CN114915430A

CN114915430A - Method, device, communication equipment and storage medium for realizing dynamic capability opening

Info

Publication number: CN114915430A
Application number: CN202110117526.8A
Authority: CN
Inventors: 刘昱; 尼凌飞; 刘景磊
Original assignee: China Mobile Communications Group Co Ltd; China Mobile Communications Ltd Research Institute
Current assignee: China Mobile Communications Group Co Ltd; China Mobile Communications Ltd Research Institute
Priority date: 2021-01-28
Filing date: 2021-01-28
Publication date: 2022-08-16

Abstract

The invention discloses a method, a device, communication equipment and a storage medium for realizing dynamic capability opening, and belongs to the field of communication. The method comprises the following steps: receiving capability discovery information sent by a registered capability caller; determining capability release information matched with the capability discovery information, wherein the capability release information is released on each level of capability platform by enabling the capability release information to transfer information from the corresponding capability network element to the level-by-level capability platform; and returning the determined capability release information to the capability caller, so that the capability caller calls the capability network element determined according to the capability release information. The invention can issue the capability through the step-by-step transmission of the information between the capability platforms, can meet the requirement of shielding the directly issued information of the capability network element, and provides effective management for ensuring the capability operation safety of the network capability opening, the independent operation and the unified charging of the network capability opening, and the like.

Description

Method, device, communication equipment and storage medium for realizing dynamic capability opening

Technical Field

The invention belongs to the field of communication, and particularly relates to a method for realizing dynamic capacity openness, a device for realizing dynamic capacity openness, communication equipment and a computer readable storage medium.

Background

The existing dynamic capability management system mainly comprises a common API framework Core Function (CAPIF Core Function, CCF for short) module and an API Provider (API Provider Domain). The CCF module is used for authentication, capability Management, and capability discovery, and the API Provider Domain includes an API capability providing module (API Exposing Function, abbreviated as AEF), an API capability Publishing module (API Publishing Function, abbreviated as APF), and an API capability Management module (API Management Function, abbreviated as AMF) for capability providing, capability Publishing, and capability Management.

The existing dynamic capability management system mainly comprises the processes of capability release, capability discovery, capability calling and the like, wherein the capability release process comprises the following steps: the APF module issues the capacity to the CCF module, and the CCF module is on-line after the CCF module passes the verification; the capacity discovery process comprises the following steps: the API caller discovers the capability of the CC module and obtains API calling information; the capability calling flow is as follows: and the API caller carries API calling information to call the capability of the AEF module, the AEF module authenticates the CCF module, and the capability is provided for the API caller after the authentication is passed.

The existing network capability opening usually adopts a mode of capability provider direct capability release, which can not ensure the security of capability operation and can not meet the requirements of independent operation, unified charging and the like.

Disclosure of Invention

Embodiments of the present invention provide a method for implementing dynamic capability openness, an apparatus for implementing dynamic capability openness, a communication device, and a computer-readable storage medium, so as to solve the problem that network capability openness cannot guarantee security of capability operation and cannot meet independent operation and unified charging requirements.

In order to solve the technical problem, the invention is realized as follows:

in a first aspect, an embodiment of the present invention provides a method for implementing dynamic capability opening, where the method is applied to any one of at least two stages of capability platforms, and the method includes:

receiving capability discovery information sent by a registered capability caller;

determining capability release information matched with the capability discovery information, wherein the capability release information is released on each level of capability platform by enabling the capability release information to transfer information from the corresponding capability network element to the level-by-level capability platform;

and returning the determined capability release information to the capability caller, so that the capability caller can call the capability to the capability network element determined according to the capability release information.

In a second aspect, an embodiment of the present invention provides a method for implementing dynamic capability opening, where the method is applied to a capability network element, and the method includes:

receiving capability calling information sent by a capability caller according to capability release information, wherein the capability release information is released on each level of capability platform by enabling the capability release information to transfer information from a corresponding capability network element to the level-by-level capability platform;

determining a capability platform for authentication according to the configured authentication strategy, and sending authentication information to the determined capability platform;

and receiving an authentication result returned by the capability platform, and determining whether to provide capability for the capability caller according to the authentication result.

In a third aspect, an embodiment of the present invention provides an apparatus for implementing dynamic capability openness, where the apparatus is applied to any one of at least two stages of capability platforms, and the apparatus includes:

the ability discovery module is used for receiving the ability discovery information sent by the registered ability caller; determining capability release information matched with the capability discovery information, wherein the capability release information is released on each level of capability platform by enabling the capability release information to transfer information from the corresponding capability network element to the level-by-level capability platform; and returning the determined capability release information to the capability caller, so that the capability caller calls the capability network element determined according to the capability release information.

In a fourth aspect, an embodiment of the present invention provides an apparatus for implementing dynamic capability opening, where the apparatus is applied to a capability network element, and the apparatus includes:

the capability providing module is used for receiving capability calling information sent by a capability caller according to capability release information, wherein the capability release information is released on each level of capability platform by enabling the capability release information to transfer information from a corresponding capability network element to the level-by-level capability platform; determining a capability platform for authentication according to the configured authentication strategy, and sending authentication information to the determined capability platform; and receiving an authentication result returned by the capability platform, and determining whether to provide capability for the capability caller according to the authentication result.

In a fifth aspect, an embodiment of the present invention provides a system for implementing dynamic capability openness, where the system includes:

at least two levels of capability platforms, wherein any level of capability platform comprises the apparatus for implementing dynamic capability openness according to the third aspect;

a capability network element comprising the apparatus for implementing dynamic capability openness according to the fourth aspect.

In a sixth aspect, embodiments of the present invention provide a communication device, which includes a processor, a memory, and a program or instructions stored in the memory and executable on the processor, wherein the program or instructions, when executed by the processor, implement the steps of the method according to the first aspect, or implement the steps of the method according to the second aspect.

In a seventh aspect, an embodiment of the present invention provides a computer-readable storage medium, on which a program or instructions are stored, and when the program or instructions are executed by a processor, the program or instructions implement the steps of the method according to the first aspect, and implement the steps of the method according to the second aspect.

In the embodiment of the invention, any one of at least two stages of capability platforms determines capability release information matched with the capability release information by receiving capability release information sent by a registered capability caller, wherein the capability release information is released on each stage of capability platform by transmitting the capability release information from a corresponding capability network element to the upper stage of the capability platform, and the determined capability release information is returned to the capability caller, so that the capability caller can call the capability network element determined according to the capability release information; the capability network element can realize capability release on other capability platforms only by step-by-step information transmission between the capability platforms after the capability network element releases the capability to the capability platform to which the capability network element belongs, so that the requirement of shielding the directly released information of the capability network element can be met, and effective management is provided for ensuring the capability operation safety of network capability opening, independent operation and unified charging of network capability opening and the like.

Drawings

Fig. 1 is a flowchart of a method for implementing dynamic capability openness according to an embodiment of the present invention;

FIG. 2 is a flow diagram of a capability platform performing registration, capability publishing, and policy configuration prior to capability discovery according to an embodiment of the present invention;

FIG. 3 is a flow chart of authentication and ticket reporting performed by the capability platform according to the embodiment of the present invention;

FIG. 4 is a flowchart of another method for implementing dynamic capability opening according to an embodiment of the present invention;

fig. 5 is a flowchart of a capability network element performing registration, capability publishing, and policy configuration before capability discovery according to an embodiment of the present invention;

FIG. 6 is a schematic structural diagram of an apparatus for implementing dynamic capability openness according to an embodiment of the present invention;

fig. 7 is a schematic structural diagram of another apparatus for implementing dynamic capability openness according to an embodiment of the present invention;

FIG. 8 is a schematic structural diagram of a system for implementing dynamic capability openness according to an embodiment of the present invention;

FIG. 9 is a flow diagram of the system capability publisher multi-level registration of FIG. 8;

FIG. 10 is a flow diagram of the system capability platform multi-level registration of FIG. 8;

FIG. 11 is a flow diagram of the system capability multi-level publication flow of FIG. 8;

fig. 12 is a flowchart of the system authentication policy configuration and the ticket reporting policy configuration in fig. 8;

FIG. 13 is a flow diagram of the system capability call in FIG. 8;

fig. 14 is a schematic structural diagram of a communication device according to an embodiment of the present invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

The terms first, second and the like in the description and in the claims, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It will be appreciated that the data so used may be interchanged under appropriate circumstances such that embodiments of the invention may be practiced other than those illustrated or described herein, and that the words "first", "second", etc. do not necessarily distinguish one element from another, but rather denote any number of elements, e.g., a first element may be one or more than one. In addition, "and/or" in the specification and claims means at least one of connected objects, a character "/" generally means that a preceding and succeeding related objects are in an "or" relationship.

The method for implementing dynamic capability openness provided by the embodiment of the present invention is described in detail below with reference to the accompanying drawings through specific embodiments and application scenarios thereof.

Referring to fig. 1, fig. 1 is a flowchart of a method for implementing dynamic capability opening according to an embodiment of the present invention, where the method is applied to any one of at least two levels of capability platforms, as shown in fig. 1, and the method includes the following steps:

step 101, receiving capability discovery information sent by the registered capability caller.

And 102, determining capability release information matched with the capability discovery information, wherein the capability release information is released on each level of capability platform by transmitting the information from the corresponding capability network element to the upper level of the level-by-level capability platform.

And 103, returning the determined capability issuing information to the capability caller, so that the capability caller calls the capability network element determined according to the capability issuing information.

In the embodiment of the invention, any one of at least two stages of capability platforms can receive capability discovery information sent by a registered capability caller, and after receiving the capability discovery information sent by the registered capability caller, the capability platform can match the issued capability discovery information according to the capability discovery information and the issued capability issue information, determine capability issue information matched with the capability discovery information, return the determined capability issue information to the capability caller, so that the capability caller can determine a capability network element for performing capability calling according to the returned capability issue information and perform capability calling to the determined capability network element. The capability publishing information returned by the capability platform may include an API name, an address, a parameter type, a parameter content, and the like, which is not limited in the embodiment of the present invention.

In the embodiment of the invention, the capability release information released by any one of the at least two stages of capability platforms is released at each stage of capability platform by enabling the capability release information to transfer information from the corresponding capability network element to the upper stage of capability platform. Optionally, the capability network element may be registered step by step, and then the capability release information of the capability network element may be released step by step, that is, the capability network element may be registered on each level of capability platform by performing information transfer on the capability network element information used for registration from the capability network element to the step by step capability platform, and then the capability release information released by the user is performed information transfer from the capability network element to the step by step capability platform, so that the capability release is performed on each level of capability platform.

Optionally, the embodiment of the present invention may further implement configuration of the capability platform for the authentication policy of the capability network element through step-by-step registration of the capability platform, that is, information of the capability platform for registration may be transmitted from the capability platform to the step-by-step capability platform until the capability network element arrives, registration of the capability platform is implemented at each level of the capability platform and the capability network element, and then the capability platform directly performs configuration of the authentication policy to the registered capability network element, so that the capability network element determines the capability platform for authentication according to the configured authentication policy.

Optionally, the embodiment of the present invention may further implement configuration of the capability platform for the capability network element ticket reporting policy by step-by-step registration of the capability platform, that is, information can be transmitted from the capability platform to the capability platform step-by-step through the capability platform information used for registration until the capability network element is reached, registration of the capability platform is implemented at each level of the capability platform and the capability network element, then configuration of the ticket reporting policy is directly performed to the registered capability network element through the capability platform, so that the capability network element can determine the capability platform used for ticket reporting according to the configured ticket reporting policy.

In the embodiment of the invention, any one of at least two stages of capability platforms determines capability release information matched with the capability release information by receiving capability release information sent by a registered capability caller, wherein the capability release information is released on each stage of capability platform by transmitting the capability release information from a corresponding capability network element to the upper stage of the capability platform, and the determined capability release information is returned to the capability caller, so that the capability caller can call the capability network element determined according to the capability release information; the capability network element can realize capability release on other capability platforms only by step-by-step information transmission between the capability platforms after capability release to the capability platform to which the capability network element belongs, so that the requirement of shielding the directly released information of the capability network element can be met, and effective management is provided for ensuring the capability operation safety of network capability openness, independent operation and unified charging of the network capability openness and the like.

Referring to fig. 2, fig. 2 is a flowchart of a capability platform performing registration, capability publishing and policy configuration before capability discovery according to an embodiment of the present invention, and as shown in fig. 2, before receiving capability discovery information sent by a registered capability caller, an arbitrary-level capability platform in at least two levels of capability platforms further includes the following steps:

step 201, receiving capability network element information sent by a next-level object, and registering a capability network element determined according to the capability network element information, wherein the next-level object includes one of a subordinate capability network element and a next-level capability platform.

In the embodiment of the invention, the capability network element sends the capability network element information to the capability platform to which the capability network element belongs, the capability platform to which the capability network element belongs is determined as the current capability platform, after the determined current capability platform receives the capability network element information sent by the subordinate capability network element, registering the subordinate capacity network elements according to the capacity network element information, sending the capacity network element information to the previous-stage capacity platform, determining the previous-stage capacity platform as the current capacity platform, after receiving the capacity network element information sent by the next-stage capacity platform, and registering the corresponding capacity network element according to the capacity network element information, sending the capacity network element information to the upper-level capacity platform, determining the upper-level capacity platform as the current capacity platform, and repeatedly executing the registration process until the registration of the capacity network element on all the upper-level capacity platforms including the affiliated capacity platform is completed. The capability network element information may include address information of the capability network element, and the like, which is not limited in this embodiment of the present invention.

Step 202, sending capability platform information to the next-level object, so that the next-level object registers the capability platform determined according to the capability platform information, wherein the capability platform information includes information of any one of the current capability platform and a higher-level capability platform of the current capability platform.

In the embodiment of the invention, any one of at least two stages of capability platforms is determined as the current capability platform, the determined current capability platform sends the information of the current capability platform to the next stage of capability platform, the next stage of capability platform registers the current capability platform according to the information of the current capability platform after receiving the information of the current capability platform sent by the current capability platform, the next stage of capability platform is determined as the current capability platform at the moment, the determined current capability platform sends the information of the previous stage of capability platform to the next stage of capability platform, the next stage of capability platform registers the corresponding capability platform according to the information of the previous stage of capability platform after receiving the information of the previous stage of capability platform sent by the current capability platform, the next stage of capability platform is determined as the current capability platform at the moment, and the registration process is repeatedly executed, until the ability platform to which the ability network element belongs is determined as the current ability platform, the determined current ability platform sends the information of the superior ability platform initially determined as the current ability platform to the subordinate ability network element, the subordinate ability network element registers the corresponding ability platform according to the information of the superior ability platform after receiving the information of the superior ability platform sent by the current ability platform, thereby completing the registration of any one level of the at least two levels of ability platforms, and repeatedly executing the registration process until the registration of all the superior ability platforms including the ability platform to which the ability network element belongs on the ability network element is completed. The information of the capability platform for performing registration may include Identity Information (ID) of the capability platform, address information of the capability platform, user information of the capability platform, and the like, which is not limited in the embodiment of the present invention.

And 203, receiving the capability issue information sent by the next-level object, auditing the capability issue information, and issuing the capability issue information after the auditing is passed.

In the embodiment of the invention, after a capability network element finishes the registration of each level of capability platform and each level of capability platform finishes the registration of a lower level of capability platform and a capability network element respectively, the capability network element sends capability publishing information to the capability platform to which the capability network element belongs, the capability platform to which the capability network element belongs is determined as the current capability platform, the determined current capability platform examines the capability publishing information after receiving the capability publishing information sent by the subordinate capability network element, the capability publishing information is sent to the previous capability platform after the examination is passed, the previous capability platform is determined as the current capability platform, the determined current capability platform examines the capability publishing information after receiving the capability publishing information sent by the next capability platform, and the capability publishing information is published after the examination is passed, and sending the capability publishing information to the upper level capability platform, determining the upper level capability platform as the current capability platform, and repeatedly executing the registration process until the capability publishing information of the capability network element is published on all the upper level capability platforms including the attributive capability platform. The capability network element information may include a capability name or a capability ID, an Application Programming Interface (API) name or an API ID, API call information, an Interface address and information of the capability network element to which the API belongs, and an API document, which is not limited in the embodiment of the present invention.

Step 204, sending authentication policy configuration information to the registered capability network element, so that the capability network element configures an authentication policy according to the authentication policy configuration information.

In the embodiment of the invention, after the capability publishing information of the capability network element is published on each level of capability platform, each level of capability platform respectively sends authentication strategy configuration information to the capability network element which is registered by the capability network element, and the capability network element configures the authentication strategy of the corresponding capability platform according to the authentication strategy configuration information after receiving the authentication strategy configuration information sent by the capability platform which is registered by the capability network element. The configuration of the authentication policy of the corresponding capability platform may include: and configuring a user field, an authentication method, and an on/off state of an authentication behavior of a corresponding capability platform for authentication, which are not limited in the embodiment of the present invention. Wherein, the user field may include at least one of the following user characteristic information: the name of the user, the ID of the user, the number of the user, and the like, which are not limited in the embodiment of the present invention.

Step 205, sending the ticket policy configuration information to the registered capability network element, so that the capability network element configures the ticket reporting policy according to the ticket policy configuration information.

In the embodiment of the invention, after the capability publishing information of the capability network element is published on each level of capability platform and each level of capability platform completes the configuration of the authentication strategy of the registered capability network element, each level of capability platform can also respectively send the ticket strategy configuration information to the capability network element registered by the capability network element, and after the capability network element receives the ticket strategy configuration information sent by the capability platform registered by the capability network element, the capability network element configures the ticket reporting strategy of the corresponding capability platform according to the ticket strategy configuration information. The configuration of the ticket reporting policy of the corresponding capability platform may include: configuring a user field for performing call ticket reporting by a corresponding capability platform, a state of opening or closing call ticket reporting behavior, and the like. Wherein, the user field may include at least one of the following user characteristic information: the name of the user, the ID of the user, the number of the user, and the like, which are not limited in the embodiment of the present invention.

It should be noted that, in the embodiment of the present invention, the lower level capability platform, the upper level capability platform, and the upper level capability platform are all for the current capability platform.

In the embodiment of the invention, the capability can be discovered and called only after the capability network element registers to the capability platform to which the capability network element belongs and registers to other capability platforms through the step-by-step transmission of information among the capability platforms and after the capability platforms register to the capability network element to which the capability belongs and the lower-level capability platform through the transmission of the information among the capability platforms, so that the requirement of directly registering and shielding the capability network element can be met, and effective management is provided for ensuring the capability operation safety of network capability opening, independent operation and unified charging of the network capability opening and the like.

Referring to fig. 3, fig. 3 is a flowchart of performing authentication and ticket reporting by a capability platform according to an embodiment of the present invention, and as shown in fig. 3, any one of at least two stages of capability platforms performs authentication and ticket reporting, including the following steps:

step 301, receiving authentication information sent by the called capability network element according to the configured authentication policy, and performing authentication according to the authentication information to obtain an authentication result.

Step 302, the result of authentication is returned to the capability network element, so that the capability network element determines whether to provide the capability to the capability caller according to the result of authentication.

In the embodiment of the invention, after each level of capability platform completes configuration of authentication strategy of registered capability network element, capability caller can send capability calling information to the determined capability network element after capability discovery to the registered capability platform to determine capability network element for capability calling, wherein the capability calling information can include authentication information and API calling information, etc., after capability network element receives capability calling information sent by capability caller, capability platform for authentication certification can be determined according to authentication information and configured authentication strategy, authentication information is sent to the determined capability platform, after capability platform receives authentication information, authentication certification is carried out according to authentication information, result of authentication certification is returned to capability network element, after capability network element receives result of authentication certification returned by capability platform for authentication certification, whether to perform capability provision to the capability caller may be determined based on the result of the authentication. The result of the authentication may include successful authentication and failed authentication, when the result of the authentication is successful, the capability network element provides the capability to the capability caller, and when the result of the authentication is failed, the capability network element does not provide the capability to the capability caller.

Optionally, the capability platform for the capability caller to perform capability discovery and the capability platform for the capability network element to perform authentication determined according to the configured authentication policy may be the same capability platform or may also be different capability platforms, which is not limited in the embodiment of the present invention. By configuring the authentication strategy in the capability network element, the separation of capability authentication and capability discovery can be realized, namely, the capability discovery and the capability authentication are carried out through different capability platforms.

Optionally, for any one of the at least two levels of capability platforms, the configuring, by the capability network element, the authentication policy according to the authentication policy configuration information may include: and configuring information such as user fields, authentication methods, authentication behavior states and the like for performing authentication and authentication by the current capability platform. The sending, by the called capability network element, the authentication information according to the configured authentication policy may include: matching user fields contained in authentication information sent by a capability caller with user fields for authentication of each configured capability platform; and configuring the user field contained in the authentication information into a capability platform of the user field for authentication and authorization, determining the capability platform as the capability platform for authentication and authorization, and sending the authentication information to the determined capability platform.

Optionally, the capability platform for performing authentication and authentication determined according to the user field matching may be any one of at least two levels of capability platforms, or may also be at least two levels of capability platforms, which is not limited in the embodiment of the present invention. Through the configuration of the authentication strategy in the energy network element, the multi-platform authentication can be realized, so that the requirement of multi-service platform authentication can be met.

Step 303, receiving the call ticket information sent by the called capability network element according to the configured call ticket reporting policy after providing the capability to the capability caller.

In the embodiment of the invention, after the capability caller completes capability calling of the capability network element, the called capability network element determines a capability platform for call ticket reporting according to the configured call ticket reporting strategy, and sends call ticket information to the determined capability platform, and the capability platform receives the call ticket information sent by the capability network element.

Optionally, the capability platform for the capability caller to perform capability discovery, the capability platform for the capability network element to perform authentication determined according to the configured authentication policy, and the capability platform for the step capability network element to perform ticket reporting determined according to the configured ticket reporting policy may be the same capability platform or different capability platforms, which is not limited in the embodiment of the present invention. By configuring the authentication strategy and the call ticket reporting strategy in the capability network element, the separation of capability authentication, capability discovery and call ticket reporting can be realized, namely, the capability discovery, the capability authentication and the call ticket reporting are carried out through different capability platforms.

Optionally, for any one of the at least two stages of capability platforms, the configuring, by the capability network element according to the ticket policy configuration information, the ticket reporting policy may include: and configuring information such as user fields, ticket behavior states and the like for the current capability platform to report the ticket. The step of sending out the ticket information by the called capability network element according to the configured ticket reporting policy may include: matching user information contained in authentication information sent by a capability caller with user fields for bill reporting of each configured capability platform; configuring the user field contained in the authentication information into a capability platform of the user field for carrying out ticket reporting, determining the capability platform as the capability platform for carrying out ticket reporting, and sending ticket information to the determined capability platform.

Optionally, the capability platform for performing ticket reporting determined according to the user field matching may be any one of at least two stages of capability platforms, or may also be at least two stages of capability platforms, which is not limited in the embodiment of the present invention. Through the configuration of the call ticket reporting strategy in the capability network element, the multi-platform call ticket reporting can be realized, so that the requirement of multi-service platform call ticket collection can be met.

Referring to fig. 4, fig. 4 is a flowchart of another method for implementing dynamic capability opening according to an embodiment of the present invention, where the method is applied to a capability network element, and as shown in fig. 4, the method includes the following steps:

step 401, receiving capability calling information sent by a capability caller according to capability publishing information, wherein the capability publishing information is published on each level of capability platform by enabling the capability publishing information to transfer information from a corresponding capability network element to the level-by-level capability platform.

Step 402, determining the capability platform for authentication according to the configured authentication strategy, and sending authentication information to the determined capability platform.

Step 403, receiving the authentication result returned by the capability platform, and determining whether to provide the capability to the capability caller according to the authentication result.

In the embodiment of the present invention, the description about steps 401 to 403 may refer to the description about steps 101 to 103 in fig. 1 and steps 301 to 302 in fig. 3, and thus, the description will not be repeated.

Referring to fig. 5, fig. 5 is a flowchart of a capability network element performing registration, capability issue, and policy configuration before capability discovery according to an embodiment of the present invention, and as shown in fig. 4, before receiving capability call information sent by a capability caller according to capability issue information, the capability network element further includes the following steps:

step 501, sending capability network element information to the affiliated capability platform, enabling the affiliated capability platform to register the capability network element according to the capability network element information, and sending the capability network element information to the upper-level capability platform.

Step 502, receiving capability platform information sent by an attributive capability platform, and registering a capability platform determined according to the capability platform information, wherein the capability platform information includes information of any one of the attributive capability platform and a superior capability platform of the attributive capability platform.

Step 503, sending the capability issue information to the attributed capability platform, so that the attributed capability platform audits the capability issue information, issues the capability issue information after the audit is passed, and sends the capability issue information to the previous-level capability platform.

Step 504, receiving the authentication strategy configuration information sent by the registered capability platform, and configuring the authentication strategy according to the authentication strategy configuration information.

Step 505, receiving the call ticket policy configuration information sent by the registered capability platform, and configuring a call ticket reporting policy according to the call ticket policy configuration information.

In the embodiment of the present invention, the description about step 501 to step 505 may refer to the description about step 201 to step 205 in fig. 2 and step 303 in fig. 3, and thus, the description will not be repeated.

Referring to fig. 6, fig. 6 is a schematic structural diagram of an apparatus for implementing dynamic capability openness, where the apparatus is applied to any one of at least two stages of capability platforms, and as shown in fig. 6, the apparatus 600 for implementing dynamic capability openness may include:

a capability discovery module 601, configured to receive capability discovery information sent by a registered capability caller; determining capability release information matched with the capability discovery information, wherein the capability release information is released on each level of capability platform by enabling the capability release information to be transmitted from the corresponding capability network element to the level-by-level capability platform; and returning the determined capability release information to the capability caller, so that the capability caller calls the capability network element determined according to the capability release information.

Optionally, as shown in fig. 6, the apparatus 600 for implementing dynamic capability opening further includes:

the first capability management module 620 is configured to receive capability network element information sent by a next-level object, and register a capability network element determined according to the capability network element information, where the next-level object includes one of a subordinate capability network element and a next-level capability platform.

The capability discovery module 610 is further configured to receive capability publishing information sent by a next-level object, audit the capability publishing information, and publish the capability publishing information after the audit is passed.

Optionally, the first capability management module 620 is further configured to send capability platform information to the next-level object, so that the next-level object registers the capability platform determined according to the capability platform information, where the capability platform information includes information of the current capability platform and information of any one of the previous capability platforms of the current capability platform.

As shown in fig. 6, the apparatus 600 for implementing dynamic capability opening further includes:

an authentication module 630, configured to send authentication policy configuration information to a registered capability network element, so that the capability network element configures an authentication policy according to the authentication policy configuration information; receiving authentication information sent by the called capability network element according to the configured authentication strategy, and performing authentication certification according to the authentication information to obtain an authentication certification result; and returning the authentication result to the capability network element, so that the capability network element determines whether to provide the capability to the capability caller according to the authentication result. Optionally, the configuring, by the capability network element, the authentication policy according to the authentication policy configuration information includes: configuring a user field, an authentication method and an authentication behavior state of a current capability platform for authentication and authentication;

the called capability network element sends out authentication information according to the configured authentication strategy, and the authentication information comprises the following steps:

matching user fields contained in authentication information sent by a capability caller with user fields for authentication of each configured capability platform;

and configuring the user field contained in the authentication information into a capability platform of the user field for authentication and authorization, determining the capability platform as the capability platform for authentication and authorization, and sending the authentication information to the determined capability platform.

Optionally, the first capability management module 620 is further configured to send ticket policy configuration information to a registered capability network element, so that the capability network element configures a ticket reporting policy according to the ticket policy configuration information; and receiving call ticket information sent by the called capability network element according to the configured call ticket reporting strategy after providing the capability for the capability caller.

Optionally, the configuring, by the capability network element, the ticket reporting policy according to the ticket policy configuration information includes: configuring a user field and a call ticket behavior state for call ticket reporting by a current capability platform;

the called capability network element sends out the ticket information according to the configured ticket reporting strategy, including

Matching user information contained in authentication information sent by a capability caller with user fields for bill reporting of each configured capability platform;

configuring the user field contained in the authentication information into a capability platform of the user field for carrying out call ticket reporting, determining the user field as the capability platform for carrying out call ticket reporting, and sending call ticket information to the determined capability platform.

It can be understood that the apparatus 600 for implementing dynamic capability openness according to the embodiment of the present invention can implement the processes of the method embodiments shown in fig. 1, fig. 2, and fig. 3, and can achieve the same technical effects, and in order to avoid repetition, details are not repeated here.

Referring to fig. 7, fig. 7 is a schematic structural diagram of another apparatus for implementing dynamic capability openness according to an embodiment of the present invention, where the apparatus is applied to a capability network element, and as shown in fig. 7, the apparatus 700 for implementing dynamic capability openness may include:

the capability providing module 710 is configured to receive capability calling information sent by a capability caller according to capability publishing information, where the capability publishing information is published on each level of capability platform by enabling the capability publishing information to be passed from a corresponding capability network element to a level-by-level capability platform; determining a capability platform for authentication according to the configured authentication strategy, and sending authentication information to the determined capability platform; and receiving an authentication result returned by the capability platform, and determining whether to provide capability for the capability caller according to the authentication result.

Optionally, as shown in fig. 7, the apparatus 700 for implementing dynamic capability openness further includes:

and the second capability management module 720 is configured to send capability network element information to the affiliated capability platform, so that the affiliated capability platform registers the capability network element according to the capability network element information, and sends the capability network element information to the upper-level capability platform.

The capability publishing module 730 is configured to send capability publishing information to the affiliated capability platform, so that the affiliated capability platform audits the capability publishing information, publishes the capability publishing information after the audit is passed, and sends the capability publishing information to the upper-level capability platform.

Optionally, the second capability management module 720 is further configured to receive capability platform information sent by the attributed capability platform, and register the capability platform determined according to the capability platform information, where the capability platform information includes information of any one of the attributed capability platform and a superior capability platform of the attributed capability platform;

the capability providing module 710 is further configured to receive authentication policy configuration information sent by the registered capability platform, and configure an authentication policy according to the authentication policy configuration information.

Optionally, configuring the authentication policy according to the authentication policy configuration information includes: configuring a registered capability platform for user field, authentication method and authentication behavior state of authentication and authentication;

determining a capability platform for authentication and authorization according to the configured authentication strategy, and sending the authentication information to the determined capability platform, wherein the authentication information comprises the following steps:

matching the user fields contained in the authentication information with the user fields for authentication of each configured capability platform;

and configuring the user field contained in the authentication information into a capability platform of the user field for authentication and authorization, determining the user field as the capability platform for authentication and authorization, and sending the authentication information to the determined capability platform.

Optionally, the second capability management module 720 is further configured to receive ticket policy configuration information sent by the registered capability platform, and configure a ticket reporting policy according to the ticket policy configuration information; and after the authentication result provides the capability for the capability caller successfully, determining a capability platform for carrying out call ticket reporting according to the configured call ticket reporting strategy, and sending call ticket information to the determined capability platform.

Optionally, configuring the ticket reporting policy according to the ticket policy configuration information includes: configuring a user field and a call ticket behavior state for call ticket reporting by a registered capability platform;

determining a capability platform for carrying out call ticket reporting according to the configured call ticket reporting strategy, and sending call ticket information to the determined capability platform, wherein the call ticket information comprises

Matching the user field contained in the authentication information with the user field reported by each configured capability platform;

configuring the user field contained in the authentication information into a capability platform of the user field for carrying out ticket reporting, determining the capability platform as the capability platform for carrying out ticket reporting, and sending ticket information to the determined capability platform.

It can be understood that the apparatus 700 for implementing dynamic capability openness according to the embodiment of the present invention can implement the processes of the method embodiments shown in fig. 4 and fig. 5, and can achieve the same technical effects, and details are not repeated here to avoid repetition.

In addition, an embodiment of the present invention further provides a system for implementing dynamic capability openness, including: at least two levels of capability platforms and a capability network element, wherein any one level of capability platform in the at least two levels of capability platforms comprises the apparatus 600 for implementing dynamic capability opening, and the capability network element comprises the apparatus 700 for implementing dynamic capability opening.

Please refer to fig. 8 to fig. 13, fig. 8 is a schematic structural diagram of a system for implementing dynamic capability opening according to an embodiment of the present invention, fig. 9 is a flowchart of multi-level registration of a system capability issuer in fig. 8, fig. 10 is a flowchart of multi-level registration of a system capability platform in fig. 8, fig. 11 is a flowchart of multi-level issuance of a system capability in fig. 8, fig. 12 is a flowchart of system authentication policy configuration and ticket reporting policy configuration in fig. 8, and fig. 13 is a flowchart of system capability call in fig. 8.

As shown in fig. 8, the network capability is opened to implement multi-layer management, charging, and the like, usually there is isolation between the capability opening layer and the capability network element layer, and there are also multiple layers between the capability publisher, i.e., the capability network element, and the capability gateway. Therefore, the system for realizing dynamic capability opening comprises a first-stage capability platform, a second-stage capability platform … … nth-stage capability platform, an API (application programming interface) caller and a capability network element, wherein each stage of capability platform is provided with a CCF (context control function) module, and the capability network element is provided with an AFE (auto edge function) module, an APF (application programming function) module and an AMF (advanced programming function) module. Wherein the content of the first and second substances,

IF 1: the API caller registers a user with a CCF module in the capability platform and discovers the capability with the registered CCF module;

IF 2: the API caller calls the ability to the AEF module in the ability network element;

IF 3: an AEF module in the capability network element authenticates a CCF module in the capability platform;

IF 4: the APF module in the capability network element issues the capability to the CCF module in the capability platform, where the capability issue information may include: the addresses of the AEF, APF and AMF modules of the capability network element may be one address; the APF module may also modify and cancel the API to the CCF module in the capability platform, and the capability release information may further include: API name, address, parameter type, parameter content and other information;

IF 5: the CCF module in the capability platform registers to the AMF module in the capability network element, and the AMF module in the capability network element registers to the CCF module in the capability platform; an AMF module in a capability network element pushes ticket information to a CCF module in a capability platform; the CCF in the capability platform carries out API management to an AMF module in a capability network element, wherein the API management comprises configuration calling information pushing strategy, registration reporting address, configuration authentication strategy, registration authentication address and the like;

IF 6: and (4) transferring registration information, AEF, APF and AMF address information among CCF modules in the capability platform.

As shown in fig. 9, 1) the AMF module in the capability network element 1 registers the capability network element 1 with the CCF module in the capability platform n, and after the registration is successful, the CCF module in the capability platform n returns a registration result; 2) the CCF module in the capability platform n registers the capability network element 1 to the CCF module in the capability platform n-1, and the CCF module in the capability platform n-1 returns a registration result after the registration is successful; 3) and the CCF module in the capability platform n-1 registers the capability network element 1 to the CCF module in the capability platform 1, and the CCF module in the capability platform 1 returns a registration result after the registration is successful. The flow in fig. 8 may be asynchronous or synchronous, where asynchronous means non-immediate response and synchronous means immediate response.

As shown in fig. 10, 1) the CCF module in the capability platform 1 registers the capability platform 1 with the CCF module in the capability platform n-1, and after the registration is successful, the CCF module in the capability platform n-1 returns a registration result; 2) the CCF module in the capability platform n-1 registers the capability platform 1 to the CCF module in the capability platform n, and the CCF module in the capability platform n returns a registration result after the registration is successful; 3) and the CCF module in the capability platform n registers the capability platform 1 to the AMF module in the capability network element 1, and the AMF module in the capability network element 1 returns a registration result after the registration is successful. The flow in fig. 9 may be asynchronous or synchronous, where asynchronous means non-immediate response and synchronous means immediate response.

As shown in fig. 11, 1) the APF module in the capability network element 1 issues an API to the CCF module in the capability platform n, and returns a response after receiving the API issue information; 2) after the verification of the received API release information is passed, the CCF module in the capability platform n sends a verification notice to the APF module in the capability network element 1, and after the APF module in the capability network element 1 receives the verification notice, a response is returned; 3) the CCF module in the capability platform n issues an API to the CCF module in the capability platform n-1, and returns a response after receiving the API issuing information; 4) after the verification of the received API release information is passed, the CCF module in the capability platform n-1 issues a verification notice to the CCF module in the capability platform n, and returns a response after the CCF module in the capability platform n receives the verification notice; 5) the CCF module in the capability platform n-1 issues an API to the CCF module in the capability platform 1, and returns a response after receiving API issue information; 4) after the verification of the received API release information is passed, the CCF module in the capability platform 1 issues a verification notice to the CCF module in the capability platform n-1, and the CCF module in the capability platform n-1 returns a response after receiving the verification notice. The flow in fig. 10 may be asynchronous or synchronous, where asynchronous means non-immediate response and synchronous means immediate response.

As shown in fig. 12, the CCF module in the capability platform n performs authentication policy configuration on the AEF module in the capability network element 1, where the authentication policy configuration includes configuring a user field for authentication by the capability platform n, an authentication method, an authentication behavior state, and the like, where when the capability network element finds that the user field in the authentication information of the capability caller is the configured user field, the capability platform is triggered to perform authentication, and the authentication behavior state includes turning on and off an authentication function of the capability platform n.

And the CCF module in the capability platform n carries out call ticket policy configuration on the AEF module in the capability network element 1, wherein the call ticket policy configuration comprises the configuration of a user field, a call ticket behavior state and the like of the capability platform n, when the capability network element finds that the user field in the authentication information of the capability caller is the configured user field, call ticket reporting is triggered to the capability platform, and the call ticket behavior state comprises the function of starting and closing the call ticket reporting of the capability platform n.

As shown in fig. 13, 1) the capability caller performs API discovery on the CCF module in the capability platform 1, and the CCF module in the capability platform 1 returns API information including information such as API name, address, parameter type, and parameter content; 2) the capability caller calls an API (application programming interface) module in the capability network element 1 according to the API address information, wherein the calling information comprises authentication information, API calling information and the like; 3) the AEF module in the capability network element 1 respectively performs user authentication to the CCF module in the capability platform n and the CCF module in the capability platform 1 according to authentication configuration, and after the authentication is successful, the CCF module in the capability platform n and the CCF module in the capability platform 1 respectively return authentication results to the AEF module in the capability network element 1; 4) an AEF module in the capability network element 1 carries out API response to a capability caller; 5) after the capability is provided, the AMF module in the capability network element 1 reports call tickets to the CCF module in the capability platform n and the CCF module in the capability platform 1 respectively, and after the call tickets are reported successfully, the CCF module in the capability platform n and the CCF module in the capability platform 1 return responses to the AEF module in the capability network element 1 respectively. The flow in fig. 12 may be asynchronous or synchronous, where asynchronous means non-immediate response and synchronous means immediate response.

In addition, an embodiment of the present invention further provides a communication device, including a memory, a processor, and a computer program stored in the memory and capable of running on the processor, where the computer program, when executed by the processor, may implement the method embodiments shown in fig. 1, fig. 2, and fig. 3, or the processes of the method embodiments shown in fig. 4 and fig. 5, and may achieve the same technical effects, and in order to avoid repetition, details are not repeated here.

Referring to fig. 14, an embodiment of the present invention further provides a communication device 140, which includes a bus 141, a transceiver 142, an antenna 143, a bus interface 144, a processor 145, and a memory 146.

In this embodiment of the present invention, the communication device 140 further includes: programs or instructions stored on the memory 146 and executable on the processor 145. Optionally, the program or the instructions can be executed by the processor 145 to implement the following steps:

returning the determined capability release information to the capability caller to enable the capability caller to call the capability to the capability network element determined according to the capability release information;

or receiving capability calling information sent by a capability caller according to capability release information, wherein the capability release information is released at each level of capability platform by enabling the capability release information to carry out information transmission from a corresponding capability network element to the level-by-level capability platform;

It can be understood that the computer program can implement the method embodiments shown in fig. 1, fig. 2, and fig. 3, or the processes of the method embodiments shown in fig. 4 and fig. 5 when executed by the processor 145, and can achieve the same technical effect, and the details are not repeated here to avoid repetition.

In fig. 14, a bus architecture (represented by bus 141), the bus 141 may include any number of interconnected buses and bridges, the bus 141 linking together various circuits including one or more processors, represented by processor 145, and memory, represented by memory 146. The bus 141 may also link together various other circuits such as peripherals, voltage regulators, power management circuits, and the like, which are well known in the art, and therefore, will not be described any further herein. A bus interface 144 provides an interface between bus 141 and transceiver 142. The transceiver 142 may be one element or a plurality of elements, such as a plurality of receivers and transmitters, providing a means for communicating with various other apparatus over a transmission medium. The data processed by the processor 145 is transmitted over a wireless medium through the antenna 143, and further, the antenna 143 receives the data and transmits the data to the processor 145.

Processor 145 is responsible for managing bus 141 and general processing, and may also provide various functions including timing, peripheral interfaces, voltage regulation, power management, and other control functions. And the memory 146 may be used to store data used by the processor 145 in performing operations.

Alternatively, the processor 145 may be a CPU, ASIC, FPGA or CPLD.

An embodiment of the present invention further provides a computer-readable storage medium, on which a program or an instruction is stored, where the program or the instruction, when executed by a processor, can implement the processes of the method embodiments shown in fig. 1, fig. 2, and fig. 3 and the method embodiments shown in fig. 4 and fig. 5, and can achieve the same technical effects, and in order to avoid repetition, the detailed description is omitted here.

Computer-readable media, which include both non-transitory and non-transitory, removable and non-removable media, may implement the information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Disks (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.

It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.

Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solution of the present invention or the portions contributing to the prior art may be essentially embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a service classification device (which may be a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.

The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and amendments can be made without departing from the principle of the present invention, and these modifications and amendments should also be considered as the protection scope of the present invention.

Claims

1. A method for realizing dynamic capability opening is applied to any one stage of at least two stages of capability platforms, and is characterized by comprising the following steps:

determining capability release information matched with the capability discovery information, wherein the capability release information is released on each level of capability platform by enabling the capability release information to transfer information from the corresponding capability network element to the upper level-by-level capability platform;

and returning the determined capability release information to the capability caller, so that the capability caller calls the capability network element determined according to the capability release information.

2. The method of claim 1, further comprising, prior to receiving capability discovery information from a registered capability caller:

receiving capability network element information sent by a next-level object, and registering a capability network element determined according to the capability network element information, wherein the next-level object comprises one of a subordinate capability network element and a next-level capability platform;

and receiving the capability release information sent by the next-level object, auditing the capability release information, and releasing the capability release information after the auditing is passed.

3. The method according to claim 2, wherein before receiving capability issue information issued by the next-level object, performing an audit on the capability issue information, and issuing the capability issue information after the audit is passed, the method further comprises:

sending capability platform information to the next-level object to enable the next-level object to register a capability platform determined according to the capability platform information, wherein the capability platform information comprises information of a current capability platform and information of any one of a higher-level capability platform of the current capability platform;

after receiving the capability issue information sent by the next-level object, auditing the capability issue information, and issuing the capability issue information after the auditing is passed, the method further comprises the following steps:

sending authentication strategy configuration information to a registered capability network element to enable the capability network element to configure an authentication strategy according to the authentication strategy configuration information;

receiving authentication information sent by the called capability network element according to the configured authentication strategy, and performing authentication certification according to the authentication information to obtain an authentication certification result;

and returning the authentication result to the capability network element, so that the capability network element determines whether to provide the capability to the capability caller according to the authentication result.

4. The method of claim 3, wherein the configuring, by the capability network element, the authentication policy according to the authentication policy configuration information comprises: configuring a user field, an authentication method and an authentication behavior state of a current capability platform for authentication and authentication;

5. The method of any of claims 1 to 4, further comprising:

sending call ticket strategy configuration information to a registered capacity network element, and enabling the capacity network element to configure a call ticket reporting strategy according to the call ticket strategy configuration information;

and receiving call ticket information sent by the called capability network element according to the configured call ticket reporting strategy after providing the capability for the capability caller.

6. The method of claim 5, wherein the configuring, by the capability network element, the call ticket reporting policy according to the call ticket policy configuration information comprises: configuring a user field and a call ticket behavior state for call ticket reporting by a current capability platform;

the called capability network element sends out call ticket information according to the configured call ticket reporting strategy, including

configuring the user field contained in the authentication information into a capability platform of the user field for carrying out ticket reporting, determining the capability platform as the capability platform for carrying out ticket reporting, and sending the ticket information to the determined capability platform.

7. A method for realizing dynamic capability opening is applied to a capability network element and is characterized by comprising the following steps:

8. The method of claim 7, further comprising, before receiving capability call information issued by a capability caller according to the capability issue information:

sending capability network element information to an attributive capability platform, enabling the attributive capability platform to register the capability network element according to the capability network element information, and sending the capability network element information to an upper-level capability platform;

and sending the capability release information to the attributive capability platform, so that the attributive capability platform verifies the capability release information, releases the capability release information after the verification is passed, and sends the capability release information to an upper-level capability platform.

9. The method of claim 8, prior to sending the capability publishing information to the homed capability platform, further comprising:

receiving capability platform information sent by the attributive capability platform, and registering a capability platform determined according to the capability platform information, wherein the capability platform information comprises information of any one of the attributive capability platform and a superior capability platform of the attributive capability platform;

after sending the capability publishing information to the attributed capability platform, the method further includes:

and receiving authentication strategy configuration information sent by a registered capability platform, and configuring the authentication strategy according to the authentication strategy configuration information.

10. The method of claim 9, wherein configuring the authentication policy according to the authentication policy configuration information comprises: configuring a registered capability platform to carry out user field, authentication method and authentication behavior state of authentication and authorization;

determining a capability platform for authentication and authorization according to the configured authentication strategy, and sending authentication information to the determined capability platform, wherein the authentication information comprises the following steps:

matching the user field contained in the authentication information in the capability calling information with the user field for authentication and authorization of each configured capability platform;

11. The method of any one of claims 7 to 10, further comprising:

receiving call ticket strategy configuration information sent by a registered capability platform, and configuring a call ticket reporting strategy according to the call ticket strategy configuration information;

and after the authentication result provides the capability for the capability caller successfully, determining a capability platform for carrying out call ticket reporting according to the configured call ticket reporting strategy, and sending call ticket information to the determined capability platform.

12. The method of claim 11, wherein configuring a call ticket reporting policy according to the call ticket policy configuration information comprises: configuring a user field and a call ticket behavior state for call ticket reporting by a registered capability platform;

the method comprises the steps of determining a capability platform for carrying out call ticket reporting according to a configured call ticket reporting strategy, and sending call ticket information to the determined capability platform, wherein the call ticket information comprises

Matching the user field contained in the authentication information in the capability calling information with the user field for the bill reporting of each configured capability platform;

13. An apparatus for implementing dynamic capability opening, applied to any one of at least two stages of capability platforms, comprising:

the ability discovery module is used for receiving the ability discovery information sent by the registered ability caller; determining capability release information matched with the capability discovery information, wherein the capability release information is released on each level of capability platform by enabling the capability release information to transfer information from the corresponding capability network element to the level-by-level capability platform; and returning the determined capability release information to the capability caller, so that the capability caller can call the capability to the capability network element determined according to the capability release information.

14. The apparatus of claim 13, further comprising:

the first capability management module is used for receiving capability network element information sent by a next-level object and registering a capability network element determined according to the capability network element information, wherein the next-level object comprises one of a subordinate capability network element and a next-level capability platform;

the capability discovery module is further configured to receive capability issue information sent by the next-level object, perform audit on the capability issue information, and issue the capability issue information after the audit is passed.

15. The apparatus of claim 14, further comprising:

the first capability management module is further configured to send capability platform information to the next-level object, so that the next-level object registers a capability platform determined according to the capability platform information, where the capability platform information includes information of any one of a current capability platform and a higher-level capability platform of the current capability platform;

the device further comprises:

the authentication module is used for sending authentication strategy configuration information to the registered capability network element so that the capability network element configures an authentication strategy according to the authentication strategy configuration information; receiving authentication information sent by the called capability network element according to the configured authentication strategy, and performing authentication certification according to the authentication information to obtain an authentication certification result; and returning the authentication result to the capability network element, so that the capability network element determines whether to provide the capability to the capability caller according to the authentication result.

16. The apparatus of claim 15, the configuring, by the capability network element, an authentication policy according to the authentication policy configuration information comprises: configuring a user field, an authentication method and an authentication behavior state of a current capability platform for authentication and authentication;

17. The apparatus according to any one of claims 13 to 16,

the first capacity management module is further configured to send ticket policy configuration information to a registered capacity network element, so that the capacity network element configures a ticket reporting policy according to the ticket policy configuration information; and receiving call ticket information sent by the called capability network element according to the configured call ticket reporting strategy after providing the capability for the capability caller.

18. The apparatus of claim 17, wherein the configuring, by the capability network element, the call ticket reporting policy according to the call ticket policy configuration information comprises: configuring a user field and a call ticket behavior state for call ticket reporting by a current capability platform;

the called capability network element sends out ticket information according to the configured ticket reporting strategy, wherein the ticket information comprises user information contained in authentication information sent out by a capability caller, and the user information is matched with user fields for carrying out ticket reporting on each configured capability platform;

19. An apparatus for implementing dynamic capability opening, applied to a capability network element, includes:

20. The apparatus of claim 19, further comprising:

the second capacity management module is used for sending capacity network element information to an attributive capacity platform, enabling the attributive capacity platform to register the capacity network element according to the capacity network element information, and sending the capacity network element information to an upper-level capacity platform;

and the capability release module is used for sending the capability release information to the attributive capability platform, enabling the attributive capability platform to verify the capability release information, releasing the capability release information after the verification is passed, and sending the capability release information to the upper-level capability platform.

21. The apparatus of claim 20, further comprising:

the second capability management module is further configured to receive capability platform information sent by the attributed capability platform, and register a capability platform determined according to the capability platform information, where the capability platform information includes information of any one of the attributed capability platform and a higher-level capability platform of the attributed capability platform;

the capability providing module is also used for receiving authentication strategy configuration information sent by the registered capability platform and configuring the authentication strategy according to the authentication strategy configuration information.

22. The apparatus of claim 21, wherein configuring the authentication policy according to the authentication policy configuration information comprises: configuring a registered capability platform to carry out user field, authentication method and authentication behavior state of authentication and authorization;

determining a capability platform for authentication according to the configured authentication strategy, and sending authentication information to the determined capability platform, wherein the authentication information comprises the following steps:

23. The apparatus of any one of claims 19 to 22,

the second capacity management module is also used for receiving call ticket strategy configuration information sent by a registered capacity platform and configuring a call ticket reporting strategy according to the call ticket strategy configuration information; and after the authentication result provides the capability for the capability caller successfully, determining a capability platform for carrying out call ticket reporting according to the configured call ticket reporting strategy, and sending call ticket information to the determined capability platform.

24. The apparatus of claim 23, wherein configuring the ticket reporting policy according to the ticket policy configuration information comprises: configuring a user field and a call ticket behavior state for call ticket reporting by a registered capability platform;

Matching the user field contained in the authentication information in the capability calling information with the user field for ticket reporting of each configured capability platform;

25. A communication device comprising a processor, a memory and a program or instructions stored on the memory and executable on the processor, the program or instructions, when executed by the processor, implementing the steps of the method for enabling dynamic capability openness as claimed in any one of claims 1 to 6 or implementing the steps of the method for enabling dynamic capability openness as claimed in any one of claims 7 to 12.

26. A computer-readable storage medium, on which a program or instructions are stored, which, when executed by a processor, implement the steps of the method of implementing dynamic capability opening as claimed in any one of claims 1 to 6, or implement the steps of the method of implementing dynamic capability opening as claimed in any one of claims 7 to 12.