CN113055835B - Vehicle-mounted application traffic processing method, device and system - Google Patents
Vehicle-mounted application traffic processing method, device and system Download PDFInfo
- Publication number
- CN113055835B CN113055835B CN201911254688.5A CN201911254688A CN113055835B CN 113055835 B CN113055835 B CN 113055835B CN 201911254688 A CN201911254688 A CN 201911254688A CN 113055835 B CN113055835 B CN 113055835B
- Authority
- CN
- China
- Prior art keywords
- internet
- application
- server
- vehicle
- lns
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/24—Accounting or billing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/30—Services specially adapted for particular environments, situations or purposes
- H04W4/40—Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
- H04W4/48—Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for in-vehicle communication
Abstract
The invention discloses a vehicle-mounted application traffic processing method, device and system, and relates to the field of Internet of things. The method comprises the following steps: the method comprises the steps that a PGW receives a request for accessing internet application sent by a vehicle-mounted terminal, wherein the request comprises a user name and a password of an internet of things card of the vehicle-mounted terminal; the PGW sends the user name to an access AAA server; the access AAA server sends the IP address and the tunnel password of the corresponding LNS to the PGW according to the user name; the PGW establishes tunnel connection with the corresponding LNS according to the IP address and the tunnel password of the LNS; the LNS receives the user name and the password sent by the PGW and sends the user name and the password to the VPDN AAA server for authentication; if receiving an authentication success message sent by a VPDN AAA server, the LNS sends a data packet for accessing Internet application to a flow controller; and the flow controller executes the flow control strategy aiming at the data packet, which is issued by the strategy server. The control method and the control device can realize control of the vehicle-mounted application flow with fluidity.
Description
Technical Field
The disclosure relates to the field of internet of things, in particular to a vehicle-mounted application traffic processing method, device and system.
Background
The vehicle application service provider provides a variety of application traffic packages, including music traffic packages, video traffic packages, and the like. Different price of the application package are different, after the total amount of the application package is used, the car owner is prohibited from using the application, and meanwhile, the car owner can collect the fee for the content provider by counting the use of different application flow by the car owner.
In the related technology, based on the 4G mobile network intelligent pipeline scheme, the early deployment period is long, the existing Internet of things private network needs to be jointly adjusted, the function is not started in the existing Internet of things private network, and the method is not suitable for government and enterprise customers to quickly develop business requirements. The flow control device is arranged at the outlet of the campus network, so that the flow management function can be quickly realized, but the flow management device does not realize control on an individual with strong mobility, such as a vehicle, and has great difference in flow control real-time requirements and control objects. And the mode of utilizing the vehicle-mounted terminal to realize the flow management and control has high development requirements on the vehicle-mounted equipment, and the control power of an operator is weak.
Disclosure of Invention
The technical problem to be solved by the present disclosure is to provide a method, an apparatus and a system for processing vehicular application traffic, which can implement control of vehicular application traffic with fluidity.
According to one aspect of the disclosure, a method for processing vehicular application traffic is provided, which includes: the method comprises the steps that a public data network gateway PGW receives a request for accessing internet application sent by a vehicle-mounted terminal, wherein the request comprises a user name and a password of an internet of things card of the vehicle-mounted terminal; the PGW sends the user name to an access authentication, authorization and accounting AAA server; the access AAA server sends the IP address and the tunnel password of the corresponding second layer tunnel protocol network server LNS to the PGW according to the user name; the PGW establishes tunnel connection with the corresponding LNS according to the IP address and the tunnel password of the LNS; the LNS receives the user name and the password sent by the PGW and sends the user name and the password to a Virtual Private Dialing Network (VPDN) AAA server for authentication; if receiving an authentication success message sent by a VPDN AAA server, the LNS sends a data packet for accessing Internet application to a flow controller; and the flow controller executes the flow control strategy aiming at the data packet and transmitted by the strategy server.
In some embodiments, the policy server sets a corresponding relationship between the internet of things card and the IP address to the VPDN AAA server; when the VPDN AAA server sends an authentication success message to the LNS, the IP address corresponding to the Internet of things card is sent to the LNS; the LNS sends a data packet carrying an IP address corresponding to the Internet of things card to the flow controller; and the flow controller controls the data packet according to the IP address carried by the data packet.
In some embodiments, the acquisition server acquires a ticket containing application information of the internet of things through the flow controller, and counts flow information of each application of the internet of things; and the collecting server sends the counted flow information of each application of the Internet of things card to the policy server so that the policy server generates a flow control policy for the data packet.
In some embodiments, the policy server generating the flow control policy for accessing the internet application comprises: and the policy server determines whether the data packet needs to be intercepted or not or controls the sending speed of the data packet according to the flow information of each application of the Internet of things card sent by the acquisition server.
In some embodiments, the policy server generates a flow control policy for the data packet based on the stored application blacklist and application whitelist.
In some embodiments, the VPDN registration server receives a request for registering the Internet of things card sent by the vehicle-mounted terminal, and allocates an IP address for the Internet of things card; the policy server stores the corresponding relation between the Internet of things card and the IP address, and the flow controller stores the IP address.
According to another aspect of the present disclosure, a vehicle-mounted application traffic processing apparatus is further provided, including: the public data network gateway PGW is configured to receive a request for accessing the Internet application, which is sent by a vehicle-mounted terminal, wherein the request comprises a user name and a password of an Internet of things card of the vehicle-mounted terminal, the user name is sent to an access authentication, authorization and accounting AAA server, and tunnel connection is established with a corresponding LNS according to an IP address and a tunnel password of a second layer tunnel protocol network server LNS returned by the access AAA server; the access AAA server is configured to send the IP address and the tunnel password of the corresponding LNS to the PGW according to the user name; the system comprises an LNS (network communications system) and a flow controller, wherein the LNS is configured to receive a user name and a password sent by a PGW (packet gateway), send the user name and the password to a VPDN (virtual private dial-up network) AAA (authentication server) for authentication, and send a data packet for accessing Internet application to the flow controller if an authentication success message sent by the VPDN AAA server is received; the VPDN AAA server is configured to authenticate the Internet of things card; the flow controller is configured to execute a flow control strategy aiming at the data packet and issued by the strategy server; a policy server configured to generate a flow control policy for the data packet.
In some embodiments, the collection server is configured to collect a ticket containing application information of the internet of things through the flow controller, count traffic information of each application of the internet of things, and send the counted traffic information of each application of the internet of things to the policy server, so that the policy server generates a flow control policy for the data packet.
According to another aspect of the present disclosure, a vehicle-mounted application traffic processing apparatus is also provided, including: a memory; and a processor coupled to the memory, the processor configured to perform the in-vehicle application traffic processing method as described above based on instructions stored in the memory.
According to another aspect of the present disclosure, a vehicular application traffic processing system is also provided, including: the vehicle-mounted application flow processing device; and the vehicle-mounted terminal is configured to access the Internet application through the Internet of things card.
According to another aspect of the present disclosure, a computer-readable storage medium is further provided, on which computer program instructions are stored, and the instructions, when executed by a processor, implement the above-mentioned vehicle application traffic processing method.
Compared with the prior art, in the embodiment of the disclosure, the vehicle-mounted terminal is accessed to the flow control system in a VPDN manner, the PGW obtains the corresponding LNS by accessing the AAA server, and sends the information of the internet of things card of the vehicle-mounted terminal to the LNS, and then the VPDN AAA server authenticates the internet of things card, and allows the data packet to be sent to the flow controller, and the flow controller can execute the flow control policy for the data packet issued by the policy server, thereby realizing the control of the vehicle-mounted application flow with fluidity.
Other features of the present disclosure and advantages thereof will become apparent from the following detailed description of exemplary embodiments thereof, which proceeds with reference to the accompanying drawings.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the disclosure and together with the description, serve to explain the principles of the disclosure.
The present disclosure may be more clearly understood from the following detailed description, taken with reference to the accompanying drawings, in which:
fig. 1 is a schematic flow diagram of some embodiments of a vehicular application traffic processing method of the present disclosure.
Fig. 2 is a schematic flow chart diagram illustrating another embodiment of a vehicle-mounted application traffic processing method according to the present disclosure.
Fig. 3 is a schematic flow chart diagram illustrating another embodiment of a vehicle-mounted application traffic processing method according to the present disclosure.
Fig. 4 is a schematic structural diagram of some embodiments of an in-vehicle application traffic processing apparatus of the present disclosure.
Fig. 5 is a block diagram of some embodiments of an in-vehicle application traffic handling system of the present disclosure.
Fig. 6 is a schematic structural diagram of another embodiment of the vehicular application flow processing apparatus of the present disclosure.
Fig. 7 is a schematic structural diagram of another embodiment of the vehicular application flow processing apparatus of the present disclosure.
Detailed Description
Various exemplary embodiments of the present disclosure will now be described in detail with reference to the accompanying drawings. It should be noted that: the relative arrangement of the components and steps, the numerical expressions, and numerical values set forth in these embodiments do not limit the scope of the present disclosure unless specifically stated otherwise.
Meanwhile, it should be understood that the sizes of the respective portions shown in the drawings are not drawn in an actual proportional relationship for the convenience of description.
The following description of at least one exemplary embodiment is merely illustrative in nature and is in no way intended to limit the disclosure, its application, or uses.
Techniques, methods, and apparatus known to those of ordinary skill in the relevant art may not be discussed in detail but are intended to be part of the specification where appropriate.
In all examples shown and discussed herein, any particular value should be construed as merely illustrative, and not limiting. Thus, other examples of the exemplary embodiments may have different values.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, further discussion thereof is not required in subsequent figures.
For the purpose of promoting a better understanding of the objects, aspects and advantages of the present disclosure, reference is made to the following detailed description taken in conjunction with the accompanying drawings.
Fig. 1 is a schematic flow diagram of some embodiments of a vehicular application traffic processing method of the present disclosure.
In step 110, a pgw (Public Data Network GateWay) receives a request for accessing an internet application sent by a vehicle-mounted terminal, where the request includes a user name and a password of an internet card of the vehicle-mounted terminal.
In step 120, the pgw sends the username to the access (Authentication, authorization, accounting) AAA server.
In step 130, the access AAA Server sends the IP address and the tunnel password of the corresponding LNS (L2 TP Network Server, second layer tunneling protocol Network Server) to the PGW according to the user name.
In some embodiments, the PGW sends the user name of the internet of things card of the vehicle-mounted terminal to the access AAA server, and the access AAA server searches for the corresponding IP address of the LNS according to the user domain name. For example, when a vehicle runs to beijing and a user wants to access an application, the PGW needs to acquire an LNS corresponding to the guangdong area.
In step 140, the pgw establishes a tunnel connection with the corresponding LNS according to the IP address and the tunnel password of the LNS. For example, the PGW establishes a tunnel connection with the LNS over the data network.
In step 150, the lns receives the user name and password sent by the PGW, and sends the user name and password to a VPDN (Virtual Private Dial Network) AAA server for authentication.
For example, the LNS receives an account and a password forwarded by the PGW, and sends the relevant information to the VPDN AAA server, and the VPDN AAA server is responsible for verifying a user access account number and controlling access of a valid user.
In step 160, if receiving the authentication success message sent by the VPDN AAA server, the lns sends a data packet for accessing the internet application to the traffic controller. I.e. only successfully authenticated packets are allowed to be forwarded to the traffic controller.
In step 170, the traffic controller executes the traffic control policy for the data packet sent by the policy server. For example, packet interception, packet transmission speed control, and the like.
In the above embodiment, the vehicle-mounted terminal is accessed to the flow control system in a VPDN manner, the PGW obtains the corresponding LNS by accessing the AAA server, and sends the information of the internet of things card of the vehicle-mounted terminal to the LNS, and then the VPDN AAA server authenticates the internet of things card, and then allows the data packet to be sent to the flow controller, and the flow controller can execute the flow control policy for the data packet issued by the policy server, thereby implementing control of the vehicle-mounted application flow with mobility.
Fig. 2 is a schematic flow chart diagram illustrating another embodiment of a vehicle-mounted application traffic processing method according to the present disclosure.
In step 210, the vpdn registration server receives a request for registering an internet of things card sent by the vehicle-mounted terminal. The registration request may also include a SIM card number, a 3G IMSI (International Mobile Subscriber Identity), a 4G IMSI, and the like.
In step 220, the vpdn registration server allocates a fixed IP address to the internet of things card, the policy server stores the corresponding relationship between the internet of things card and the IP address, and the flow controller stores the IP address.
In step 230, the policy server sets a mapping relationship between the internet of things card and the corresponding IP address to the VPDN AAA server.
In step 240, the pgw receives a request for accessing the internet application sent by the vehicle-mounted terminal, where the request includes a user name and a password of an internet access card of the vehicle-mounted terminal. And when the vehicle-mounted terminal accesses the Internet application, the vehicle-mounted terminal interacts with the PGW.
In step 250, the pgw sends the username and password to the access AAA server.
In step 260, the access AAA server returns the corresponding IP address of the LNS and the tunnel key to the PGW according to the user domain name. The user name is, for example, @, where the former of @ indicates the user account, and the former of @ indicates the user domain name.
In step 270, the pgw establishes a tunnel connection with the LNS over the data network.
In step 280, the lns receives the user account and password forwarded by the PGW and sends the relevant information to the VPDN AAA server.
In step 290, the vpdn AAA server verifies the user account, and if the user account passes the verification, the vpdn AAA server sends a verification success response to the LNS and sends the IP address corresponding to the internet of things card to the LNS.
In step 2100, the lns sends a packet to the traffic controller that carries the IP address corresponding to the internet of things card.
In step 2110, the acquisition server acquires a ticket containing application information of the internet of things through the flow controller, and counts the flow information of each application of the internet of things.
In step 2120, the collecting server sends the counted traffic information of each application of the internet of things card to the policy server.
In step 2130, the policy server determines whether to intercept a data packet or control the sending speed of the data packet according to the traffic information of each application of the internet of things card. Namely, whether to issue a network breaking strategy or a speed reduction strategy is determined.
For example, if the vehicle-mounted terminal wants to access a certain internet application but the traffic package for the application is exhausted, the policy server issues a network disconnection policy. And if the flow used by the application reaches the speed reduction flow threshold value, the strategy server issues a speed reduction strategy.
In step 2140, the policy server issues the generated flow control policy to the flow controller via the acquisition server.
In step 2150, the traffic controller controls the packet according to the IP address carried by the packet.
In the embodiment, the vehicle application flow aggregation is realized by an internet-based VPDN technology, the mapping and the secondary authentication of the IP address and the Internet of things card number are completed in the VPDN AAA server, and the processing of the application flow detail list is realized by the external server, so that the vehicle-mounted application service provider realizes the flow management and control required by service operation, and the complex operation requirement of the vehicle-mounted application flow content can be met.
In some embodiments, the policy server generates a flow control policy for accessing internet applications according to the stored application blacklist and application whitelist, and then the policy server sends the flow control policy to the flow controller, and the flow controller controls the data packet according to the IP address carried by the data packet.
Fig. 3 is a schematic flow chart diagram illustrating another embodiment of a vehicle-mounted application traffic processing method according to the present disclosure. In this embodiment, the steps 310 to 3120 correspond to the steps 210 to 2120, and the embodiment further includes the following steps:
in step 3130, the policy server determines whether the internet application accessed by the vehicle terminal belongs to an application blacklist, if so, then step 3140 is performed, otherwise, then step 3150 is performed.
At step 3140, the policy server sends a network outage policy to the traffic controller via the collection server.
In step 3150, the policy server determines whether a network disconnection policy or a speed reduction policy needs to be issued according to the traffic information of each application of the internet of things card, if so, step 3160 is executed, otherwise, step 3170 is executed.
In step 3160, the policy server sends a network outage policy or a speed reduction policy to the traffic controller via the collection server.
At step 3170, the policy server sends policies that allow normal access to the internet application to the traffic controller through the acquisition server.
In step 3180, the traffic controller controls the packet according to the IP address carried by the packet.
In the above embodiment, by setting the black and white list of the application, the security filtering of the application access can be realized, and in addition, by counting the used traffic of the application, the traffic can be managed and controlled.
Fig. 4 is a schematic structural diagram of some embodiments of an in-vehicle application traffic processing apparatus of the present disclosure. The apparatus includes PGW 410, access AAA server 420, LNS 430, VPDN AAA server 440, policy server 450, and flow controller 460.
The PGW 410 is configured to receive a request for accessing an internet application sent by a vehicle-mounted terminal, where the request includes a user name and a password of an internet of things card of the vehicle-mounted terminal, send the user name to the access AAA server 420, and establish a tunnel connection with a corresponding LNS 430 according to an IP address and a tunnel password of the LNS 430 returned by the access AAA server 420.
For example, when a vehicle runs to beijing and a user wants to access an application, the PGW needs to acquire the LNS corresponding to the guangdong area.
The access AAA server 420 is configured to send the IP address and tunnel password of the corresponding LNS to the PGW according to the user name.
The VPDN AAA server 440 is configured to authenticate the internet of things card.
In some embodiments, policy server 450 is further configured to set a correspondence between the internet of things card and the IP address to VPDN AAA server 440; when the VPDN AAA server 440 sends an authentication success message to the LNS 430, the IP address corresponding to the Internet of things card is sent to the LNS 430; LNS 430 sends a data packet carrying the IP address corresponding to the internet of things card to traffic controller 460.
In some embodiments, the apparatus further includes an acquisition server 470, configured to acquire a ticket containing the application information of the internet of things card through the flow controller, and count the traffic information of each application of the internet of things card, and send the counted traffic information of each application of the internet of things card to the policy server, so that the policy server generates the flow control policy for the data packet.
In some embodiments, the policy server 450 is further configured to determine whether to intercept a data packet or control a sending speed of the data packet according to the flow information of each application of the internet of things card, and send the generated flow control policy to the flow controller through the acquisition server.
In still other embodiments, policy server 450 is further configured to generate a flow control policy for the packet based on the saved application blacklist and application whitelist. For example, it is first determined whether an internet application accessed by the vehicle-mounted terminal belongs to an application blacklist, and if the internet application belongs to the application blacklist, a network disconnection policy is sent to the flow controller 460 through the acquisition server 470; if the internet application does not belong to the application blacklist, judging whether a network disconnection strategy or a speed reduction strategy needs to be issued according to the flow information of each application of the internet of things card, if so, sending the network disconnection strategy or the speed reduction strategy to the flow controller 460 through the acquisition server 470; otherwise, a policy allowing normal access to the internet application is sent to traffic controller 460 through acquisition server 470.
In the embodiment, the vehicle application flow aggregation is realized by an internet-based VPDN technology, the mapping and the secondary authentication of the IP address and the Internet of things card number are completed in the VPDN AAA server, and the processing of the application flow detail list is realized by the external server, so that the vehicle-mounted application service provider can realize the flow management and control and the safety filtering required by the service operation, and the rapid deployment is facilitated.
Fig. 5 is a block diagram of some embodiments of an in-vehicle application traffic handling system of the present disclosure. The system comprises the vehicle-mounted application flow processing device 510 and the vehicle-mounted terminal 520 in the embodiment. And the vehicle-mounted terminal 520 is configured to access the internet application through the internet access card, wherein when the internet application is accessed, the vehicle-mounted terminal interacts with the PGW 410 and sends a request for accessing the internet application to the PGW 410, wherein the request comprises a user name and a password of the internet access card of the vehicle-mounted terminal. The vehicle-mounted terminal 520 interacts with the PGW through a wireless access network, which includes a Serving GateWay (SGW).
In some embodiments, the vehicle-mounted terminal 520 needs to register the internet of things card in the VPDN intranet in advance, for example, a request for registering the internet of things card is sent to the VPDN registration server, and the VPDN registration server allocates a fixed IP address for the internet of things card.
Fig. 6 is a schematic structural diagram of another embodiment of the vehicle-mounted application flow processing device according to the present disclosure. The apparatus comprises a memory 610 and a processor 620, wherein: memory 610 may be a magnetic disk, flash memory, or any other non-volatile storage medium. The memory is used to store instructions in the embodiments corresponding to fig. 1-3. Processor 620 is coupled to memory 610 and may be implemented as one or more integrated circuits, such as a microprocessor or microcontroller. The processor 620 is configured to execute instructions stored in the memory.
In some embodiments, as also shown in fig. 7, the apparatus 700 includes a memory 710 and a processor 720. Processor 720 is coupled to memory 710 by BUS 730. The apparatus 700 may be further connected to an external storage device 750 through a storage interface 740 for retrieving external data, and may be further connected to a network or another computer system (not shown) through a network interface 760, which will not be described in detail herein.
In this embodiment, the data instructions are stored in the memory, and the instructions are processed by the processor, so that the vehicle-mounted application flow with fluidity can be controlled.
In other embodiments, a computer-readable storage medium has stored thereon computer program instructions which, when executed by a processor, implement the steps of the method in the embodiments corresponding to fig. 1-3. As will be appreciated by one of skill in the art, embodiments of the present disclosure may be provided as a method, apparatus, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable non-transitory storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the disclosure. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Thus far, the present disclosure has been described in detail. Some details well known in the art have not been described in order to avoid obscuring the concepts of the present disclosure. It will be fully apparent to those skilled in the art from the foregoing description how to practice the presently disclosed embodiments.
Although some specific embodiments of the present disclosure have been described in detail by way of example, it should be understood by those skilled in the art that the foregoing examples are for purposes of illustration only and are not intended to limit the scope of the present disclosure. It will be appreciated by those skilled in the art that modifications can be made to the above embodiments without departing from the scope and spirit of the present disclosure. The scope of the present disclosure is defined by the appended claims.
Claims (7)
1. A vehicle-mounted application traffic processing method comprises the following steps:
the strategy server sets the corresponding relation between the Internet of things card and the IP address to a virtual private dialing network authentication, authorization and accounting VPDN AAA server;
the method comprises the steps that a public data network gateway PGW receives a request for accessing internet application sent by a vehicle-mounted terminal, wherein the request comprises a user name and a password of an internet of things card of the vehicle-mounted terminal;
the PGW sends the user name to an access AAA server;
the access AAA server sends the IP address and the tunnel password of the corresponding second layer tunnel protocol network server LNS to the PGW according to the user name;
the PGW establishes tunnel connection with the corresponding LNS according to the IP address and the tunnel password of the LNS;
the LNS receives the user name and the password sent by the PGW and sends the user name and the password to a VPDN AAA server for authentication;
when the VPDN AAA server sends an authentication success message to the LNS, the IP address corresponding to the Internet of things card is sent to the LNS;
if the LNS receives the authentication success message sent by the VPDN AAA server, the LNS sends a data packet carrying the IP address corresponding to the Internet of things card and accessing the Internet application to a flow controller;
the acquisition server acquires a ticket containing application information of the Internet of things card through the flow controller, and counts the flow information of each application of the Internet of things card;
the policy server generates a flow control policy for the data packet according to the traffic information of each application of the internet of things card counted by the acquisition server, and the stored application blacklist and application whitelist;
and the flow controller executes a flow control strategy aiming at the data packet and issued by a strategy server according to the IP address carried by the data packet.
2. The in-vehicle application traffic processing method of claim 1, wherein the policy server generating the traffic control policy for accessing the internet application comprises:
and the strategy server determines whether the data packet needs to be intercepted or not or controls the sending speed of the data packet according to the flow information of each application of the Internet of things card sent by the acquisition server.
3. The vehicular application traffic processing method according to claim 1 or 2, further comprising:
the VPDN registration server receives a request for registering the Internet of things card sent by the vehicle-mounted terminal and allocates an IP address for the Internet of things card;
the policy server stores the corresponding relation between the Internet of things card and the IP address, and the flow controller stores the IP address.
4. An in-vehicle application traffic processing apparatus comprising:
the public data network gateway PGW is configured to receive a request for accessing the Internet application, which is sent by a vehicle-mounted terminal, wherein the request comprises a user name and a password of an Internet of things card of the vehicle-mounted terminal, the user name is sent to an access authentication, authorization and accounting AAA server, and tunnel connection is established with a corresponding LNS according to an IP address and a tunnel password of a second layer tunnel protocol network server LNS returned by the access AAA server;
the access AAA server is configured to send the IP address and the tunnel password of the corresponding LNS to the PGW according to the user name;
the LNS is configured to receive the user name and the password sent by the PGW, send the user name and the password to a virtual private dial-up network (VPDN) AAA server for authentication, and send a data packet carrying an IP address corresponding to the Internet of things card and accessing the Internet application to a flow controller if an authentication success message sent by the VPDN AAA server is received;
the VPDN AAA server is configured to authenticate the Internet of things card and send an IP address corresponding to the Internet of things card to the LNS when an authentication success message is sent to the LNS;
the flow controller is configured to execute a flow control strategy aiming at the data packet and issued by a strategy server according to the IP address carried by the data packet;
the acquisition server is configured to acquire a ticket containing application information of the Internet of things card through the flow controller and count the flow information of each application of the Internet of things card;
and the policy server is configured to set a corresponding relation between an Internet of things card and an IP address to the VPDN AAA server, and generate a flow control policy for the data packet according to the flow information of each application of the Internet of things card counted by the acquisition server, and the stored application blacklist and application whitelist.
5. An in-vehicle application traffic processing apparatus comprising:
a memory; and
a processor coupled to the memory, the processor configured to perform the in-vehicle application traffic processing method of any of claims 1 to 3 based on instructions stored in the memory.
6. An in-vehicle application traffic processing system, comprising:
the on-board application traffic processing device of claim 4 or 5; and
and the vehicle-mounted terminal is configured to access the Internet application through the Internet of things card.
7. A computer readable storage medium having stored thereon computer program instructions which, when executed by a processor, implement the in-vehicle application traffic processing method of any of claims 1 to 3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911254688.5A CN113055835B (en) | 2019-12-10 | 2019-12-10 | Vehicle-mounted application traffic processing method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911254688.5A CN113055835B (en) | 2019-12-10 | 2019-12-10 | Vehicle-mounted application traffic processing method, device and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113055835A CN113055835A (en) | 2021-06-29 |
| CN113055835B true CN113055835B (en) | 2022-11-08 |
Family
ID=76505097
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911254688.5A Active CN113055835B (en) | 2019-12-10 | 2019-12-10 | Vehicle-mounted application traffic processing method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113055835B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114301772A (en) * | 2021-12-28 | 2022-04-08 | 中国电信股份有限公司 | Flow control method and device, electronic equipment and readable medium |
| CN114500395B (en) * | 2021-12-29 | 2023-10-31 | 联通智网科技股份有限公司 | Flow control method, device and equipment |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018103665A1 (en) * | 2016-12-08 | 2018-06-14 | 华为技术有限公司 | L2tp-based device management method, apparatus and system |
| CN109450657A (en) * | 2019-01-15 | 2019-03-08 | 深圳联想懂的通信有限公司 | A kind of Intelligent internet of things communications service system and method |
| CN109831752A (en) * | 2019-04-03 | 2019-05-31 | 深圳联想懂的通信有限公司 | A kind of communication flow rate control method and system |
| CN109981373A (en) * | 2019-04-03 | 2019-07-05 | 深圳联想懂的通信有限公司 | A kind of communication flux accounting method and system |
| CN110475291A (en) * | 2019-08-22 | 2019-11-19 | 惠州市新一代工业互联网创新研究院 | Application traffic control, safe Check System and method based on the 5G communication technology |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017124308A1 (en) * | 2016-01-19 | 2017-07-27 | 华为技术有限公司 | Method and device for allocating ip address |
| CN105516955A (en) * | 2016-02-25 | 2016-04-20 | 北京首信科技股份有限公司 | Self-help payment method of defaulting subscriber in Telecom 4G (fourth generation) mobile network |
-
2019
- 2019-12-10 CN CN201911254688.5A patent/CN113055835B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018103665A1 (en) * | 2016-12-08 | 2018-06-14 | 华为技术有限公司 | L2tp-based device management method, apparatus and system |
| CN109450657A (en) * | 2019-01-15 | 2019-03-08 | 深圳联想懂的通信有限公司 | A kind of Intelligent internet of things communications service system and method |
| CN109831752A (en) * | 2019-04-03 | 2019-05-31 | 深圳联想懂的通信有限公司 | A kind of communication flow rate control method and system |
| CN109981373A (en) * | 2019-04-03 | 2019-07-05 | 深圳联想懂的通信有限公司 | A kind of communication flux accounting method and system |
| CN110475291A (en) * | 2019-08-22 | 2019-11-19 | 惠州市新一代工业互联网创新研究院 | Application traffic control, safe Check System and method based on the 5G communication technology |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113055835A (en) | 2021-06-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101557406B (en) | User terminal authentication method, device and system thereof | |
| US10292039B2 (en) | Systems and methods for enhanced mobile data roaming and connectivity | |
| CN101150594B (en) | Integrated access method and system for mobile cellular network and WLAN | |
| CN101309272B (en) | Authentication server and mobile communication terminal access controlling method of virtual private network | |
| CN108476223B (en) | Method and apparatus for SIM-based authentication of non-SIM devices | |
| CN107786548A (en) | Charging management method and device, server and computer-readable recording medium | |
| CN101990211B (en) | Method for network access, device and system | |
| WO2014121708A2 (en) | Message certification application method, device, and system | |
| CN113055835B (en) | Vehicle-mounted application traffic processing method, device and system | |
| CN111935200B (en) | Vehicle control method and related equipment | |
| CN109561429B (en) | Authentication method and device | |
| WO2009115029A1 (en) | Method, system and apparatus for data remediation | |
| CN101711031A (en) | Portal authenticating method during local forwarding and access controller (AC) | |
| EP1976179A1 (en) | A method for wireless access to the internet for the pre-paid customer | |
| CN103517249A (en) | Method, device and system of strategy control | |
| CN107872445A (en) | Access authentication method, equipment and Verification System | |
| CN107295510B (en) | Method, equipment and system for realizing access control of home base station based on OCSP (online charging protocol) | |
| CN101697550A (en) | Method and system for controlling access authority of double-protocol-stack network | |
| CN104168564B (en) | Authentication method and device based on GPRS network and integrated identification network | |
| EP3518491A1 (en) | Registering or authenticating user equipment to a visited public land mobile network | |
| WO2016078090A1 (en) | Charging control device, method and system | |
| US20220134898A1 (en) | Method and arrangement for protecting a charging station against improper use | |
| CN111226452B (en) | Business strategy creating method and device | |
| CN116017454A (en) | Authentication method, device, equipment and storage medium based on service access | |
| WO2008025210A1 (en) | A method and apparatus for authenticating the user terminal in the cdma system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |