CN109451096A - IP distribution method, device and IP method for authenticating, device, system - Google Patents

IP distribution method, device and IP method for authenticating, device, system Download PDF

Info

Publication number
CN109451096A
CN109451096A CN201811626001.1A CN201811626001A CN109451096A CN 109451096 A CN109451096 A CN 109451096A CN 201811626001 A CN201811626001 A CN 201811626001A CN 109451096 A CN109451096 A CN 109451096A
Authority
CN
China
Prior art keywords
terminal
allocated
subscriber number
sbc
call request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811626001.1A
Other languages
Chinese (zh)
Other versions
CN109451096B (en
Inventor
杨进
张峻
冒蓉
操振宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Group Jiangsu Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Group Jiangsu Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Group Jiangsu Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN201811626001.1A priority Critical patent/CN109451096B/en
Publication of CN109451096A publication Critical patent/CN109451096A/en
Application granted granted Critical
Publication of CN109451096B publication Critical patent/CN109451096B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Abstract

The embodiment of the invention provides IP distribution method, device and IP method for authenticating, device, systems.The IP distribution method includes: to judge whether the Internet protocol address IP of terminal needs to update;In the case where the IP of the terminal needs to update, IP to be allocated and Subscriber Number corresponding with the IP to be allocated are sent to Session Border Controller SBC;The confirmation message that the SBC is generated based on the IP to be allocated and the Subscriber Number is received, and the IP to be allocated is distributed to by the terminal based on the confirmation message.The embodiment of the present invention can carry out dynamic update to IP, and updated IP is saved into SBC, and then is precisely authenticated to terminal, can not carry out Brute Force to terminal IP.

Description

IP distribution method, device and IP method for authenticating, device, system
Technical field
The present invention relates to core network technology field more particularly to a kind of IP distribution methods, device and IP method for authenticating, dress It sets, system
Background technique
The authentication of Internet protocol address (Internet Protocol, IP) is to prevent IP multimedia subsystem (IP Multimedia Subsystem, IMS) fixed line free call on sb. else's expense through illegal means one of the precautionary measures.
In general, IMS solidifies free call on sb. else's expense through illegal means in order to prevent, and using following two ways: first, for each province, using in meeting The fixed line IP address section of this province operator is configured in words boarder controller (Session Border Controller, SBC), SBC limits the address other than the address field to register;Second, pass through home signature user server (Home Subscriber Server, HSS) " districts and cities-IP sections " list of granularity smaller (for example, being refined to districts and cities) is established, fixed number is being led every time Before crying calling, require to carry number, the IP of affiliated terminal initiates to authenticate to SBC, SBC can find returning for the number into HSS Belong to city and corresponding IP address section, checks that currently terminal IP is whether in the corresponding address section that it belongs to districts and cities, if , then it is assumed that the fixed number is legal, and the fixed number is allowed to be called, if not thinking the fixed number if Be it is illegal, refuse this calling.
In conclusion range is wider when SBC terminal IP is authenticated in above two mode, authentication mode is Static, it is easy by Brute Force.
Summary of the invention
The embodiment of the invention provides a kind of IP distribution method, device and IP method for authenticating, device, systems, can be right IP carries out dynamic update, and updated IP is saved into SBC, and then is precisely authenticated to terminal, can not be to end IP is held to carry out Brute Force.
In a first aspect, the embodiment of the invention provides a kind of IP distribution method, method includes:
Judge whether the Internet protocol address IP of terminal needs to update;
In the case where the IP of the terminal needs to update, by IP to be allocated and user corresponding with the IP to be allocated Number is sent to Session Border Controller SBC;
The confirmation message that the SBC is generated based on the IP to be allocated and the Subscriber Number is received, and based on described The IP to be allocated is distributed to the terminal by confirmation message.
Second aspect, the embodiment of the invention provides a kind of IP method for authenticating, method includes:
The call request of terminal is received, the call request carries Subscriber Number and terminal IP;
According to the Subscriber Number, IP corresponding with the Subscriber Number in the library IP is transferred;IP in the library IP is above-mentioned IP to be allocated described in any one of claim 1-6;
When the IP is consistent with the terminal IP, receive the call request;
When the IP and the terminal IP are inconsistent, refuse the call request.
The third aspect, the embodiment of the invention provides a kind of IP distributor, device includes:
Judgment module, for judging whether the Internet protocol address IP of terminal needs to update;
Sending module, for the terminal IP need update in the case where, by IP to be allocated and with it is described to point Session Border Controller SBC is sent to the corresponding Subscriber Number of IP;
Distribution module, for receiving generating based on the IP to be allocated and the Subscriber Number for SBC feedback Confirmation message, and the IP to be allocated is distributed to by corresponding terminal based on the confirmation message.
Fourth aspect, the embodiment of the invention provides a kind of IP authentication device, device includes:
Receiving module, for receiving the call request of terminal, the call request carries Subscriber Number and terminal IP;
Module is transferred, for transferring IP corresponding with the Subscriber Number in the library IP according to the Subscriber Number;The library IP In IP be IP to be allocated described in any one of the claims 1-6;
IP judgment module, for receiving the call request when the IP is consistent with the terminal IP;When the IP with When the terminal IP is inconsistent, refuse the call request.
5th aspect, the embodiment of the invention provides a kind of IP right discriminating system, system includes BAS Broadband Access Server BRAS And SBC;
The BRAS, for judging whether the IP of terminal needs to update, in the case where the IP of the terminal needs to update, IP to be allocated and Subscriber Number corresponding with the IP to be allocated are sent to the SBC;Receive SBC feedback based on The confirmation message that the IP to be allocated and the Subscriber Number generate, and based on the confirmation message by the IP to be allocated points The corresponding terminal of dispensing;
The SBC, for generating confirmation message based on the corresponding Subscriber Number of the IP to be allocated received, and by institute It states confirmation message and is sent to the BRAS.
6th aspect, the embodiment of the invention provides a kind of IP distributing equipments, comprising: at least one processor, at least one A memory and computer program instructions stored in memory, the realization when computer program instructions are executed by processor Such as the method for first aspect and/or second aspect in above embodiment.
7th aspect, the embodiment of the invention provides a kind of computer readable storage mediums, are stored thereon with computer journey Sequence instruction is realized when computer program instructions are executed by processor such as first aspect and/or second party in above embodiment The method in face.
IP distribution method provided in an embodiment of the present invention, device and IP method for authenticating, device, system, in IP distribution When, when by judging that the IP of terminal needs to update, the corresponding Subscriber Number of IP to be allocated and IP to be allocated is sent out SBC is given, and after receiving the confirmation message that SBC is generated based on IP to be allocated, IP to be allocated is distributed into terminal.It reflects in IP Power in time, after SBC receives the call request of terminal, according to the Subscriber Number carried in call request, is transferred in the library IP IP corresponding with the Subscriber Number, and the IP taken out and terminal IP are compared, as the IP and terminal taken out When IP is consistent, call request is received, refuses call request if inconsistent.The embodiment of the present invention can carry out dynamic to IP It updates, and updated IP is saved into SBC, and then terminal is precisely authenticated, terminal IP can not be carried out sudden and violent Power cracks.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, will make below to required in the embodiment of the present invention Attached drawing is briefly described, for those of ordinary skill in the art, without creative efforts, also Other drawings may be obtained according to these drawings without any creative labor.
Fig. 1 shows a kind of flow chart of the IP distribution method provided according to some embodiments of the invention;
Fig. 2 shows a kind of flow charts of the IP method for authenticating provided according to some embodiments of the invention;
Fig. 3 shows a kind of structure chart of the IP distributor provided according to some embodiments of the invention;
Fig. 4 shows a kind of structure chart of the IP authentication device provided according to some embodiments of the invention;
Fig. 5 shows a kind of structure chart of the IP right discriminating system provided according to some embodiments of the invention;
Fig. 6 shows a kind of work flow diagram of the IP right discriminating system provided according to some embodiments of the invention;
Fig. 7 shows the work flow diagram of another IP right discriminating system provided according to some embodiments of the invention;
Fig. 8 shows the structure chart of a kind of electronic equipment provided according to some embodiments of the invention.
Specific embodiment
The feature and exemplary embodiment of various aspects of the invention is described more fully below, in order to make mesh of the invention , technical solution and advantage be more clearly understood, with reference to the accompanying drawings and embodiments, the present invention is further retouched in detail It states.It should be understood that specific embodiment described herein is only configured to explain the present invention, it is not configured as limiting the present invention. To those skilled in the art, the present invention can be real in the case where not needing some details in these details It applies.Below the description of embodiment is used for the purpose of better understanding the present invention to provide by showing example of the invention.
It should be noted that, in this document, relational terms such as first and second and the like are used merely to a reality Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation In any actual relationship or order or sequence.Moreover, the terms "include", "comprise" or its any other variant are intended to Non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or equipment Intrinsic element.In the absence of more restrictions, the element limited by sentence " including ... ", it is not excluded that including There is also other identical elements in the process, method, article or equipment of the element.
Currently, the authentication of IP is to prevent one of the precautionary measures of IMS fixed line free call on sb. else's expense through illegal means.
In general, IMS solidifies free call on sb. else's expense through illegal means in order to prevent, and using following two ways: first, for each province, using in SBC The upper fixed line IP address section for configuring this province operator, SBC limit the address other than the address field to register;Second, pass through HSS " districts and cities-IP sections " list of granularity smaller (for example, being refined to districts and cities) is established, fixed number is before each calling, all Need to carry number, the IP of affiliated terminal initiates to authenticate to SBC, SBC can find the ownership city of the number into HSS, and Corresponding IP address section checks that currently terminal IP is whether in the corresponding address section that it belongs to districts and cities, if, then it is assumed that it should Fixed number is legal, and the fixed number is allowed to be called, if do not think if the fixed number be it is illegal, Refuse this calling.
It is above-mentioned to prevent IMS fixed line from there are problems that two by the mode of free call on sb. else's expense through illegal means, first is that the address field particle of authentication is larger, it is minimum It is also to arrive districts and cities' rank, if free call on sb. else's expense through illegal means one's share of expenses for a joint undertaking accesses network by this city, the technology is invalid to this;Second is that authentication mainly passes through Static address section, free call on sb. else's expense through illegal means one's share of expenses for a joint undertaking can find out the approximate range for authenticating IP address section list by repeatedly attempting, and can pass through It simulates a network address and breaks through the prevention.Based on this, IP distribution method, device and IP mirror provided in an embodiment of the present invention Method, apparatus, system are weighed, dynamic update can be carried out to IP, and updated IP is saved into SBC, and then to end End is precisely authenticated, and can not carry out Brute Force to terminal IP.
It is BARS below by the executing subject with IP distribution method, the executing subject of IP method for authenticating is SBC to this hair Bright embodiment describes in detail.
It is shown in Figure 1, it is a kind of IP distribution method legal person's flow chart provided in an embodiment of the present invention, includes the following steps S101-S103:
S101: judge whether the Internet protocol address IP of terminal needs to update.
When specific implementation, terminal can be IMS fixed phone terminal, for example, home gateway unit (Home Gateway Unit, HGU), intelligent gateway (Intelligent Home Gateway Unit, IHGU), BARS judges the IP address of terminal more Can newly following two ways be passed through:
First, sending IP acquisition request when terminal is online.
When BARS receives IP acquisition request, then prove that terminal needs to update IP, herein, in IP acquisition request Subscriber Number is carried,
Second, by preset time threshold, to judge whether the current IP of terminal is expired, for example, BARS sets for terminal " 24 hours " IP address aging mechanism or " 48 hours " IP address aging mechanism are set, when the current IP of terminal is reached using the time Preset time threshold is then terminal distribution IP, when judging whether the current IP of terminal goes over, can also obtain the use of terminal Family number.
S102: in the case where the IP of the terminal needs to update, by IP to be allocated and corresponding with the IP to be allocated Subscriber Number be sent to SBC.
It can be the end in IP address pond when BARS judges that terminal needs to update IP when specific implementation End matches IP to be allocated, is that the Subscriber Number progress of the corresponding terminal is matched when matching the IP to be allocated of the terminal, That is, IP to be allocated both correspond to Subscriber Number association, can guarantee each terminal distribution to IP be unique IP.
BARS and SBC is real time communication, and after obtaining the IP to be allocated of the terminal, it is same that IP to be allocated is corresponded to Subscriber Number When be sent to SBC, when BARS is communicated with SBC, communicated by the way of Socket interface and message queue , for example, IP to be allocated is passed through Socket interface with corresponding Subscriber Number in the form of a list is sent to SBC.
In addition, there is Messages-Waiting and retransmission mechanism, for example, in BARS when communication between BARS and SBC After IP to be allocated and corresponding Subscriber Number are sent to SBC, the confirmation message that SBC can be waited to feed back, BARS can be default In period, IP to be allocated and corresponding Subscriber Number are sent to SBC more times, if not receiving SBC's within a preset period of time Confirmation message then stops IP to be allocated being sent to terminal, for example, sending 3 IP to be allocated and correspondence to SBC in 1 minute Subscriber Number.After being not received by the confirmation message of SBC feedback within a preset period of time, network interruption alarm can be also initiated.
In some embodiments, judge what whether terminal IP needed to be updated using two ways in above-mentioned steps S101 When, when can be online using terminal, the mode of IP acquisition request is sent, BARS can then notify SBC at once, which needs IP is updated, that is, BARS is to carry out IP update to single terminal, using preset time threshold is passed through, to judge terminal Current IP whether expired mode judges whether terminal needs to update, and can be the BARS persistent collection current IP distribution time Overdue terminal set in piece, is then each terminal distribution IP, that is, BARS is to carry out IP matching to batch terminal 's.
In some embodiments, BARS is when carrying out IP matching to batch terminal, for terminal coupling IP to be allocated When, the Subscriber Number of IP to be matched and terminal is correspondingly, therefore, after BARS can count the quantity of terminal, and to obtain IP IP quantity in address pool stops more new terminal IP when IP quantity is unsatisfactory for the quantity of terminal.
In some embodiments, BARS can also obtain the IP quantity in IP address pond, the IP in IP address pond in real time When quantity is reduced to preset quantity threshold value, the alarm of IP deficiency is initiated.It is also possible to record the quantity consumed of IP, when the IP number of consumption When amount reaches the preset percentage in IP address pond, for example, when the IP quantity of consumption reaches 85% in IP address pond, hair The alarm of IP deficiency is played, and then system manager is notified to add IP address section into IP address pond.
S103: the confirmation message that the SBC is generated based on the IP to be allocated and the Subscriber Number is received, and is based on The IP to be allocated is distributed to the terminal by the confirmation message.
When specific implementation, confirmation message can be SBC notice BARS successfully by IP to be allocated and corresponding Subscriber Number is saved, can be as the instruction information of terminal distribution IP to be allocated.SBC is receiving the to be allocated of BARS transmission IP and corresponding Subscriber Number can be saved IP to be allocated and Subscriber Number corresponding with IP to be allocated are corresponding to the IP of SBC In library, so as to be authenticated when terminal originated calls request to terminal.SBC is by IP to be allocated and corresponding with IP to be allocated After Subscriber Number saves successfully, confirmation message can be generated based on IP to be allocated and Subscriber Number corresponding with IP to be allocated, The IP to be allocated of the corresponding terminal of notice Subscriber Number has been saved, and IP to be allocated can be distributed to terminal.
It is shown in Figure 2, it is a kind of flow chart of IP method for authenticating provided in an embodiment of the present invention, includes the following steps S201-S202:
S201: receiving the call request of terminal, and the call request carries Subscriber Number and terminal IP.
S202: according to the Subscriber Number, IP corresponding with the Subscriber Number in the library IP is transferred;IP in the library IP is IP to be allocated described in above-mentioned IP distribution method corresponding embodiment.
S203: when the IP is consistent with the terminal IP, receive the call request;As the IP and the terminal IP When inconsistent, refuse the call request.
When specific implementation, call request refers to request of the terminal request to other terminal originated calls, terminal hair When playing call request, the Subscriber Number of the terminal and terminal IP can be sent to SBC, SBC is receiving call request Afterwards, it can identify that Subscriber Number and terminal IP in call request are transferred and Subscriber Number pair according to Subscriber Number in the library IP The IP answered, herein, the IP in the library IP is IP to be allocated in the corresponding embodiment of IP distribution method, i.e. BARS sends out IP to be allocated When giving SBC, SBC can save IP to be allocated into the library IP.By the IP corresponding with Subscriber Number being deployed into and terminal IP into Row compares, when the IP corresponding with Subscriber Number being deployed into is consistent with terminal IP, then the call request of receiving terminal, if It is inconsistent, then refuse the call request of terminal, in this case, authentication rank reached IP it is completely the same in the case where, nothing It is network-originated call to be accessed from this districts and cities, or initiate to exhale by some address in simulation local number section by free call on sb. else's expense through illegal means molecule It cries, cannot pass through authentication.
IP distribution method provided in an embodiment of the present invention and IP method for authenticating, by leading in real time between BARS and SBC IP to be allocated is sent to SBC and saved by letter, BARS, IP distribution method, device and IP mirror provided in an embodiment of the present invention Weigh method, apparatus, system, IP distribution when, when by judging that the IP of terminal needs to update, by IP to be allocated with And the corresponding Subscriber Number of IP to be allocated is sent to SBC, and after receiving the confirmation message that SBC is generated based on IP to be allocated, IP to be allocated is distributed into terminal.It authenticates in IP in time, after SBC receives the call request of terminal, according to call request The Subscriber Number of middle carrying, transfers the IP corresponding with the Subscriber Number in the library IP, and by the IP taken out and terminal IP into Row comparison receives call request, refuses call request if inconsistent when the IP taken out is consistent with terminal IP. The embodiment of the present invention can carry out dynamic update to IP, and updated IP is saved into SBC, and then is carried out to terminal Precisely authentication can not carry out Brute Force to terminal IP.
Conceived based on same invention, the embodiment of the present invention also provides a kind of IP distributor, and wherein IP distributor is detailed Thin embodiment is corresponding with the embodiment of above-mentioned IP distribution method consistent, the embodiment of the visible IP distribution method of detailed content, herein No longer state.
Shown in Figure 3, the embodiment of the invention also provides a kind of IP distributor, which includes: judgment module 301, sending module 302, distribution module 303:
Judgment module, for judging whether the Internet protocol address IP of terminal needs to update;
Sending module, for the terminal IP need update in the case where, by IP to be allocated and with it is described to point Session Border Controller SBC is sent to the corresponding Subscriber Number of IP;
Distribution module, for receiving generating based on the IP to be allocated and the Subscriber Number for SBC feedback Confirmation message, and the IP to be allocated is distributed to by corresponding terminal based on the confirmation message.
In some embodiments, the judgment module 301, for judging whether the IP of terminal needs more using following manner Newly include:
Receive the IP acquisition request that the terminal is initiated.
In some embodiments, the judgment module 301, for judging whether the IP of terminal needs more using following manner Newly further include:
According to preset time threshold, judge whether the distribution time of the current IP of the terminal expires.
In some embodiments, the sending module 302 is also used to when the IP of the terminal needs to update, and obtains IP IP quantity in address pool;If the IP quantity is unsatisfactory for the quantity of the terminal, stop the IP for updating the terminal.
In some embodiments, described device further includes detection module 304, and the detection module 304 is for detecting IP IP quantity in the pond of location initiates the alarm of IP deficiency when the IP quantity in the IP address pond is reduced to preset quantity threshold value.
In some embodiments, the sending module 303 is also used within a preset period of time, repeatedly by the IP to be allocated And Subscriber Number corresponding with the IP to be allocated is sent to the SBC;It is described when not received in the preset time period When the confirmation message that SBC is sent, stop the IP to be allocated being sent to the terminal, concurrently plays network interruption alarm.
Conceived based on same invention, the embodiment of the present invention also provides a kind of IP authentication device, and wherein IP authentication device is detailed Thin embodiment is corresponding with the embodiment of above-mentioned IP method for authenticating consistent, the embodiment of the visible IP method for authenticating of detailed content, herein No longer state.
Described referring to fig. 4, the embodiment of the present invention also provides a kind of IP authentication device, which includes:
Receiving module 401, for receiving the call request of terminal, the call request carries Subscriber Number and terminal IP;
Module 402 is transferred, for transferring IP corresponding with the Subscriber Number in the library IP according to the Subscriber Number;
IP judgment module 403, for receiving the call request when the IP is consistent with the terminal IP;When described When IP and the terminal IP are inconsistent, refuse the call request.
Shown in Figure 5, the embodiment of the present invention also provides a kind of IP right discriminating system, the system comprises BRAS501 and SBC502;
The BRAS501 needs more news in the IP of the terminal for judging whether the IP of terminal needs to update Under, IP to be allocated and Subscriber Number corresponding with the IP to be allocated are sent to the SBC502;Receive the SBC502 The confirmation message of feedback generated based on the IP to be allocated and the Subscriber Number, and will be described based on the confirmation message IP to be allocated distributes to corresponding terminal;
The SBC502, for generating confirmation message based on the corresponding Subscriber Number of the IP to be allocated received, and The confirmation message is sent to the BRAS501.
In some embodiments, the SBC502 is also used to authenticate terminal IP using following manner:
The call request of the terminal is received, the call request carries Subscriber Number and terminal IP;
According to the Subscriber Number, IP corresponding with the Subscriber Number in the library IP is transferred;
When the IP is consistent with the terminal IP, the call request is received;
When the IP and the terminal IP are inconsistent, refuse the call request.
When specific implementation, BARS501 judges to be divided into two kinds of situations when whether terminal needs to update IP, first, eventually When holding online, IP acquisition request is sent, second, by preset time threshold, to judge whether the current IP of terminal is expired, needle To both of these case, the embodiment of IP right discriminating system will be apparent from below.
It is shown in Figure 6, when online for terminal, IP acquisition request is sent, the workflow of IP right discriminating system is as follows:
S601: when terminal is online, IP acquisition request is sent.
S602:BARS is terminal coupling IP to be allocated, and by Subscriber Number and corresponding with the Subscriber Number to be allocated IP is sent to SBC.
It, can be by Subscriber Number and the corresponding guarantor of IP to be allocated after S603:SBC receives Subscriber Number and IP to be allocated It deposits, and confirmation message is generated based on Subscriber Number and corresponding IP to be allocated.
IP to be allocated is sent to terminal by S604:BARS.
S605: terminal initiates call request to CBS, in call request, carries Subscriber Number and terminal IP.
S606:SBC transfers IP corresponding with the Subscriber Number in the library IP according to the Subscriber Number carried in call request; IP is compared with terminal IP, if unanimously, receiving the call request.
Shown in Figure 7, for by preset time threshold, to judge whether the current IP of terminal is expired, IP is authenticated The workflow of system is as follows:
IP overdue terminal set in the S701:BARS persistent collection current IP distribution period, and be each terminal Distribute IP to be allocated.
S702: each Subscriber Number and to be allocated IP corresponding with each Subscriber Number are sent to SBC.
It, can be by Subscriber Number and the corresponding guarantor of IP to be allocated after S703:SBC receives Subscriber Number and IP to be allocated It deposits, and confirmation message is generated based on Subscriber Number and corresponding IP to be allocated.
IP to be allocated is sent to terminal by S704:BARS.
S705: terminal initiates call request to CBS, in call request, carries Subscriber Number and terminal IP.
S706:SBC transfers IP corresponding with the Subscriber Number in the library IP according to the Subscriber Number carried in call request; IP is compared with terminal IP, if unanimously, receiving the call request.
In addition, in conjunction with the IP distribution method of Fig. 1 embodiment of the present invention described or the embodiment of the present invention of combination Fig. 2 description IP method for authenticating can be realized by electronic equipment.Fig. 8 shows the hardware knot of electronic equipment provided in an embodiment of the present invention Structure schematic diagram.
Electronic equipment may include processor 801 and the memory 802 for being stored with computer program instructions.
Specifically, above-mentioned processor 801 may include central processing unit (CPU) or specific integrated circuit (Application Specific Integrated Circuit, ASIC), or may be configured to implement implementation of the present invention One or more integrated circuits of example.
Memory 802 may include the mass storage for data or instruction.For example it rather than limits, memory 802 may include hard disk drive (Hard Disk Drive, HDD), floppy disk drive, flash memory, CD, magneto-optic disk, tape or logical With the combination of universal serial bus (Universal Serial Bus, USB) driver or two or more the above.It is closing In the case where suitable, memory 802 may include the medium of removable or non-removable (or fixed).In a suitable case, it stores Device 802 can be inside or outside data processing equipment.In a particular embodiment, memory 802 is nonvolatile solid state storage Device.In a particular embodiment, memory 802 includes read-only memory (ROM).In a suitable case, which can be mask ROM, programming ROM (PROM), erasable PROM (EPROM), the electric erasable PROM (EEPROM), electrically-alterable ROM of programming (EAROM) or the combination of flash memory or two or more the above.
Processor 801 is by reading and executing the computer program instructions stored in memory 802, to realize above-mentioned implementation Any one IP distribution method or IP method for authenticating in example.
In one example, electronic equipment may also include communication interface 803 and bus 810.Wherein, as shown in figure 8, processing Device 801, memory 802, communication interface 803 connect by bus 810 and complete mutual communication.
Communication interface 803 is mainly used for realizing in the embodiment of the present invention between each module, device, unit and/or equipment Communication.
Bus 810 includes hardware, software or both, and the component of electronic equipment is coupled to each other together.For example and It is unrestricted, bus may include accelerated graphics port (AGP) or other graphics bus, enhancing Industry Standard Architecture (EISA) bus, Front side bus (FSB), super transmission (HT) interconnection, the interconnection of Industry Standard Architecture (ISA) bus, infinite bandwidth, low pin count (LPC) Bus, memory bus, micro- channel architecture (MCA) bus, peripheral component interconnection (PCI) bus, PCI-Express (PCI-X) Bus, Serial Advanced Technology Attachment (SATA) bus, Video Electronics Standards Association part (VLB) bus or other suitable buses Or the combination of two or more the above.In a suitable case, bus 810 may include one or more buses.To the greatest extent Specific bus has been described and illustrated in the pipe embodiment of the present invention, but the present invention considers any suitable bus or interconnection.
In addition, in conjunction in above-described embodiment kind IP distribution method or IP method for authenticating, the embodiment of the present invention can provide one Computer readable storage medium is planted to realize.Computer program instructions are stored on the computer readable storage medium;The calculating Machine program instruction realizes any one various IP distribution methods or IP method for authenticating in above-described embodiment when being executed by processor.
It should be clear that the invention is not limited to specific configuration described above and shown in figure and processing. For brevity, it is omitted here the detailed description to known method.In the above-described embodiments, several tools have been described and illustrated The step of body, is as example.But method process of the invention is not limited to described and illustrated specific steps, this field Technical staff can be variously modified, modification and addition after understanding spirit of the invention, or suitable between changing the step Sequence.
Functional block shown in structures described above block diagram can be implemented as hardware, software, firmware or their group It closes.When realizing in hardware, it may, for example, be electronic circuit, specific integrated circuit (ASIC), firmware appropriate, insert Part, function card etc..When being realized with software mode, element of the invention is used to execute program or the generation of required task Code section.Perhaps code segment can store in machine readable media program or the data-signal by carrying in carrier wave is passing Defeated medium or communication links are sent." machine readable media " may include any medium for capableing of storage or transmission information. The example of machine readable media includes electronic circuit, semiconductor memory devices, ROM, flash memory, erasable ROM (EROM), soft Disk, CD-ROM, CD, hard disk, fiber medium, radio frequency (RF) link, etc..Code segment can be via such as internet, inline The computer network of net etc. is downloaded.
It should also be noted that, the exemplary embodiment referred in the present invention, is retouched based on a series of step or device State certain methods or system.But the present invention is not limited to the sequence of above-mentioned steps, that is to say, that can be according in embodiment The sequence referred to executes step, may also be distinct from that the sequence in embodiment or several steps are performed simultaneously.
The above description is merely a specific embodiment, it is apparent to those skilled in the art that, For convenience of description and succinctly, the system, module of foregoing description and the specific work process of unit can refer to preceding method Corresponding process in embodiment, details are not described herein.It should be understood that scope of protection of the present invention is not limited thereto, it is any to be familiar with Those skilled in the art in the technical scope disclosed by the present invention, can readily occur in various equivalent modifications or substitutions, These modifications or substitutions should be covered by the protection scope of the present invention.

Claims (13)

1. a kind of IP distribution method, which is characterized in that the described method includes:
Judge whether the Internet protocol address IP of terminal needs to update;
In the case where the IP of the terminal needs to update, by IP to be allocated and Subscriber Number corresponding with the IP to be allocated It is sent to Session Border Controller SBC;
The confirmation message that the SBC is generated based on the IP to be allocated and the Subscriber Number is received, and is based on the confirmation The IP to be allocated is distributed to the terminal by information.
2. the method according to claim 1, wherein the IP for judging terminal whether need update include:
Receive the IP acquisition request that the terminal is initiated.
3. the method according to claim 1, wherein whether the Internet protocol address IP for judging terminal needs It updates further include:
According to preset time threshold, judge whether the distribution time of the current IP of the terminal expires.
4. the method according to claim 1, wherein the method also includes:
When the IP of the terminal needs to update, the IP quantity in IP address pond is obtained;
If the IP quantity is unsatisfactory for the quantity of the terminal, stop the IP for updating the terminal.
5. the method according to claim 1, wherein the method also includes: detection IP address pond in IP number Amount initiates the alarm of IP deficiency when the IP quantity in the IP address pond is reduced to preset quantity threshold value.
6. the method according to claim 1, wherein the method also includes:
Within a preset period of time, the IP to be allocated and Subscriber Number corresponding with the IP to be allocated are repeatedly sent to institute State SBC;
When not receiving the confirmation message that the SBC is sent in the preset time period, stop sending the IP to be allocated To the terminal, network interruption alarm is concurrently played.
7. a kind of IP method for authenticating, which is characterized in that the described method includes:
The call request of terminal is received, the call request carries Subscriber Number and terminal IP;
According to the Subscriber Number, IP corresponding with the Subscriber Number in the library IP is transferred;IP in the library IP is aforesaid right It is required that IP to be allocated described in any one of 1-6;
When the IP is consistent with the terminal IP, receive the call request;
When the IP and the terminal IP are inconsistent, refuse the call request.
8. a kind of IP distributor, which is characterized in that described device includes:
Judgment module, for judging whether the Internet protocol address IP of terminal needs to update;
Sending module, for the terminal IP need update in the case where, by IP to be allocated and with the IP to be allocated Corresponding Subscriber Number is sent to Session Border Controller SBC;
Distribution module, for receiving the confirmation of the SBC feedback generated based on the IP to be allocated and the Subscriber Number Information, and the IP to be allocated is distributed to by corresponding terminal based on the confirmation message.
9. a kind of IP authentication device, which is characterized in that described device includes:
Receiving module, for receiving the call request of terminal, the call request carries Subscriber Number and terminal IP;
Module is transferred, for transferring IP corresponding with the Subscriber Number in the library IP according to the Subscriber Number;In the library IP IP is IP to be allocated described in any one of the claims 1-6;
IP judgment module, for receiving the call request when the IP is consistent with the terminal IP;When the IP with it is described When terminal IP is inconsistent, refuse the call request.
10. a kind of IP right discriminating system, which is characterized in that the system comprises BAS Broadband Access Server BRAS and SBC;
The BRAS, will be in the case where the IP of the terminal needs to update for judging whether the IP of terminal needs to update Distribution IP and Subscriber Number corresponding with the IP to be allocated are sent to the SBC;Receive SBC feedback based on described The confirmation message that IP to be allocated and the Subscriber Number generate, and distributed to the IP to be allocated based on the confirmation message Corresponding terminal;
The SBC, for generating confirmation message based on the corresponding Subscriber Number of the IP to be allocated received, and will be described true Recognize information and is sent to the BRAS.
11. system according to claim 10, which is characterized in that the SBC is also used to using following manner to terminal IP It is authenticated:
The call request of the terminal is received, the call request carries Subscriber Number and terminal IP;
According to the Subscriber Number, IP corresponding with the Subscriber Number in the library IP is transferred;
When the IP is consistent with the terminal IP, the call request is received;
When the IP and the terminal IP are inconsistent, refuse the call request.
12. a kind of IP distributing equipment characterized by comprising at least one processor, at least one processor and be stored in Computer program instructions in the memory realize such as right when the computer program instructions are executed by the processor It is required that method described in any one of 1-6 and/or the method for claim 7.
13. a kind of computer readable storage medium, is stored thereon with computer program instructions, which is characterized in that when the calculating It realizes when machine program instruction is executed by processor such as method of any of claims 1-6 and/or such as claim 7 institute The method stated.
CN201811626001.1A 2018-12-28 2018-12-28 IP distribution method, device and IP authentication method, device and system Active CN109451096B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811626001.1A CN109451096B (en) 2018-12-28 2018-12-28 IP distribution method, device and IP authentication method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811626001.1A CN109451096B (en) 2018-12-28 2018-12-28 IP distribution method, device and IP authentication method, device and system

Publications (2)

Publication Number Publication Date
CN109451096A true CN109451096A (en) 2019-03-08
CN109451096B CN109451096B (en) 2021-11-23

Family

ID=65539715

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811626001.1A Active CN109451096B (en) 2018-12-28 2018-12-28 IP distribution method, device and IP authentication method, device and system

Country Status (1)

Country Link
CN (1) CN109451096B (en)

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1777322A (en) * 2004-11-15 2006-05-24 华为技术有限公司 Method for treating user of updating IP address at network side
CN101212356A (en) * 2006-12-31 2008-07-02 华为技术有限公司 Session border controller, home user server, communication system and listening method
CN101647247A (en) * 2005-11-04 2010-02-10 布罗迪索夫特M6有限责任公司 Emergency services directory number registration assistance for the user who uses portable network agreement (IP) communication equipment
US20110096788A1 (en) * 2009-10-28 2011-04-28 Verizon Patent And Licensing, Inc. Session border control migration
CN102546568A (en) * 2010-12-31 2012-07-04 华为技术有限公司 Method and device for Internet protocol (IP) terminal being accessed into network
CN102958046A (en) * 2011-08-22 2013-03-06 中兴通讯股份有限公司 Method and system for controlling mobile terminal access services and DRA (diameter routing agent)
CN103888415A (en) * 2012-12-20 2014-06-25 中国移动通信集团公司 IMS subscriber nomadism control method and device
CN104066109A (en) * 2014-06-30 2014-09-24 中国联合网络通信集团有限公司 Method, device and system for registration management of IMS network
CN104519012A (en) * 2013-09-27 2015-04-15 上海信擎信息技术有限公司 SIP-protocol-based method and system for detecting communication network attack
CN105376340A (en) * 2014-09-02 2016-03-02 中国电信股份有限公司 Method of distributing IP addresses in differentiation mode and system thereof

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1777322A (en) * 2004-11-15 2006-05-24 华为技术有限公司 Method for treating user of updating IP address at network side
CN101647247A (en) * 2005-11-04 2010-02-10 布罗迪索夫特M6有限责任公司 Emergency services directory number registration assistance for the user who uses portable network agreement (IP) communication equipment
CN101212356A (en) * 2006-12-31 2008-07-02 华为技术有限公司 Session border controller, home user server, communication system and listening method
US20110096788A1 (en) * 2009-10-28 2011-04-28 Verizon Patent And Licensing, Inc. Session border control migration
CN102546568A (en) * 2010-12-31 2012-07-04 华为技术有限公司 Method and device for Internet protocol (IP) terminal being accessed into network
CN102958046A (en) * 2011-08-22 2013-03-06 中兴通讯股份有限公司 Method and system for controlling mobile terminal access services and DRA (diameter routing agent)
CN103888415A (en) * 2012-12-20 2014-06-25 中国移动通信集团公司 IMS subscriber nomadism control method and device
CN104519012A (en) * 2013-09-27 2015-04-15 上海信擎信息技术有限公司 SIP-protocol-based method and system for detecting communication network attack
CN104066109A (en) * 2014-06-30 2014-09-24 中国联合网络通信集团有限公司 Method, device and system for registration management of IMS network
CN105376340A (en) * 2014-09-02 2016-03-02 中国电信股份有限公司 Method of distributing IP addresses in differentiation mode and system thereof

Also Published As

Publication number Publication date
CN109451096B (en) 2021-11-23

Similar Documents

Publication Publication Date Title
CN107819829B (en) Method and system for accessing block chain, block chain node point equipment and user terminal
CN105812479B (en) Request method and device and acquisition method and device for use permission
US20150156027A1 (en) Device and method for controlling charging in a mobile communication system
US20070067470A1 (en) Initial filter criteria (IFC) database with class of service (COS)
JP2004007690A (en) Method and apparatus for checking authentication of first communication component in communication network
WO2007098490A2 (en) Automated account mapping in a wireless subscriber billing system
CN105900470A (en) User account-based access to real-time communications
CN112188493A (en) Authentication method, system and related equipment
US8213411B2 (en) Charging database with class of service (COS)
CN112672357A (en) Method and device for processing user account in business system and computer equipment
CN107613091A (en) A kind of method and terminal for establishing communication
JP2022525551A (en) Preventing erroneous transmission of copies of data records to distributed ledger systems
CN111259084A (en) Management method, device, equipment and storage medium for accounting node of alliance chain
WO2020008384A1 (en) Provision and recovery of network usage advances
CA3002274A1 (en) Telecommunication parameter change notification system and method
JP2003060714A (en) Method for providing customized service
US20100161710A1 (en) Application services at a terminal
CN109451096A (en) IP distribution method, device and IP method for authenticating, device, system
CN105812596B (en) Caller ID display method, relevant apparatus and system in a kind of IMS network
EP3151529A1 (en) System and method for voice call setup
CN105704237B (en) A kind of charge processing method and relevant device, server
KR20150118672A (en) Method and Apparatus for Processing Payment Based on Mobile
CN111831566A (en) Test method, test device, electronic equipment and computer readable storage medium
CN1742478A (en) Interception of groups of subscribers
CN109995540B (en) Charging method, system, equipment and medium for event value-added service

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant