CN105188063A - Access testing method, server and mobile gateway - Google Patents
Access testing method, server and mobile gateway Download PDFInfo
- Publication number
- CN105188063A CN105188063A CN201510643152.8A CN201510643152A CN105188063A CN 105188063 A CN105188063 A CN 105188063A CN 201510643152 A CN201510643152 A CN 201510643152A CN 105188063 A CN105188063 A CN 105188063A
- Authority
- CN
- China
- Prior art keywords
- terminal
- identification code
- authorization information
- operator
- user identification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
Abstract
Embodiments of the invention provide an access testing method, a server and a mobile gateway. The method comprises the following steps: a request message sent by a terminal is received; if a network access ID of the terminal is not a contracted network access ID of a service provider, verification information is generated according to the request message; the network access ID comprises an IP address of the terminal; a response message is sent to the terminal; the response message comprises the verification information; a user ID of the terminal sent by a mobile gateway is received; the user ID is sent after the mobile gateway receives verification information sent by the terminal; and if the user ID of the terminal is a contracted user ID of the service provider, the terminal is confirmed as a valid user of the service provider. The embodiments can ensure that the terminal can obtain data services provided by the service provider normally.
Description
Technical field
The embodiment of the present invention relates to the communication technology, particularly relates to a kind of access detection method, server and mobile gateway.
Background technology
Along with the development of the communication technology, the transmission rate of data service is more and more faster, and this makes the application of data service more and more wider.
Terminal can be the data network by access carrier, and obtains by the server in this data network the data service that this operator provides.But for ensureing the legitimacy of the terminal of access network, this server can detect the access legitimacy of this terminal.This terminal can be by mobile network, or, the data network of this operator of Broadband Network Access.The signatory mark of this server whether can be network access Identifier by judging this terminal be operator, if the network access Identifier of this terminal is the signatory mark of operator, then the access of this terminal is legal.If this terminal is by the data network of mobile network's access carrier, then the network access Identifier of this terminal can be the user identification code of this terminal.If this terminal is by the data network of Broadband Network Access operator, then the network access Identifier of this terminal can be Internet protocol (InternetProtocol the is called for short IP) address of this terminal.If this terminal is by the data network of Broadband Network Access operator, this server can be judge that whether this terminal is the contracted user of operator according to the IP address of this terminal.This server can by judge this terminal IP address in the broadband network, whether for this operator the IP address of contracting, if so, then this server can determine that this terminal is the contracted user of this operator, and the access of this terminal is legal.
But, if the IP address of this terminal be not this operator the IP address of contracting, even if the user identification code of this terminal is contracted user's identification code of this operator, this server also can determine that the access of this terminal is illegal.That is, server is to the terminal by the data network of Broadband Network Access operator, and detection of its access legitimacy is not accurate enough, the data service making this terminal normally cannot obtain this operator to provide.
Summary of the invention
The embodiment of the present invention provides a kind of access detection method, server and mobile gateway, to improve the accuracy that access detects.
First aspect, the embodiment of the present invention provides a kind of access detection method, comprising:
The request message that receiving terminal sends;
If the subscription network access mark of the network access Identifier Bu Shi operator of described terminal, according to described request message generation authorization information; Described network access Identifier comprises: the internet protocol address of described terminal;
Response message is sent to described terminal; Described response message comprises: described authorization information;
Receive the user identification code of the described terminal that mobile gateway sends; Described user identification code is send after described mobile gateway receives the described authorization information of described terminal transmission;
If the user identification code of described terminal is contracted user's identification code of described operator, determine that described terminal is the validated user of described operator.
According to first aspect, in the first mode in the cards of first aspect, described authorization information comprises: identifying code;
The user identification code of the described terminal that described reception mobile gateway sends comprises:
Receive the described user identification code of described mobile gateway transmission and described authorization information;
If the user identification code of described terminal is contracted user's identification code of described operator, before determining that described terminal is the validated user of described operator, described method comprises:
If described identifying code is legal, judge that whether the user identification code of described terminal is contracted user's identification code of described operator.
According to the first mode in the cards of first aspect, in the second mode in the cards, if described identifying code is legal, before judging whether the user identification code of described terminal is contracted user's identification code of described operator, described method also comprises:
Judge that whether described identifying code is correct;
Judge that whether described identifying code is expired;
If described identifying code is correct, and described identifying code is not out of date, then determine that described identifying code is legal.
According to the second of first aspect mode in the cards, in the third mode in the cards, described before described terminal transmission response message, described method also comprises:
Described authorization information is encrypted;
Described judge that described identifying code is whether correct before, described method also comprises:
Described authorization information is decrypted, obtains described identifying code.
According in first aspect to the third mode in the cards of first aspect any one, in the 4th kind of mode in the cards, described request message comprises: the data traffic information of described terminal;
Described authorization information also comprises: the device identification of described terminal, and described data traffic information.
According to the 4th kind of mode in the cards of first aspect, in the 5th kind of mode in the cards, described according to before described request message generation authorization information, described method also comprises:
Judge that whether described data traffic information is the signing service information of described operator;
If described data traffic information is the signing service information of described operator, judge that whether the network access Identifier of described terminal is the subscription network access mark of operator.
According to the 4th kind or the 5th kind of mode in the cards of first aspect, in the 6th kind of mode in the cards, described data traffic information comprises: the data service account that described terminal is corresponding and password corresponding to described data service account.
According to the 6th kind of mode in the cards of first aspect, in the 7th kind of mode in the cards, described data service account comprises: internet protocol television IPTV account.
According in first aspect to the 7th kind of mode in the cards of first aspect any one, in the 8th kind of mode in the cards, described authorization information is arbitrary in short message text, voice document, video file.
According in first aspect to the 8th kind of mode in the cards of first aspect any one, in the 9th kind of mode in the cards, described user identification code comprises: the mobile station identity number of described terminal.
According in first aspect to the 9th kind of mode in the cards of first aspect any one, in the tenth kind of mode in the cards, the request message that described receiving terminal sends, comprising:
Receive the described request message that described terminal is sent by client.
Second aspect, the embodiment of the present invention provides a kind of access detection method, comprising:
The authorization information that receiving terminal sends; Described authorization information is: when the subscription network access of the network access Identifier Bu Shi operator of described terminal identifies, the request message that server sends according to described terminal is determined;
The user identification code of described terminal is sent to described server; Described user identification code is used for when the user identification code of described terminal is contracted user's identification code of described operator, and described server is determined, and described terminal is the validated user of described operator.
According to second aspect, in the first mode in the cards of second aspect, described authorization information comprises: identifying code;
The described user identification code sending described terminal to described server, comprising:
Described user identification code and described authorization information is sent to described server.
According to the first mode in the cards of second aspect or second aspect, in the second mode in the cards, described request message comprises: the data traffic information of described terminal;
Described authorization information also comprises: the device identification of described terminal, and described data traffic information.
According to the second of second aspect mode in the cards, in the third mode in the cards, described data traffic information comprises: the data service account that described terminal is corresponding and password corresponding to described data service account.
According to the third mode in the cards of second aspect, in the 4th kind of mode in the cards, described data service account comprises: internet protocol television IPTV account.
According in second aspect to the 4th kind of mode in the cards of second aspect any one, in the 5th kind of mode in the cards, described authorization information is arbitrary in short message text, voice document, video file.
According in second aspect to the 5th kind of mode in the cards of second aspect any one, in the 6th kind of mode in the cards, described user identification code comprises: the mobile station identity number of described terminal.
The third aspect, the embodiment of the present invention also provides a kind of server, comprising:
Receiver module, for the request message that receiving terminal sends;
Generation module, if identify, according to described request message generation authorization information for the subscription network access of the network access Identifier Bu Shi operator of described terminal; Described network access Identifier comprises: the internet protocol address of described terminal;
Sending module, for sending response message to described terminal; Described response message comprises: described authorization information;
Described receiver module, also for receiving the user identification code of the described terminal that mobile gateway sends; Described user identification code is send after described mobile gateway receives the described authorization information of described terminal transmission;
Described server also comprises:
Determination module, if the contracted user's identification code for the user identification code of described terminal being described operator, determines that described terminal is the validated user of described operator.
According to the third aspect, in the first mode in the cards of the third aspect, described authorization information comprises: identifying code;
Described receiver module, also for receiving the described user identification code of described mobile gateway transmission and described authorization information;
Described server also comprises:
First judge module, for judging that whether the user identification code of described terminal is contracted user's identification code of described operator.
According to the first mode in the cards of the third aspect, in the second mode in the cards, described first judge module, also for judging that whether described identifying code is correct; Judge that whether described identifying code is expired; If described identifying code is correct, and described identifying code is not out of date, then determine that described identifying code is legal.
According to the second of the third aspect mode in the cards, in the third mode in the cards, described server, also comprises:
Encrypting module, before sending described response message at described sending module to described terminal, is encrypted described authorization information;
Deciphering module, before judging that at described first judge module whether described identifying code is correct, is decrypted described authorization information, obtains described identifying code.
According in the third aspect to the third mode in the cards of the third aspect any one, in the 4th kind of mode in the cards, described request message comprises: the data traffic information of described terminal;
Described authorization information also comprises: the device identification of described terminal, and described data traffic information.
According to the 4th kind of mode in the cards of the third aspect, in the 5th kind of mode in the cards, described server also comprises:
Second judge module, for before described generation module authorization information according to described request message generation, judges that whether described data traffic information is the signing service information of described operator; If described data traffic information is the signing service information of described operator, judge that whether the network access Identifier of described terminal is the subscription network access mark of operator.
According to the 4th kind or the 5th kind of mode in the cards of the third aspect, in the 6th kind of mode in the cards, described data traffic information comprises: the data service account that described terminal is corresponding and password corresponding to described data service account.
According to the 6th kind of mode in the cards of the third aspect, in the 7th kind of mode in the cards, described data service account comprises: internet protocol television IPTV account.
According in the third aspect to the 7th kind of mode in the cards of the third aspect any one, in the 8th kind of mode in the cards, described authorization information is arbitrary in short message text, voice document, video file.
According in the third aspect to the 8th kind of mode in the cards of the third aspect any one, in the 9th kind of mode in the cards, described user identification code comprises: the mobile station identity number of described terminal.
According in the third aspect to the 9th kind of mode in the cards of the third aspect any one, in the tenth kind of mode in the cards, described receiver module, also for receiving the described request message that described terminal is sent by client.
Fourth aspect, the embodiment of the present invention provides a kind of mobile gateway, comprising:
Receiver module, for the authorization information that receiving terminal sends; Described authorization information is: when the subscription network access of the network access Identifier Bu Shi operator of described terminal identifies, the request message that server sends according to described terminal is determined;
Sending module, for sending the user identification code of described terminal to described server; Described user identification code is used for when the user identification code of described terminal is contracted user's identification code of described operator, and described server is determined, and described terminal is the validated user of described operator.
According to fourth aspect, in the first mode in the cards of fourth aspect, described authorization information comprises: identifying code;
Described sending module, also for sending described user identification code and described authorization information to described server.
According to the first mode in the cards of fourth aspect or fourth aspect, in the second mode in the cards, described request message comprises: the data traffic information of described terminal;
Described authorization information also comprises: the device identification of described terminal, and described data traffic information.
According to the second of fourth aspect mode in the cards, in the third mode in the cards, described data traffic information comprises: the data service account that described terminal is corresponding and password corresponding to described data service account.
According to the third mode in the cards of fourth aspect, in the 4th kind of mode in the cards, described data service account comprises: internet protocol television IPTV account.
According in fourth aspect to the 4th kind of mode in the cards of fourth aspect any one, in the 5th kind of mode in the cards, described authorization information is arbitrary in short message text, voice document, video file.
According in fourth aspect to the 5th kind of mode in the cards of fourth aspect any one, in the 6th kind of mode in the cards, described user identification code comprises: the mobile station identity number of described terminal.
The access detection method that the embodiment of the present invention provides, server and mobile gateway, can when the IP address of terminal be not this operator contract IP address, authorization information is generated according to the request message that this terminal sends, and by this response message, this authorization information is sent to mobile gateway, thus receive the user identification code of this terminal that mobile gateway sends, then, in the contracted user's identification code situation being this operator in the user identification code of this terminal, determine that this terminal is the validated user of this operator.Thus; in this access detection method; even if the IP address of terminal be not this operator the IP address of contracting; as long as the user identification code of this terminal is contracted user's identification code of this operator; also can determine that this terminal is the validated user of this operator; thus ensureing the accuracy that access detects, guarantee terminal normally can obtain the data service that this operator provides.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, introduce doing one to the accompanying drawing used required in embodiment or description of the prior art simply below, apparently, accompanying drawing in the following describes is some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
The flow chart of the access detection method that Fig. 1 provides for the embodiment of the present invention one;
The flow chart of the access detection method that Fig. 2 provides for the embodiment of the present invention two;
The flow chart of the access detection method that Fig. 3 provides for the embodiment of the present invention three;
The flow chart of the access detection method that Fig. 4 provides for the embodiment of the present invention four;
The flow chart of the data service acquisition methods that Fig. 5 provides for the embodiment of the present invention four;
The structural representation of a kind of server that Fig. 6 provides for the embodiment of the present invention five;
The structural representation of a kind of mobile gateway that Fig. 7 provides for the embodiment of the present invention seven.
Embodiment
For making the object of the embodiment of the present invention, technical scheme and advantage clearly, below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
The access detection method that various embodiments of the present invention provide, server and mobile gateway, be applicable to terminal and obtain in the scene of the data service that operator provides, for detecting the access legitimacy of terminal.Wherein, the data service that this operator provides such as can comprise the internet protocol multi-media sub-system (InternetProtocolMultimediaSubsystem of operator, be called for short IMS) in packet switched streaming (PacketSwitchingStreaming, be called for short PSS) service etc.This PSS service such as can comprise: IPTV (InternetProtocolTeleVision is called for short IPTV) business.This terminal can be such as the mobile terminals such as mobile phone, notebook computer, panel computer.Operator in various embodiments of the present invention can comprise: arbitrary operator providing data service, as the Virtual network operator of arbitrary China's Mainlands such as China Mobile, China Telecom, CHINAUNICOM, or, overseas networks operator.
The embodiment of the present invention one provides a kind of access detection method.The flow chart of the access detection method that Fig. 1 provides for the embodiment of the present invention one.The method can be performed by access checkout gear, and this device realizes in the mode of hardware and/or software usually, in the server integrated.This server can be such as server corresponding to data service that in the data network of operator, terminal request obtains.If this data service is IPTV service, then this server can be such as IPTV server.As shown in Figure 1, the method for the present embodiment comprises as follows:
The request message that S101, receiving terminal send.
Particularly, this request message is such as the request message of authentication request message or other types.This request message can be such as terminal when interconnection network, sent by client corresponding to data service.This client-side is as can for being arranged on application program corresponding to this data service in this terminal (APPlication is called for short APP).
If the subscription network access mark of the network access Identifier Bu Shi operator of this terminal of S102, generates authorization information according to this request message; This network access Identifier comprises: the IP address of this terminal.
Particularly, if this terminal is the data network by this operator of Broadband Network Access, then this network access Identifier is the IP address of this terminal.The IP address of this terminal can be such as the IP address of this terminal in this broadband network.This broadband network can be such as wired broadband network, also can be wireless broadband network.This wireless broadband network can be such as Wireless Fidelity (WIreless-Fidelity is called for short WIFI) network.The subscription network access mark of the network access Identifier Bu Shi operator of this terminal, that is, the network identity of this terminal is not the mark in the subscription network access mark pond of this operator.Generate authorization information according to this request message, can be that the information directly included by this request message generates this authorization information, also can be in legal this authorization information of rear generation of information judging that this request message comprises.
S103, to this terminal send response message; This response message comprises: this authorization information.
This response message also can comprise: this server is to the result of the network access Identifier of this terminal.If the subscription network access mark of the network access Identifier Bu Shi operator of this terminal, then the result of the network access Identifier of this terminal, can comprise the authentication failed indication information that the network access Identifier of this terminal is corresponding.
The user identification code of this terminal that S104, reception mobile gateway send; This user identification code is send after this mobile gateway receives this authorization information of this terminal transmission.
Particularly, this authorization information can be arbitrary in short message text, voice document, video file etc.If this authorization information is short message text, then this mobile gateway can be Short Message Service Gateway; If authorization information is voice document or video file, then this mobile gateway can be MMS (Multimedia Message Service) (MultimediaMessagingService is called for short MMS) gateway.
If the user identification code of this terminal of S105 is contracted user's identification code of this operator, determine that this terminal is the validated user of this operator.
The access detection method that the embodiment of the present invention one provides, can when the IP address of terminal be not this operator contract IP address, authorization information is generated according to the request message that this terminal sends, and by this response message, this authorization information is sent to mobile gateway, thus receive the user identification code of this terminal that mobile gateway sends, then, in the contracted user's identification code situation being this operator in the user identification code of this terminal, determine that this terminal is the validated user of this operator.Thus; in this access detection method; even if the IP address of terminal be not this operator the IP address of contracting; as long as the user identification code of this terminal is contracted user's identification code of this operator; also can determine that this terminal is the validated user of this operator; thus ensureing the accuracy that access detects, guarantee terminal normally can obtain the data service that this operator provides.
On the basis of the method for above-described embodiment one, the embodiment of the present invention two also provides a kind of access detection method.Optionally, this authorization information can comprise identifying code.
This identifying code such as can comprise the character of predetermined number.Character in this identifying code such as can comprise numeral and/or letter.This identifying code can, for this server is from an identifying code selected in the identifying code storehouse of presetting, also can be this identifying code generated according to random sequence generator.
The flow chart of the access detection method that Fig. 2 provides for the embodiment of the present invention two.As shown in Figure 2, the user identification code receiving this terminal that mobile gateway sends in the S104 of above-described embodiment one can comprise:
S201, this user identification code receiving the transmission of this mobile gateway and this authorization information.
Optionally, if the user identification code of this terminal is contracted user's identification code of this operator in the S105 of above-described embodiment, before determining that this terminal is the validated user of this operator, the method also can comprise:
If this identifying code of S202 is legal, judge that whether the user identification code of this terminal is contracted user's identification code of this operator.
Particularly, this identifying code is legal can be comprised: this identifying code is correct, and/or this identifying code is not out of date.
Optionally, the method request message that this receiving terminal sends in the S101 of above-described embodiment, can comprise:
S201a, receive this request message that this terminal sent by client.
Particularly, this terminal can be such as get by this client open Trigger message after this request message of sending.For example, this terminal can be such as that on the screen by this terminal of detection, the click information of this client correspondence position, what obtain this client opens Trigger message.
Optionally, if the subscription network access of the network access Identifier Bu Shi operator of this terminal identifies in S102 as above, before generating authorization information according to this request message, the method can comprise:
S201b, judge that whether this data traffic information is the signing service information of this operator.
If this data traffic information of S201c is the signing service information of this operator, judge that whether the network access Identifier of this terminal is the subscription network access mark of operator.
Optionally, if the subscription network access of the network access Identifier Bu Shi operator of this terminal identifies in S102 as above, generate authorization information according to this request message, can comprise:
If the subscription network access mark of the network access Identifier Bu Shi operator of this terminal of S201d, generate this authorization information according to the device identification of this terminal, this data traffic information and this identifying code, this authorization information can comprise: the device identification of this terminal, this data traffic information and this identifying code.
Optionally, before S103 sends response message to this terminal in the above-described embodiments, the method also cocoa comprises:
S201e, this authorization information to be encrypted.
Particularly, this authorization information is encrypted, such as, can be encrypted this authorization information according to the cryptographic algorithm of Advanced Encryption Standard (AdvancedEncryptionStandard is called for short AES).
Optionally, if this identifying code is legal in S202, before judging whether the user identification code of this terminal is contracted user's identification code of this operator, described method also can comprise:
S202a, this authorization information to be decrypted, to obtain this identifying code.
S202b, judge that whether this identifying code is correct.
Judging that whether this identifying code is correct, such as, can be that whether this identifying code and the identifying code that this server is preserved after generating identifying code be consistent judges by comparing.If this identifying code that this mobile gateway sends, with, the identifying code that this server is preserved after generating identifying code, unanimously, then can determine that this identifying code is correct.
S202c, judge that whether this identifying code is expired.
Whether judging that whether this identifying code is expired, can be judge to receive moment of this identifying code that this mobile gateway sends, in the term of validity of this identifying code.If so, then can determine that this identifying code is not out of date; Otherwise, if not, then can determine that this identifying code lost efficacy.
If this identifying code of S202d is correct, and this identifying code is not out of date, then determine that this identifying code is legal.
Only correct at this identifying code, and when this identifying code is not out of date, this identifying code is just legal, can ensure the legitimacy of identifying code, thus ensure the accuracy that access detects.
Optionally, this data traffic information can comprise: data service account corresponding to this terminal and password corresponding to this data service account.
Particularly, the password that this data service account is corresponding with this data service account is such as that this terminal obtains when the web station system that this data service is corresponding is registered.Judge in this S201b that whether this data traffic information is the signing service information of this operator, can comprise:
Judge that this data service account is whether correct, and whether password corresponding to this data service account be correct.
If this data service account and password corresponding to this data service account are all correct, then can determine that this data traffic information is the signing service information of this operator.
Optionally, this data service account comprises: IPTV account.
Optionally, this authorization information can be arbitrary in short message text, voice document, video file.
Optionally, this user identification code can comprise: the mobile station identity number of this terminal.
Wherein, this mobile station identity number can be such as the International Integrated Services digital network number (MobileStationinternationalIntegratedServiceDigitalNetwor knumber is called for short MSISDN) of travelling carriage.
The access detection method of the embodiment of the present invention two, identifying code can be comprised in authorization information, and determine that this identifying code is legal in the situation that identifying code is correct and not out of date, contracted user's identification code of the user identification code then judging this terminal whether this operator, can make access detect more accurate; And before sending response message to terminal, authorization information is encrypted; And before judging that whether identifying code correct; this authorization information is decrypted, obtains this identifying code, the legitimacy of the certificate of inspection can be ensured better; thus it is more accurate that the access of this terminal can be made to detect, guarantee terminal normally obtains the data service that operator provides better.
The embodiment of the present invention three also provides a kind of access detection method.The flow chart of the access detection method that Fig. 3 provides for the embodiment of the present invention three.The method can be performed by mobile gateway, and this mobile gateway can be such as Short Message Service Gateway.As shown in Figure 3, the method can comprise as follows:
The authorization information that S301, receiving terminal send; This authorization information is: when the subscription network access of the network access Identifier Bu Shi operator of this terminal identifies, the request message that server sends according to this terminal is determined.
S302, send the user identification code of this terminal to this server; This user identification code is used for when the user identification code of this terminal is contracted user's identification code of this operator, and this server is determined, and this terminal is the validated user of this operator.
Optionally, this authorization information can comprise: identifying code.
Optionally, in S302, send the user identification code of this terminal to this server, can comprise:
This user identification code and this authorization information is sent to this server.
Optionally, this request message can comprise: the data traffic information of this terminal.
This authorization information also can comprise: the device identification of this terminal, and this data traffic information.
Optionally, this data traffic information comprises: data service account corresponding to this terminal and password corresponding to this data service account.
Wherein, this data service account such as can comprise: IPTV account.
Optionally, this authorization information is arbitrary in short message text, voice document, video file.
Optionally, this user identification code comprises: the mobile station identity number of this terminal, as the MSISDN of this terminal.
The method of the mobile gateway execution that the method that the access detection method that the embodiment of the present invention three provides can provide for above-described embodiment one or two is corresponding, the explanation of its similar features and beneficial effect can refer to described in above-described embodiment, do not repeat them here.
The embodiment of the present invention four also provides a kind of access detection method.The flow chart of the access detection method that Fig. 4 provides for the embodiment of the present invention four.This embodiment is specifically described the access detection method described in above-described embodiment by concrete example.As shown in Figure 4, the method can comprise:
S401, terminal send authentication request message by IPTV client to server, and this authentication request message can comprise: the IPTV account of this terminal and password corresponding to this IPTV account.
This server can be such as IPTV server.
S402, server judge this IPTV account and password corresponding to this IPTV account whether correct.
If this IPTV account of S403 and password corresponding to this IPTV account are all correct, server determine this IPTV account and password corresponding to this IPTV account legal.
This IPTV account and password corresponding to this IPTV account legal, can be that password corresponding to this IPTV account and this IPTV account is signing service information corresponding to this operator.
S404, server judge whether the message header of this authentication request message comprises the MSISDN of this terminal.
If the message header of this authentication request message of S405 does not comprise the MSISDN of this terminal, then server obtains the IP address of this terminal.
If the message header of this authentication request message does not comprise the MSISDN of this terminal, then server can determine that this terminal is the data network by this operator of Broadband Network Access.This broadband network such as can comprise: WIFI network.The data network of this operator can be the IPTV network of this operator.
Corresponding, if the message header of this authentication request message comprises the MSISDN of this terminal, then server also needs whether the MSISDN judging this terminal is the MSISDN that this operator contracts.If the MSISDN of this terminal is the MSISDN of this operator, then server can determine that this terminal is accessed the data network of this operator, and this terminal is the validated user of this operator.
S406, server judge whether the IP address of this terminal is the IP address that this operator contracts.
If the IP address of this terminal of S407 is not the IP address that this operator contracts, server generates identifying code.
If the IP address of this terminal is not the IP address that this operator contracts, then server can determine that terminal is the data network of this operator by third party's Broadband Network Access.This third party's broadband network such as can comprise: the WIFI network that market, cafe etc. provide.This identifying code can be such as the random sequence comprising 6 bit digital.
Otherwise if the IP address that to be this operator signing, the IP address of this terminal, then server can determine that terminal is the data network of this operator accessed by home broadband network.This home broadband network such as can comprise: family's WIFI network.
S408, server generate authorization information according to the device identification of this IPTV account, this terminal and this identifying code, and this authorization information comprises: the device identification of this IPTV account, this terminal and this identifying code, and this authorization information is short message text.
S409, server are encrypted this authorization information according to AES encryption algorithm, obtain this authorization information after encryption.
S410, server send response message by IPTV client to terminal; This response message comprises: this authorization information after this encryption.
Response message can be sent to the server of IPTV client by this server, is sent to this terminal by this IPTV client server.
It should be noted that, this response message also can comprise: the check results of the IP address of this terminal.
S411, terminal send this authorization information after this encryption to Short Message Service Gateway.
This terminal can be such as after this IPTV client startup of server short message interface, sends this authorization information after this encryption by short message interface to this Short Message Service Gateway.
After S412, Short Message Service Gateway receive this authorization information after this encryption, the MSISDN of this authorization information after this encryption and this terminal is sent to server.
S413, server are decrypted this authorization information after this encryption, obtain this IPTV account in this authorization information, the device identification of this terminal and this identifying code.
S414, server judge that this identifying code is correct, and whether this identifying code is expired.
If this identifying code of S415 is correct, and this identifying code is not out of date, and server judges whether the MSISDN of this terminal is the MSISDN that this operator contracts.
The MSISDN of S416, this terminal is the signing MSISDN of this operator, then this terminal that server determines to have this device identification of this IPTV account corresponding is the contracted user of this operator.
S417, server send access success message by IPTV client to terminal.
Terminal, after receiving this access success message, can open the application homepage of this IPTV client.
It should be noted that, this terminal determines the data network successfully accessing this operator, after opening the application homepage of this IPTV client, also can obtain the data service provided of this operator.The embodiment of the present invention four also provides a kind of data service acquisition methods.The flow chart of the data service acquisition methods that Fig. 5 provides for the embodiment of the present invention four.As shown in Figure 5, the method can comprise:
S501, terminal send service authentication request message by IPTV client to server, and this service authentication request message can comprise: the access network mark of this terminal.
Terminal can be click data business in IPTV client, sends this service authentication request message in the process as the data service of broadcasting charge to this server.
According to the access network of this terminal mark, S502, server determine that whether this terminal is the subscription network mark of operator.
If the access network of this terminal of S503 is designated the subscription network mark of operator, then server judges whether this terminal orders data service corresponding to this service authentication request message.
The data service that this service authentication request message is corresponding such as can comprise the IPTV service of charge.
S503 ' is if the subscription network mark of the access network mark Bu Shi operator of this terminal, server sends miscue information by IPTV client to terminal, and this miscue information comprises: the access network mark of this terminal is not the indication information of the subscription network mark correspondence of this operator.
If this terminal of S504 orders data service corresponding to this service authentication request message, then server sends address of service corresponding to this data service by IPTV client to this terminal.
S504 ' is not if this terminal orders data service corresponding to this service authentication request message, then server sends data service order prompt information by IPTV client to this terminal.
The address that S505, terminal are corresponding according to this data service, by this IPTV client obtains this data service.
Terminal is by this IPTV client obtaining this data service, Ke Yishi, and this terminal plays this data service in IPTV client.
The access detection method that the embodiment of the present invention four provides, is explained the various embodiments described above by concrete example, and its beneficial effect is similar to the above embodiments, does not repeat them here.
The embodiment of the present invention five also provides a kind of server.The structural representation of a kind of server that Fig. 6 provides for the embodiment of the present invention five.As shown in Figure 6, this server 600 can comprise receiver module 601, generation module 602, sending module 603 and determination module 604.
Wherein, receiver module 601, for the request message that receiving terminal sends.
Generation module 602, if identify for the subscription network access of the network access Identifier Bu Shi operator of this terminal, generates authorization information according to this request message; This network access Identifier comprises: the internet protocol address of this terminal.
Sending module 603, for sending response message to this terminal; This response message comprises: this authorization information.
Receiver module 601, also for receiving the user identification code of this terminal that mobile gateway sends; This user identification code is send after this mobile gateway receives this authorization information of this terminal transmission.
Server 600 also comprises:
Determination module 604, if the contracted user's identification code for the user identification code of this terminal being this operator, determines that this terminal is the validated user of this operator.
Optionally, this authorization information comprises: identifying code.
Receiver module 601, also for receiving this user identification code and this authorization information of the transmission of this mobile gateway.
Server 600 also comprises:
First judge module, for judging that whether the user identification code of this terminal is contracted user's identification code of this operator.
This first judge module, also for judging that whether this identifying code is correct; Judge that whether this identifying code is expired; If this identifying code is correct, and this identifying code is not out of date, then determine that this identifying code is legal.
Optionally, server 600, also comprises:
Encrypting module, before sending this response message at sending module 603 to this terminal, is encrypted this authorization information.
Deciphering module, before judging that at this first judge module whether this identifying code is correct, is decrypted this authorization information, obtains this identifying code.
Optionally, this request message comprises: the data traffic information of this terminal.
This authorization information also comprises: the device identification of this terminal, and this data traffic information.
Optionally, server 600 also comprises:
Second judge module, before generating this authorization information at generation module 602 according to this request message, judges that whether this data traffic information is the signing service information of this operator; If this data traffic information is the signing service information of this operator, judge that whether the network access Identifier of this terminal is the subscription network access mark of operator.
Optionally, this data traffic information comprises: data service account corresponding to this terminal and password corresponding to this data service account.
Optionally, this data service account comprises: internet protocol television IPTV account.
Optionally, this authorization information is arbitrary in short message text, voice document, video file.
Optionally, this user identification code comprises: the mobile station identity number of this terminal.
Optionally, this receiver module 601, also for receiving this request message that this end is sent by client.
The server that the embodiment of the present invention five provides can perform the access detection method that server that above-described embodiment provides performs, specific implementation process and beneficial effect similar to the above embodiments, do not repeat them here.
The embodiment of the present invention six also provides a kind of mobile gateway.The structural representation of a kind of mobile gateway that Fig. 7 provides for the embodiment of the present invention seven.As shown in Figure 7, mobile gateway 700 comprises:
Receiver module 701, for the authorization information that receiving terminal sends; This authorization information is: when the subscription network access of the network access Identifier Bu Shi operator of this terminal identifies, the request message that server sends according to this terminal is determined;
Sending module 702, for sending the user identification code of this terminal to this server; This user identification code is used for when the user identification code of this terminal is contracted user's identification code of this operator, and this server is determined, and this terminal is the validated user of this operator.
Optionally, this authorization information comprises: identifying code;
Sending module 702, also for sending this user identification code and this authorization information to this server.
Optionally, this request message comprises: the data traffic information of this terminal;
This authorization information also comprises: the device identification of this terminal, and this data traffic information.
Optionally, this data traffic information comprises: data service account corresponding to this terminal and password corresponding to this data service account.
Optionally, this data service account comprises: internet protocol television IPTV account.
Optionally, this authorization information is arbitrary in short message text, voice document, video file.
Optionally, this user identification code comprises: the mobile station identity number of this terminal.
The mobile gateway that the embodiment of the present invention six provides, can perform the access detection method that the mobile gateway described in above-mentioned any embodiment performs, concrete implementation procedure and beneficial effect can refer to above-described embodiment, do not repeat them here.
One of ordinary skill in the art will appreciate that: all or part of step realizing above-mentioned each embodiment of the method can have been come by the hardware that program command is relevant.Aforesaid program can be stored in a computer read/write memory medium.This program, when performing, performs the step comprising above-mentioned each embodiment of the method; And aforesaid storage medium comprises: ROM, RAM, magnetic disc or CD etc. various can be program code stored medium.
Last it is noted that above each embodiment is only in order to illustrate technical scheme of the present invention, be not intended to limit; Although with reference to foregoing embodiments to invention has been detailed description, those of ordinary skill in the art is to be understood that: it still can be modified to the technical scheme described in foregoing embodiments, or carries out equivalent replacement to wherein some or all of technical characteristic; And these amendments or replacement, do not make the essence of appropriate technical solution depart from the scope of various embodiments of the present invention technical scheme.
Claims (36)
1. an access detection method, is characterized in that, comprising:
The request message that receiving terminal sends;
If the subscription network access mark of the network access Identifier Bu Shi operator of described terminal, according to described request message generation authorization information; Described network access Identifier comprises: the internet protocol address of described terminal;
Response message is sent to described terminal; Described response message comprises: described authorization information;
Receive the user identification code of the described terminal that mobile gateway sends; Described user identification code is send after described mobile gateway receives the described authorization information of described terminal transmission;
If the user identification code of described terminal is contracted user's identification code of described operator, determine that described terminal is the validated user of described operator.
2. method according to claim 1, is characterized in that, described authorization information comprises: identifying code;
The user identification code of the described terminal that described reception mobile gateway sends comprises:
Receive the described user identification code of described mobile gateway transmission and described authorization information;
If the user identification code of described terminal is contracted user's identification code of described operator, before determining that described terminal is the validated user of described operator, described method comprises:
If described identifying code is legal, judge that whether the user identification code of described terminal is contracted user's identification code of described operator.
3. method according to claim 2, is characterized in that, if described identifying code is legal, before judging whether the user identification code of described terminal is contracted user's identification code of described operator, described method also comprises:
Judge that whether described identifying code is correct;
Judge that whether described identifying code is expired;
If described identifying code is correct, and described identifying code is not out of date, then determine that described identifying code is legal.
4. method according to claim 3, is characterized in that, described before described terminal transmission response message, described method also comprises:
Described authorization information is encrypted;
Described judge that described identifying code is whether correct before, described method also comprises:
Described authorization information is decrypted, obtains described identifying code.
5. the method according to any one of claim 1-4, is characterized in that, described request message comprises: the data traffic information of described terminal;
Described authorization information also comprises: the device identification of described terminal, and described data traffic information.
6. method according to claim 5, is characterized in that, described according to before described request message generation authorization information, described method also comprises:
Judge that whether described data traffic information is the signing service information of described operator;
If described data traffic information is the signing service information of described operator, judge that whether the network access Identifier of described terminal is the subscription network access mark of operator.
7. the method according to claim 5 or 6, is characterized in that, described data traffic information comprises: the data service account that described terminal is corresponding and password corresponding to described data service account.
8. method according to claim 7, is characterized in that, described data service account comprises: internet protocol television IPTV account.
9. the method according to any one of claim 1-8, is characterized in that, described authorization information is arbitrary in short message text, voice document, video file.
10. the method according to any one of claim 1-9, is characterized in that, described user identification code comprises: the mobile station identity number of described terminal.
11. methods according to any one of claim 1-10, is characterized in that, the request message that described receiving terminal sends, and comprising:
Receive the described request message that described terminal is sent by client.
12. 1 kinds of access detection methods, is characterized in that, comprising:
The authorization information that receiving terminal sends; Described authorization information is: when the subscription network access of the network access Identifier Bu Shi operator of described terminal identifies, the request message that server sends according to described terminal is determined;
The user identification code of described terminal is sent to described server; Described user identification code is used for when the user identification code of described terminal is contracted user's identification code of described operator, and described server is determined, and described terminal is the validated user of described operator.
13. methods according to claim 12, is characterized in that, described authorization information comprises: identifying code;
The described user identification code sending described terminal to described server, comprising:
Described user identification code and described authorization information is sent to described server.
14. methods according to claim 12 or 13, it is characterized in that, described request message comprises: the data traffic information of described terminal;
Described authorization information also comprises: the device identification of described terminal, and described data traffic information.
15. methods according to claim 14, is characterized in that, described data traffic information comprises: the data service account that described terminal is corresponding and password corresponding to described data service account.
16. methods according to claim 15, is characterized in that, described data service account comprises: internet protocol television IPTV account.
17. methods according to any one of claim 12-16, it is characterized in that, described authorization information is arbitrary in short message text, voice document, video file.
18. methods according to any one of claim 12-17, it is characterized in that, described user identification code comprises: the mobile station identity number of described terminal.
19. 1 kinds of servers, is characterized in that, comprising:
Receiver module, for the request message that receiving terminal sends;
Generation module, if identify, according to described request message generation authorization information for the subscription network access of the network access Identifier Bu Shi operator of described terminal; Described network access Identifier comprises: the internet protocol address of described terminal;
Sending module, for sending response message to described terminal; Described response message comprises: described authorization information;
Described receiver module, also for receiving the user identification code of the described terminal that mobile gateway sends; Described user identification code is send after described mobile gateway receives the described authorization information of described terminal transmission;
Described server also comprises:
Determination module, if the contracted user's identification code for the user identification code of described terminal being described operator, determines that described terminal is the validated user of described operator.
20. servers according to claim 19, is characterized in that, described authorization information comprises: identifying code;
Described receiver module, also for receiving the described user identification code of described mobile gateway transmission and described authorization information;
Described server also comprises:
First judge module, for judging that whether the user identification code of described terminal is contracted user's identification code of described operator.
21. servers according to claim 20, is characterized in that,
Described first judge module, also for judging that whether described identifying code is correct; Judge that whether described identifying code is expired; If described identifying code is correct, and described identifying code is not out of date, then determine that described identifying code is legal.
22. servers according to claim 21, is characterized in that, described server, also comprises:
Encrypting module, before sending described response message at described sending module to described terminal, is encrypted described authorization information;
Deciphering module, before judging that at described first judge module whether described identifying code is correct, is decrypted described authorization information, obtains described identifying code.
23. servers according to any one of claim 19-22, it is characterized in that, described request message comprises: the data traffic information of described terminal;
Described authorization information also comprises: the device identification of described terminal, and described data traffic information.
24. servers according to claim 23, is characterized in that,
Described server also comprises:
Second judge module, for before described generation module authorization information according to described request message generation, judges that whether described data traffic information is the signing service information of described operator; If described data traffic information is the signing service information of described operator, judge that whether the network access Identifier of described terminal is the subscription network access mark of operator.
25. servers according to claim 23 or 24, it is characterized in that, described data traffic information comprises: the data service account that described terminal is corresponding and password corresponding to described data service account.
26. servers according to claim 25, is characterized in that, described data service account comprises: internet protocol television IPTV account.
27. servers according to any one of claim 19-26, it is characterized in that, described authorization information is arbitrary in short message text, voice document, video file.
28. servers according to any one of claim 19-27, it is characterized in that, described user identification code comprises: the mobile station identity number of described terminal.
29. servers according to any one of claim 19-28, is characterized in that,
Described receiver module, also for receiving the described request message that described terminal is sent by client.
30. 1 kinds of mobile gateways, is characterized in that, comprising:
Receiver module, for the authorization information that receiving terminal sends; Described authorization information is: when the subscription network access of the network access Identifier Bu Shi operator of described terminal identifies, the request message that server sends according to described terminal is determined;
Sending module, for sending the user identification code of described terminal to described server; Described user identification code is used for when the user identification code of described terminal is contracted user's identification code of described operator, and described server is determined, and described terminal is the validated user of described operator.
31. mobile gateways according to claim 30, is characterized in that, described authorization information comprises: identifying code;
Described sending module, also for sending described user identification code and described authorization information to described server.
32. mobile gateways according to claim 30 or 31, it is characterized in that, described request message comprises: the data traffic information of described terminal;
Described authorization information also comprises: the device identification of described terminal, and described data traffic information.
33. mobile gateways according to claim 32, is characterized in that, described data traffic information comprises: the data service account that described terminal is corresponding and password corresponding to described data service account.
34. mobile gateways according to claim 33, is characterized in that, described data service account comprises: internet protocol television IPTV account.
35. mobile gateways according to any one of claim 30-34, it is characterized in that, described authorization information is arbitrary in short message text, voice document, video file.
36. mobile gateways according to any one of claim 30-35, it is characterized in that, described user identification code comprises: the mobile station identity number of described terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510643152.8A CN105188063A (en) | 2015-09-30 | 2015-09-30 | Access testing method, server and mobile gateway |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510643152.8A CN105188063A (en) | 2015-09-30 | 2015-09-30 | Access testing method, server and mobile gateway |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105188063A true CN105188063A (en) | 2015-12-23 |
Family
ID=54909852
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510643152.8A Withdrawn CN105188063A (en) | 2015-09-30 | 2015-09-30 | Access testing method, server and mobile gateway |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105188063A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108702318A (en) * | 2017-06-23 | 2018-10-23 | 华为技术有限公司 | A kind of RCS communication means and equipment |
| CN109617780A (en) * | 2019-01-29 | 2019-04-12 | 新华三技术有限公司 | Access method, apparatus, terminal device and the machine readable storage medium of network |
| CN111353783A (en) * | 2018-12-21 | 2020-06-30 | 西安佰才邦网络技术有限公司 | Block chain based signing method and equipment |
| CN111356091A (en) * | 2018-12-21 | 2020-06-30 | 中国移动通信集团终端有限公司 | Message sending and receiving method and terminal |
| CN112134828A (en) * | 2019-06-25 | 2020-12-25 | 中国信息通信研究院 | Method and system for controlling user access |
| CN112511558A (en) * | 2020-12-01 | 2021-03-16 | 河南东方世纪交通科技股份有限公司 | Electromechanical device measurement and control system based on Internet of things |
| CN113329404A (en) * | 2021-05-27 | 2021-08-31 | 中国联合网络通信集团有限公司 | Network access method and device |
-
2015
- 2015-09-30 CN CN201510643152.8A patent/CN105188063A/en not_active Withdrawn
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108702318A (en) * | 2017-06-23 | 2018-10-23 | 华为技术有限公司 | A kind of RCS communication means and equipment |
| CN108702318B (en) * | 2017-06-23 | 2021-01-29 | 华为技术有限公司 | RCS communication method and equipment |
| CN111353783A (en) * | 2018-12-21 | 2020-06-30 | 西安佰才邦网络技术有限公司 | Block chain based signing method and equipment |
| CN111356091A (en) * | 2018-12-21 | 2020-06-30 | 中国移动通信集团终端有限公司 | Message sending and receiving method and terminal |
| CN111356091B (en) * | 2018-12-21 | 2021-08-27 | 中国移动通信集团终端有限公司 | Message sending and receiving method and terminal |
| CN109617780A (en) * | 2019-01-29 | 2019-04-12 | 新华三技术有限公司 | Access method, apparatus, terminal device and the machine readable storage medium of network |
| CN112134828A (en) * | 2019-06-25 | 2020-12-25 | 中国信息通信研究院 | Method and system for controlling user access |
| CN112511558A (en) * | 2020-12-01 | 2021-03-16 | 河南东方世纪交通科技股份有限公司 | Electromechanical device measurement and control system based on Internet of things |
| CN112511558B (en) * | 2020-12-01 | 2023-04-07 | 东方世纪科技股份有限公司 | Electromechanical device measurement and control system based on Internet of things |
| CN113329404A (en) * | 2021-05-27 | 2021-08-31 | 中国联合网络通信集团有限公司 | Network access method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105188063A (en) | Access testing method, server and mobile gateway | |
| US8832727B2 (en) | Method and authentication server for verifying access identity of set-top box | |
| US10348721B2 (en) | User authentication | |
| CN109345245B (en) | Short message verification method, device, network and storage medium based on block chain | |
| CN105814837B (en) | Method, equipment and system for directionally counting flow | |
| US20190289463A1 (en) | Method and system for dual-network authentication of a communication device communicating with a server | |
| US20080294891A1 (en) | Method for Authenticating a Mobile Node in a Communication Network | |
| CN104284213A (en) | Hotlink protection method, client side and system | |
| US10212144B2 (en) | Digital credential with embedded authentication instructions | |
| CN107196917B (en) | Service response method and middleware thereof | |
| WO2018065712A1 (en) | Method for mutual authentication between user equipment and a communications network | |
| US20170041785A1 (en) | Generic bootstrapping architecture protocol | |
| EP2845404A1 (en) | Network application function authorisation in a generic bootstrapping architecture | |
| CN102215486B (en) | Network access method, system, network authentication method, equipment and terminal | |
| CN109391473B (en) | Electronic signature method, device and storage medium | |
| US9680814B2 (en) | Method, device, and system for registering terminal application | |
| CN104917718A (en) | Method and terminal for fast authentication of mobile terminal user and application server | |
| CN110351254B (en) | Access operation execution method and device | |
| CN110138558B (en) | Transmission method and device of session key and computer-readable storage medium | |
| WO2005041608A1 (en) | Method of user authentication | |
| EP3079329B1 (en) | Terminal application registration method, device and system | |
| CN106230860A (en) | The method and apparatus sending Streaming Media | |
| CN108353259B (en) | Method and apparatus for charging record authentication for anonymized network service utilization | |
| EP2961208A1 (en) | Method for accessing a service and corresponding application server, device and system | |
| CN108400967B (en) | Authentication method and authentication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C04 | Withdrawal of patent application after publication (patent law 2001) | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20151223 |