CN104349294A - Authentication charging method and system based on MiFi terminal and MiFi terminal - Google Patents

Authentication charging method and system based on MiFi terminal and MiFi terminal Download PDF

Info

Publication number
CN104349294A
CN104349294A CN201310326780.4A CN201310326780A CN104349294A CN 104349294 A CN104349294 A CN 104349294A CN 201310326780 A CN201310326780 A CN 201310326780A CN 104349294 A CN104349294 A CN 104349294A
Authority
CN
China
Prior art keywords
terminal
authentication
mifi
wifi
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201310326780.4A
Other languages
Chinese (zh)
Other versions
CN104349294B (en
Inventor
沈骁
邵震
刘琛
潘毅明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Corp Ltd
Original Assignee
China Telecom Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Corp Ltd filed Critical China Telecom Corp Ltd
Priority to CN201310326780.4A priority Critical patent/CN104349294B/en
Publication of CN104349294A publication Critical patent/CN104349294A/en
Application granted granted Critical
Publication of CN104349294B publication Critical patent/CN104349294B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/14Charging, metering or billing arrangements for data wireline or wireless communications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/55Push-based network services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/24Accounting or billing

Abstract

The invention discloses an authentication charging method and system based on a MiFi terminal and the MiFi terminal. The method comprises the following steps: the MiFi terminal pushing a Portal interface to a WiFi terminal, and prompting a user to input identity authentication information acquired by applying from an operator in advance; the MiFi terminal utilizing an authentication agent server through mobile network data connection, and sending the identity authentication information to an AAA server to perform identity authentication; the MiFi terminal distributing a private network IP address to the WiFi terminal in response to the phenomenon that the identity authentication is passed, and storing the corresponding relation of the private network IP address and user account information; the MiFi terminal starting duration charging aiming at the user account information, and/or the authentication agent server notifying a CCG system to start traffic charging aiming at the user account information. Through the technical scheme provided by the invention, the operator level authentication and charging aiming at individual user are realized.

Description

Based on the authentication and accounting method of MiFi terminal, system and MiFi terminal
Technical field
The present invention relates to the communications field, particularly a kind of authentication and accounting method based on MiFi terminal, system and MiFi terminal.
Background technology
In recent years, along with the development of mobile technology, MiFi product is also constantly popularized.MiFi, can by mobile network for WiFi mobile device provides Wi-Fi hotspot as the portable wideband wireless device of one.
Use existing MiFi equipment, by inserting SIM or the UIM card of a mobile network in MiFi equipment, network side is by mobile network's accessing Internet, and WiFi network is then passed through in user side, for WiFi equipment provides focus accessing Internet.Usually, use in the process of network user, operator carries out certification and charging to this kind of SIM or UIM card.
But, when multiple WiFi user uses MiFi equipment access network by multiple WiFi equipment, certification and charging cannot be carried out to the user of independent use WiFi equipment.
Summary of the invention
According to an aspect of the embodiment of the present invention, a technical problem to be solved is: provide a kind of authentication and accounting method based on MiFi terminal, system and MiFi terminal, realize the carrier-class certification for individual consumer and charging.
A kind of authentication and accounting method based on MiFi terminal that the embodiment of the present invention provides, comprising:
In response to the request being received the mobile MiFi terminal of access that user is sent by WiFi terminal by WiFi network, MiFi terminal pushes Portal interface to described WiFi terminal, prompting user input, in advance in the authentication information that operator's application obtains, comprises usersaccount information in described authentication information;
MiFi terminal receives the authentication information of user's input;
MiFi terminal utilizes authentication agent server by mobile network data connection, sends to aaa server to carry out authentication described authentication information;
Pass in response to authentication, MiFi terminal distributes private network IP address to described WiFi terminal, and preserves the corresponding relation of described private network IP address and described usersaccount information;
MiFi terminal activation pin is to the duration based accounting of described usersaccount information, and/or described authentication agent server notice CCG system activation pin is to the charge on traffic of described usersaccount information.
Alternatively, after MiFi terminal receives the authentication information of user's input, described method also comprises:
Whether MiFi terminal recognition has set up mobile network data connects;
Connecting in response to not setting up mobile network data, setting up mobile network data with mobile core network element and being connected, and obtaining the IP address that mobile core network element distributes to described MiFi terminal.
Alternatively, described method also comprises:
Disconnect WiFi in response to identification WiFi terminal to connect, described MiFi terminal stops the duration based accounting to described usersaccount information, and/or the state information that described authentication agent server identifies usersaccount information corresponding to described WiFi terminal is after off-line, stops the charging to described usersaccount information.
Alternatively, described method also comprises:
Described MiFi terminal is authentication agent server described in real-time real-time query when user offline, and the state information whether also having usersaccount information corresponding is online;
Be online in response to the state information not having usersaccount information corresponding, described MiFi terminal disconnects described mobile network data.
Alternatively, described method also comprises:
The data transaction of the WiFi protocol format that WiFi terminal sends by MiFi terminal becomes the business data packet of the data format of mobile network, and is sent to mobile core network element by mobile network data connection;
Data message parsing is carried out to the business data packet that MiFi sends, obtains the private network IP address comprised in business data packet;
Described business data packet is sent to CCG system by mobile core network element;
CCG system, according to the corresponding relation of private network IP address and usersaccount information, utilizes the private network IP address of resolving and obtaining, and obtains respective user account, and carries out traffic statistics according to the size of described business data packet to described usersaccount information;
The ticket that traffic statistics are formed is passed to aaa server and is carried out charging to described usersaccount information by CCG system;
Described business data packet is sent to the Internet by mobile core network element.
Alternatively, described method also comprises:
The business data packet returned from the Internet is back to after MiFi terminal through mobile core network element, the corresponding relation of private network IP address and user account information described in MiFi terminal inquiry, after obtaining the private network IP address of WiFi terminal, business data packet is sent to WiFi terminal by WiFi network.
Alternatively, described mobile network comprises: 3G or 4G mobile communications network.
A kind of MiFi terminal that the embodiment of the present invention provides, comprising:
WiFi communication module, for communicating by WiFi network with between WiFi terminal
Portal module, for receiving the request of the access MiFi terminal that user is sent by WiFi terminal in response to WiFi network, Portal interface is pushed to described WiFi terminal, prompting user input, in advance in the authentication information that operator's application obtains, comprises usersaccount information in described authentication information; Receive the authentication information of user's input;
Authentication Client, for receiving the described authentication information that Portal module sends, described authentication information is connected by mobile network data and is sent to mobile core network element, to make to obtain by rear, by CCG system activation pin to the charge on traffic of described usersaccount information in authentication; And/or pass in response to authentication, preserve the corresponding relation of private network IP address and the described usersaccount information distributed to described WiFi terminal, and activation pin is to the duration based accounting of described usersaccount information;
Mobile network communication module, for communicating with being connected by mobile network data between mobile core network element.
Alternatively, whether described mobile network communication module, also for after the authentication information of MiFi terminal reception user input, set up mobile network data and connected; Connecting in response to not setting up mobile network data, setting up mobile network data with mobile core network element and being connected, and obtaining the IP address that mobile core network element distributes to described MiFi terminal.
Alternatively, wherein, the duration of described Authentication Client to usersaccount information is in charging state, described Authentication Client, also connecting for disconnecting WiFi in response to identification WiFi terminal, stopping the duration based accounting to described usersaccount information.
Alternatively, described mobile network communication module, also for the real-time query authentication agent server when user offline, the state information whether also having usersaccount information corresponding is online; Be online in response to the state information not having usersaccount information corresponding, disconnect and being connected with the mobile network data of mobile core network element.
Alternatively, also comprise:
Protocol conversion module, the data transaction for WiFi protocol format WiFi terminal sent becomes the business data packet of the data format of mobile network, and is sent to mobile core network element by mobile network data connection; And the business data packet that reception mobile core network element returns, send to WiFi communication module after being converted to the business data packet of WiFi protocol format.
Alternatively, described WiFi communication module, also for, for the business data packet returned from the Internet, inquire about the corresponding relation of described private network IP address and user account information, after obtaining the private network IP address of WiFi terminal, business data packet is sent to WiFi terminal by WiFi network.
A kind of authentication and accounting System based on MiFi terminal that the embodiment of the present invention provides, comprising:
Any one MiFi terminal in above-mentioned MiFi terminal embodiment;
Authentication agent server, the authentication information for being transmitted by mobile core network element sends to aaa server to carry out authentication; Pass in response to authentication, result authentication passed returns MiFi terminal, and notice CCG system activation pin is to the charge on traffic of described usersaccount information.
Alternatively, also comprise:
Insert DPI module before core net, carry out data message parsing for the business data packet sent MiFi, obtain the private network IP address comprised in business data packet
Mobile core network element, the business data packet for being sent by MiFi is sent to CCG system; Business data packet is sent to the Internet;
CCG system, for the corresponding relation according to private network IP address and usersaccount information, insert DPI module before utilizing core net and resolve the private network IP address obtained, obtain respective user account, and according to the size of described business data packet, traffic statistics are carried out to described usersaccount information; The ticket that traffic statistics are formed is passed to aaa server;
Aaa server, for carrying out charging to described usersaccount information.
Based on the authentication and accounting method based on MiFi terminal that the above embodiment of the present invention provides, system and MiFi terminal, after the request receiving the mobile MiFi terminal of access that user is sent by WiFi terminal, by pushing Portal interface, prompting user input is in advance in the authentication information that operator's application obtains, thus connected by mobile network data, the aaa server of Operator Core Network authentication information is sent to carry out authentication, pass in response to authentication, can activation pin to the duration based accounting of usersaccount information, or authentication agent server notice CCG system activation pin is to the charge on traffic of usersaccount information, or carry out timing and charge on traffic simultaneously, thus the carrier-class certification realized for individual consumer and charging.
By referring to the detailed description of accompanying drawing to exemplary embodiment of the present invention, further feature of the present invention and advantage thereof will become clear.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Meanwhile, it should be understood that for convenience of description, the size of the various piece shown in accompanying drawing is not draw according to the proportionate relationship of reality.Represent similar terms in similar label and letter accompanying drawing below, therefore, once be defined in an a certain Xiang Yi accompanying drawing, then do not need to be further discussed it in accompanying drawing subsequently.
What form a part for specification drawings describes embodiments of the invention, and together with the description for explaining principle of the present invention.
With reference to accompanying drawing, according to detailed description below, clearly the present invention can be understood, wherein:
Fig. 1 illustrates the schematic flow sheet of a kind of embodiment of authentication and accounting method based on MiFi terminal provided by the present invention;
Fig. 2 illustrates the schematic flow sheet of a kind of embodiment of authentication and accounting method based on MiFi terminal provided by the present invention;
Fig. 3 illustrates the structural representation of a kind of embodiment of MiFi terminal provided by the present invention;
Fig. 4 illustrates the structural representation of a kind of embodiment of MiFi terminal provided by the present invention;
Fig. 5 illustrates the structural representation of a kind of embodiment of the authentication and accounting System based on MiFi terminal provided by the present invention;
Fig. 6 illustrates the structural representation of a kind of embodiment of the authentication and accounting System based on MiFi terminal provided by the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.It should be noted that: unless specifically stated otherwise, otherwise the parts of setting forth in these embodiments and the positioned opposite of step do not limit the scope of the invention.
Illustrative to the description only actually of at least one exemplary embodiment below, never as any restriction to the present invention and application or use.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
May not discuss in detail for the known technology of person of ordinary skill in the relevant, method and apparatus, but in the appropriate case, described technology, method and apparatus should be regarded as a part of authorizing specification.
In all examples with discussing shown here, any occurrence should be construed as merely exemplary, instead of as restriction.Therefore, other example of exemplary embodiment can have different values.
Shown in Figure 1, Fig. 1 illustrates the schematic flow sheet of a kind of embodiment of authentication and accounting method based on MiFi terminal provided by the present invention.This embodiment provides the authentication and accounting method based on MiFi terminal, comprising:
101, in response to the request being received the mobile MiFi terminal of access that user is sent by WiFi terminal by WiFi network, MiFi terminal pushes Portal interface to WiFi terminal, prompting user input is in advance in the authentication information that operator's application obtains, usersaccount information is comprised in authentication information, in addition, authentication information can also comprise user cipher;
102, MiFi terminal receives the authentication information of user's input;
103, MiFi terminal is connected by authentication agent server by mobile network data, authentication information is sent to AAA(Authentication Authorization Accounting, authentication, mandate and statistics) server carries out authentication; Authentication information can send to aaa server to carry out authentication by standard interface by authentication agent server;
104, pass in response to authentication, MiFi terminal distributes private network IP address to WiFi terminal, and preserves the corresponding relation of private network IP address and usersaccount information;
105, MiFi terminal activation pin is to the duration based accounting of usersaccount information, and/or authentication agent server notice CCG system activation pin is to the charge on traffic of usersaccount information.
In the method that the above embodiment of the present invention provides, by pushing Portal interface, prompting user input is in advance in the authentication information that operator's application obtains, thus connected by mobile network data, the aaa server of Operator Core Network authentication information is sent to carry out authentication, pass in response to authentication, can activation pin to the duration based accounting of usersaccount information, also can by authentication agent server content of announcement charging gateway (Content Charging Gateway, CCG) system activation pin is to the charge on traffic of usersaccount information, or carry out timing and charge on traffic simultaneously, thus the carrier-class certification realized for individual consumer and charging.
According to a concrete example of the inventive method embodiment, after MiFi terminal receives the authentication information of user's input, the method can also comprise:
Whether MiFi terminal recognition has set up mobile network data connects;
Connecting in response to not setting up mobile network data, setting up mobile network data with mobile core network element and being connected, and obtaining the IP address that mobile core network element distributes to MiFi terminal.
According to a concrete example of the inventive method embodiment, the method can also comprise:
Disconnect WiFi in response to identification WiFi terminal to connect, MiFi terminal stops the duration based accounting to usersaccount information, and/or the state information that authentication agent server identifies usersaccount information corresponding to WiFi terminal is after off-line, stops the charging to usersaccount information.Now stop duration based accounting and/or stop the operation of charge on traffic corresponding with the operation in 105.
According to a concrete example of the inventive method embodiment, the method can also comprise:
MiFi terminal is real-time query authentication agent server when user offline, and the state information whether also having usersaccount information corresponding is online;
Be online in response to the state information not having usersaccount information corresponding, MiFi terminal disconnects mobile network data.
On the basis of above-described embodiment, more specifically, the charging flow according to service traffics can also be realized in the following manner.Shown in Figure 2, Fig. 2 illustrates the schematic flow sheet of a kind of embodiment of authentication and accounting method based on MiFi terminal provided by the present invention.According to a concrete example of the inventive method embodiment, can also comprise relative to the method for Fig. 1, Fig. 2 embodiment:
The data transaction of the WiFi protocol format that WiFi terminal sends by 201, MiFi terminal becomes the business data packet of the data format of mobile network, and is sent to mobile core network element by mobile network data connection; WiFi agreement can comprise 802.11 agreements;
202, business data packet is sent to CCG system by mobile core network element;
203, CCG system carries out data message parsing to business data packet, and according to resolving the private network IP address comprised in the business data packet of acquisition;
204, CCG system, according to the corresponding relation of preserved private network IP address and usersaccount information, obtains respective user account, and carries out traffic statistics according to the size of business data packet to usersaccount information;
The ticket that traffic statistics are formed is passed to aaa server and is carried out charging to usersaccount information by 205, CCG system.
206, business data packet is sent to the Internet by mobile core network element.
According to a concrete example of the inventive method embodiment, the method also comprises:
The business data packet returned from the Internet is back to after MiFi terminal through mobile core network element, the corresponding relation of MiFi terminal inquiry private network IP address and user account information, after obtaining the private network IP address of WiFi terminal, business data packet is sent to WiFi terminal by WiFi network.
Exemplarily, mobile network can comprise 3G or 4G mobile communications network.Particularly, such as, global system for mobile communications (Global System of Mobile communication, GSM), code division multiple access (Code Division Multiple Access, CDMA), general packet radio service (General Packet Radio Service, GPRS), Wideband Code Division Multiple Access (WCDMA) (Wideband Code Division Multiple Access, WCDMA), CDMA20001x, CDMA2000 1x EV-DO, TD SDMA (Time Division-Synchronous Code Division Multiple Access, TD SCDMA), Long Term Evolution project (Long Term Evolution, LTE) any one in.
Shown in Figure 3, Fig. 3 illustrates the structural representation of a kind of embodiment of MiFi terminal provided by the invention.This MiFi terminal comprises:
WiFi communication module 301, for communicating by WiFi network with between WiFi terminal
Portal module 302, for receiving the request of the access MiFi terminal that user is sent by WiFi terminal in response to WiFi network, Portal interface is pushed to WiFi terminal, prompting user input, in advance in the authentication information that operator's application obtains, comprises usersaccount information in authentication information; Receive the authentication information of user's input;
Authentication Client 303, for receiving the authentication information that Portal module sends, authentication information is connected by mobile network data and is sent to mobile core network element, to make to obtain by rear, by CCG system activation pin to the charge on traffic of usersaccount information in authentication; And/or pass in response to authentication, preserve the corresponding relation of private network IP address and the usersaccount information distributed to WiFi terminal, and activation pin is to the duration based accounting of usersaccount information;
Mobile network communication module 304, for communicating with being connected by mobile network data between mobile core network element.
According to a concrete example of MiFi terminal embodiment of the present invention, whether mobile network communication module 304, also for after the authentication information of MiFi terminal reception user input, set up mobile network data and connected; Connecting in response to not setting up mobile network data, setting up mobile network data with mobile core network element and being connected, and obtaining the IP address that mobile core network element distributes to MiFi terminal.
According to a concrete example of MiFi terminal embodiment of the present invention, wherein, if the duration of the Authentication Client of MiFi terminal to usersaccount information is in charging state, Authentication Client 303, also for disconnecting WiFi connection in response to identifying WiFi terminal, stop the duration based accounting to usersaccount information.
According to a concrete example of MiFi terminal embodiment of the present invention, mobile network communication module 304, also for the real-time query authentication agent server when user offline, the state information whether also having usersaccount information corresponding is online; Be online in response to the state information not having usersaccount information corresponding, disconnect and being connected with the mobile network data of mobile core network element.
Shown in Figure 4, Fig. 4 illustrates the structural representation of a kind of embodiment of MiFi terminal provided by the present invention.According to a concrete example of MiFi terminal embodiment of the present invention, MiFi terminal also comprises: protocol conversion module 405, data transaction for WiFi protocol format WiFi terminal sent becomes the business data packet of the data format of mobile network, and is sent to mobile core network element by mobile network data connection; And the business data packet that reception mobile core network element returns, send to WiFi communication module after being converted to the business data packet of WiFi protocol format.
According to a concrete example of MiFi terminal embodiment of the present invention, WiFi communication module 301, also for for the business data packet returned from the Internet, the corresponding relation of inquiry private network IP address and user account information, after obtaining the private network IP address of WiFi terminal, business data packet is sent to WiFi terminal by WiFi network.
Shown in Figure 5, Fig. 5 illustrates the structural representation of a kind of embodiment of the authentication and accounting System based on MiFi terminal provided by the invention.Based on the authentication and accounting System of MiFi terminal, should comprise:
Any one MiFi terminal 501 in each MiFi terminal embodiment above-mentioned;
Authentication agent server 502, the authentication information for being transmitted by mobile core network element sends to aaa server to carry out authentication; Pass in response to authentication, result authentication passed returns MiFi terminal, and notice CCG system activation pin is to the charge on traffic of usersaccount information.
Shown in Figure 6, Fig. 6 illustrates the structural representation of a kind of embodiment of the authentication and accounting System based on MiFi terminal provided by the present invention.According to a concrete example of MiFi terminal embodiment of the present invention, this authentication and accounting System also comprises:
Insert deep-packet detection (Deep Packet Inspection, DPI) module 601 before core net, carry out data message parsing for the business data packet sent MiFi, obtain the private network IP address comprised in business data packet;
Mobile core network element 602, the business data packet for being sent by MiFi is sent to CCG system; Business data packet is sent to the Internet;
CCG system 603, for the corresponding relation according to private network IP address and usersaccount information, insert DPI module 506 before utilizing core net and resolve the private network IP address obtained, obtain respective user account, and according to the size of business data packet, traffic statistics are carried out to usersaccount information; The ticket that traffic statistics are formed is passed to aaa server;
Aaa server 604, for carrying out charging to usersaccount information.
In said system, can also comprise the base station of such as mobile communications network, such as, the base station of 3G or 4G mobile network, for by MiFi terminal access core network element 605.
So far, described in detail according to a kind of authentication and accounting method based on MiFi terminal of the present invention, system and MiFi terminal.In order to avoid covering design of the present invention, details more known in the field are not described.Those skilled in the art, according to description above, can understand how to implement technical scheme disclosed herein completely.
In this specification, each embodiment all adopts the mode of going forward one by one to describe, and what each embodiment stressed is the difference with other embodiment, same or analogous part cross-reference between each embodiment.For for the authentication and accounting System of MiFi terminal and MiFi terminal embodiment, because itself and embodiment of the method are substantially corresponding, thus describe fairly simple, relevant part illustrates see the part of embodiment of the method.
The authentication and accounting method based on MiFi terminal of the present invention, system and MiFi terminal may be realized in many ways.Such as, any combination by software, hardware, firmware or software, hardware, firmware realizes the authentication and accounting method based on MiFi terminal of the present invention, system and MiFi terminal.Said sequence for the step of described method is only to be described, and the step of method of the present invention is not limited to above specifically described order, unless specifically stated otherwise.In addition, in certain embodiments, can be also record program in the recording medium by the invention process, these programs comprise the machine readable instructions for realizing according to method of the present invention.Thus, the present invention also covers the recording medium stored for performing the program according to method of the present invention.
Although be described in detail specific embodiments more of the present invention by example, it should be appreciated by those skilled in the art, above example is only to be described, instead of in order to limit the scope of the invention.It should be appreciated by those skilled in the art, can without departing from the scope and spirit of the present invention, above embodiment be modified.Scope of the present invention is limited by claims.

Claims (14)

1., based on an authentication and accounting method for MiFi terminal, comprising:
In response to the request being received the mobile MiFi terminal of access that user is sent by WiFi terminal by WiFi network, MiFi terminal pushes Portal interface to described WiFi terminal, prompting user input, in advance in the authentication information that operator's application obtains, comprises usersaccount information in described authentication information;
MiFi terminal receives the authentication information of user's input;
MiFi terminal utilizes mobile network data to connect by authentication agent server, sends to aaa server to carry out authentication described authentication information;
Pass in response to authentication, MiFi terminal distributes private network IP address to described WiFi terminal, and preserves the corresponding relation of described private network IP address and described usersaccount information;
MiFi terminal activation pin is to the duration based accounting of described usersaccount information, and/or described authentication agent server content of announcement charging gateway CCG system activation pin is to the charge on traffic of described usersaccount information.
2. method according to claim 1, after MiFi terminal receives the authentication information of user's input, described method also comprises:
Whether MiFi terminal recognition has set up mobile network data connects;
Connecting in response to not setting up mobile network data, setting up mobile network data with mobile core network element and being connected, and obtaining the IP address that mobile core network element distributes to described MiFi terminal.
3. method according to claim 1, described method also comprises:
Disconnect WiFi in response to identification WiFi terminal to connect, described MiFi terminal stops the duration based accounting to described usersaccount information, and/or the state information that described authentication agent server identifies usersaccount information corresponding to described WiFi terminal is after off-line, stops the charging to described usersaccount information.
4. method according to claim 1, described method also comprises:
Described MiFi terminal is authentication agent server described in real-time query when user offline, and the state information whether also having usersaccount information corresponding is online;
Be online in response to the state information not having usersaccount information corresponding, described MiFi terminal disconnects described mobile network data.
5. method according to claim 1, described method also comprises:
The data transaction of the WiFi protocol format that WiFi terminal sends by MiFi terminal becomes the business data packet of the data format of mobile network, and is sent to mobile core network element by mobile network data connection;
Data message parsing is carried out to the business data packet that MiFi sends, obtains the private network IP address comprised in business data packet;
Described business data packet is sent to CCG system by mobile core network element;
CCG system, according to the corresponding relation of private network IP address and usersaccount information, utilizes the private network IP address of resolving and obtaining, and obtains respective user account, and carries out traffic statistics according to the size of described business data packet to described usersaccount information;
The ticket that traffic statistics are formed is passed to aaa server and is carried out charging to described usersaccount information by CCG system;
Described business data packet is sent to the Internet by mobile core network element.
6. method according to claim 1, described method also comprises:
The business data packet returned from the Internet is back to after MiFi terminal through mobile core network element, the corresponding relation of private network IP address and user account information described in MiFi terminal inquiry, after obtaining the private network IP address of WiFi terminal, business data packet is sent to WiFi terminal by WiFi network.
7. a MiFi terminal, comprising:
WiFi communication module, for communicating by WiFi network with between WiFi terminal
Portal module, for receiving the request of the access MiFi terminal that user is sent by WiFi terminal in response to WiFi network, Portal interface is pushed to described WiFi terminal, prompting user input, in advance in the authentication information that operator's application obtains, comprises usersaccount information in described authentication information; Receive the authentication information of user's input;
Authentication Client, for receiving the described authentication information that Portal module sends, mobile network data is utilized to be communicated with authentication agent server, aaa server is sent to carry out authentication described authentication information, to make to obtain by rear, by CCG system activation pin to the charge on traffic of described usersaccount information in authentication; And/or pass in response to authentication, preserve the corresponding relation of private network IP address and the described usersaccount information distributed to described WiFi terminal, and activation pin is to the duration based accounting of described usersaccount information;
Mobile network communication module, for communicating with being connected by mobile network data between mobile core network element.
8. MiFi terminal according to claim 7, whether described mobile network communication module, also for after the authentication information of MiFi terminal reception user input, set up mobile network data and connected; Connecting in response to not setting up mobile network data, setting up mobile network data with mobile core network element and being connected, and obtaining the IP address that mobile core network element distributes to described MiFi terminal.
9. MiFi terminal according to claim 7, wherein, the duration of described Authentication Client to usersaccount information is in charging state, described Authentication Client, also for disconnecting WiFi connection in response to identifying WiFi terminal, stop the duration based accounting to described usersaccount information.
10. MiFi terminal according to claim 7, described mobile network communication module, also for the real-time query authentication agent server when user offline, the state information whether also having usersaccount information corresponding is online; Be online in response to the state information not having usersaccount information corresponding, disconnect and being connected with the mobile network data of mobile core network element.
11. MiFi terminals according to claim 7, also comprise:
Protocol conversion module, the data transaction for WiFi protocol format WiFi terminal sent becomes the business data packet of the data format of mobile network, and is sent to mobile core network element by mobile network data connection; And the business data packet that reception mobile core network element returns, send to WiFi communication module after being converted to the business data packet of WiFi protocol format.
12. MiFi terminals according to claim 7, described WiFi communication module, also for, for the business data packet returned from the Internet, inquire about the corresponding relation of described private network IP address and user account information, after obtaining the private network IP address of WiFi terminal, business data packet is sent to WiFi terminal by WiFi network.
13. 1 kinds, based on the authentication and accounting System of MiFi terminal, comprising:
MiFi terminal according to claim 7 to 12 any one;
Authentication agent server, the authentication information for being transmitted by mobile core network element sends to aaa server to carry out authentication; Pass in response to authentication, result authentication passed returns MiFi terminal, and notice CCG system activation pin is to the charge on traffic of described usersaccount information.
14. authentication and accounting System according to claim 13, also comprise:
Insert DPI module before core net, carry out data message parsing for the business data packet sent MiFi, obtain the private network IP address comprised in business data packet
Mobile core network element, the business data packet for being sent by MiFi is sent to CCG system; Business data packet is sent to the Internet;
CCG system, for the corresponding relation according to private network IP address and usersaccount information, insert DPI module before utilizing core net and resolve the private network IP address obtained, obtain respective user account, and according to the size of described business data packet, traffic statistics are carried out to described usersaccount information; The ticket that traffic statistics are formed is passed to aaa server;
Aaa server, for carrying out charging to described usersaccount information.
CN201310326780.4A 2013-07-31 2013-07-31 Authentication and accounting method, system based on MiFi terminals and MiFi terminals Active CN104349294B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310326780.4A CN104349294B (en) 2013-07-31 2013-07-31 Authentication and accounting method, system based on MiFi terminals and MiFi terminals

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310326780.4A CN104349294B (en) 2013-07-31 2013-07-31 Authentication and accounting method, system based on MiFi terminals and MiFi terminals

Publications (2)

Publication Number Publication Date
CN104349294A true CN104349294A (en) 2015-02-11
CN104349294B CN104349294B (en) 2018-07-20

Family

ID=52503928

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310326780.4A Active CN104349294B (en) 2013-07-31 2013-07-31 Authentication and accounting method, system based on MiFi terminals and MiFi terminals

Country Status (1)

Country Link
CN (1) CN104349294B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104735668A (en) * 2015-03-27 2015-06-24 苏州兰亭泰客网络技术有限公司 MiFi cross-border communication service system and work process thereof
WO2018196755A1 (en) * 2017-04-24 2018-11-01 Telefonaktiebolaget Lm Ericsson (Publ) Differentiated services in legacy communication networks
CN109462568A (en) * 2017-09-06 2019-03-12 中国电信股份有限公司 Portal authentication method, system and Portal proxy server
CN109587656A (en) * 2018-12-31 2019-04-05 广东超讯通信技术股份有限公司 A kind of communication means, wireless fidelity device and terminal device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2005032051A1 (en) * 2003-09-30 2005-04-07 Huawei Technologies Co., Ltd. A fast interactive methodof user terminal in the wireless local area network (wlan) selecting access mobile network
CN101867912A (en) * 2010-06-07 2010-10-20 华为终端有限公司 Authentication method of access network and terminal
CN103139772A (en) * 2011-11-23 2013-06-05 中国移动通信集团上海有限公司 Method for processing terminal accessed to local area network and method and device for used data statistic
CN103179222A (en) * 2011-12-21 2013-06-26 中国移动通信集团公司 Method and device for distributing double-stack addresses

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2005032051A1 (en) * 2003-09-30 2005-04-07 Huawei Technologies Co., Ltd. A fast interactive methodof user terminal in the wireless local area network (wlan) selecting access mobile network
CN101867912A (en) * 2010-06-07 2010-10-20 华为终端有限公司 Authentication method of access network and terminal
CN103139772A (en) * 2011-11-23 2013-06-05 中国移动通信集团上海有限公司 Method for processing terminal accessed to local area network and method and device for used data statistic
CN103179222A (en) * 2011-12-21 2013-06-26 中国移动通信集团公司 Method and device for distributing double-stack addresses

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104735668A (en) * 2015-03-27 2015-06-24 苏州兰亭泰客网络技术有限公司 MiFi cross-border communication service system and work process thereof
WO2018196755A1 (en) * 2017-04-24 2018-11-01 Telefonaktiebolaget Lm Ericsson (Publ) Differentiated services in legacy communication networks
CN109462568A (en) * 2017-09-06 2019-03-12 中国电信股份有限公司 Portal authentication method, system and Portal proxy server
CN109462568B (en) * 2017-09-06 2022-07-05 中国电信股份有限公司 Portal authentication method, system and Portal proxy server
CN109587656A (en) * 2018-12-31 2019-04-05 广东超讯通信技术股份有限公司 A kind of communication means, wireless fidelity device and terminal device

Also Published As

Publication number Publication date
CN104349294B (en) 2018-07-20

Similar Documents

Publication Publication Date Title
CN104170416B (en) Online subscription data collocation method, apparatus and system
EP1860906B1 (en) A general authentication form and a method for implementing the authentication
WO2017128520A1 (en) Data traffic sharing method, device, system, and terminal
CN102388639B (en) Method and device for accessing mobile network and user device
CN104394522A (en) Establishment method and establishment device of communication links
CN103987024A (en) Roam processing method and roam processing equipment
CN104871579A (en) Security management method and apparatus for group communication in mobile communication system
CN104486818A (en) Method for selective access to cellular mobile network system and cloud server
CN101662768B (en) Authenticating method and equipment based on user identification module of personal handy phone system
CN104378751A (en) Method, equipment and system for gaining remote access to cellular mobile networks
CN102572689A (en) Mobile terminal locating system and method
CN104349294A (en) Authentication charging method and system based on MiFi terminal and MiFi terminal
CN102469455A (en) Method and system for managing machine type communication (MTC) equipment based on generic bootstrapping architecture (GBA) in grouping manner
US20180146421A1 (en) Method for realizing network access, terminal and computer storage medium
CN108141810A (en) The method and apparatus of data transmission is used in car networking system
CN103024719A (en) Mobility management entity (MME) selection method and MME selection system for terminal group
CN103095721B (en) A kind of method, terminal and system setting up secure connection
CN105163305A (en) Communication method and electronic device
JP2019506796A (en) Access method, user device and server
CN108696860B (en) Virtual SIM card implementation method and device, SIM server and terminal
CN105933869B (en) Method of locating terminal, device and terminal server
CN103281693A (en) Wireless communication authentication method, network translation equipment and terminal
CN103108316A (en) Authentication method, device and system for aerial card writing
CN105472577A (en) Communication method and system established in number transmission manner
CN104486803A (en) Adaptation method of cellular mobile network, terminal device and cloud server

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant