CN105450547A - Method and device for allocating bandwidth on demand - Google Patents

Method and device for allocating bandwidth on demand Download PDF

Info

Publication number
CN105450547A
CN105450547A CN201410418350.XA CN201410418350A CN105450547A CN 105450547 A CN105450547 A CN 105450547A CN 201410418350 A CN201410418350 A CN 201410418350A CN 105450547 A CN105450547 A CN 105450547A
Authority
CN
China
Prior art keywords
message
equipment
mark
bandwidth
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201410418350.XA
Other languages
Chinese (zh)
Inventor
杜宗鹏
薛莉
苗福友
徐小飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201410418350.XA priority Critical patent/CN105450547A/en
Priority to PCT/CN2015/087583 priority patent/WO2016026448A1/en
Publication of CN105450547A publication Critical patent/CN105450547A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Abstract

The invention relates to communication field and especially to a method for allocating a bandwidth on demand. The method comprises steps that a first device receives a first message sent from a second device, wherein the second device is a device making a request for bandwidth adjustment, the first message includes a first identifier and a second identifier, the first identifier is used for identifying the type of the requested bandwidth adjustment, and the second identifier is used for identifying a user corresponding to the second device; the first device acquires a second message according to the first message, wherein the second message includes the first identifier and the second identifier; and the first device sends the second message to a server. The method determines whether the second device has the authority to adjust the bandwidth according to the identifier of the user rather than determine whether to adjust the bandwidth of a user device according to the access position of the user such that the bandwidth can be stilled adjusted when the access position of the user changes.

Description

A kind of method of bandwidth on demand and device
Technical field
The embodiment of the present invention relates to networking technology area, is specifically related to a kind of method and device of bandwidth on demand.
Background technology
Bandwidth on demand (English full name is BandwidthonDemand, is abbreviated as BOD) is that a kind of subscriber equipment or the network equipment obtain with the speed of its demand the mode that network can use access rate.This mode can allow user effectively utilize bandwidth rich on access line road, to improve network transmission speed, improves the experience of user.
A kind of BOD method is there is in prior art, subscriber equipment is after logging in online, (English full name is BroadbandRemoteAccessServer to Broadband Remote Access Server, be abbreviated as BRAS) to strategic server (English name is policyserver) report of user information, issued by reference address charging (English full name is DestinationAddressAccounting, is abbreviated as DAA) strategy to described BRAS by described strategic server.Described BRAS is according to described DAA strategy generating Access Control List (ACL) (English full name is AccessControlList, is abbreviated as ACL).When subscriber equipment access network, according to the on-position of described subscriber equipment, described BRAS determines whether the on-position of described subscriber equipment is its fixing on-position, if, then described BRAS allows user's access, and if this user have subscribed directed BOD business, then described BRAS distinguishes the server of user's access by the server address configured in ACL.Described BRAS determines according to the server address that user accesses the speed that described in customized BOD business, server address is corresponding, carries out speed adjustment according to the data flow of described speed to the access particular server of user.
Existing BOD method, carrier network often needs the on-position locking user, according to the line attachment distribution service of user, causes user can only carry out BOD speed-raising in fixing on-position thus.
Summary of the invention
The technical problem that the embodiment of the present invention solves is to provide a kind of method and apparatus of bandwidth on demand, contributes to still realizing network speed-raising when the on-position of user is moved or changed.
For this reason, the embodiment of the present invention provides following technical scheme:
First aspect, provides a kind of method of bandwidth on demand, and described method comprises:
First equipment receives the first message comprising bandwidth adjustment request that the second equipment sends, described second equipment is the equipment of bandwidth on demand adjustment, described first message comprises the first mark and the second mark, described first mark is used for the type of identification request Bandwidth adjustment, and described second mark is for identifying user corresponding to described second equipment;
Described first equipment, when described first message comprises described first mark, obtains the second message according to described first message, and described second message comprises described first mark and described second mark;
Described first device-to-server sends described second message, and described server is for responding described bandwidth adjustment request.
In conjunction with first aspect, in the first possible implementation of first aspect, described first message is that (English full name is ExtensibleAuthenticationProtocleRequest in EAP request, be abbreviated as EAPRequest) message, described EAPRequest message comprises subtype (English name is Subtype) and attribute type (English name is AttributeType), described Subtype is used for carrying described first mark, and described AttributeType is used for carrying described second mark.
In conjunction with first aspect, in the implementation that the second of first aspect is possible, described first message is that (English full name is ExtensibleAuthenticationProtocolResponse in EAP response, be abbreviated as EAPResponse) message, the AttributeType of described EAPResponse message is used for carrying described first mark and described second mark.
In conjunction with the first possible implementation of first aspect, described first aspect or the possible implementation of the second of described first aspect, in the third possible implementation of first aspect, described second message is that (English full name is RemoteAuthenticationDialInUserService to remote customer dialing authentication system protocol, english abbreviation is RADIUS) message, the AttributeType of described RADIUS message is used for carrying described first message.
Second aspect, provides a kind of method of bandwidth on demand, and described method comprises:
Server receives the first message that the first equipment sends, described first message comprises the first mark and the second mark, described first mark is used for the type of identification request Bandwidth adjustment, described second mark is for identifying user corresponding to the second equipment, and described second equipment is the equipment of bandwidth on demand adjustment;
According to described second mark, described server judges whether described user has the authority of Bandwidth adjustment;
When described server determines that described user has the authority of Bandwidth adjustment, described server is according to described first mark, (English full name is ChangeofAuthentication to obtain the first strategy change, be abbreviated as COA) message, a described COA message comprises described second mark, and a described COA message is used to indicate BAS Broadband Access Server BRAS execution and identifies corresponding Bandwidth adjustment with described first;
Described server sends and a COA message described in described request Bandwidth adjustment to described BRAS.
In conjunction with second aspect, in the first possible implementation of second aspect, described method also comprises:
Described server sends the second message to described second equipment, and described second message comprises the random number in authentication vector;
When described server determines the response message corresponding with described second message not receiving described second equipment transmission, or when described server is according to the response message determination authentification failure that described second message is corresponding, the 2nd COA message is sent to described BRAS, described 2nd COA message comprises described second mark, and described 2nd COA message is used to indicate described BRAS and stops execution identifying corresponding Bandwidth adjustment with described first.
The third aspect, provides a kind of method of bandwidth on demand, and described method comprises:
First equipment obtains the first message, described first equipment is the equipment of bandwidth on demand adjustment, described first message comprises the first mark and the second mark, and described first mark is used for the type of identification request Bandwidth adjustment, and described second mark is for identifying user corresponding to described first equipment;
Described first equipment sends described first message to the second equipment.
In conjunction with the third aspect, in the first possible implementation of the third aspect, before described first equipment obtains the first message, described method also comprises:
Described first equipment receives described second equipment and sends EAPRequest message;
Described first equipment obtains the first message and comprises:
After described first equipment receives described EAPRequest message, obtain EAPResponse message, described EAPResponse message comprises described first mark and described second mark.
In conjunction with the third aspect, in the implementation that the second of the third aspect is possible, before described first equipment obtains the first message, described method also comprises:
Described first equipment receives the second message that described second equipment sends, and described second message is used to indicate the certification of described first equipment by described second equipment.
In conjunction with any one possible implementation aforementioned of the third aspect or the third aspect, in the third possible implementation of the third aspect, described method also comprises:
Described first equipment receives the 3rd message from server, and described server is for responding described bandwidth adjustment request, and described 3rd message comprises the random number in authentication vector;
Described first equipment identifies corresponding shared key according to the random number in described authentication vector and with described second, access authentication operation result;
Described first equipment sends the 4th message to described server, and described 4th message comprises described authentication algorithm result.
Fourth aspect, provides a kind of first equipment, and described first equipment comprises:
First receiving element, for receiving the first message comprising bandwidth adjustment request that the second equipment sends, described second equipment is the equipment of bandwidth on demand adjustment, described first message comprises the first mark and the second mark, described first mark is used for the type of identification request Bandwidth adjustment, and described second mark is for identifying user corresponding to described second equipment;
First obtains unit, when described first message for receiving at described receiving element comprises described first mark, obtains the second message according to described first message, and described second message comprises described first mark and described second mark;
First transmitting element, for sending described second message that described acquisition unit obtains to server, described server is used for responsive bandwidth adjustment request.
In conjunction with fourth aspect, in the first possible implementation of fourth aspect, described first message is EAPRequest message, described EAPRequest message comprises Subtype and AttributeType, described Subtype is used for carrying described first mark, and described Attributetype carries described second mark.
In conjunction with fourth aspect, in the implementation that the second of fourth aspect is possible, described first message is EAPResponse message, and the AttributeType of described EAPResponse message is used for carrying described first mark and described second mark.
In conjunction with the first of fourth aspect or fourth aspect to the possible implementation of the second, in the third possible implementation of fourth aspect, described second message is RADIUS message, and the AttributeType of described RADIUS message is used for carrying described first message.
5th aspect, provides a kind of server, and described server comprises:
First receiving element, for receiving the first message that the first equipment sends, described first message comprises the first mark and the second mark, described first mark is used for the type of identification request Bandwidth adjustment, described second mark is for identifying user corresponding to the second equipment, and described second equipment is the equipment of bandwidth on demand adjustment;
According to described second mark, determining unit, for judging whether described user has the authority of Bandwidth adjustment;
First obtains unit, for when determining that described user has the authority of Bandwidth adjustment, according to described first mark, obtain a COA message, a described COA message comprises described second mark, and a described COA message is used to indicate BRAS execution and identifies corresponding Bandwidth adjustment with described first;
First transmitting element, for sending a described COA message to described BRAS.
In conjunction with the 5th aspect, in the first the possible implementation in the 5th, described server also comprises:
Second transmitting element, for sending the second message to described second equipment, described second message comprises the random number in authentication vector;
3rd transmitting element, for working as the response message corresponding with described second message determining not receive described second equipment transmission, or during according to the response message determination authentification failure that described second message is corresponding, the 2nd COA message is sent to described BRAS, described 2nd COA message comprises described second mark, and described 2nd COA is used to indicate described BRAS and stops execution identifying corresponding Bandwidth adjustment with described first.
6th aspect, provide the equipment of a kind of bandwidth on demand adjustment, the equipment of described request Bandwidth adjustment is the first equipment, and described first equipment comprises:
Obtain unit, for obtaining the first message, described first message comprises described first mark and the second mark, and described first mark is used for the type of identification request Bandwidth adjustment, and described second mark is for identifying user corresponding to described first equipment;
First transmitting element, for sending described first message to the second equipment.
In conjunction with the 6th aspect, in the first the possible implementation in the 6th, described equipment also comprises:
First receiving element, for receiving the EAPRequest message that described second equipment sends;
Described acquisition unit specifically for:
After described second receiving element receives described EAPRequest message, obtain EAPResponse message, described EAPResponse message comprises described first mark and described second mark.
In conjunction with the 6th aspect, in the implementation that the second in the 6th is possible, described equipment also comprises:
Second receiving element, for receiving the second message that described second equipment sends, described second message is used to indicate the certification of described first equipment by described second equipment.
In conjunction with any one possible implementation aforementioned of the 6th aspect or the 6th aspect, in the third the possible implementation in the 6th, described equipment also comprises:
3rd receiving element, for receiving the 3rd message from server, described server is for responding described bandwidth adjustment request, and described 3rd message comprises the random number in authentication vector;
Computing unit, for identifying corresponding shared key according to the random number in described authentication vector and with described second, access authentication operation result;
Second transmitting element, for sending the 4th message to described second equipment, described 4th message comprises described authentication algorithm result.
According to the method and apparatus of the bandwidth on demand that an aspect of the embodiment of the present invention provides, the first message comprising described first mark and the second mark that the second equipment that first equipment receives bandwidth on demand adjustment sends, the type of described first mark for identifying described request Bandwidth adjustment, described second mark is for identifying user corresponding to described second equipment; Described first equipment obtains the second message comprising described second mark and described first mark according to described first message, described second message is sent to server, can determine whether the user of described second mark correspondence has Bandwidth adjustment authority according to described second mark to make described server, and when confirming that described user has Bandwidth adjustment authority, perform bandwidth adjustment operations.Like this, the embodiment of the present invention utilizes the information of identifying user identity to distinguish the second equipment whether to have the authority of carrying out Bandwidth adjustment, instead of determine whether to adjust the bandwidth of subscriber equipment by the on-position of user, when the on-position of subscriber equipment is changed, still Bandwidth adjustment can be carried out.The present invention achieves by simple method the object that subscriber equipment improves bandwidth rates or reduction bandwidth rates.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present application or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, the accompanying drawing that the following describes is only some embodiments recorded in the application, for those of ordinary skill in the art, other accompanying drawing can also be obtained according to these accompanying drawings.
The schematic flow sheet of the method for a kind of bandwidth on demand that Fig. 1 provides for the embodiment of the present invention;
The schematic flow sheet of the method for a kind of bandwidth on demand that Fig. 2 provides for the embodiment of the present invention;
The schematic flow sheet of the method for a kind of bandwidth on demand that Fig. 3 provides for the embodiment of the present invention;
A kind of application scenarios schematic diagram of the method for the bandwidth on demand that Fig. 4 provides for the embodiment of the present invention;
The signaling diagram of the method for a kind of bandwidth on demand that Fig. 5 provides for the embodiment of the present invention;
The signaling diagram of the method for a kind of bandwidth on demand that Fig. 6 provides for the embodiment of the present invention;
The signaling diagram of the method for a kind of bandwidth on demand that Fig. 7 provides for the embodiment of the present invention;
The signaling diagram of the method for a kind of bandwidth on demand that Fig. 8 provides for the embodiment of the present invention;
The signaling diagram of the method for a kind of bandwidth on demand that Fig. 9 provides for the embodiment of the present invention;
The schematic diagram of a kind of first equipment that Figure 10 provides for the embodiment of the present invention;
The schematic diagram of a kind of first equipment that Figure 11 provides for the embodiment of the present invention;
The schematic diagram of a kind of server that Figure 12 provides for the embodiment of the present invention;
The schematic diagram of a kind of server that Figure 13 provides for the embodiment of the present invention;
The schematic diagram of the equipment of a kind of bandwidth on demand adjustment that Figure 14 provides for the embodiment of the present invention;
The schematic diagram of the equipment of a kind of bandwidth on demand adjustment that Figure 15 provides for the embodiment of the present invention;
A kind of implementation schematic diagram of EAPRequest message that Figure 16 provides for the embodiment of the present invention.
Embodiment
The technical problem that the embodiment of the present invention solves is to provide a kind of method and apparatus of bandwidth on demand, and without the need to locking the on-position of user, network speed adjustment is carried out in the fixing on-position according to user.The embodiment of the present invention can simply method realize user still can realize when on-position is moved or change the network bandwidth adjustment.
In order to the scheme making those skilled in the art person understand the embodiment of the present invention better, below in conjunction with drawings and embodiments, the embodiment of the present invention is described in further detail.
The term used in embodiments of the present invention is only for the object describing specific embodiment, and not intended to be limiting the present invention." one ", " described " and " being somebody's turn to do " of the singulative used in the embodiment of the present invention and appended claims is also intended to comprise most form, unless context clearly represents other implications.It is also understood that term "and/or" used herein refer to and comprise one or more project of listing be associated any or all may combine.
Although should be appreciated that and term first, second, third may be adopted in embodiments of the present invention to describe some equipment, unit or message, such as use the first equipment, the second equipment etc. to describe each equipment, these equipment should not be limited to these terms.These terms are only used for such as the first equipment and the second equipment being distinguished from each other out.Such as, when not departing from embodiment of the present invention scope, the first equipment also can be called as the second equipment, and similarly, the second equipment also can be called as the first equipment.
Depend on linguistic context, word as used in this " if " can be construed as into " ... time " or " when ... time " or " in response to determining " or " in response to detection ".Similarly, depend on linguistic context, phrase " if determination " or " if detecting (the conditioned disjunction event of statement) " can be construed as " when determining " or " in response to determining " or " when detecting (the conditioned disjunction event of statement) " or " in response to detection (the conditioned disjunction event of statement) ".
Method shown in Fig. 1 is described from the method for angle to bandwidth on demand of the first equipment.Described first equipment be can with the equipment of the second equipment and server communication, described second equipment is the equipment of bandwidth on demand adjustment, and described server can responsive bandwidth adjustment request.Show the schematic flow sheet of the method for a kind of bandwidth on demand of the embodiment of the present invention see Fig. 1, Fig. 1, can comprise the following steps:
S101, described first equipment receives the first message comprising bandwidth adjustment request that the second equipment sends, described second equipment is the equipment of bandwidth on demand adjustment, described first message comprises the first mark and the second mark, the type of described first mark for identifying described request Bandwidth adjustment, described second mark is for identifying user corresponding to described second equipment.
For example, described first equipment is connected with described second devices communicating, described first equipment can also be connected with server communication, described server is used for responsive bandwidth adjustment request, described server can be authentication, mandate and charging (English full name is AuthenticationAuthorizationandAccounting, is abbreviated as AAA) server, strategic server or be integrated with the aaa server of strategic server.Wherein, described second equipment is the equipment of bandwidth on demand adjustment, such as subscriber equipment, home gateway (English full name is ResidentialGateway, and english abbreviation is RG).Described subscriber equipment includes but not limited to the equipment such as portable consumer device of TV, mobile phone, television rod, support USB (English full name is UniversalSerialBus, and english abbreviation is USB) interface.The second mark preserved by described subscriber equipment, and described second mark is for identifying described subscriber equipment.RG can preserve the second mark, and described second mark is for identifying the user corresponding to described RG.Described second mark can be the identify label of user, (English full name is SubscriberIdentityModule to the User Identity module being such as applied in mobile phone, english abbreviation is SIM) or Universal Subscriber Identity identification module (English full name is UniversalSubscriberIdentityModule, english abbreviation is USIM) in the identify label of user of preserving, the identify label of this user can unique identification user.Wherein, described first equipment can be the equipment described second equipment being carried out to certification, may not be the equipment described second equipment being carried out to certification, but by other equipment, certification is carried out to described second equipment, after certification is passed through, receive first message of described second equipment for bandwidth on demand adjustment by described first equipment.Described first equipment can be RG equipment, can also be BRAS, (English full name is DigitalSubscriberLineAccessMultiplexer to digital subscriber line access multiplex, english abbreviation is DSLAM), (English full name is HypertextTransferProtocol to HTML (Hypertext Markup Language), english abbreviation is HTTP) server, or other authenticating devices, such as (English full name is AccessController to access controller, english abbreviation is AC), Deng, the embodiment of the present invention does not limit this.
For example, described first mark that described first message comprises is for the type of identification request Bandwidth adjustment, the type of described request Bandwidth adjustment can for improving bandwidth, stopping improving bandwidth, reducing bandwidth or stop reducing bandwidth, the type of Bandwidth adjustment can be also other type, illustrates no longer one by one at this.
In a kind of possible implementation, described first message can be specifically EAPResponse message.In embodiments of the present invention, expand EAP message, the AttributeType of EAPResponse message can carry the first mark and the second mark.Such as: first kind length value (English full name is TypeLengthValue, and english abbreviation the is TLV) field of the AttributeType of EAP message can carry the first mark, and the 2nd TLV field of described AttributeType can carry the second mark.Wherein, described AttributeType can be carried in the payload (English name is payload) of described EAPResponse message, or can be carried in the heading of described EAPResponse message.
In the implementation of another possibility, described first message can be specifically EAPRequest message.In embodiments of the present invention, define the type of new EAP message, described EAPRequest message comprises Subtype and AttributeType, and described Subtype is used for carrying described first mark, and described AttributeType can carry described second mark.Such as: described AttributeType can comprise a TLV field, described TLV field is for carrying the identify label of described user.Wherein, the heading of described EAPRequest can comprise Method type (English name is MethodType) and described Subtype; The payload of described EAPRequest comprises the TLV field of described AttributeType.In the implementation that another kind is possible, the heading of described EAPRequest comprises MethodType, and the payload of described EAPRequest comprises the TLV field of described Subtype and described AttributeType.
S102, described first equipment, when described first message comprises described first mark, obtains the second message according to described first message, and described second message comprises described first mark and described second mark.
For example, when described first equipment is when determining that described first message comprises the first mark, described first equipment obtains according to described first message the second message meeting the communications protocol format of described first equipment and described server.Described second message can be RADIUS message, and also can be charging certification (English name is Diameter) protocol massages, or meet the message of communications protocol format, described communication protocol be the communication protocol between the first equipment and server.
For example, when described first message is EAP message, such as EAPResponse message or EAPrequest message, described second message can be RADIUS message, the AttributeType of described RADIUS message comprises a TLV field, and described TLV field is used for carrying described first message.
S103, described first device-to-server sends described second message, and described server is used for responsive bandwidth adjustment request.
For example, described first device-to-server sends described second message, and wherein, described second message comprises described second mark and described first mark.Described server, after receiving described second message, by described second mark comprised according to described second message, determines whether the user of described second mark correspondence has the authority of Bandwidth adjustment.When described server determines that the user of described second mark correspondence has the authority of Bandwidth adjustment, described server is according to described first mark acquisition the one COA message, a described COA message comprises described second mark, and a described COA message is used to indicate BRAS execution and identifies corresponding Bandwidth adjustment with described first; Described server sends a described COA message to described BRAS.A described COA message identifies corresponding Bandwidth adjustment for notifying that described BRAS performs with described first.
Alternatively, a described COA message can comprise described first mark or identify corresponding information with described first, so that described BRAS can perform according to a COA message identify corresponding Bandwidth adjustment with described first.
Alternatively, the method that the embodiment of the present invention provides can also comprise: described first equipment receives the 3rd message that described server sends, and described 3rd message comprises the result of described request Bandwidth adjustment; Described first equipment obtains the 4th message according to described 3rd message, and described 4th message comprises the 3rd mark, the result of described 3rd mark for identifying described request Bandwidth adjustment; Described first equipment sends described 4th message to described second equipment.Described 4th message is for notifying the result of the second device request Bandwidth adjustment.
Alternatively, in embodiments of the present invention, described first equipment can also forward the message of described server and described second equipment room, and the method that namely embodiment of the present invention provides can also comprise:
Described first equipment receives the 5th message comprising the random number (English name is randomnumber, and english abbreviation is RAND) in authentication vector that described server sends, and sends to described second equipment the 6th message comprising described random number;
Described first equipment receives the 7th message that described second equipment sends, and described 7th message comprises and carries out according to the shared key of the identify label of described random number and corresponding described user the authentication algorithm result that computing obtains;
Described first equipment sends the 8th message comprising described authentication algorithm result to described server;
Described first equipment receives the 9th message that described server sends; Described 9th message is used to indicate described first equipment, has stopped the user corresponding to described second mark and has carried out Bandwidth adjustment;
Described first equipment sends the tenth message to described second equipment, and described tenth message comprises the 4th mark, and described 4th mark is used to indicate described second equipment, has stopped the user corresponding to described second mark and has carried out Bandwidth adjustment.
For example, described authentication vector can be called authentication vector again, can comprise random number and authentication token (English name is authenticationtoken, and english abbreviation is AUTN); Described authentication vector is calculate according to the shared key of the identify label of the described user of correspondence.Described authentication vector is used for carrying out authentication algorithm.Concrete certification realizes to realize with reference to the method for embodiment corresponding to Fig. 6.
In the method for the bandwidth on demand provided in the embodiment of the present invention, the first message comprising described first mark and the second mark that the second equipment that first equipment receives bandwidth on demand adjustment sends, described first equipment obtains the second message comprising described first mark and described second mark according to described first message, described first device-to-server sends described second message, adjusts when confirming that the user of described second mark correspondence has Bandwidth adjustment authority to make described server to the bandwidth of described user.Like this, by user ID, the embodiment of the present invention determines whether the second equipment has the authority of carrying out Bandwidth adjustment, when the on-position of subscriber equipment is changed, still can carry out Bandwidth adjustment, contributes to the operation simplifying Bandwidth adjustment.
Method shown in Fig. 2 is described from the method for angle to bandwidth on demand of server.Content in the embodiment that the first equipment in the embodiment that Fig. 2 is corresponding is corresponding with Fig. 1 with the implication of the second equipment is identical, repeats no more in the embodiment that Fig. 2 is corresponding.Show the schematic flow sheet of the method for a kind of bandwidth on demand of the embodiment of the present invention see Fig. 2, Fig. 2, can comprise the following steps:
S201, described server receives the first message that the first equipment sends, described first message comprises the first mark and the second mark, described first mark is used for the type of identification request Bandwidth adjustment, described second mark is for identifying user corresponding to the second equipment, and described second equipment is the equipment of bandwidth on demand adjustment.
For example, described server can be strategic server, have the aaa server of Developing Tactics function or Bandwidth adjustment function or be integrated with the aaa server of strategic server function, and namely described server can change message to BRAS sending strategy.Certainly, do not get rid of described server self yet and namely there is the function performing Bandwidth adjustment strategy, can perform according to described first message and identify corresponding Bandwidth adjustment with described first.Described first mark that described first message comprises is for the type of identification request Bandwidth adjustment, and the type of described request Bandwidth adjustment can comprise raising bandwidth, stop improving bandwidth, reduces bandwidth or stop reduction bandwidth.
For example, the first message in the embodiment that Fig. 2 is corresponding can be specifically the second message in the embodiment that Fig. 1 is corresponding, no longer repeats described first message at this.The first message in the embodiment that Fig. 2 is corresponding is the message of the communications protocol format meeting described first equipment and described server.Wherein, described first message can be RADIUS message, also can be Diameter message.
S202, according to described second mark, described server judges whether described user has the authority of Bandwidth adjustment.
For example, save the corresponding relation of the authority of the second mark and user in described server, according to described second mark, described server can determine whether described user has the authority of bandwidth on demand adjustment.Be different from the mode of the fixing on-position adjustment bandwidth needed according to user, determine whether the user of described second mark correspondence has the authority of bandwidth on demand adjustment according to second mark of carrying in message in the embodiment of the present invention, thus make subscriber equipment when on-position is moved, still can determine its Bandwidth adjustment authority by second mark of carrying in request message, realize the Bandwidth adjustment to subscriber equipment.Described second mark can be such as the identify label of user.
S203, when described server determines that described user has the authority of Bandwidth adjustment, described server is according to described first mark, obtain a COA message, a described COA message comprises described second mark, and a described COA message is used to indicate BRAS execution and identifies corresponding Bandwidth adjustment with described first.
S204, described server sends a described COA message to described BRAS.
For example, described server sends a COA message to described BRAS, is used to indicate BRAS execution and identifies corresponding Bandwidth adjustment with described first.Described server notice BRAS carries out strategy and changes to carry out Bandwidth adjustment to the user of described second mark correspondence, and the type of Bandwidth adjustment is corresponding with the type that the bandwidth on demand that described first identifies adjusts.
Alternatively, the method that the embodiment of the present invention provides also comprises: described server receives the COA response message that described BRAS sends, and a described COA response message comprises the result of Bandwidth adjustment; The 3rd message is obtained according to a described COA response message; Described 3rd message is sent to described first equipment; Wherein, described 3rd message comprises the result of described Bandwidth adjustment.During specific implementation, BRAS, after the user corresponding to described second mark carries out identifying corresponding Bandwidth adjustment success with first, returns a COA response message to described server, carries the result of described Bandwidth adjustment at a described COA response message.Described server constructs the 3rd message, sends described 3rd message, for notifying the result of its Bandwidth adjustment to described first equipment.
Alternatively, the method that the embodiment of the present invention provides can also comprise: described server sends the second message to described second equipment, and described second message comprises the random number in authentication vector; When described server determines the response message corresponding with described second message not receiving described second equipment transmission, or when described server is according to the response message determination authentification failure that described second message received is corresponding, the 2nd COA message is sent to described BRAS, described 2nd COA message comprises described second mark, and described 2nd COA message is used to indicate described BRAS and stops execution identifying corresponding Bandwidth adjustment with described first; Receive the 2nd COA response message of described BRAS transmission at described server after, send the 4th message to described first equipment; Wherein, described 4th message is used to indicate described first equipment, has stopped performing identifying corresponding Bandwidth adjustment with described first.Specific implementation can realize with reference to the method for embodiment corresponding to Fig. 6.
Alternatively, after S202, the method that the embodiment of the present invention provides can also comprise: when described server determines that described user does not have the authority of Bandwidth adjustment, described server can send the 5th message to the equipment of bandwidth on demand adjustment, described 5th message can carry the result of Bandwidth adjustment, and the result of described Bandwidth adjustment can be Bandwidth adjustment failure.For example, described server, by described first equipment, sends described 5th message to described second equipment; Described first equipment can be the equipment described second equipment being carried out to certification, and described second equipment can be the equipment of bandwidth on demand adjustment.
In the method for the bandwidth on demand provided in the embodiment of the present invention, the second mark in the first message that described server sends according to the equipment received, judges whether user corresponding to described second mark has Bandwidth adjustment authority.When described server determines that described user has Bandwidth adjustment authority, according to the type of the bandwidth on demand adjustment that described first identifies, the bandwidth of described user is adjusted.By the second mark, the embodiment of the present invention determines whether the user that the second equipment is corresponding has the authority of carrying out Bandwidth adjustment, instead of determine whether to adjust bandwidth by the on-position of user, when the on-position of subscriber equipment is changed, still Bandwidth adjustment can be carried out.
The embodiment that Fig. 3 is corresponding is described from the method for angle to bandwidth on demand of the equipment of bandwidth on demand adjustment.In the embodiment that Fig. 3 is corresponding, the equipment of bandwidth on demand adjustment is the first equipment, and the equipment that can carry out communicating with the first equipment and server is the second equipment, and server can be used for responsive bandwidth adjustment request.Show the schematic flow sheet of the method for a kind of bandwidth on demand of the embodiment of the present invention see Fig. 3, Fig. 3, can comprise the following steps:
S301, described first equipment obtains the first message, described first equipment is the equipment of bandwidth on demand adjustment, described first message comprises institute first mark and the second mark, described first mark is used for the type of identification request Bandwidth adjustment, and described second mark is for identifying user corresponding to described first equipment.
The first equipment in the embodiment that Fig. 3 is corresponding can be the second equipment in the embodiment that Fig. 1 is corresponding, the second equipment in the embodiment that Fig. 3 is corresponding can be the first equipment in the embodiment that Fig. 1 is corresponding, server in the embodiment that Fig. 3 is corresponding can be the server in the embodiment that Fig. 1 is corresponding, and the first equipment in the embodiment that this is no longer corresponding to Fig. 3, the second equipment and server are described.
Alternatively, before described first equipment obtains the first message, described method also comprises: described first equipment receives the EAPRequest message that described second equipment sends, and described EAPRequest message is used for the mark to user corresponding to the first equipment described in described first device request.Described first equipment obtains the first message and comprises: after described first equipment receives described EAPRequest message, obtains EAPResponse message, and described EAPResponse message comprises described first mark and described second mark.In this implementation, described first equipment, after the EAPRequest message receiving the second equipment transmission, comprises described second mark and the first EAPResponse message identified, to server request Bandwidth adjustment by sending to the second equipment.Wherein, described first equipment can to carry out certification mutual and after determining that certification is passed through with described second equipment, send easily extensible identity authentication protocol initialization (English name is EAPStart) message to described second equipment, send EAPRequest message to trigger described second equipment.Or described first equipment with the certification reciprocal process of described second equipment, can send described first message.Such as, described first equipment sends EAPStart start of heading verification process to described second equipment, after the EAPRequest message receiving described second equipment, send the EAPResponse message comprising described second mark and the first mark to described second equipment.
Alternatively, before described first equipment obtains the first message, described method also comprises: described first equipment receives the second message that described second equipment sends, and described second message is used to indicate the certification of described first equipment by described second equipment.Described first equipment obtains the first message and comprises: after described first equipment receives described second message, obtain the first message.In this kind of implementation, described first equipment and the second equipment carry out certification and described first equipment by after certification, described first equipment obtains the first message.Certainly, also can be the first equipment and another equipment carry out certification and described first equipment by after certification, described first equipment obtains the first message.
S302, described first equipment sends described first message to the second equipment.
For example, described first mark that described first message comprises is for the type of identification request Bandwidth adjustment, and the type of described request Bandwidth adjustment can comprise raising bandwidth, stop improving bandwidth, reduces bandwidth or stop reduction bandwidth.The first message in the embodiment that the first message in the embodiment that Fig. 3 is corresponding is corresponding with Fig. 1 is identical, does not repeat them here.
Alternatively, the method that the embodiment of the present invention provides also comprises: described first equipment receives from the 3rd message of server, and described 3rd message comprises the random number in authentication vector, described server for the first equipment carry out the equipment of certification; Described first equipment, according to the random number in described authentication vector and the corresponding described second shared key identified, carries out computing and obtains authentication algorithm result, and send to described server and comprise the 4th message, described 4th message comprises described authentication algorithm result; Described first equipment receives the 5th message that described second equipment sends, and described 5th message comprises the 3rd mark, and described 3rd mark is used to indicate described second equipment, has stopped the user corresponding to the identify label of described user and has carried out Bandwidth adjustment.Specific implementation can realize with reference to the method for embodiment corresponding to Fig. 6.
Alternatively, the method that the embodiment of the present invention provides also comprises: described first equipment receives the 6th message that described second equipment sends, and described 6th message comprises the 4th mark, and described 4th mark is used for the result of identification request Bandwidth adjustment.
In the method for the bandwidth on demand provided in the embodiment of the present invention, described first equipment is when needs carry out Bandwidth adjustment, obtain the first message comprising the first mark and the second mark, the type of described first mark for identifying described request Bandwidth adjustment, described second mark is for identifying user corresponding to described first equipment; Described first equipment sends described first message to the second equipment.The first mark in the first message received and the second mark can be forwarded to server by the second equipment, are adjusted when confirming that the user of described second mark correspondence has Bandwidth adjustment authority by described server to the bandwidth of described user.By the second mark, the embodiment of the present invention determines whether the user that the second equipment is corresponding has the authority of carrying out Bandwidth adjustment, instead of determine whether to adjust bandwidth by the on-position of user, when the on-position of subscriber equipment is changed, still Bandwidth adjustment can be carried out.
Below in conjunction with Fig. 4 to Fig. 9, the method for the bandwidth on demand that the embodiment of the present invention provides is introduced in detail.Below with bandwidth on demand adjustment equipment for subscriber equipment, server is aaa server, and the second identify label being designated user is that example is introduced, and is below only exemplary illustration, is not considered as limitation of the present invention.
Wherein, the method shown in Fig. 5 to Fig. 8 can be applied in the application scenarios shown in Fig. 4.Wherein, the equipment of bandwidth on demand adjustment is subscriber equipment, and described subscriber equipment is communicated to connect by RG and BRAS, BRAS can be connected with aaa server, described aaa server can change function by Integrated Strategy, for sending COA message to BRAS, so that described BRAS performs Bandwidth adjustment.If aaa server does not possess the function of strategic server, aaa server also needs the first mark and second received to identify sending value strategic server.The aaa server that Fig. 5 and Fig. 8 changes function for Integrated Strategy is described.Subscriber equipment shown in Fig. 4 can be the equipment comprising SIM or USIM, or carries the equipment of identify label.Several possible implementation of subscriber equipment can be introduced below, be below only exemplary introduction, not be considered as limiting the embodiment of the present invention.
(1) subscriber equipment can be the television rod of a band sim module, described television rod contains sim card slot, USB and HDMI (High Definition Multimedia Interface) (English full name is HighDefinitionMultimediaInterface, and english abbreviation is HDMI).Or described television rod contains sim card slot, USB and mobile terminal high-definition audio and video standard interface (English full name is MobileHigh-DefinitionLink, and English abbreviation is MHL) connecting line.Described television rod can use android system.Described television rod also can comprise communication module, and described communication module can be such as WiFi module.Alternatively, described television rod can possess the function of remote controller.
(2) subscriber equipment can be the portable equipment with USB interface of a band sim module, comprises sim card slot and USB interface.This portable equipment with USB interface uses android system.This portable equipment with USB interface also can comprise communication module, and described communication module can be such as WiFi module.This portable equipment with USB interface can work alone, and also can not work alone, but is inserted in the equipment supporting associated drives.
(3) subscriber equipment can be the portable equipment with USB interface of a band sim module, and it contains sim card slot and USB interface.The portable equipment with USB interface can be inserted in the equipment supporting relevant driving, as various TV box.The portable equipment with USB interface does not have android system, does not possess the ability worked alone.
(4) subscriber equipment can be a SIM card, coordinates one to support relevant driving, contains the equipment of sim card slot, such as, be expanded the TV box supporting SIM card slot.
See Fig. 5, it is the signaling diagram of the method for a kind of bandwidth on demand of the embodiment of the present invention.
Wherein, the equipment of bandwidth on demand adjustment is specially subscriber equipment, the equipment receiving the request message of described subscriber equipment is the 802.1X authenticating device in WLAN (English full name is WirelessLocalAreaNetworks, and english abbreviation is WLAN).Abbreviation using 802.1X as Institute of Electrical and Electronics Engineers (for InstituteofElectricalandElectronicsEngineers, english abbreviation is IEEE to English full name) 802.1X in the embodiment of the present invention.802.1X authenticating device in described wlan network can be RG equipment, can also be BRAS.In this embodiment, subscriber equipment after passing through to the certification of authenticating device transmission authentication request, then sends EAPRequest to authenticating device, adjusts with bandwidth on demand.Wherein, EAPRequest is the message format of new definition.The embodiment that Fig. 5 is corresponding initiatively sends EAPRequest message by subscriber equipment, contributes to saving Signalling exchange, System and Network resource.
S501, described subscriber equipment sends EAP request (English name is EAPRequest) to the 802.1X authenticating device in wlan network, and described EAPRequest carries the identify label of the first mark and user.
For example, the 802.1X authenticating device in described wlan network can be RG, can also be BRAS or other authenticating devices.
For example, the Subtype of described EAPRequest message is BODRequest.The identify label of user can be international mobile subscriber identity (English full name is InternationalMobileSubscriberIdentificationNumber, and english abbreviation is IMSI).Described first mark is used for the type of identification request Bandwidth adjustment, such as, improve bandwidth.Described EAPRequest message comprises subtype Subtype and attribute type AttributeType, described Subtype is used for carrying described first mark, described AttributeType at least comprises a TLV field, and described TLV field is for carrying the identify label of described user.
For example, in embodiments of the present invention, define new EAP message format, described EAP message can comprise EAPRequest message, EAPResponse message and EAPSuccess message.The MethodType of described EAP message can be used for the authentication method identifying EAP employing, and can be such as MethodType=100, during specific implementation, the numerical value of MethodType can be other numerical value, does not limit at this.The Subtype of described EAP message for representing the different messages type in the method, such as:
(1) Subtype=1, for representing BODRequest;
(2) Subtype=2, for representing BODResponse;
(3) Subtype=3, for representing EndBODRequest;
(4) Subtype=4, for representing EndBODResponse.
During embodiment of the present invention specific implementation, described Subtype can be utilized to carry identify for first of identification request Bandwidth adjustment type, such as carry first mark value be 1 message be BODRequest message, carry first mark value be 2 message be BODResponse message, carry first mark value be 3 message be EndBODRequest, carry first mark value be 4 message be EndBODResponse message.
The AttributeType of described EAP message can comprise a TLV field, and described TLV field is for carrying the identify label of described user.Certainly, described AttributeType can also comprise multiple TLV field, and one of them TLV field is also used to indicate the type of bandwidth on demand adjustment.Such as:
(1) AttributeType=1, value can be 0, for representing that request improves bandwidth.
(2) AttributeType=2, value can be 0, for representing that request improves bandwidth success.
(3) AttributeType=3, value can be 0, for representing that request stops improving bandwidth.
(4) AttributeType=4, value can be 0, stop improving bandwidth success for representing; As value=1, represent that abnormal end improves bandwidth success.
(5) AttributeType=5, value can be the identify label of user.
See Figure 16, it is a kind of implementation schematic diagram of the EAPRequest message that the embodiment of the present invention provides.Described EAPRequest message can comprise code value (English is Code), identifier (English is Identifier), length (English is Length), type (English is Type), Subtype, retains (English is Reserved), AttributeType, Length, the fields such as value (English is Value).Wherein, Type can value 100, and for identifying the authentication method that EAP adopts, namely Type can be MethodType.
Citing is explained, and improving in the EAPRequest message of bandwidth for asking, MethodType=100, Subtype=1, comprise the TLV of a TLV and AttributeType=1 of an AttributeType=5.Wherein, the value of the TLV of described AttributeType=5 is the identify label of user, such as IMSI.The TLV of described AttributeType=1 is alternatively.
And for example, stopping in the EAPRequest message of raising bandwidth for asking, MethodType=100, Subtype=3, comprise the TLV of a TLV and AttributeType=3 of an AttributeType=5.Wherein, the value of the TLV of described AttributeType=5 is the identify label of user, such as IMSI.The TLV of described AttributeType=1 is alternatively.
During specific implementation, MethodType, Subtype and AttributeType all can be arranged as required.
S502, the 802.1X authenticating device in described wlan network sends remote customer dialing authentication system access request (English name is RadiusAccessRequest) message to described aaa server.
802.1X authenticating device in described wlan network is after the EAPRequest message receiving the transmission of described subscriber equipment, described EAPRequest message is resolved, after being resolved to itself MethodType and Subtype, then according to preset processing logic, encapsulation transition process is carried out to described message.Wherein, the EAPRequest message of encapsulation is carried in described RadiusAccessRequest message, the AttributeType of described RadiusAccessRequest message can comprise a TLV field, and described TLV field is for carrying the described EAPRequest message after encapsulation.
S503, described aaa server sends remote customer dialing authentication system strategy to described BRAS and changes request (English name is RadiusCOARequest) message.
For example, described aaa server receives described RadiusAccessRequest message, determine whether corresponding described user has Bandwidth adjustment authority according to the identify label of the user carried in described RadiusAccessRequest message, if had, then send remote customer dialing authentication system strategy to described BRAS and change request (English name is RadiusCOARequest) message, described RadiusCOARequest message can carry chargeable session mark (English name is AccoutingSessionID) and Bandwidth adjustment strategy.Described chargeable session mark and described second identifies corresponding, and described Bandwidth adjustment strategy is corresponding with the type that the bandwidth on demand that first identifies adjusts.
S504, described BRAS perform the Bandwidth adjustment strategy that described RadiusCOARequest message carries.
For example, described BRAS according to the chargeable session mark of carrying in described RadiusCOARequest message and Bandwidth adjustment strategy, can upgrade in ACL and identifies corresponding list item with chargeable session.
S505, described BRAS send remote customer dialing authentication system strategy to described aaa server and change confirmation (English name is RadiusCOAACK) message.
S506, described aaa server sends remote customer dialing authentication system access to the 802.1X authenticating device in described wlan network and accepts (English name is RadiusAccessAccept) message.
For example, after described aaa server receives described RadiusCOAACK message, send remote customer dialing authentication system access to the 802.1X authenticating device in described wlan network and accept (English name is RadiusAccessAccept) message, described RadiusAccessAccept message carries the EAP message of encapsulation.
For example, described aaa server according to described RadiusCOAACK message, can generate the EAP message in order to response adjustment bandwidth request, is encapsulated in Radius message by the EAP message in order to response adjustment bandwidth request.Described RadiusAccessAccept message carries the result of bandwidth on demand adjustment, such as, adjust successfully.
S507, the 802.1X authenticating device in described wlan network sends EAP response (English name is EAPResponse) message to described subscriber equipment.
For example, described EAPResponse message carries the second mark, and described second mark is used for the result of identification request Bandwidth adjustment.The Subtype of described EAPResponse message can be 2, and namely described EAPResponse message belongs to BODResponse message.
In the embodiment of the present invention, the first mark comprised in the EAPRequest message that described subscriber equipment sends to described authenticating device improves bandwidth for the type identifying Bandwidth adjustment for stopping, then described EAPRequest message belongs to EndBODRequest message.For example, EndBODRequest message comprises: MethodType=100, Subtype=2, the TLV of a TLV and AttributeType=2 of an AttributeType=5.The value of the TLV of described AttributeType=5 is the identify label of user, as IMSI; The TLV of described AttributeType=2 is alternatively.Subtype=2 is for identifying EndBODRequest.802.1X authenticating device in described wlan network is after the EndBODRequest message receiving the transmission of described subscriber equipment, described EndBODRequest message is resolved, after being resolved to itself MethodType and Subtype, then according to preset processing logic, encapsulation transition process is carried out to described message, namely the EndBODResponse message of encapsulation is carried in the described RadiusAccessRequest message that the 802.1X authenticating device in described wlan network obtains, such as the AttributeType of described RadiusAccessRequest message can comprise a TLV field, described TLV field is for carrying the described EndBODResponse message after encapsulation.Described aaa server also the Bandwidth adjustment type corresponding according to described first mark can generate corresponding COA message, to indicate described BRAS to perform corresponding Bandwidth adjustment, such as, stops improving bandwidth.
See Fig. 6, it is the signaling diagram of the method for a kind of bandwidth on demand of the embodiment of the present invention.
In the embodiment that Fig. 6 is corresponding, the 802.1X authenticating device in described aaa server and/or described wlan network can also, when described subscriber equipment occurs abnormal, stop carrying out Bandwidth adjustment to described subscriber equipment.There is abnormal can comprising in described subscriber equipment: described subscriber equipment is online, shutdown, not have response, subscriber equipment SIM or USIM not in a device etc.In a kind of possible implementation, whether the 802.1X authenticating device in described aaa server and/or described wlan network, by carrying out certification to described subscriber equipment, responds according to described subscriber equipment and response message determines whether to stop carrying out Bandwidth adjustment to described subscriber equipment.This embodiment is applicable to the scene using easily extensible identity authentication protocol-certifiede-mail protocol (English full name is ExtensibleAuthenticationProtocol-AuthenticationandKeyAgr eement, and english abbreviation is EAP-AKA) certification.Certainly, can also be other authentication modes.
S601, described aaa server sends remote customer dialing authentication system access challenge (English name is RadiusAccessChallenge) message to the 802.1X authenticating device in described wlan network.
Described RadiusAccessChallenge message comprises for the random number in the authentication vector of authentication algorithm.During specific implementation, in the USIM of subscriber equipment and HLR or HSS of network side, maintain a shared key.Described HLR or HSS can search out according to IMSI the key shared with USIM, and produces multiple random number.Then utilize each random number to calculate according to certain algorithm and organize authentication vector more, described authentication vector is also referred to as five-tuple.By RAND, Expected Response, (English name is expectedresponse to one group of authentication vector, english abbreviation is XRES), (English name is cipherkey to encryption key, english abbreviation is CK), integrity check key (English full name is integritykey, and english abbreviation is IK) and AUTN composition.Described AUTN is connected to form by the counter be hidden, AMF and message authentication code MAC.Described aaa server can choose wherein one group of Ciphering Key, RAND and AUTN is sent to subscriber equipment.
S602, the 802.1X authenticating device in described wlan network sends EAP request (English name is EAPRequest) message to described subscriber equipment.
For example, described EAPRequest message comprises the random number in described authentication vector, the subtype of described EAPRequest message is certifiede-mail protocol challenge (English is AKA-Challenge), and described EAPRequest message is used for carrying out certifiede-mail protocol.
For example, described subscriber equipment receives described EAPRequest message, recovers counter according to the authentication token AUTN in the authentication vector that described message comprises.And then carry out authentication values XMAC, the response RES to random number, the encryption key CK that identifying algorithm calculates expectation, integrity check key IK according to the random number received and for the shared key of the identify label of described user.USIM compares MAC and XMAC two values, if identical, USIM verifies the SQN that receives whether in correct scope, if USIM thinks that SQN is in correct scope, then the authentication algorithm result calculated is sent to aaa server, described authentication algorithm result can be the response RES of described random number, the XRES preserved by the more described RES of aaa server and described server, if identical, then complete the certification to subscriber equipment.
S603, described subscriber equipment sends EAP response (English name is EAPResponse) message to the 802.1X authenticating device in described wlan network.
For example, described EAPResponse message comprises described authentication algorithm result, the subtype of described EAPResponse message is certifiede-mail protocol challenge (English is AKA-Challenge), and described EAPResponse message is used for carrying out response authentication and key negotiation request.
S604, the 802.1X authenticating device in described wlan network sends RadiusAccessRequest message to described aaa server, and described RadiusAccessRequest message comprises described authentication algorithm result.
S605, described aaa server carries out certification to described authentication algorithm result, when authentification failure or described subscriber equipment continue without response, performs S606.
For example, under the sight that subscriber equipment continues without response, described method can not perform S603 and S604.
S606, described aaa server sends remote customer dialing authentication system strategy to described BRAS and changes request (English name is RadiusCOARequest) message, and described message carries the identify label of Bandwidth adjustment strategy and described user.
For example, described Bandwidth adjustment strategy is stop the user corresponding to the identify label of described user to carry out Bandwidth adjustment.
S607, described BRAS perform the Bandwidth adjustment strategy that described RadiusCOARequest message carries.
S608, described BRAS send remote customer dialing authentication system strategy to described aaa server and change confirmation (English name is RadiusCOAACK) message.
S609, described aaa server sends remote customer dialing authentication system access refusal (English name is RadiusAccessReject) message to the 802.1X authenticating device in described wlan network.
For example, described RadiusAccessReject message carries the result of bandwidth on demand adjustment, such as, stop improving bandwidth success.
S610, the 802.1X authenticating device in described wlan network sends EAP failure (English name is EAPFailure) message to described subscriber equipment.
For example, described EAPFailure message carries the 3rd mark, and described 3rd mark is used to indicate described subscriber equipment, has stopped the user corresponding to the identify label of described user and has carried out Bandwidth adjustment.Described EAPFailure message can also carry the identify label of user.Wherein, the 3rd mark of described EAPFailure message is carried in the TLV field of described message.
The method of carrying out bandwidth on-demand distribution below in conjunction with the EAP message of Fig. 7-Fig. 8 to expansion is introduced.In this implementation, use the method for SIM card being carried out to AKA certification, such as, adopt EAP-AKA certification, Type=23.The EAP message of described expansion can comprise Subtype and AttributeType, such as, can comprise:
(1) AttributeType=201, value can be 0, for representing that request improves bandwidth.
(2) AttributeType=202, value can be 0, for representing that request improves bandwidth success.
(3) AttributeType=203, value can be 0, for representing that request stops improving bandwidth.
(4) AttributeType=204, value can be 0, stop improving bandwidth success for representing; As value=1, represent that abnormal end improves bandwidth success.
See Fig. 7, it is the signaling diagram of the method for a kind of bandwidth on demand of the embodiment of the present invention.In the embodiment that Fig. 7 is corresponding, subscriber equipment after the authentication has been successful, can initiate bandwidth adjustment request.
S701, described subscriber equipment sends EAP initialization request (English name is EAPOL-Start) to the 802.1X authenticating device in wlan network.
Described subscriber equipment is after the certification passing through network side, such as, after the 802.1X authenticating device received in described wlan network sends EAP success (English name is EAPSuccess) message to described subscriber equipment, namely perform step S701.
S702, the 802.1X authenticating device in described wlan network sends EAP request (English name is EAPRequest) message, for asking the identify label of user to described subscriber equipment.
S703, described subscriber equipment sends EAP response (English name is EAPResponse) message to the 802.1X authenticating device in described wlan network, carries the identify label of the first mark and user.
In this implementation, be comprise TLV field at the AttributeType of described EAPResponse message, one of them TLV field is used for carrying described first mark, one of them TLV field for carrying the identify label of described user, such as IMSI.
S704, the 802.1X authenticating device in described wlan network sends remote customer dialing authentication system access request (English name is RadiusAccessRequest) message to described aaa server.
For example, described RadiusAccessRequest message carries the EAP message of encapsulation, comprises the identify label of the first mark and user.
S705, described aaa server sends remote customer dialing authentication system strategy to described BRAS and changes request (English name is RadiusCOARequest) message.
For example, described aaa server receives described RadiusAccessRequest message, determine whether corresponding described user has Bandwidth adjustment authority according to the identify label of the user carried in described RadiusAccessRequest message, if had, then send RadiusCOARequest message to described BRAS, described RadiusCOARequest message carries the identify label of Bandwidth adjustment strategy and described user.The identify label of described user can be AccoutingSessionID.Described Bandwidth adjustment strategy is corresponding with the type that the bandwidth on demand that first identifies adjusts.
S706, described BRAS perform the Bandwidth adjustment strategy that described RadiusCOARequest message carries.
S707, described BRAS send remote customer dialing authentication system strategy to described aaa server and change confirmation (English name is RadiusCOAACK) message.
S708, described aaa server sends remote customer dialing authentication system access to the 802.1X authenticating device in described wlan network and accepts (English name is RadiusAccessAccept) message.
Wherein, described RadiusAccessAccept message carries the result of bandwidth on demand adjustment, such as, adjust successfully.
S709, the 802.1X authenticating device in described wlan network sends EAPSuccess message to described subscriber equipment.
Wherein, described EAPSuccess message carries the second mark, and described second mark is used for the result of identification request Bandwidth adjustment, such as, adjust successfully.
See Fig. 8, it is the signaling diagram of the method for a kind of bandwidth on demand of the embodiment of the present invention.The embodiment corresponding from Fig. 8 different time, in the embodiment that Fig. 8 is corresponding, subscriber equipment in verification process bandwidth on demand adjustment.
S801, subscriber equipment sends EAP initialization request (English name is EAPOL-Start) to the 802.1X authenticating device in wlan network.
S802, the 802.1X authenticating device in described wlan network sends the first EAP request (English name is EAPRequest) message to described subscriber equipment.
For example, an EAPRequest) message is for asking the identify label of user.
S803, described subscriber equipment sends first EAP response (English name is EAPResponse) message to the 802.1X authenticating device in described wlan network.
For example, an EAPResponse message carries the identify label of the first mark and user.
In this implementation, be comprise TLV field at the AttributeType of a described EAPResponse message, one of them TLV field is used for carrying described first mark, and one of them TLV field is for carrying the identify label of described user.
S804, the 802.1X authenticating device in described wlan network sends the first remote customer dialing authentication system access request (English name is RadiusAccessRequest) message to described aaa server.
For example, a described RadiusAccessRequest message carries the EAP message of encapsulation, comprises the identify label of the first mark and user.
S805, described aaa server sends remote customer dialing authentication system access challenge (English name is RadiusAccessChallenge) message to the 802.1X authenticating device in described wlan network.
For example, described RadiusAccessChallenge comprises the random number in described authentication vector.
S806, the 802.1X authenticating device in described wlan network sends the second EAP request (English name is EAPRequest) message to described subscriber equipment.
For example, described 2nd EAPRequest message comprises the random number in described authentication vector.
S807, described subscriber equipment sends second EAP response (English name is EAPResponse) message to the 802.1X authenticating device in described wlan network.
For example, described 2nd EAPResponse message comprises described authentication algorithm result.
S808, the 802.1X authenticating device in described wlan network sends the second remote customer dialing authentication system access request to described aaa server, and (English name is RadiusAccessRequest message.
For example, described 2nd RadiusAccessRequest message comprises described authentication algorithm result.
S809, described aaa server sends remote customer dialing authentication system strategy to described BRAS and changes request (English name is RadiusCOARequest) message.
The described authentication algorithm result that described aaa server comprises according to described 2nd RadiusAccessRequest message, when determining that certification is passed through, identify label according to the user carried in the described RadiusAccessRequest message received determines whether corresponding described user has Bandwidth adjustment authority, if had, then send remote customer dialing authentication system strategy to described BRAS and change request (English name is RadiusCOARequest) message, described message carries the identify label of Bandwidth adjustment strategy and described user.At this moment, the identify label of described user can be AccoutingsessionID.Described Bandwidth adjustment strategy is corresponding with the type that the bandwidth on demand that first identifies adjusts.
S810, described BRAS perform the Bandwidth adjustment strategy that described RadiusCOARequest message carries.
S811, described BRAS send remote customer dialing authentication system strategy to described aaa server and change confirmation (English name is RadiusCOAACK) message.
S812, described aaa server sends remote customer dialing authentication system access to the 802.1X authenticating device in described wlan network and accepts (English name is RadiusAccessAccept) message.
Wherein, described RadiusAccessAccept message carries the result of bandwidth on demand adjustment, such as, adjust successfully.
S813, the 802.1X authenticating device in described wlan network sends EAP success (English name is EAPSuccess) message to described subscriber equipment.
Wherein, described EAPSuccess message carries the second mark, and described second mark is used for the result of identification request Bandwidth adjustment, such as, adjust successfully.
Above composition graphs 4-Fig. 8 has carried out introducing in detail to the method that the embodiment of the present invention uses EAP message to adjust bandwidth as required.The method adjusting bandwidth as required that the embodiment of the present invention provides also can be applied in other application scenarioss.Such as, the equipment of described request Bandwidth adjustment is RG, and described RG has SIM or USIM module, and such as RG supports sim card slot, also can be that RG supports USB interface and has corresponding driving, for driving USB flash disk SIM.Described RG can initiate certification access network based on SIM card, also can be RG trigger request Bandwidth adjustment after insertion USB flash disk SIM of access network.Described RG and BRAS communication connection, described BRAS and aaa server communicate to connect.Aaa server can be Same Physical equipment with strategic server, also can be different physical equipments.Described aaa server can also (English full name be HomeSubscriberServer with home location server, english abbreviation is HSS) communication connection, or, described aaa server can communicate to connect with attaching position register (English full name is HomeLocationRegister, and english abbreviation is HLR).Wherein, described HSS or HLR is for generating authentication vector, and described authentication vector is for carrying out the certifiede-mail protocol of network equipment and subscriber equipment, and described network equipment can be specifically aaa server.
Subscriber equipment in the embodiment that Fig. 5-Fig. 8 is corresponding all can replace with RG, and at this moment, the 802.1X equipment in the wlan network shown in Fig. 5-Fig. 8 can replace with the 802.1X authenticating device in fixed network, also can realize the method adjusting bandwidth as required.Wherein, the 802.1X authenticating device in described fixed network can be BRAS, DSLAM or other AC equipment etc.Its specific implementation flow process embodiment corresponding with Fig. 5-Fig. 8 is similar.
More than introduce in conjunction with the method for EAP verification process to the bandwidth on demand that the embodiment of the present invention provides.The method that the embodiment of the present invention provides also can have other application scenarioss, such as the first equipment is the equipment of bandwidth on demand adjustment, receive the equipment of the request message of the first equipment except authenticating device, it can also be HTML (Hypertext Markup Language) (English full name is HypertextTransferProtocol, and english abbreviation is HTTP) server.Be HTTP request at the first equipment of bandwidth on demand adjustment to the message that described http server sends, carry the identify label of the first mark and user corresponding to described first equipment in described HTTP request, described first mark is used for the type of identification request Bandwidth adjustment.Below in conjunction with Fig. 9, shown method is introduced.Wherein, the first equipment is specially subscriber equipment, certainly, the subscriber equipment in Fig. 9 is replaced with RG and also can realize the method that the embodiment of the present invention provides.
See a kind of method signaling diagram adjusting bandwidth as required that Fig. 9, Fig. 9 provide for the embodiment of the present invention.
After described subscriber equipment is by the certification of authenticating device, the method shown in Fig. 9 can be performed.Described subscriber equipment is by accessed network after the certification of authenticating device, and physical link has bandwidth more than needed to perform Bandwidth adjustment.Be that the subscriber equipment with SIM is described the verification process of described subscriber equipment based on SIM for the first equipment below.After subscriber equipment passes through the certification of RG, access network.The subscriber equipment with respective drive initiates to connect according to the http server of the information in SIM card to operator deployment, carries out the two-way authentication of the HTTP digest authentication (English name is HTTPDigestAKA) based on certifiede-mail protocol agreement.If described subscriber equipment is by certification, http server determines the aaa server corresponding with it by the IP address of user, the strategy that this user of notice aaa server is corresponding, issues BRAS perform described strategy by AAA.
S901, described subscriber equipment sends HTTP request to http server, and described HTTP request comprises the identify label of the first mark and user.
Wherein, described subscriber equipment is the equipment of bandwidth on demand adjustment, and described first mark is used for the type of identification request Bandwidth adjustment, and the identify label of described user is for identifying user corresponding to described subscriber equipment.
S902, described http server sends Simple Object Access Protocol (English full name SimpleObjectAccessProtocol, English abbreviation SOAP) request message to described aaa server.
Described http server, after the HTTP request receiving the transmission of described subscriber equipment, is resolved described HTTP request, after the identify label being resolved to the first mark and user, is then processed described request according to preset processing logic.Wherein, described SOAP request message comprises the identify label of the first mark and described user.
S903, described aaa server receives described SOAP request message, determine whether corresponding described user has Bandwidth adjustment authority according to the identify label of the user carried in described SOAP request message, if had, then send RadiusCOARequest message to described BRAS, described message carries the identify label of Bandwidth adjustment strategy and described user.Described Bandwidth adjustment strategy is corresponding with the type that the bandwidth on demand that first identifies adjusts.
S904, described BRAS perform the Bandwidth adjustment strategy that described RadiusCOARequest message carries.
S905, described BRAS send RadiusCOAACK message to described aaa server.
S906, described aaa server sends SOAP response message to described http server.Wherein, described SOAP response message carries the result of bandwidth on demand adjustment, such as, adjust successfully.
S907, described http server sends http response to described subscriber equipment, and described http response carries the second mark, and described second mark is used for the result of identification request Bandwidth adjustment.
For example, the type of the bandwidth on demand adjustment of the described mark of the first mark in described HTTP request can comprise improve bandwidth, stop improving bandwidth, reduce bandwidth, stop reducing in bandwidth one or more.
In the above-described embodiments, described http server can also as the equipment described subscriber equipment being carried out to 802.1X certification, after certification is passed through, to be sent request adjust with bandwidth on demand by subscriber equipment to described http server.Certainly, also certification can be carried out by other equipment to subscriber equipment, the HTTP request of bandwidth on demand adjustment is only received by http server, at this moment, aaa server needs after the request of mark receiving identify label and the Bandwidth adjustment type of carrying user, whether certification is passed through, if certification is by just confirming whether described user has Bandwidth adjustment authority further to need to determine user corresponding to the identify label of described user.Certainly, also by http server after the HTTP request receiving described request Bandwidth adjustment, can determine that whether described user is by certification, if described user is by certification, http server sends respective request to described aaa server.Aaa server shown in Fig. 9 also can be strategic server.
In this implementation, the application scenarios such as stopping improving bandwidth can realize with reference to method shown in previous embodiment, only need replace corresponding executive agent, not repeat them here.
See Figure 10, be the one first equipment schematic diagram that the embodiment of the present invention provides, described first equipment may be used for the method realizing Fig. 1-Fig. 3, the bandwidth on demand shown in Fig. 5-Fig. 9.Described first equipment 1000 can be the first equipment in the embodiment that Fig. 1 and Fig. 2 is corresponding, also can be the second equipment in the embodiment that Fig. 3 is corresponding, it can be the 802.1X authenticating device in the wlan network in the embodiment that Fig. 5-Fig. 8 is corresponding, also can be the 802.1X authenticating device in fixed network, can also be the http server in the embodiment that Fig. 9 is corresponding.
The first equipment 1000 shown in Figure 10 comprises:
First receiving element 1001, for receiving the first message comprising bandwidth adjustment request that the second equipment sends, described second equipment is the equipment of bandwidth on demand adjustment, described first message comprises the first mark and the second mark, described first mark is used for the type of identification request Bandwidth adjustment, and described second mark is for identifying user corresponding to described second equipment.
First obtains unit 1002, when described first message for receiving at described receiving element comprises described first mark, obtains the second message according to described first message, and described second message comprises described first mark and described second mark;
First transmitting element 1003, for sending described second message that described acquisition unit obtains to server, described server is used for responsive bandwidth adjustment request.
Wherein, described first message is EAP request EAPRequest message, described EAPRequest message comprise subtype Subtype and attribute type AttributeType, described Subtype is used for carrying described first mark, and described Attributetype carries described second mark.
Wherein, described first message is EAP response EAPResponse message, the attribute type AttributeType of described EAPResponse message comprises the first kind, length and value TLV field and the 2nd TLV field, a described TLV field is used for carrying described first mark, and described 2nd TLV field is used for carrying described second mark.
Wherein, described second message is remote customer dialing authentication system protocol RADIUS message, and the AttributeType of described RADIUS message comprises a TLV field, and described TLV field is for carrying described first message after encapsulation.
See one first equipment 1100 schematic diagram that Figure 11, Figure 11 provide for the embodiment of the present invention.Described first equipment 1100 may be used for the method realizing Fig. 1-Fig. 3, the bandwidth on demand shown in Fig. 5-Fig. 9.Described first equipment 1100 can be the first equipment in the embodiment that Fig. 1 and Fig. 2 is corresponding, also can be the second equipment in the embodiment that Fig. 3 is corresponding, it can be the 802.1X authenticating device in the wlan network in the embodiment that Fig. 5-Fig. 8 is corresponding, also can be the 802.1X authenticating device in fixed network, can also be the http server in the embodiment that Fig. 9 is corresponding.
This first equipment 1100 can comprise processor 1101, network interface 1102, memory 1103, and communication bus 1104, and described communication bus is used for realizing processor 1101, network interface 1102, the connection communication between memory 1103.This processor 1101 can be CPU, memory 1103 may comprise high-speed random access memory, and (English full name is RandomAccessMemory, english abbreviation is RAM), also non-volatile memory (English name is non-volatilememory) may also be comprised, such as at least one magnetic disc store.Described memory 1103 is for storing batch processing instruction, and described processor 1101 performs corresponding operating for the program command calling the storage of described memory 1103.
Wherein, described processor 1101 call program command in described memory 1103 for:
Receive the first message that the second equipment sends, described second equipment is the equipment of bandwidth on demand adjustment, described first message comprises the first mark and the second mark, the type of described first mark for identifying described request Bandwidth adjustment, described second mark is for identifying user corresponding to described second equipment;
When described first message comprises described first mark, obtain the second message according to described first message, described second message comprises described first mark and described second mark;
Send described second message to server, described server is for responding described bandwidth adjustment request.
Wherein, described first message is EAP response EAPResponse message, the attribute type AttributeType of described EAPResponse message comprises the first kind, length and value TLV field and the 2nd TLV field, a described TLV field is used for carrying described first mark, and described 2nd TLV field is used for carrying described second mark.
Wherein, described first message is EAP request EAPRequest message, described EAPRequest message comprises subtype Subtype and attribute type AttributeType, described Subtype is used for carrying described first mark, and described AttributeType carries described second mark.
Wherein, described second message is remote customer dialing authentication system protocol RADIUS message, and the AttributeType of described RADIUS message at least comprises a TLV field, and described TLV field is for carrying described first message after encapsulation.
The first equipment that the embodiment of the present invention shown in Figure 10 and Figure 11 provides, what the second equipment receiving bandwidth on demand adjustment sent comprises the first mark and the second the first message identified, the type of described first mark for identifying described request Bandwidth adjustment, described second mark is for identifying user corresponding to described second equipment; Described first equipment obtains the second message comprising described first mark and described second mark according to described first message, sending described second message to server, when confirming that described user has Bandwidth adjustment authority, the bandwidth of described user being adjusted to make described server.
See a kind of server schematic diagram that Figure 12, Figure 12 provide for the embodiment of the present invention.Described server may be used for the method realizing Fig. 1-Fig. 3, the bandwidth on demand shown in Fig. 5-Fig. 9.Described server can be have the aaa server that strategy changes function, can also be strategic server.The first equipment in the embodiment that Figure 12 is corresponding be can with the equipment of server and the second devices communicating, the second equipment is the equipment of bandwidth on demand adjustment.
Described server 1200 comprises:
First receiving element 1201, for receiving the first message that the first equipment sends, described first message comprises the first mark and the second mark, described first mark is used for the type of identification request Bandwidth adjustment, described second mark is for identifying user corresponding to the second equipment, and described second equipment is the equipment of bandwidth on demand adjustment;
According to described second mark, determining unit 1202, for judging whether described user has the authority of Bandwidth adjustment;
First obtains unit 1203, for when determining that described user has the authority of Bandwidth adjustment, according to described first mark, obtain a COA message, a described COA message comprises described second mark, and a described COA message is used to indicate BAS Broadband Access Server BRAS execution and identifies corresponding Bandwidth adjustment with described first;
First transmitting element 1204, for sending a described COA message to described BRAS.
Wherein, described server also comprises:
Second transmitting element, for sending the second message to described first equipment, described second message comprises the random number in authentication vector;
3rd transmitting element, for working as the response message corresponding with described second message determining not receive described second equipment transmission, or during according to the response message determination authentification failure that described second message is corresponding, the 2nd COA message is sent to described BRAS, described 2nd COA message comprises described second mark, is used to indicate described BRAS and stops execution identifying corresponding Bandwidth adjustment with described first.
See a kind of server schematic diagram that Figure 13, Figure 13 provide for the embodiment of the present invention.Described server 1300 may be used for the method realizing Fig. 1-Fig. 3, the bandwidth on demand shown in Fig. 5-Fig. 9.Described server 1300 can be have the aaa server that strategy changes function, can also be strategic server.The first equipment in the embodiment that Figure 13 is corresponding be can with the equipment of server and the second devices communicating, the second equipment is the equipment of bandwidth on demand adjustment.
This server 1300 can comprise processor 1301, network interface 1302, memory 1303, and communication bus 1304, and described communication bus is used for realizing processor 1301, network interface 1302, the connection communication between memory 1303.This processor 1301 can be CPU, and memory 1303 may comprise RAM, still may comprise non-volatilememory, such as at least one magnetic disc store.Described memory 1303 is for storing batch processing instruction, and described processor 1301 performs corresponding operating for the program command calling the storage of described memory 1303.
Wherein, described processor 1301 call program command in described memory 1303 for:
Receive the first message that the first equipment sends, described first message comprises the first mark and the second mark, described first mark is used for the type of identification request Bandwidth adjustment, and described second mark is for identifying user corresponding to the second equipment, and described second equipment is the equipment of bandwidth on demand adjustment;
Judge whether described user has the authority of Bandwidth adjustment according to described second mark;
When determining that described user has the authority of Bandwidth adjustment, according to described first mark, obtain a COA message, a described COA message comprises described second mark, and a described COA message is used to indicate BAS Broadband Access Server BRAS execution and identifies corresponding Bandwidth adjustment with described first;
A described COA message is sent to described BRAS.
Wherein, described processor 1301 call program command in described memory 1303 also for:
Send the second message to described second equipment, described second message comprises the random number in authentication vector;
When determining the response message corresponding with described second message not receiving described second equipment transmission, or during according to the response message determination authentification failure that described second message is corresponding, the 2nd COA message is sent to described BRAS, described 2nd COA message comprises described second mark, and described 2nd COA message is used to indicate described BRAS and stops execution identifying corresponding Bandwidth adjustment with described first.
The server that the embodiment of the present invention shown in Figure 12 and Figure 13 provides, whether the user that the second mark is corresponding according to the second identity validation in the first message that the equipment received sends has Bandwidth adjustment authority, when determining that described user has Bandwidth adjustment authority, according to the type of the bandwidth on demand adjustment that first in described first message identifies, the bandwidth of described user is adjusted.
See Figure 14, it is the equipment schematic diagram of a kind of bandwidth on demand adjustment that the embodiment of the present invention provides.Can to be the second equipment in the embodiment that the first equipment 1400, Figure 14 is corresponding be can carry out with the first equipment 1400 and server the equipment that communicates for the equipment of described request Bandwidth adjustment.Described first equipment 1400 may be used for the method realizing Fig. 1-Fig. 3, the bandwidth on demand shown in Fig. 5-Fig. 9.Described first equipment 1400 can be the second equipment in the embodiment that Fig. 1 and Fig. 2 is corresponding, also can be the first equipment in the embodiment that Fig. 3 is corresponding, can be the subscriber equipment in the embodiment that Fig. 5-Fig. 8 is corresponding, also can RG equipment, can also be the first equipment in the embodiment that Fig. 9 is corresponding.
First equipment 1400 of described request Bandwidth adjustment comprises:
Obtain unit 1401, for obtaining the first message, described first message comprises the first mark and second mark of described first equipment, and the type of described first mark for identifying described request Bandwidth adjustment, described second mark is for identifying user corresponding to described first equipment.
First transmitting element 1402, for sending described first message to the second equipment.
In one embodiment, described first equipment 1400 also comprises:
First receiving element, for receiving the EAP request EAPRequest message that described second equipment sends;
Described acquisition unit specifically for:
After described first receiving element receives described EAPRequest message, obtain EAP response EAPResponse message, described EAPResponse message comprises described first mark and described second mark.
In one embodiment, described first equipment 1400 also comprises:
Second receiving element, for receiving the second message that described second equipment sends, described second message is used to indicate the certification of described first equipment by described second equipment.
In one embodiment, described first equipment 1400 also comprises:
3rd receiving element, for receiving the 3rd message from server, described 3rd message comprises the random number in authentication vector;
Computing unit, for for identifying corresponding shared key according to the random number in described authentication vector and with described second, access authentication operation result,
Second transmitting element, for sending the 4th message to described second equipment, described 4th message comprises described authentication algorithm result.
In one embodiment, the type of described request Bandwidth adjustment comprises raising bandwidth, stops improving bandwidth, reduces bandwidth or stop reduction bandwidth.
See Figure 15, it is the equipment schematic diagram of a kind of bandwidth on demand adjustment that the embodiment of the present invention provides.The equipment of this bandwidth on demand adjustment can be the second equipment in the embodiment that the first equipment 1500, Figure 15 is corresponding can be can with the equipment of the first equipment 1500 and server communication.
First equipment 1500 can comprise processor 1501, network interface 1502, memory 1503, and communication bus 1504, and described communication bus is used for realizing processor 1501, network interface 1502, the connection communication between memory 1503.This processor 1501 can be CPU, and memory 1503 may comprise RAM, still may comprise non-volatilememory, such as at least one magnetic disc store.Described memory 1503 is for storing batch processing instruction, and described processor 1501 performs corresponding operating for the program command calling the storage of described memory 1503.
Wherein, described processor 1501 call program command in described memory 1503 for:
Obtain the first message, described first message comprises the first mark and the second mark, and described first mark is used for the type of identification request Bandwidth adjustment, and described second mark is for identifying user corresponding to described first equipment;
Described first message is sent to the second equipment.
Wherein, described processor 1501 call program command in described memory 1503 also for:
Receive the EAP request EAPRequest message that described second equipment sends;
Then obtain the first message to comprise: after receiving described EAPRequest message, obtain EAP response EAPResponse message, described EAPResponse message comprises described first mark and described second mark.
Wherein, described processor 1501 call program command in described memory 1503 also for:
Receive the second message that described second equipment sends, described second message is used to indicate the certification of described first equipment by described second equipment.
Wherein, described processor 1501 call program command in described memory 1503 also for:
Receive the 3rd message from server, described 3rd message comprises the random number in authentication vector, and described server is the equipment described first equipment being carried out to certification;
Corresponding shared key is identified, access authentication operation result according to the random number in described authentication vector and with described second;
Send the 4th message to described server, described 4th message comprises described authentication algorithm result.
Wherein, the type of described request Bandwidth adjustment comprises one or more in raising bandwidth, termination raising bandwidth, the bandwidth that reduces, termination reduction bandwidth.
The bandwidth on demand equipment that the embodiment of the present invention shown in Figure 14 and Figure 15 provides, when needs carry out Bandwidth adjustment, obtain the first message comprising the first mark and the second mark, the type of described first mark for identifying described request Bandwidth adjustment, described second mark is for identifying user corresponding to described first equipment; Described first equipment sends described first message to the second equipment, the second message is obtained according to described first message to make described second equipment, and send described second message to server, the bandwidth of described user is adjusted when confirming that the user of described second mark correspondence has Bandwidth adjustment authority by described server.
The scheme that the embodiment of the present invention provides can describe in the general context of computer executable instructions, such as program unit.Usually, program unit comprises the routine, program, object, assembly, data structure etc. that perform particular task or realize particular abstract data type.Also can put into practice the scheme that the embodiment of the present invention provides in a distributed computing environment, in these distributed computing environment (DCE), be executed the task by the remote processing devices be connected by communication network.In a distributed computing environment, program unit can be arranged in the local and remote computer-readable storage medium comprising memory device.
Each embodiment in this specification all adopts the mode of going forward one by one to describe, between each embodiment identical similar part mutually see, what each embodiment stressed is the difference with other embodiment.Especially, for device embodiment, because it is substantially similar to embodiment of the method, so describe fairly simple, relevant part illustrates see the part of embodiment of the method.Device embodiment described above is only schematic, the wherein said unit illustrated as separating component or can may not be and physically separates, parts as unit display can be or may not be physical location, namely can be positioned at a place, or also can be distributed in multiple network element.Some or all of module wherein can be selected according to the actual needs to realize the object of the present embodiment scheme.Those of ordinary skill in the art, when not paying creative work, are namely appreciated that and implement.
Being described in detail the embodiment of the present invention above, applying embodiment herein to invention has been elaboration, the explanation of above embodiment just understands method and apparatus of the present invention for helping; Meanwhile, for one of ordinary skill in the art, according to thought of the present invention, all will change in specific embodiments and applications, in sum, this description should not be construed as limitation of the present invention.

Claims (20)

1. a method for bandwidth on demand, is characterized in that, described method comprises:
First equipment receives the first message comprising bandwidth adjustment request that the second equipment sends, described second equipment is the equipment of bandwidth on demand adjustment, described first message comprises the first mark and the second mark, described first mark is used for the type of identification request Bandwidth adjustment, and described second mark is for identifying user corresponding to described second equipment;
Described first equipment, when described first message comprises described first mark, obtains the second message according to described first message, and described second message comprises described first mark and described second mark;
Described first device-to-server sends described second message, and described server is for responding described bandwidth adjustment request.
2. method according to claim 1, it is characterized in that, described first message is EAP request EAPRequest message, described EAPRequest message comprises subtype Subtype and attribute type AttributeType, described Subtype is used for carrying described first mark, and described AttributeType is used for carrying described second mark.
3. method according to claim 1, is characterized in that, described first message is EAP response EAPResponse message, and the AttributeType of described EAPResponse message is used for carrying described first mark and described second mark.
4. the method according to claims 1 to 3 any one, is characterized in that, described second message is remote customer dialing authentication system protocol RADIUS message, and the AttributeType of described RADIUS message is used for carrying described first message.
5. a method for bandwidth on demand, is characterized in that, described method comprises:
Server receives the first message that the first equipment sends, described first message comprises the first mark and the second mark, described first mark is used for the type of identification request Bandwidth adjustment, described second mark is for identifying user corresponding to the second equipment, and described second equipment is the equipment of bandwidth on demand adjustment;
According to described second mark, described server judges whether described user has the authority of Bandwidth adjustment;
When described server determines that described user has the authority of Bandwidth adjustment, described server is according to described first mark, obtain the first strategy and change COA message, a described COA message comprises described second mark, and a described COA message is used to indicate BAS Broadband Access Server BRAS execution and identifies corresponding Bandwidth adjustment with described first;
Described server sends a described COA message to described BRAS.
6. method according to claim 5, is characterized in that, described method also comprises:
Described server sends the second message to described second equipment, and described second message comprises the random number in authentication vector;
When described server determines the response message corresponding with described second message not receiving described second equipment transmission, or when described server is according to the response message determination authentification failure that described second message is corresponding, the 2nd COA message is sent to described BRAS, described 2nd COA message comprises described second mark, and described 2nd COA message is used to indicate described BRAS and stops execution identifying corresponding Bandwidth adjustment with described first.
7. a method for bandwidth on demand, is characterized in that, described method comprises:
First equipment obtains the first message, described first equipment is the equipment of bandwidth on demand adjustment, described first message comprises the first mark and the second mark, and described first mark is used for the type of identification request Bandwidth adjustment, and described second mark is for identifying user corresponding to described first equipment;
Described first equipment sends described first message to the second equipment.
8. method according to claim 7, is characterized in that, before described first equipment obtains the first message, described method also comprises:
Described first equipment receives the EAP request EAPRequest message that described second equipment sends;
Described first equipment obtains the first message and comprises:
After described first equipment receives described EAPRequest message, obtain EAP response EAPResponse message, described EAPResponse message comprises described first mark and described second mark.
9. method according to claim 7, is characterized in that, before described first equipment obtains the first message, described method also comprises:
Described first equipment receives the second message that described second equipment sends, and described second message is used to indicate the certification of described first equipment by described second equipment.
10. the method according to claim 7 to 9 any one, is characterized in that, described method also comprises:
Described first equipment receives the 3rd message from server, and described server is for responding described bandwidth adjustment request, and described 3rd message comprises the random number in authentication vector;
Described first equipment identifies corresponding shared key according to the random number in described authentication vector and with described second, access authentication operation result;
Described first equipment sends the 4th message to described server, and described 4th message comprises described authentication algorithm result.
11. a kind of first equipment, is characterized in that, described first equipment comprises:
First receiving element, for receiving the first message comprising bandwidth adjustment request that the second equipment sends, described second equipment is the equipment of bandwidth on demand adjustment, described first message comprises the first mark and the second mark, described first mark is used for the type of identification request Bandwidth adjustment, and described second mark is for identifying user corresponding to described second equipment;
First obtains unit, when described first message for receiving at described receiving element comprises described first mark, obtains the second message according to described first message, and described second message comprises described first mark and described second mark;
First transmitting element, for sending described second message that described acquisition unit obtains to server, described server is used for responsive bandwidth adjustment request.
12. first equipment according to claim 11, it is characterized in that, described first message is EAP request EAPRequest message, described EAPRequest message comprises subtype Subtype and attribute type AttributeType, described Subtype is used for carrying described first mark, and described Attributetype carries described second mark.
13. first equipment according to claim 11, it is characterized in that, described first message is EAP response EAPResponse message, and the AttributeType of described EAPResponse message is used for carrying described first mark and described second mark.
14., according to claim 11 to the first equipment described in 13 any one, is characterized in that, described second message is remote customer dialing authentication system protocol RADIUS message, and the AttributeType of described RADIUS message is used for carrying described first message.
15. 1 kinds of servers, is characterized in that, described server comprises:
First receiving element, for receiving the first message that the first equipment sends, described first message comprises the first mark and the second mark, described first mark is used for the type of identification request Bandwidth adjustment, described second mark is for identifying user corresponding to the second equipment, and described second equipment is the equipment of bandwidth on demand adjustment;
According to described second mark, determining unit, for judging whether described user has the authority of Bandwidth adjustment;
First obtains unit, for when determining that described user has the authority of Bandwidth adjustment, according to described first mark, obtain the first strategy and change COA message, a described COA message comprises described second mark, and a described COA message is used to indicate BAS Broadband Access Server BRAS execution and identifies corresponding Bandwidth adjustment with described first;
First transmitting element, for sending a described COA message to described BRAS.
16. servers according to claim 15, is characterized in that, described server also comprises:
Second transmitting element, for sending the second message to described second equipment, described second message comprises the random number in authentication vector;
3rd transmitting element, for working as the response message corresponding with described second message determining not receive described second equipment transmission, or during according to the response message determination authentification failure that described second message is corresponding, the 2nd COA message is sent to described BRAS, described 2nd COA message comprises described second mark, and described 2nd COA is used to indicate described BRAS and stops execution identifying corresponding Bandwidth adjustment with described first.
The equipment of 17. 1 kinds of bandwidth on demand adjustment, it is characterized in that, the equipment of described request Bandwidth adjustment is the first equipment, and described first equipment comprises:
Obtain unit, for obtaining the first message, described first message comprises described first mark and the second mark, and described first mark is used for the type of identification request Bandwidth adjustment, and described second mark is for identifying user corresponding to described first equipment;
First transmitting element, for sending described first message to the second equipment.
The equipment of 18. bandwidth on demand adjustment according to claim 17, it is characterized in that, the equipment of described request Bandwidth adjustment also comprises:
First receiving element, for receiving the EAP request EAPRequest message that described second equipment sends;
Described acquisition unit specifically for:
After described first receiving element receives described EAPRequest message, obtain EAP response EAPResponse message, described EAPResponse message comprises described first mark and described second mark.
19. equipment according to claim 17, is characterized in that, described equipment also comprises:
Second receiving element, for receiving the second message that described second equipment sends, described second message is used to indicate the certification of described first equipment by described second equipment.
20., according to claim 17 to the equipment described in 19 any one, is characterized in that, described equipment also comprises:
3rd receiving element, for receiving the 3rd message from server, described server is for responding described bandwidth adjustment request, and described 3rd message comprises the random number in authentication vector;
Computing unit, for identifying corresponding shared key according to the random number in described authentication vector and with described second, access authentication operation result;
Second transmitting element, for sending the 4th message to described second equipment, described 4th message comprises described authentication algorithm result.
CN201410418350.XA 2014-08-22 2014-08-22 Method and device for allocating bandwidth on demand Pending CN105450547A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201410418350.XA CN105450547A (en) 2014-08-22 2014-08-22 Method and device for allocating bandwidth on demand
PCT/CN2015/087583 WO2016026448A1 (en) 2014-08-22 2015-08-20 Method and apparatus for bandwidth on demand

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410418350.XA CN105450547A (en) 2014-08-22 2014-08-22 Method and device for allocating bandwidth on demand

Publications (1)

Publication Number Publication Date
CN105450547A true CN105450547A (en) 2016-03-30

Family

ID=55350209

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410418350.XA Pending CN105450547A (en) 2014-08-22 2014-08-22 Method and device for allocating bandwidth on demand

Country Status (2)

Country Link
CN (1) CN105450547A (en)
WO (1) WO2016026448A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107579833A (en) * 2016-07-05 2018-01-12 中兴通讯股份有限公司 A kind of method and device for individual line subscriber speed-raising
WO2018095256A1 (en) * 2016-11-26 2018-05-31 Huawei Technologies Co., Ltd. System, method and devices for mka negotiation between the devices
CN117319851A (en) * 2023-11-28 2023-12-29 深圳市兆能讯通科技有限公司 PON-based FTTR bandwidth management method and device

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108123837A (en) * 2017-12-21 2018-06-05 努比亚技术有限公司 Internet wide band distribution, mobile terminal and computer readable storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101848163A (en) * 2010-06-01 2010-09-29 中兴通讯股份有限公司 Method and system for dynamically adjusting bandwidth service and broadband policy system
CN102223294A (en) * 2010-10-12 2011-10-19 四川省守望信息科技有限责任公司 Method and system for dynamically adjusting point-to-point protocol overethernet (PPPoE) mode access bandwidth
US20120300624A1 (en) * 2011-05-25 2012-11-29 Fujitsu Limited Bandwidth guaranteeing apparatus and bandwidth guaranteeing method
CN103731887A (en) * 2014-01-13 2014-04-16 中国联合网络通信集团有限公司 Network bandwidth adjusting method, mobile terminal and server
CN103905476A (en) * 2012-12-25 2014-07-02 腾讯科技(深圳)有限公司 File transfer method, device and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101848163A (en) * 2010-06-01 2010-09-29 中兴通讯股份有限公司 Method and system for dynamically adjusting bandwidth service and broadband policy system
CN102223294A (en) * 2010-10-12 2011-10-19 四川省守望信息科技有限责任公司 Method and system for dynamically adjusting point-to-point protocol overethernet (PPPoE) mode access bandwidth
US20120300624A1 (en) * 2011-05-25 2012-11-29 Fujitsu Limited Bandwidth guaranteeing apparatus and bandwidth guaranteeing method
CN103905476A (en) * 2012-12-25 2014-07-02 腾讯科技(深圳)有限公司 File transfer method, device and system
CN103731887A (en) * 2014-01-13 2014-04-16 中国联合网络通信集团有限公司 Network bandwidth adjusting method, mobile terminal and server

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107579833A (en) * 2016-07-05 2018-01-12 中兴通讯股份有限公司 A kind of method and device for individual line subscriber speed-raising
CN107579833B (en) * 2016-07-05 2022-03-18 中兴通讯股份有限公司 Method and device for speeding up private line user
WO2018095256A1 (en) * 2016-11-26 2018-05-31 Huawei Technologies Co., Ltd. System, method and devices for mka negotiation between the devices
US10904368B2 (en) 2016-11-26 2021-01-26 Huawei Technologies Co., Ltd. System, method and devices for MKA negotiation between the devices
CN117319851A (en) * 2023-11-28 2023-12-29 深圳市兆能讯通科技有限公司 PON-based FTTR bandwidth management method and device
CN117319851B (en) * 2023-11-28 2024-02-02 深圳市兆能讯通科技有限公司 PON-based FTTR bandwidth management method and device

Also Published As

Publication number Publication date
WO2016026448A1 (en) 2016-02-25

Similar Documents

Publication Publication Date Title
US20210058783A1 (en) Network authentication method, and related device and system
US11582602B2 (en) Key obtaining method and device, and communications system
CN108667699B (en) Method and device for interconnecting terminal equipment and gateway equipment
EP3644636B1 (en) Secure access method, device and system
WO2017024671A1 (en) Network switching method and terminal
CN107567017B (en) Wireless connection system, device and method
US20150382397A1 (en) 802.1x access session keepalive method, device, and system
CN101785343B (en) Method, system and device for fast transitioning resource negotiation
CN105338529B (en) Wireless network connection method and system
CN110121196B (en) Security identifier management method and device
EP3324681B1 (en) Processing method and device for accessing to 3gpp network by terminal
EP3284232B1 (en) Wireless communications
CN105450547A (en) Method and device for allocating bandwidth on demand
US20210235268A1 (en) Methods and nodes for authentication of a tls connection
CN108377493B (en) Connection establishment method, device and system
CN106789076B (en) Interaction method and device for server and intelligent equipment
EP3606163A1 (en) Synchronization method, apparatus, and system for terminal monitoring information
US20160344716A1 (en) Implicit Challenge Authentication Process
CN109429228A (en) A kind of radio switch-in method and device
US20180152982A1 (en) Method and apparatus for networking unmanned aerial vehicle and system for controlling unmanned aerial vehicle
CN106302376A (en) Re-authentication recognition methods, evolution packet data gateway and system
TW201933904A (en) Trusted service management method and apparatus capable of supporting wireless network switching
CN110933591B (en) Authentication method, equipment and system
KR101480706B1 (en) Network system for providing security to intranet and method for providing security to intranet using security gateway of mobile communication network
EP4203392A1 (en) Authentication support for an electronic device to connect to a telecommunications network

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20160330