CN104683300B - The cut-in method and system of Internet service - Google Patents

The cut-in method and system of Internet service Download PDF

Info

Publication number
CN104683300B
CN104683300B CN201310627173.1A CN201310627173A CN104683300B CN 104683300 B CN104683300 B CN 104683300B CN 201310627173 A CN201310627173 A CN 201310627173A CN 104683300 B CN104683300 B CN 104683300B
Authority
CN
China
Prior art keywords
user
modification
online
attribute
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310627173.1A
Other languages
Chinese (zh)
Other versions
CN104683300A (en
Inventor
许昊
马里
陈效忠
李峰
来来
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Corp Ltd
Original Assignee
China Telecom Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Corp Ltd filed Critical China Telecom Corp Ltd
Priority to CN201310627173.1A priority Critical patent/CN104683300B/en
Publication of CN104683300A publication Critical patent/CN104683300A/en
Application granted granted Critical
Publication of CN104683300B publication Critical patent/CN104683300B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The embodiment of the invention discloses a kind of cut-in method of Internet service and systems, wherein method includes:Radius server distributes corresponding authorization mechanism and notification strategy server according to the authentication result to dial to user PPPOE to the user;Strategic server issues the Portal pages corresponding with authorization mechanism by Portal server to user terminal, includes the corresponding online attribute query of authorization mechanism and modification application entrance on the Portal pages;It receives user to ask with modification by the online attribute query that the inquiry on the Portal pages is sent with modification application entrance, the online attribute query that user sends is transmitted to strategic server by Portal server with modification request;Strategic server indicates the online attribute information of BRAS modification users, open access rights corresponding with user's requesting query or the online attribute of modification;User accesses internet by user terminal, based on modified online attribute.The embodiment of the present invention can establish the online attribute interaction channel between operator and user after PPPOE certifications.

Description

The cut-in method and system of Internet service
Technical field
The present invention relates to the communication technology, the cut-in method and system of especially a kind of Internet service.
Background technology
In every application such as routine work and life, user frequently needs access internet to obtain data resource.It is existing In technology, user accesses internet by following flow:
110, Internet user, which initiates Ethernet, transmits point-to-point protocol(Point-to-Point Protocol over Ethernet, PPPOE)Dialing sends access request, including the username and password of the user by PPPOE;
120, the remote authentication dial-in user service of operator(Remote Authentication Dial In User Service, RADIUS)Server recognizes the username and password in access request based on pre-stored user information Card.If certification does not pass through, refuse the user Internet access.If certification passes through, allow the user Internet access, then Execute 130 operation;
130, the arbitrary internet content of user's free access;
140, user's online terminates, and disconnects PPPOE connections, sends offline message to operator.
As shown in Figure 1, accessing a flow chart of internet for prior art user.
In the implementation of the present invention, inventor find, prior art user access interconnection network method at least exist with Lower problem:
Operator is merely able to by controlling whether to allow user Internet access to the certification of dial user's account number and password. After user is by carrier authorization, just decoupling, user between user can access arbitrary website for operator, but can only Network operation is carried out with the rate applied in advance from operator, it can not be in real time to the online attribute of user(For example, access rate) Carry out tactful change;Meanwhile for the user of authentification failure, user can only be denied access network, and can not with operator it Between establish it is effective interactive.
Invention content
The embodiment of the present invention the technical problem to be solved is that:A kind of cut-in method and system of Internet service are provided, Mutual indepedent state after to solve prior art PPPOE certifications between operator and user, establishes operator and user Between online attribute interaction channel.
A kind of cut-in method of Internet service provided in an embodiment of the present invention, including:
Remote authentication dial-in user service radius server is dialled according to user's Ethernet transmission point-to-point protocol PPPOE Number authentication result distribute corresponding authorization mechanism to the user, and reach the standard grade notification message to strategic server transmission, this is reached the standard grade Notification message includes the user account number and authorization mechanism information of the user;The authentication result to user's PPPOE dialing Do not pass through by PPPOE dialing authentications and PPPOE dialing authentications including the user;
Strategic server is issued and the authorization mechanism by portal Portal server to the user terminal of the user The corresponding Portal pages include the corresponding online attribute query of the authorization mechanism and modification application on the Portal pages Entrance, so that the user inquires and/or change the upper of the user by the online attribute query and modification application entrance Net attribute;
Apply for that entrance is initiated in response to receiving user and clicking the inquiry on the Portal pages by user terminal and change Attribute query of surfing the Internet is asked with modification, and the online attribute query that user sends is transmitted to plan by Portal server with modification request Slightly server, the online attribute query and modification are asked, and to include the user account number upper with user's requesting query or modification Net attribute information;
Strategic server is according to user's requesting query or the online attribute information of modification, under BAS Broadband Access Server BRAS Hair online attribute modification instruction, including user account number and user's requesting query or the online attribute information of modification, by BRAS Change the online attribute information of the user, open access rights corresponding with user's requesting query or the online attribute of modification;
User accesses internet by user terminal, based on modified online attribute.
In another embodiment of the cut-in method of Internet service of the present invention, Portal server specifically calls transmission The online attribute query that user sends is transmitted to policy service by the socket Socket interfaces of control protocol TCP with modification request Device.
In another embodiment of the cut-in method of Internet service of the present invention, pass through user in response to receiving user Terminal clicks the inquiry on the Portal pages and is asked with modification with modification application entrance initiation online attribute query, further includes:
Portal server starts to carry out timing according to the duration that preset duration or user apply on the Portal pages;
Terminate or receive user in response to the preset duration duration timing that either user applies on the Portal pages The end sent by the Portal pages indicated using this online attribute, Portal server counting user this use modification Afterwards online attribute duration, and again call TCP Socket interface notification strategic servers restore the user it is original on Net attribute and the user this using modified online attribute duration;
Strategic server records user, and this uses the duration of modified online attribute, and indicates that BRAS restores the user Original online attribute information.
In another embodiment of the cut-in method of Internet service of the present invention, strategic server record user this makes After duration with modified online attribute, further include:
Strategic server uses the user account number of the user, this modified online attribute used with this The duration information of modified online attribute is sent to accounting server, generates corresponding ticket by accounting server and to the user Carry out charging.
In another embodiment of the cut-in method of Internet service of the present invention, pass through if authentication result is the user PPPOE dialing authentications, the corresponding online attribute query of corresponding authorization mechanism include accesses control list with modification application entrance ACL, access rate, time delay, shake, access permission inquiry and modification application entrance;
If authentication result be the user since arrearage is not by PPPOE dialing authentications, corresponding authorization mechanism is corresponding Online attribute query with modification application entrance include pay the fees, answer a pager's call temporarily, billing query application entrance;
If authentication result is the user since password mistake does not pass through PPPOE dialing authentications, corresponding authorization mechanism pair The online attribute query answered includes password authentification, password modification inquiry application entrance with modification application entrance.
A kind of access system of Internet service provided in an embodiment of the present invention, including radius server, Portal clothes Be engaged in device, strategic server and BRAS;Wherein:
The radius server, it is corresponding for being distributed to the user according to the authentication result to user's PPPOE dialing Authorization mechanism, and notification message of reaching the standard grade is sent to strategic server, which includes user's account of the user Number with authorization mechanism information;The authentication result to user PPPOE dialing include the user by PPPOE dialing authentications with Do not pass through PPPOE dialing authentications;
The Portal server, for the instruction according to the strategic server, under the user terminal of the user The Portal pages corresponding with the authorization mechanism are sent out, include that the corresponding online of the authorization mechanism belongs on the Portal pages Property inquiry with modification application entrance, so as to the user by the online attribute query with modification application entrance inquire and/or Change the online attribute of the user;And inquiry on the Portal pages is clicked in response to receiving user by user terminal Online attribute query is initiated with modification application entrance to ask with modification, the online attribute query that user is sent turns with modification request Issue strategic server, the online attribute query and modification request include the user account number and user's requesting query or repair The online attribute information changed;
The strategic server, for by portal Portal server to the user terminal of the user issue with it is described The corresponding Portal pages of authorization mechanism, and according to user's requesting query or the online attribute information of modification, issued to BRAS Attribute modification of surfing the Internet instruction, including user account number and user's requesting query or the online attribute information of modification;
The BRAS, the online attribute information for storing user, and changed according to the instruction of the strategic server The online attribute information of the user, open access rights corresponding with user's requesting query or the online attribute of modification, so as to User accesses internet by user terminal, based on modified online attribute.
In another embodiment of the access system of Internet service of the present invention, the Portal server is specific logical It crosses and calls the Socket interfaces of TCP that the online attribute query that user sends is transmitted to strategic server with modification request.
In another embodiment of the access system of Internet service of the present invention, the Portal server is additionally operable to Receiving user by user terminal and clicking the inquiry on the Portal pages online attribute query is initiated with modification application entrance After asking with modification, start to carry out timing according to the duration that preset duration or user apply on the Portal pages;In response to The preset duration duration timing that either user applies on the Portal pages terminates or receives user and passes through the Portal pages The end of transmission indicated using this online attribute, counting user this using modified online attribute duration, and again Call that the Socket interface notification strategic servers of TCP restore original online attribute of the user and the user this use is repaiied The duration of online attribute after changing;
The strategic server, being additionally operable to record user, this uses the duration of modified online attribute, and indicates BRAS restores original online attribute information of the user.
In another embodiment of the access system of Internet service of the present invention, the strategic server is additionally operable to After recording user this duration using modified online attribute, by the user account number of the user, this repairing of using The duration information for the modified online attribute that online attribute after changing is used with this is sent to accounting server, is taken by charging Business device generates corresponding ticket and carries out charging to the user.
In another embodiment of the access system of Internet service of the present invention, pass through if authentication result is the user PPPOE dialing authentications, the corresponding online attribute query of corresponding authorization mechanism and modification application entrance include ACL, access rate, Time delay, shake, access permission inquiry and modification application entrance;
If authentication result be the user since arrearage is not by PPPOE dialing authentications, corresponding authorization mechanism is corresponding Online attribute query with modification application entrance include pay the fees, answer a pager's call temporarily, billing query application entrance;
If authentication result is the user since password mistake does not pass through PPPOE dialing authentications, corresponding authorization mechanism pair The online attribute query answered includes password authentification, password modification inquiry application entrance with modification application entrance.
Cut-in method and system based on the Internet service that the above embodiment of the present invention provides, radius server can be with According to the authentication result to dial to user PPPOE corresponding authorization mechanism notification strategy server, strategy clothes are distributed to the user Business device issues the Portal pages corresponding with its authorization mechanism by Portal server to user terminal, is wrapped on the Portal pages The corresponding online attribute query of its authorization mechanism and modification application entrance are included, user is initiated by the inquiry and modification application entrance Attribute query surf the Internet with after modification request, the online attribute query that user sends is transmitted to by Portal server with modification request Strategic server, strategic server instruction BRAS change the online attribute information of the user, open with user's requesting query or to repair The corresponding access rights of online attribute changed, such user can be based on modified online attribute and access internet.The present invention Embodiment solves the technical issues of mutual indepedent state between operator and user after PPPOE certifications, for difference PPPOE dialing authentication result users, establish the online attribute interaction channel between operator and user, certification passed through User, its attribute of surfing the Internet, such as ACL, access rate, time delay, shake, access permission can be changed by the interaction channel Deng;And for the user of authentification failure, it can also give its certain permission and carry out interim access permission.
Below by drawings and examples, technical scheme of the present invention will be described in further detail.
Description of the drawings
The attached drawing of a part for constitution instruction describes the embodiment of the present invention, and together with description for explaining The principle of the present invention.
The present invention can be more clearly understood according to following detailed description with reference to attached drawing, wherein:
Fig. 1 is that prior art user accesses internet flow chart.
Fig. 2 is the flow chart of cut-in method one embodiment of Internet service of the present invention.
Fig. 3 is the flow chart of another embodiment of the cut-in method of Internet service of the present invention.
Fig. 4 is the structural schematic diagram of access system one embodiment of Internet service of the present invention.
Specific implementation mode
Carry out the various exemplary embodiments of detailed description of the present invention now with reference to attached drawing.It should be noted that:Unless in addition having Body illustrates that the unlimited system of component and the positioned opposite of step, numerical expression and the numerical value otherwise illustrated in these embodiments is originally The range of invention.
Simultaneously, it should be appreciated that for ease of description, the size of attached various pieces shown in the drawings is not according to reality Proportionate relationship draw.
It is illustrative to the description only actually of at least one exemplary embodiment below, is never used as to the present invention And its application or any restrictions that use.
Technology, method and apparatus known to person of ordinary skill in the relevant may be not discussed in detail, but suitable In the case of, the technology, method and apparatus should be considered as part of specification.
In shown here and discussion all examples, any occurrence should be construed as merely illustrative, without It is as limitation.Therefore, the other examples of exemplary embodiment can have different values.
It should be noted that:Similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi It is defined, then it need not be further discussed in subsequent attached drawing in a attached drawing.
Fig. 2 is the flow chart of cut-in method one embodiment of Internet service of the present invention.As shown in Fig. 2, the embodiment The cut-in method of Internet service include:
210, radius server distributes corresponding mandate etc. according to the authentication result to dial to user PPPOE to the user Grade, and notification message of reaching the standard grade is sent to strategic server, for example, this is reached the standard grade, notification message can be the message of reaching the standard grade of user, should Notification message of reaching the standard grade includes the user account number and authorization mechanism information of user.
Wherein, include user by PPPOE dialing authentications to the authentication result of user's PPPOE dialing and do not pass through PPPOE Dialing authentication not may include again specifically since arrearage is not by PPPOE dialing authentications, due to close by PPPOE dialing authentications Code mistake does not pass through a variety of situations such as PPPOE dialing authentications.For example, radius server can be according to presetting, to passing through The user that PPPOE dialing authentications are normally reached the standard grade distributes authorization mechanism 1, indicates that the user passes through PPPOE dialing authentications;To not passing through PPPOE dialing authentications(I.e.:Authentification failure)User in password mistake user distribute authorization mechanism 2, indicate password mistake;To Defaulting subscriber's authorization mechanism 3 in the user of authentification failure, indicates the subscriber arrearage.It can be by different authentication based on authorization mechanism As a result user is divided into specific groups of users.
220, strategic server passes through portal(Portal)Server issues and its authorization mechanism to the user terminal of user The corresponding Portal pages include that the corresponding online attribute query of its authorization mechanism applies for entrance with modification on the Portal pages, So that user passes through attribute query and modification application entrance inquiry and/or the online attribute of modification user of surfing the Internet.
Illustratively, if authentication result is user by PPPOE dialing authentications, the corresponding online category of corresponding authorization mechanism Property inquiry with modification application entrance can include but is not limited to accesses control list(ACL), access rate, time delay, shake, access The inquiry of license etc. and modification application entrance.If authentication result be user since arrearage is not by PPPOE dialing authentications, accordingly The corresponding online attribute query of authorization mechanism can include but is not limited to pay the fees, answer a pager's call temporarily with modification application entrance, bill is looked into Ask application entrance.If authentication result is user since password mistake is not by PPPOE dialing authentications, corresponding authorization mechanism correspondence Online attribute query with modification application entrance can include but is not limited to password authentification, password modification inquiry application entrance.Its In inquiry with modification application entrance can specifically be presented as that pushbutton type, user click a certain button on webpage on webpage When, to Portal server send the corresponding online attribute query of the button with modification ask, for example, click temporarily answer a pager's call by Button can send request of answering a pager's call temporarily to Portal server.
230, online attribute query on the Portal pages and modification are clicked by user terminal in response to receiving user Apply for that entrance is initiated online attribute query and asked with modification, the online attribute query that Portal server sends user and modification Request is transmitted to strategic server, and it includes user account number and user's requesting query or repair that the online attribute query and modification, which are asked, The online attribute information changed.
Illustratively, Portal server can specifically call transmission control protocol(TCP)Socket(Socket)It connects The online attribute query that user sends is transmitted to strategic server by mouth with modification request.
240, strategic server is according to user's requesting query or the online attribute information of modification, to BAS Broadband Access Server (BRAS)Online attribute modification instruction is issued, is believed including user account number and user's requesting query or the online attribute of modification Breath, is changed the online attribute information of user by BRAS, open with user's requesting query or the online attribute of modification is corresponding accesses Permission.
250, user accesses internet by user terminal, based on modified online attribute.
Cut-in method based on the Internet service that the above embodiment of the present invention provides, radius server can be according to right The authentication result of user's PPPOE dialing distributes corresponding authorization mechanism notification strategy server to the user, and strategic server is logical It crosses Portal server and issues the Portal pages corresponding with its authorization mechanism to user terminal, awarded including it on the Portal pages The corresponding online attribute query of grade and modification application entrance are weighed, user initiates online with modification application entrance by the inquiry and belongs to Property inquiry with after modification request, Portal server asks online attribute query that user sends with modification to be transmitted to tactful clothes Be engaged in device, strategic server instruction BRAS changes the online attribute information of the user, it is open with user's requesting query or modification it is upper The corresponding access rights of net attribute, such user can be based on modified online attribute and access internet.The embodiment of the present invention Solves after PPPOE certifications the technical issues of mutual indepedent state between operator and user, for different PPPOE Dialing authentication result user establishes the online attribute interaction channel between operator and user, for certification by user, Its surf the Internet attribute, such as ACL, access rate, time delay, shake, access permission etc. can be changed by the interaction channel;And for The user of authentification failure can also give its certain permission and carry out interim access permission.
In another embodiment of the cut-in method of Internet service of the present invention, in operation 230, in response to receiving use Family clicks the inquiry on the Portal pages by user terminal and is asked with modification with modification application entrance initiation online attribute query, Further include:
Portal server starts to carry out timing according to the duration that preset duration or user apply on the Portal pages;
Terminate or receive user in response to the preset duration duration timing that either user applies on the Portal pages The end sent by the Portal pages indicated using this online attribute, Portal server counting user this use modification Afterwards online attribute duration, and again call TCP Socket interface notification strategic servers restore the user it is original on Net attribute and the user this using modified online attribute duration;
Strategic server records user, and this uses the duration of modified online attribute, and indicates that BRAS restores the user Original online attribute information.
Further, in another embodiment of the cut-in method of Internet service of the present invention, strategic server record User this using it is modified online attribute duration after, can also be by the user account number of user, this modification used The duration information for the modified online attribute that online attribute afterwards is used with this is sent to accounting server, by billing of services Device generates corresponding ticket and carries out charging to the user.
Fig. 3 is the flow chart of another embodiment of the cut-in method of Internet service of the present invention.As shown in figure 3, the implementation The cut-in method of Internet service of example includes:
310, user carries out PPPOE dialing by user terminal and sends access request, including user's account of the user Number and password.
320, radius server is based on pre-stored user information(It include the user account number with network insertion permission And password)To in access request user account number and password be authenticated, and distributed to the user according to authentication result corresponding Authorization mechanism, and user's message of reaching the standard grade is made a copy for into strategic server, such as network company's service deployment system(SDX)Policy service Device, notification strategy server is reached the standard grade using the user of the user account number and the authorization mechanism of the user.
In addition, radius server also distributes the user normally to reach the standard grade by certification access rate, the bandwidth of its application Etc. parameters.
330, strategic server is reached the standard grade message and the authorization mechanism of user according to user, by Portal server to user Terminal issues the Portal pages, to provide attribute interaction channel of surfing the Internet, is provided with the user's on the Portal pages therein Authorization mechanism is surfed the Internet attribute query and modification application entrance accordingly, which can include but is not limited to ACL, optional Access rate, time delay, shake, access permission, payment, answer a pager's call temporarily, billing query, password authentification, password modification etc..
Inquiry therein can specifically be presented as pushbutton type with modification application entrance.These inquiries on the Portal pages Apply for that entrance, the Socket interfaces that TCP specifically may be used are communicated with strategic server with modification.To realize that backstage is real The purpose of Shi Xiugai user's online attribute.
340, user clicks the inquiry on the Portal pages by user terminal and initiates online attribute with modification application entrance When inquiry is asked with modification, Portal server call the Socket interfaces of TCP by online attribute query that user sends with repair Change request and is transmitted to strategic server, including user account number and user's requesting query or the online attribute information of modification, and Start to carry out timing according to the duration that preset duration or user apply on the Portal pages.
350, strategic server is according to user's requesting query or the online attribute information of modification, to BAS Broadband Access Server (BRAS)Online attribute modification instruction is issued, is believed including user account number and user's requesting query or the online attribute of modification Breath is opened and user's requesting query by the online attribute information of the user in user's online attribute information of BRAS modification storages Or the corresponding access rights of online attribute of modification, for example, for the user by certification, modification online attribute can according to The online attributes such as ACL, access rate, time delay, shake and the access permission of family application modification user;For defaulting subscriber, originally Online attribute be can not normally access network, but when user by click on portal page face it is interim answer a pager's call button after, repair User property can be revised as the user normally to reach the standard grade by certification by changing online attribute, while decontrol ACL, allow user just Often online;For the user of cipher authentication mistake, modification online attribute can change the ACL of the user, the open user couple The access rights of radius server allow user to access radius server to inquire or Modify password.
360, user accesses internet by user terminal, based on modified online attribute, can be based on modified The attributes such as online attribute restricting user access permission, access address, access rate.
370, terminate or receive in response to the preset duration duration timing that either user applies on the Portal pages The end that user is sent by the Portal pages indicates that Portal server is wanted to user terminal transmission using this online attribute User is asked to confirm the Portal pages terminated using this modified online attribute.
For example, user applies for modification online attribute on the Portal pages 5 hours or preset duration is 5 hours, then when 5 is small When reach, Portal server can to user terminal send require user confirm terminate use this modified online attribute The Portal pages.
User can click " confirmation " button transmission confirmation message therein after seeing the Portal pages on user terminal, Confirm and terminates to use this modified online attribute.
380, user terminal receives user by clicking the confirmation message of " confirmation " button feedback on the Portal pages simultaneously It is sent to Portal server, Portal server counting user uses the duration of this online attribute, and calls TCP's again Socket interface notification strategic servers restore original online attribute of the user and the user uses this online attribute Duration.
390, strategic server records duration of the user using this online attribute, and indicates that BRAS restores the original of the user There is online attribute information, such as it is arrearage state to restore the user.
400, strategic server is by the user account number of the user, this online attribute used and uses this attribute of surfing the Internet Duration information be sent to accounting server, by accounting server generate corresponding ticket and to the user carry out charging.
Fig. 4 is the structural schematic diagram of access system one embodiment of Internet service of the present invention.The interconnection of the embodiment The access system of network service can be used for realizing the cut-in method embodiment of the above-mentioned each Internet service of the present invention.As shown in figure 4, should The access system of the Internet service of embodiment includes radius server, Portal server, strategic server and BRAS.Its In:
Radius server, for distributing corresponding authorize to the user according to the authentication result to user's PPPOE dialing Grade, and notification message of reaching the standard grade is sent to strategic server, which includes user account number and the mandate of user Class information;Authentication result to user PPPOE dialing include user by PPPOE dialing authentications with do not dialled by PPPOE Certification.
Wherein, include user by PPPOE dialing authentications to the authentication result of user's PPPOE dialing and do not pass through PPPOE Dialing authentication not may include again specifically since arrearage is not by PPPOE dialing authentications, due to close by PPPOE dialing authentications Code mistake does not pass through a variety of situations such as PPPOE dialing authentications.For example, radius server can be according to presetting, to passing through The user that PPPOE dialing authentications are normally reached the standard grade distributes authorization mechanism 1, indicates that the user passes through PPPOE dialing authentications;To not passing through PPPOE dialing authentications(I.e.:Authentification failure)User in password mistake user distribute authorization mechanism 2, indicate password mistake;To Defaulting subscriber's authorization mechanism 3 in the user of authentification failure, indicates the subscriber arrearage.
Portal server, for according to the instruction of strategic server, being issued to the user terminal of user and authorization mechanism The corresponding Portal pages include that the corresponding online attribute query of authorization mechanism applies for entrance with modification on the Portal pages, So that user passes through attribute query and modification application entrance inquiry and/or the online attribute of modification user of surfing the Internet;And in response to The online attribute query that user is clicked by user terminal on the Portal pages is received with modification application entrance initiation online to belong to Property inquiry asked with modification, online attribute query and modification request that user sends are transmitted to strategic server, attribute of surfing the Internet Inquiry includes user account number and user's requesting query or the online attribute information of modification with modification request.
Illustratively, the online that Portal server can specifically be sent user by the Socket interfaces of calling TCP Attribute query is transmitted to strategic server with modification request.
Strategic server, it is corresponding to authorization mechanism for being issued to the user terminal of user by portal Portal server The Portal pages, and according to user's requesting query or the online attribute information of modification, online attribute modification is issued to BRAS Instruction, including user account number and user's requesting query or the online attribute information of modification.
BRAS, the online attribute information for storing user, and the upper of user is changed according to the instruction of strategic server Net attribute information, open access rights corresponding with user's requesting query or the online attribute of modification, so that user passes through user Terminal accesses internet based on modified online attribute.
Access system based on the Internet service that the above embodiment of the present invention provides, radius server can be according to right The authentication result of user's PPPOE dialing distributes corresponding authorization mechanism notification strategy server to the user, and strategic server is logical It crosses Portal server and issues the Portal pages corresponding with its authorization mechanism to user terminal, awarded including it on the Portal pages The corresponding online attribute query of grade and modification application entrance are weighed, user initiates online with modification application entrance by the inquiry and belongs to Property inquiry with after modification request, Portal server asks online attribute query that user sends with modification to be transmitted to tactful clothes Be engaged in device, strategic server instruction BRAS changes the online attribute information of the user, it is open with user's requesting query or modification it is upper The corresponding access rights of net attribute, such user can be based on modified online attribute and access internet.The embodiment of the present invention Solves after PPPOE certifications the technical issues of mutual indepedent state between operator and user, for different PPPOE Dialing authentication result user establishes the online attribute interaction channel between operator and user, for certification by user, Its surf the Internet attribute, such as ACL, access rate, time delay, shake, access permission etc. can be changed by the interaction channel;And for The user of authentification failure can also give its certain permission and carry out interim access permission.
In another embodiment of the access system of Internet service of the present invention, Portal server can be also used for Receive user by user terminal click inquiry on the Portal pages and modification application entrance initiate online attribute query with After modification request, start to carry out timing according to the duration that preset duration or user apply on the Portal pages;In response to pre- If the duration duration timing that either user applies on the Portal pages terminates or receives user and sent out by the Portal pages The end sent indicates that this uses the duration of modified online attribute to counting user, and adjusts again using this online attribute With the Socket interface notification strategic servers of TCP restore the user original online attribute and the user this using modification The duration of online attribute afterwards.Correspondingly, strategic server can be additionally used in record user this use modified online attribute Duration, and indicate that BRAS restores original online attribute information of the user.
In another embodiment of the access system of Internet service of the present invention, strategic server can also be used to record User this using it is modified online attribute duration after, by the user account number of user, this use it is modified on The duration information for the modified online attribute that net attribute is used with this is sent to accounting server, is generated by accounting server Corresponding ticket simultaneously carries out charging to the user.
Cut-in method and system based on the Internet service that the above embodiment of the present invention provides, can realize user and fortune Answering a pager's call in real time for defaulting subscriber may be implemented, i.e., in the real-time, interactive for seeking quotient:It provides and is may choose whether temporarily to defaulting subscriber The Portal pages answered a pager's call;It can be by including that ACL, access rate, time delay, shake, access are permitted to the offer of former low-rate users Can the Portal pages of button so that the user is had an opportunity real-time experience high-speed bandwidth;Special user's access address limit may be implemented System carries out black and white lists filtering;To the user that some public security are paid close attention to, specific ACL can be issued by strategic server Limit its access address;For operator, real dynamic bandwidth adjustment may be implemented.Similar to electric system Peak valley electric system carries out difference rate to broadband in different time periods, and according to the period that user applies, strategic server is being counted Different labels is stamped on expense message, corresponding expense is collected according to label, really rationally utilizes broadband resource.
Each embodiment is described in a progressive manner in this specification, the highlights of each of the examples are with its The difference of its embodiment, same or analogous part cross-reference between each embodiment.For system embodiment For, since it is substantially corresponding with embodiment of the method, so description is fairly simple, referring to the portion of embodiment of the method in place of correlation It defends oneself bright.
Method, the system of the present invention may be achieved in many ways.For example, software, hardware, firmware or soft can be passed through Part, hardware, firmware any combinations come realize the present invention method and system.The said sequence of the step of for the method is only It is to illustrate, the step of method of the invention is not limited to sequence described in detail above, unless otherwise especially Explanation.In addition, in some embodiments, also the present invention can be embodied as to record program in the recording medium, these program bags It includes for realizing machine readable instructions according to the method for the present invention.Thus, the present invention also covers storage for executing according to this The recording medium of the program of the method for invention.
One of ordinary skill in the art will appreciate that:Realize that all or part of step of above method embodiment can pass through The relevant hardware of program instruction is completed, and program above-mentioned can be stored in a computer read/write memory medium, the program When being executed, step including the steps of the foregoing method embodiments is executed;And storage medium above-mentioned includes:ROM, RAM, magnetic disc or light The various media that can store program code such as disk.
Compared with prior art, the embodiment of the present invention has following advantageous effects:
In currently available technology, the internet of user and operator interacts, and mainly uses the online business hall of WEB modes Progress, by online business hall customized user service package, online business hall can only actively be accessed by user, can not be by transporting It seeks quotient and actively initiates interaction.And the embodiment of the present invention establishes the online attribute interaction channel between operator and user, for Certification by user, its attribute of surfing the Internet can be changed by the interaction channel, such as ACL, access rate, time delay, shake, connect Enter license etc.;And for the user of authentification failure, it can also give its certain permission and carry out interim access permission;
The service handling of online business hall needs a series of Operation Support System(OSS)Flow is taken substantially one It or so can not be accomplished to come into force in real time.And the embodiment of the present invention can be with real time modifying user online attribute, after user's click immediately It comes into force, can really realize that dynamic bandwidth adjusts;
Online business hall can only show same face to all users.The embodiment of the present invention can be awarded for different users It weighs grade and carries out targetedly Portal page downloadings;
Online business hall cannot achieve the work of answering a pager's call of defaulting subscriber.The embodiment of the present invention can allow defaulting subscriber to use Family real-time recovery online, facilitates user's Emergency use.
Description of the invention provides for the sake of example and description, and is not exhaustively or will be of the invention It is limited to disclosed form.Many modifications and variations are obvious for the ordinary skill in the art.It selects and retouches It states embodiment and is to more preferably illustrate the principle of the present invention and practical application, and those skilled in the art is enable to manage Various embodiments with various modifications of the solution present invention to design suitable for special-purpose.

Claims (10)

1. a kind of cut-in method of Internet service, which is characterized in that including:
Remote authentication dial-in user service radius server is according to the transmission point-to-point protocol PPPOE dialing of user's Ethernet Authentication result distributes corresponding authorization mechanism to the user, and sends notification message of reaching the standard grade, the notice of reaching the standard grade to strategic server Message includes the user account number and authorization mechanism information of the user;The authentication result to user PPPOE dialing includes The user is by PPPOE dialing authentications and does not pass through PPPOE dialing authentications;
Strategic server is issued by portal Portal server to the user terminal of the user corresponding to the authorization mechanism The Portal pages, include the corresponding online attribute query of the authorization mechanism on the Portal pages with modification apply into Mouthful, so that the user applies for entrance inquiry by the online attribute query with modification and/or changes the online of the user Attribute, wherein the online attribute includes accesses control list, access rate, time delay, shake, access permission, or including paying Expense is answered a pager's call, bill temporarily, or is changed including password authentification, password;
Apply for that entrance initiates to surf the Internet in response to receiving user and clicking the inquiry on the Portal pages by user terminal and change Attribute query is asked with modification, and the online attribute query that user sends is transmitted to tactful clothes by Portal server with modification request Business device, the online attribute query include the user account number and user's requesting query or the online category of modification with modification request Property information;
Strategic server is issued according to user's requesting query or the online attribute information of modification to BAS Broadband Access Server BRAS Net attribute modification indicates, including user account number and user's requesting query or the online attribute information of modification, is changed by BRAS The online attribute information of the user, open access rights corresponding with user's requesting query or the online attribute of modification;
User accesses internet by user terminal, based on modified online attribute.
2. according to the method described in claim 1, it is characterized in that, Portal server specifically calls transmission control protocol TCP Socket Socket interfaces online attribute query that user sends and modification request are transmitted to strategic server.
3. according to the method described in claim 2, it is characterized in that, being clicked by user terminal in response to receiving user Inquiry on the Portal pages initiates online attribute query with modification application entrance asks with modification, further includes:
Portal server starts to carry out timing according to the duration that preset duration or user apply on the Portal pages;
Terminate or receive user in response to the preset duration duration timing that either user applies on the Portal pages to pass through The end that the Portal pages are sent indicated using this online attribute, Portal server counting user this using modified The duration of online attribute, and the Socket interface notification strategic servers of calling TCP restore original online category of the user again Property and the user this using it is modified online attribute duration;
Strategic server records user, and this uses the duration of modified online attribute, and indicates that BRAS restores the original of the user There is online attribute information.
4. according to the method described in claim 3, it is characterized in that, strategic server records user, this is used on modified After the duration of net attribute, further include:
The modification that strategic server uses the user account number of the user, this modified online attribute used with this The duration information of online attribute afterwards is sent to accounting server, is generated corresponding ticket by accounting server and is carried out to the user Charging.
5. method according to any one of claims 1 to 4, which is characterized in that pass through if authentication result is the user PPPOE dialing authentications, the corresponding online attribute query of corresponding authorization mechanism include accesses control list with modification application entrance ACL, access rate, time delay, shake, access permission inquiry and modification application entrance;
If authentication result is the user since arrearage is not by PPPOE dialing authentications, the corresponding online of corresponding authorization mechanism Attribute query with modification application entrance include pay the fees, answer a pager's call temporarily, billing query application entrance;
If authentication result be the user since password mistake is not by PPPOE dialing authentications, corresponding authorization mechanism is corresponding Online attribute query includes password authentification, password modification inquiry application entrance with modification application entrance.
6. a kind of access system of Internet service, which is characterized in that including radius server, Portal server, strategy Server and BRAS;Wherein:
The radius server, for distributing corresponding authorize to the user according to the authentication result to user's PPPOE dialing Grade, and reaching the standard grade notification message to strategic server transmission, the notification message of reaching the standard grade include the user user account number and Authorization mechanism information;The authentication result to user PPPOE dialing include the user by PPPOE dialing authentications with do not lead to Cross PPPOE dialing authentications;
The Portal server, for according to the instruction of the strategic server, to the user terminal of the user issue with The authorization mechanism corresponding Portal pages are looked into including the corresponding online attribute of the authorization mechanism on the Portal pages It askes and applies for entrance with modification, so that the user passes through the online attribute query and modification application entrance inquiry and/or changes The online attribute of the user;And it clicks inquiry on the Portal pages by user terminal in response to receiving user and repaiies Change application entrance initiation online attribute query to ask with modification, the online attribute query of user's transmission and modification request are transmitted to Strategic server, the online attribute query include the user account number and user's requesting query or modification with modification request It surfs the Internet attribute information, wherein the online attribute includes accesses control list, access rate, time delay, shake, access permission, or It including payment, answers a pager's call, bill, or is changed including password authentification, password temporarily;
The strategic server, for being issued and the mandate to the user terminal of the user by portal Portal server The corresponding Portal pages of grade, and according to user's requesting query or the online attribute information of modification, online is issued to BRAS Attribute modification indicates, including user account number and user's requesting query or the online attribute information of modification;
The BRAS, the online attribute information for storing user, and according to described in the instruction of strategic server modification The online attribute information of user, open access rights corresponding with user's requesting query or the online attribute of modification, so as to user By user terminal, internet is accessed based on modified online attribute.
7. system according to claim 6, which is characterized in that the Portal server, especially by calling TCP's The online attribute query that user sends is transmitted to strategic server by Socket interfaces with modification request.
8. system according to claim 7, which is characterized in that the Portal server is additionally operable to receiving user After inquiry and modification application entrance initiation online attribute query and modification request on the Portal pages being clicked by user terminal, Start to carry out timing according to the duration that preset duration or user apply on the Portal pages;In response to preset duration or use The duration timing that family is applied on the Portal pages terminates, or receives user and used by the end that the Portal pages are sent This online attribute instruction, this uses the duration of modified online attribute to counting user, and calls the Socket of TCP again Interface notification strategic server restore the user original online attribute and the user this use modified online attribute Duration;
The strategic server, being additionally operable to record user, this uses the duration of modified online attribute, and indicates that BRAS is extensive Original online attribute information of the multiple user.
9. system according to claim 8, which is characterized in that the strategic server, be additionally operable to record user this After duration using modified online attribute, by the user account number of the user, this modified online category used Property the duration information of modified online attribute that is used with this be sent to accounting server, generated by accounting server corresponding Ticket simultaneously carries out charging to the user.
10. according to the system described in claim 6 to 9 any one, which is characterized in that pass through if authentication result is the user PPPOE dialing authentications, the corresponding online attribute query of corresponding authorization mechanism and modification application entrance include ACL, access rate, Time delay, shake, access permission inquiry and modification application entrance;
If authentication result is the user since arrearage is not by PPPOE dialing authentications, the corresponding online of corresponding authorization mechanism Attribute query with modification application entrance include pay the fees, answer a pager's call temporarily, billing query application entrance;
If authentication result be the user since password mistake is not by PPPOE dialing authentications, corresponding authorization mechanism is corresponding Online attribute query includes password authentification, password modification inquiry application entrance with modification application entrance.
CN201310627173.1A 2013-11-29 2013-11-29 The cut-in method and system of Internet service Active CN104683300B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310627173.1A CN104683300B (en) 2013-11-29 2013-11-29 The cut-in method and system of Internet service

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310627173.1A CN104683300B (en) 2013-11-29 2013-11-29 The cut-in method and system of Internet service

Publications (2)

Publication Number Publication Date
CN104683300A CN104683300A (en) 2015-06-03
CN104683300B true CN104683300B (en) 2018-07-17

Family

ID=53317905

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310627173.1A Active CN104683300B (en) 2013-11-29 2013-11-29 The cut-in method and system of Internet service

Country Status (1)

Country Link
CN (1) CN104683300B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107872445B (en) * 2016-09-28 2021-01-29 华为技术有限公司 Access authentication method, device and authentication system
CN111010377B (en) * 2019-11-29 2022-02-15 中国电信股份有限公司云南分公司 System for centralized control of broadband user session attributes
CN112910882B (en) * 2021-01-28 2022-08-12 山东有人物联网股份有限公司 Network management method, device, system and computer readable storage medium
CN113079181B (en) * 2021-04-21 2022-06-24 深圳天源锦合技术有限公司 Method, terminal and storage medium for accessing internet flow by baseband access domain

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101309204B (en) * 2007-05-18 2015-02-18 中国电信股份有限公司 Method and system regulating access bandwidth in real-time
CN101217567A (en) * 2008-01-08 2008-07-09 杭州华三通信技术有限公司 A webpage push method, system and device
CN101222411B (en) * 2008-01-22 2010-11-10 华为技术有限公司 Method, access equipment and system for enterprise user altering service quality parameter
CN101588257A (en) * 2008-05-23 2009-11-25 中兴通讯股份有限公司 Method for modifying networking business attribute
CN101442793B (en) * 2008-12-30 2010-09-29 杭州华三通信技术有限公司 Access method, apparatus and system for wireless network
US9118578B2 (en) * 2011-01-18 2015-08-25 Nomadix, Inc. Systems and methods for group bandwidth management in a communication systems network

Also Published As

Publication number Publication date
CN104683300A (en) 2015-06-03

Similar Documents

Publication Publication Date Title
US8667579B2 (en) Methods, systems, and computer readable media for bridging user authentication, authorization, and access between web-based and telecom domains
CN102196012B (en) Service opening method, system and service opening server
KR101137269B1 (en) Method and system for performing delegation of resources
CN103039050B (en) For managing the method for access to protected resource and delegable in a computer network
CN102724647B (en) Method and system for access capability authorization
EP2759123B1 (en) System and method for authorizing and connecting application developers and users
US8578465B2 (en) Token-based control of permitted sub-sessions for online collaborative computing sessions
CN100568256C (en) The method that is used for runtime user account creation operation
US8051491B1 (en) Controlling use of computing-related resources by multiple independent parties
CN105207974B (en) A kind of method, platform, application and system realized user resources differentiation and opened
CN105991614B (en) It is a kind of it is open authorization, resource access method and device, server
CN101562621A (en) User authorization method and system and device thereof
KR20140050607A (en) Virtual piggybank having dashboard and debit card
CN104683300B (en) The cut-in method and system of Internet service
CN101990183A (en) Method, device and system for protecting user information
CN104159225A (en) Wireless network based real-name registration system management method and system
CN106411825A (en) WeChat access token acquisition method and system thereof
CN110276184A (en) A kind of cloud computing resources authorization method and device
CN106357699A (en) Network system, service platform and login method and system of service platform
CN104660421B (en) Online charging system and its control method to communication service
CN103281195B (en) Method and the gateway device of authorization of service are provided
CN105376734B (en) Carry out the method and system of intelligent pipeline ability calling
CN108632325A (en) A kind of call method and device of application
DE60215482T2 (en) ARCHITECTURE FOR THE PROVISION OF INTERNET SERVICES
CN103327490B (en) Outlet the Internet WIFI accesses system and method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
EXSB Decision made by sipo to initiate substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant