach configured information
When slightly, using locally carrying control strategy of the default acquiescence control strategy as the user terminal.
10. strategy execution unit according to claim 8, it is characterised in that
Tactful acquisition equipment is additionally operable to indicate to be obtained from strategy control unit in the control strategy acquisition approach configured information hold
When carrying control strategy, the carrying control strategy being associated with the user terminal is obtained from strategy control unit.
The 11. strategy execution unit according to any one of claim 8-10, it is characterised in that
Path indicates determination equipment to send rule with specific reference to the control strategy acquisition approach configured information for pre-setting, and works as certification
Do not include in authorization message control strategy acquisition approach configured information correspond to from it is local obtain carry control strategy when, generation from
It is local to obtain the control strategy acquisition approach configured information for carrying control strategy.
The 12. strategy execution unit according to any one of claim 8-10, it is characterised in that
Path indicates determination equipment to send rule with specific reference to the control strategy acquisition approach configured information for pre-setting, and works as certification
Do not include that control strategy acquisition approach configured information corresponds to be obtained from strategy control unit in authorization message and carry control strategy
When, generation obtains the control strategy acquisition approach configured information for carrying control strategy from strategy control unit.
The 13. strategy execution unit according to any one of claim 8-10, it is characterised in that strategy execution unit is also wrapped
Rule equipment and first memory are included, wherein:
First receiving device is additionally operable to, when the registration information that the user terminal sends is received, indicate first to send and set
Standby that registration information is transmitted into certification authority server, wherein registration information includes user terminal identification information and control
The tactful acquisition approach configured information of system, so that certification authority server is entered using user terminal identification information to the user terminal
Row authentication registration, and store control strategy acquisition approach configured information in authentication registration success;Receiving Certificate Authority clothes
After the authentication registration success response information that business device sends, Rule equipment is indicated to be wrapped in obtaining authentication registration success response information
The control strategy acquisition approach configured information for including sends rule;
Rule equipment, for the instruction according to the first receiving device, obtains what authentication registration success response information included
Control strategy acquisition approach configured information sends rule, and control strategy acquisition approach configured information is sent into rule storage the
In one memory;
First memory, rule is sent for storing control strategy acquisition approach configured information.
A kind of 14. certification authority servers for determining to carry control strategy, it is characterised in that including:
Second receiving device, the access request information for receiving the transmission of strategy execution unit, wherein access request information includes
The identification information of user terminal;
Authenticating device, for the identification information using the user terminal, is authenticated to the user terminal;In certification success
When, indicating second to send equipment and send Certificate Authority information to strategy execution unit, wherein Certificate Authority information includes control plan
Omit acquisition approach configured information;
Second sends equipment, for the instruction according to authenticating device, the Certificate Authority information is sent to strategy execution unit, with
Just strategy execution unit obtains the carrying control plan of the user terminal according to the control strategy acquisition approach configured information
Slightly;
Wherein, certification authority server also includes second memory, wherein:
Second receiving device is additionally operable to, when the registration information of strategy execution unit transmission is received, indicate authenticating device root
The user terminal identification information included according to registration information carries out authentication registration to user terminal;
Authenticating device is additionally operable to the instruction according to the second receiving device, according to the user terminal identification that registration information includes
Information carries out authentication registration to user terminal;When authentication registration success, the control strategy that registration information includes is obtained
Path configured information storage is taken in second memory, and indicates second to send equipment and send authentication registration to strategy execution unit
Success response information, wherein authentication registration success response information include that control strategy acquisition approach configured information sends rule,
So that strategy execution unit is when there is no control strategy acquisition approach configured information, indicated according to control strategy acquisition approach
Information sends rule and determines control strategy acquisition approach configured information;
Second memory, for storing control strategy acquisition approach configured information.
A kind of 15. systems for determining to carry control strategy, it is characterised in that including:Any one of claim 8-13
Strategy execution unit, and the certification authority server described in claim 14.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210323245.9A CN103686719B (en) | 2012-09-04 | 2012-09-04 | It is determined that carrying the method and system of control strategy |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210323245.9A CN103686719B (en) | 2012-09-04 | 2012-09-04 | It is determined that carrying the method and system of control strategy |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103686719A CN103686719A (en) | 2014-03-26 |
CN103686719B true CN103686719B (en) | 2017-07-07 |
Family
ID=50322725
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210323245.9A Active CN103686719B (en) | 2012-09-04 | 2012-09-04 | It is determined that carrying the method and system of control strategy |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103686719B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103929492B (en) | 2014-04-28 | 2017-08-29 | 华为技术有限公司 | Business chain load-balancing method and its device, system |
CN105792200B (en) * | 2014-12-26 | 2019-05-10 | 中国移动通信集团公司 | A kind of method for authenticating, system and relevant apparatus |
CN106612509B (en) * | 2015-10-21 | 2019-10-22 | 中国电信股份有限公司 | The methods, devices and systems of virtual radio service are provided in intensive wireless network |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101505470A (en) * | 2008-02-04 | 2009-08-12 | 华为技术有限公司 | Policy control method and equipment |
CN102098649A (en) * | 2010-12-09 | 2011-06-15 | 成都市华为赛门铁克科技有限公司 | Method, device and system for processing value added service based on policy and charging control system |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2547049B1 (en) * | 2010-05-25 | 2018-09-19 | Huawei Technologies Co., Ltd. | Method, system and corresponding apparatus for implementing policy and charging control |
-
2012
- 2012-09-04 CN CN201210323245.9A patent/CN103686719B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101505470A (en) * | 2008-02-04 | 2009-08-12 | 华为技术有限公司 | Policy control method and equipment |
CN102098649A (en) * | 2010-12-09 | 2011-06-15 | 成都市华为赛门铁克科技有限公司 | Method, device and system for processing value added service based on policy and charging control system |
Also Published As
Publication number | Publication date |
---|---|
CN103686719A (en) | 2014-03-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102369750B (en) | For the method and apparatus for the certification for managing user | |
CN105101163B (en) | The method and apparatus of air card-writing | |
CN103079201B (en) | Fast authentication method, access controller (AC) and system for wireless local area network | |
CN106465120A (en) | Method and nodes for integrating networks | |
CN107529160A (en) | A kind of VoWiFi method for network access and system, terminal and wireless access points equipment | |
TW201505464A (en) | Controlling method for sharing wireless data traffic and system thereof | |
US20190253397A1 (en) | Method and apparatus for data connectivity sharing | |
CN105228126B (en) | A kind of method and system of network access point trustship | |
WO2014063629A1 (en) | Charge control method, device and system for roaming user data service | |
CN108632325A (en) | A kind of call method and device of application | |
CN105657710A (en) | Wireless network authentication method and system | |
CN107872445A (en) | Access authentication method, equipment and Verification System | |
CN103686719B (en) | It is determined that carrying the method and system of control strategy | |
CN1885770B (en) | Authentication method | |
CN107579833A (en) | A kind of method and device for individual line subscriber speed-raising | |
CN106572114A (en) | Multi-server-based portal authentication method and system, and portal server | |
CN103327490B (en) | Outlet the Internet WIFI accesses system and method | |
CN104918245B (en) | A kind of identity identifying method, device, server and client | |
CN106100865A (en) | Authorization method, server and the terminal device that focus is shared | |
CN1885768B (en) | Worldwide web authentication method | |
WO2016078090A1 (en) | Charging control device, method and system | |
CN107710673A (en) | The method and apparatus of authenticating user identification | |
CN102938757A (en) | Method for sharing user data in network and identity provider | |
CN105409259B (en) | Telephone service is provided by WIFI for non-cellular | |
US7310510B2 (en) | Method for ascertaining a billing tariff for billing for a data transfer |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |