CN117579749A - IP telephone access method, device, equipment and storage medium - Google Patents

IP telephone access method, device, equipment and storage medium Download PDF

Info

Publication number
CN117579749A
CN117579749A CN202311519524.7A CN202311519524A CN117579749A CN 117579749 A CN117579749 A CN 117579749A CN 202311519524 A CN202311519524 A CN 202311519524A CN 117579749 A CN117579749 A CN 117579749A
Authority
CN
China
Prior art keywords
information
authentication result
account
communication information
voice
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311519524.7A
Other languages
Chinese (zh)
Inventor
王昱丹
孙记明
宋玉磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
China Information Technology Designing and Consulting Institute Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
China Information Technology Designing and Consulting Institute Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd, China Information Technology Designing and Consulting Institute Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN202311519524.7A priority Critical patent/CN117579749A/en
Publication of CN117579749A publication Critical patent/CN117579749A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M7/00Arrangements for interconnection between switching centres
    • H04M7/006Networks other than PSTN/ISDN providing telephone service, e.g. Voice over Internet Protocol (VoIP), including next generation networks with a packet-switched transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The application provides an IP telephone access method, an IP telephone access device, IP telephone access equipment and a storage medium. The method comprises the following steps: acquiring communication information; the communication information is sent to an account management unit, so that the account management unit determines voice account information according to the communication information; receiving voice account information sent by an account management unit, and sending communication information to a positioning unit, so that the positioning unit determines regional range information of a target mobile phone according to the communication information; receiving area range information sent by a positioning unit; carrying out authentication on the voice account information and the regional range information to obtain an authentication result; and executing the IP telephone access service according to the authentication result. The method improves the safety of the fixed telephone service and effectively reduces the possibility of occurrence of fraud of the communication different network.

Description

IP telephone access method, device, equipment and storage medium
Technical Field
The present disclosure relates to the field of communications technologies, and in particular, to an IP phone access method, device, apparatus, and storage medium.
Background
Voice over IP refers to digitizing analog signals for real-time delivery over an IP network in the form of data packets.
With the development of IP communications, more and more users begin to use voice over IP (Voice over Internet Protocol, voIP) systems, IP private branch exchange (IP-Private Branch Exchange, IP-PBX) and various IP terminals, such as session initiation protocol (Session Initiation Protocol, SIP) phones, are also becoming rich and mature. The VoIP network telephone is to connect the network telephone directly to any broadband interface such as super line, wired broadband, unit LAN, etc., and after setting the address number, the telephone can dial the number to be called as normal telephone. The biggest advantage of VoIP Internet telephony is the wide adoption of the Internet and global IP interconnection environment, providing more and better services than traditional services.
However, the prior art has the problem of poor use effect when carrying out the fixed telephone service of the IP telephone.
Disclosure of Invention
The application provides an IP telephone access method, an IP telephone access device, IP telephone access equipment and a storage medium, which are used for solving the problem that the use effect is poor when the fixed telephone service of an IP telephone is carried out by using the prior art.
In a first aspect, the present application provides an IP phone access method, including:
acquiring communication information, wherein the communication information comprises an IP address, an MAC address and a voice account number of a target mobile phone;
the communication information is sent to an account management unit, so that the account management unit determines voice account information according to the communication information;
receiving voice account information sent by an account management unit, and sending communication information to a positioning unit, so that the positioning unit determines area range information of a target mobile phone according to the communication information, wherein the area range information comprises an IP address set of a legal account and an MAC address set of the legal account;
receiving area range information sent by a positioning unit;
carrying out authentication on the voice account information and the regional range information to obtain an authentication result;
and executing the IP telephone access service according to the authentication result.
In the embodiment of the present application, obtaining communication information includes:
when the call request is an outbound call request, acquiring an outbound call request of the data receiving unit, wherein the outbound call request is a request sent to the data receiving unit by the IP telephone;
determining data message information according to the outbound call request;
and obtaining communication information according to the data message information.
When the call request is an incoming call request, acquiring an incoming call request of the data receiving unit, wherein the incoming call request is a request sent to the data receiving unit by a target mobile phone through an operator and a voice relay gateway;
determining data message information according to the outbound call request;
and obtaining communication information according to the data message information.
In the application, the voice account information and the regional range information are authenticated to obtain an authentication result, which comprises the following steps:
determining attribute information of a voice account in the voice account information;
authenticating the operator information in the attribute information of the voice account to obtain a first authentication result;
according to the regional range information, authenticating the IP address and the MAC address of the target mobile phone in the communication information to obtain a second authentication result;
and obtaining an authentication result according to the first authentication result and the second authentication result.
In the application, according to the regional range information, the authentication is performed on the IP address and the MAC address of the target mobile phone in the communication information to obtain a second authentication result, which comprises the following steps:
comparing the IP address of the target mobile phone in the communication information with the IP address set of the legal account number in the regional range information to obtain an IP address comparison result;
comparing the MAC address of the target mobile phone in the communication information with the MAC address set of the legal account number in the regional range information to obtain an MAC address comparison result;
and obtaining a second authentication result according to the IP address comparison result and the MAC address comparison result.
In this application, after obtaining the authentication result according to the first authentication result and the second authentication result, the method further includes:
if the first authentication result or the second authentication result represents authentication failure, intercepting and filtering the call request.
And if the first authentication result and the second authentication result are both indicative of successful authentication, executing the step of accessing the IP telephone into the service according to the authentication result.
In the present application, according to the authentication result, executing the IP phone access service includes:
according to the authentication result, the outbound call request is sent to the relay gateway, so that the relay gateway sends the outbound call request to the target mobile phone through the operator and the PLMN;
receiving outbound call information fed back by a target mobile phone according to an outbound call request;
and establishing IP telephone access service of the IP telephone and the target mobile phone according to the outbound call information.
In the present application, according to the authentication result, executing the IP phone access service includes:
according to the authentication result, sending the incoming call request to the IP telephone;
receiving incoming call information fed back by the IP telephone according to the incoming call request;
and establishing IP telephone access service of the IP telephone and the target mobile phone according to the incoming call information.
In a second aspect, the present application provides an IP phone access device, including:
the acquisition module is used for acquiring communication information, wherein the communication information comprises an IP address, an MAC address and a voice account number of a target mobile phone;
the sending module is used for sending the communication information to the account management module so that the account management module can determine voice account information according to the communication information;
the first receiving module is used for receiving the voice account information sent by the account management module and sending the communication information to the positioning module so that the positioning module can determine the area range information of the target mobile phone according to the communication information, wherein the area range information comprises an IP address set of a legal account and an MAC address set of the legal account;
the second receiving module is used for receiving the regional range information sent by the positioning module;
the authentication module is used for authenticating the voice account information and the regional range information to obtain an authentication result;
and the execution module is used for executing the IP telephone access service according to the authentication result.
In a third aspect, the present application provides an electronic device, comprising: a processor, and a memory communicatively coupled to the processor;
the memory stores computer-executable instructions;
the processor executes the computer-executable instructions stored in the memory to implement the methods of the present application.
In a fourth aspect, the present application provides a computer-readable storage medium comprising: the computer-readable storage medium has stored therein computer-executable instructions that, when executed by a processor, are used to implement the methods of the present application.
According to the IP telephone access method, the device, the equipment and the storage medium, communication information is acquired, wherein the communication information comprises an IP address, an MAC address and a voice account number of a target mobile phone; the communication information is sent to an account management unit, so that the account management unit determines voice account information according to the communication information; receiving voice account information sent by an account management unit, and sending communication information to a positioning unit, so that the positioning unit determines area range information of a target mobile phone according to the communication information, wherein the area range information comprises an IP address set of a legal account and an MAC address set of the legal account; receiving area range information sent by a positioning unit; carrying out authentication on the voice account information and the regional range information to obtain an authentication result; according to the authentication result, the means for executing the IP telephone access service can authenticate the voice account information in the communication information and the IP address and the MAC address of the account, ensure that the voice account is a legal account by checking whether the voice account of the communication information is registered in a specific enterprise database, ensure the service range of the fixed telephone service by checking whether the IP address and the MAC address of the voice account in the communication request are in a limited area network range, thereby determining to release the call or filter and intercept the call by checking whether the voice service is legal, improving the safety of the fixed telephone service and ensuring that the IP telephone meets the management regulation of non-cross-region use when the fixed telephone service is performed.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and together with the description, serve to explain the principles of the application.
Fig. 1 is a schematic view of a scenario of an IP phone access method provided in an embodiment of the present application;
fig. 2 is a flow chart of an IP phone access method provided in an embodiment of the present application;
fig. 3 is a flow chart of another IP phone access method according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of an IP phone access device according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Specific embodiments thereof have been shown by way of example in the drawings and will herein be described in more detail. These drawings and the written description are not intended to limit the scope of the inventive concepts in any way, but to illustrate the concepts of the present application to those skilled in the art by reference to specific embodiments.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples are not representative of all implementations consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with some aspects of the present application as detailed in the accompanying claims.
It should be noted that, the user information (including, but not limited to, user equipment information, user personal information, etc.) and the data (including, but not limited to, data for analysis, stored data, presented data, etc.) referred to in the present application are information and data authorized by the user or sufficiently authorized by each party, and the collection, use and processing of the related data need to comply with the relevant laws and regulations and standards, and be provided with corresponding operation entries for the user to select authorization or rejection.
With the continuous development of IP communication, more and more users begin to use voice transmission systems based on IP, and IP private branch exchanges and various IP terminals, such as session initiation protocol phones, etc., are also becoming rich and mature. The VoIP system directly connects the network telephone with any broadband interface, and can dial the number as a common telephone after simply setting the applied address number. The biggest advantage of VoIP Internet telephony is the wide adoption of the Internet and global IP interconnection environment, providing more and better services than traditional services. The biggest drawback of VoIP: the reliability is poor. However, with the improvement of VoIP technology, the network telephone call is very stable and clear. The following security problem is the most worry of users, and the behaviors such as spoofing, monitoring, attack and the like aiming at the VoIP system are increasingly increased, so that the business secret and privacy of the users are greatly threatened. On one hand, the security of the VoIP system needs to be strictly controlled at the server, and on the other hand, security precautions need to be made for the IP phone terminal and the access mode.
In order to avoid the occurrence of fraud in a different network and ensure that an IP telephone meets the management rule that fixed telephone service cannot be used in a cross-region mode, the application document is based on a mechanism realized by the conventional VoIP fixed telephone system, a fixed telephone number is ensured to be used in a region range by binding a call account number and an IP address of a network where the IP telephone is located at a fixed telephone system server, the call account number and an MAC address of the IP telephone are bound at the fixed telephone system server, and then the fixed telephone system server authenticates the IP address and the MAC address of the IP telephone in each call, so that the security of a call process is improved.
The data transmission method aims at solving the technical problems in the prior art.
The following describes the technical solutions of the present application and how the technical solutions of the present application solve the above technical problems in detail with specific embodiments. The following embodiments may be combined with each other, and the same or similar concepts or processes may not be described in detail in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
Fig. 1 is a schematic view of a scenario of an IP phone access method provided in an embodiment of the present application. As shown in fig. 1, the implementation subject of the IP phone access method may be an IP phone access system, which includes: the system comprises a data receiving unit, an account management unit, a positioning unit and an authentication unit.
The data receiving unit of the telephone is a circuit module for receiving and integrating the input data. In serial communication, a data receiving unit is generally used for receiving serial data from a transmitting end and converting the serial data into parallel data. The data receiving module plays a vital role in serial port communication, and can ensure accurate transmission and reception of data.
The account management unit of the telephone mainly comprises creation and management of a user account and authentication of the user account. In terms of user account authentication, registration is required using a user name and password already in the database, otherwise authentication will not be possible. After the user account is created and authenticated, the telephone can be used for calling, and the telephone number of the opposite party can be dialed to realize the calling.
The positioning unit of the phone can refer to a positioning unit for positioning the voice account, and a GPS positioning technology and a base station positioning technology can be generally used for positioning the target account. In the development process, a satellite positioning unit is a common unit, such as unmanned aerial vehicle positioning, smart watch positioning, robot positioning, and the like. In the development process, the positioning unit and the communication unit supporting remote transmission are often used together, the area where the fixed phone number is located is delimited, the voice account number and the network where the IP phone is located are bound, and the position where the IP phone is located is limited through the network area.
The authentication unit of the phone generally refers to an authentication module of the phone, also called an authentication chip or a security chip. It is an integrated circuit chip for protecting the security of the phone and preventing unauthorized access. The authentication unit typically includes an encryption engine and a memory for storing authentication information and keys for the phone. When the phone is connected to the network, the authentication unit automatically performs authentication to ensure that the phone is legitimate and that only authorized users can access the phone. The authentication unit is an important component of the telephone, and can effectively protect the security and privacy of the telephone.
The data receiving unit extracts the IP address, the MAC address, the voice account and other information from the received data message and sends the information to the authentication unit, the authentication unit acquires the voice account information from the account management unit, the authentication unit acquires the regional range information of the voice account of the current call from the positioning unit, then the authentication unit authenticates the relation among the requested IP address, the MAC address and the voice account, if the relation accords with the condition, the service request passes, and the signal is sent to the relay gateway or the IP phone according to the call type.
The implementation main body of the IP phone access method provided in the embodiment of the present application may also be a server. The server can be a computer, a tablet and other devices. The implementation manner of the execution body is not particularly limited in this embodiment, as long as the execution body can obtain communication information, where the communication information includes an IP address, a MAC address, and a voice account number of the target mobile phone; the communication information is sent to an account management unit, so that the account management unit determines voice account information according to the communication information; receiving voice account information sent by an account management unit, and sending communication information to a positioning unit, so that the positioning unit determines area range information of a target mobile phone according to the communication information, wherein the area range information comprises an IP address set of a legal account and an MAC address set of the legal account; receiving area range information sent by a positioning unit; carrying out authentication on the voice account information and the regional range information to obtain an authentication result; and executing the IP telephone access service according to the authentication result.
Fig. 2 is a flow chart of an IP phone access method according to an embodiment of the present application. The implementation body of the method may be a server or other servers, and the embodiment is not particularly limited herein, as shown in fig. 2, and the method may include:
s201, acquiring communication information.
The communication information may be an IP address, a MAC address, and a voice account number of the target mobile phone.
The method for obtaining the communication information may refer to obtaining the voice account information of the target mobile phone when sending or receiving the request for determining the call, and according to the voice account information, the IP address, the MAC address, and the voice account number of the target mobile phone may be obtained.
The target mobile phone may refer to a mobile phone that initiates a call request to the IP phone or receives the call request from the IP phone. The IP address (Internet Protocol Address, abbreviated as IP address), which may be referred to as a logical address, is a unified address format provided by the IP protocol, and assigns a logical identifier to a device on the network and a host computer to distinguish devices in different regions.
The MAC address may refer to a physical address, which is hard to change when solidified in the network card, and is only valid in the local area network. The IP address may be bound to the MAC address to determine a unique piece of equipment on the network.
A voice account may refer to an account for voice communications. The voice account number may be used to make and receive calls, send and receive voice messages, conduct voice conferences, and the like. In the field of mobile communications, a voice account number is typically bound to a SIM card or a handset, while in the field of network telephony, a voice account number is typically bound to network telephony software or hardware devices.
In this embodiment of the present application, obtaining the communication information includes:
acquiring an outbound call request of a data receiving unit, wherein the outbound call request is a request sent to the data receiving unit by an IP telephone;
determining data message information according to the outbound call request;
and obtaining communication information according to the data message information.
The outbound call request may refer to a request that the IP phone makes a call to the target mobile phone.
The data message information may refer to data to be transmitted and additional information. The additional information includes destination IP address, destination port, source address, source port, data length, protocol used.
In some embodiments, an outbound call request signal of the IP phone is sent to a data receiving unit, the data receiving unit extracts data message information of the target mobile phone from the signal, and parses the data message information to obtain a voice account number, an IP address and an MAC address of the target mobile phone.
The communication information may refer to information corresponding to the data message information, and in some embodiments, the communication information may include various forms such as voice, text, image, video, and the like. In computer networks, communication information is transmitted via data packets, which contain information such as source address, destination address, data content, etc. The transmission of the communication information needs to follow a certain protocol and rule, such as TCP/IP protocol, HTTP protocol, etc. Factors such as transmission speed, stability and safety of communication information can influence the quality of communication.
In this embodiment of the present application, obtaining the communication information includes:
acquiring an incoming call request of a data receiving unit, wherein the incoming call request is a request sent to the data receiving unit by a target mobile phone through an operator and a voice relay gateway;
determining data message information according to the incoming call request;
and obtaining communication information according to the data message information.
The incoming call request may refer to a call request initiated by the target handset to the IP phone.
The data receiving unit extracts the data message information of the target mobile phone from the call signal, analyzes the data message information of the target mobile phone, and obtains the voice account number, the IP address and the MAC address of the target mobile phone.
S202, the communication information is sent to an account management unit, so that the account management unit determines voice account information according to the communication information.
The functions of the account management unit may include creating, searching, modifying and logging out the voice account. The account management unit searches a database to which the current voice account belongs in account databases registered by a plurality of enterprises according to voice account attributes in the communication information, and determines voice account information from the database to which the current voice account belongs.
S203, receiving the voice account information sent by the account management unit, and sending the communication information to the positioning unit, so that the positioning unit determines the regional range information of the target mobile phone according to the communication information.
The regional scope information may refer to an IP address set of a legal account and a MAC address set of a legal account, the IP address set of the legal account may refer to an IP address set of a voice account registered in an operator database under a specific enterprise or personal name, and the MAC address set of the legal account may refer to a physical address set of a voice account registered in the operator database under the specific enterprise or personal name.
The positioning unit determines a specific logical address set to which the voice account belongs according to the IP address of the voice account in the communication information, and determines a specific physical address set to which the voice account belongs according to the MAC address of the voice account in the communication information, so that the regional range information of the voice account is determined through the specific logical address set to which the voice account belongs and the specific physical address set to which the voice account belongs.
S204, receiving the area range information sent by the positioning unit;
s205, authentication is carried out on the voice account information and the regional scope information, and an authentication result is obtained.
Where authenticating the voice account information and the regional scope information may refer to determining whether the user has rights to access the system. In this embodiment of the present application, authentication may refer to checking a condition that the relevant information of the current call request should conform to a legal request, and is used to determine whether the current call request is legal.
The authentication result may be a boolean value indicating whether the voice account information is authorized to use the service. If authentication fails, the voice account information will not be able to use the service and the system will reject its request. In the embodiment of the application, authentication is an important measure for guaranteeing the security and the legality of voice communication.
In this embodiment of the present application, authentication is performed on voice account information and regional scope information to obtain an authentication result, including:
determining attribute information of a voice account in the voice account information;
authenticating the operator information in the attribute information of the voice account to obtain a first authentication result;
according to the regional range information, authenticating the IP address and the MAC address of the target mobile phone in the communication information to obtain a second authentication result;
and obtaining an authentication result according to the first authentication result and the second authentication result.
In some embodiments, a database to which the voice account of the current call request belongs is determined, the voice account is compared with data in the database, and if the voice account of the current call request is registered in the database and is not in the blacklist of the enterprise, the first authentication result is successfully represented. If the voice account number of the call request is not registered in the database or is in the enterprise blacklist, the first authentication result representation fails.
In this embodiment of the present application, authenticating an IP address and an MAC address of a target mobile phone in communication information according to regional range information to obtain a second authentication result includes:
comparing the IP address of the target mobile phone in the communication information with the IP address set of the legal account number in the regional range information to obtain an IP address comparison result;
comparing the MAC address of the target mobile phone in the communication information with the MAC address set of the legal account number in the regional range information to obtain an MAC address comparison result;
and obtaining a second authentication result according to the IP address comparison result and the MAC address comparison result.
And checking the IP address in the communication information of the call request with the IP address set of the voice account number registered in the operator database under the specific enterprise or personal name, checking the MAC address in the communication information of the call request with the physical address set of the voice account number registered in the operator database under the specific enterprise or personal name, and if the two checks are consistent, characterizing the second authentication result as successful.
In this embodiment of the present application, after obtaining the authentication result according to the first authentication result and the second authentication result, the method further includes:
if the first authentication result or the second authentication result represents authentication failure, intercepting and filtering the call request.
And if the first authentication result and the second authentication result are both indicative of successful authentication, executing the step of accessing the IP telephone into the service according to the authentication result.
In some embodiments, if either one of the first authentication result and the second authentication result fails, the authentication fails, and the illegal request of the call request is determined, and the interception signal is sent to the voice platform, so that the call is terminated. If the first authentication result and the second authentication result are successful, the authentication is successful, the call request is legal, the access service is executed, and the call request is determined to be sent to the IP telephone or the relay gateway according to the call request type.
S206, executing the IP telephone access service according to the authentication result.
Performing the IP phone access service may include sending a signal to a trunking gateway or an IP phone based on the call request type. The trunk gateway is an important component of NGN solution, and is located at the edge access layer of next generation network (Next Generation Network, abbreviated as NGN), and connects public switched telephone network (Public Switched Telephone Network, abbreviated as PSTN) and NGN network to realize function of converting IP packet into TDM.
In this embodiment of the present application, according to the authentication result, executing the IP phone access service includes:
according to the authentication result, the outbound call request is sent to the relay gateway, so that the relay gateway sends the outbound call request to the target mobile phone through the operator and the PLMN;
receiving outbound call information fed back by a target mobile phone according to an outbound call request;
and establishing IP telephone access service of the IP telephone and the target mobile phone according to the outbound call information.
The PLMN refers to a public land mobile network (Public Land Mobile Network, abbreviated as PLMN), which is a network composed of a base station, a core network, and other devices, and can make a phone call and access the internet.
In this embodiment of the present application, according to the authentication result, the IP phone access service is executed, and further includes:
according to the authentication result, sending the incoming call request to the IP telephone;
receiving incoming call information fed back by the IP telephone according to the incoming call request;
and establishing IP telephone access service of the IP telephone and the target mobile phone according to the incoming call information.
According to the IP telephone access method, the voice account information is checked to ensure that the call account is legal, and whether the call account is in the limited area network range is judged by authenticating the IP address, the MAC address and the standard area range information of the account, so that the use range of fixed telephone service is ensured, the possibility of occurrence of fraud of a call different network is effectively reduced, and the security protection of an IP telephone terminal and an access mode is enhanced.
Fig. 3 is a flow chart of another IP phone access method according to an embodiment of the present application.
As shown in fig. 3, the method includes:
s301, the data receiving unit receives the data message and extracts the communication information.
The extracting of the communication information may refer to extracting an IP address, a MAC address, and a voice account number in the data packet.
S302, the data receiving unit sends the communication information to the authentication unit.
The communication information is sent to the authentication unit and can be used for subsequently checking whether the call request is legal or not.
S303, the authentication unit sends the communication information to the account management unit.
S304, the authentication unit acquires voice account information from the account management unit.
The voice account information may refer to creation, modification and cancellation information of the voice account.
S305, the authentication unit sends the communication information to the positioning unit.
The positioning unit is used for demarcating the area where the fixed telephone number in the fixed telephone service is located and is used for subsequent verification work of the IP address and the MAC address.
S306, the authentication unit acquires the regional range information from the positioning unit and authenticates the account information of the current call request.
S307, the authentication result is sent to the data receiving unit.
And S308, executing the IP telephone access service according to the authentication result.
In this embodiment of the present application, according to the authentication result, executing the IP phone access service includes:
when the call is an outbound call request, the outbound call request is sent to the relay gateway according to the authentication result, so that the relay gateway sends the outbound call request to the target mobile phone through an operator and PLMN;
receiving outbound call information fed back by a target mobile phone according to an outbound call request;
and establishing IP telephone access service of the IP telephone and the target mobile phone according to the outbound call information.
In this embodiment of the present application, according to the authentication result, the IP phone access service is executed, and further includes:
when the call is an incoming call request, the incoming call request is sent to the IP telephone according to the authentication result;
receiving incoming call information fed back by the IP telephone according to the incoming call request;
and establishing IP telephone access service of the IP telephone and the target mobile phone according to the incoming call information.
Fig. 4 is a schematic structural diagram of an IP phone access device according to an embodiment of the present application, and as shown in fig. 4, the IP phone access device 40 includes: an acquisition module 401, a sending module 402, a first receiving module 403, a second receiving module 404, an authentication module 405, and an execution module 406. Wherein:
the obtaining module 401 is configured to obtain communication information, where the communication information includes an IP address, a MAC address, and a voice account number of the target mobile phone;
the sending module 402 is configured to send the communication information to the account management module, so that the account management module determines voice account information according to the communication information;
the first receiving module 403 is configured to receive the voice account information sent by the account management module, and send the communication information to the positioning module, so that the positioning module determines, according to the communication information, area range information of the target mobile phone, where the area range information includes an IP address set of a legal account and an MAC address set of the legal account;
the second receiving module 404 is configured to receive the area range information sent by the positioning module;
an authentication module 405, configured to authenticate the voice account information and the regional scope information to obtain an authentication result;
and the execution module 406 is configured to execute the IP phone access service according to the authentication result.
In this embodiment of the present application, the obtaining module 401 may be further specifically configured to:
acquiring an outbound call request of the data receiving module, wherein the outbound call request is a request sent to the data receiving module by the IP telephone;
determining data message information according to the outbound call request;
and obtaining communication information according to the data message information.
In this embodiment of the present application, the obtaining module 401 may be further specifically configured to:
acquiring an incoming call request of a data receiving module, wherein the incoming call request is a request sent to the data receiving module by a target mobile phone through an operator and a voice relay gateway;
determining data message information according to the incoming call request;
and obtaining communication information according to the data message information.
In the embodiment of the present application, the authentication module 405 may be further specifically configured to:
determining attribute information of a voice account in the voice account information;
authenticating the operator information in the attribute information of the voice account to obtain a first authentication result;
according to the regional range information, authenticating the IP address and the MAC address of the target mobile phone in the communication information to obtain a second authentication result;
and obtaining an authentication result according to the first authentication result and the second authentication result.
In the embodiment of the present application, the authentication module 405 may be further specifically configured to:
comparing the IP address of the target mobile phone in the communication information with the IP address set of the legal account number in the regional range information to obtain an IP address comparison result;
comparing the MAC address of the target mobile phone in the communication information with the MAC address set of the legal account number in the regional range information to obtain an MAC address comparison result;
and obtaining a second authentication result according to the IP address comparison result and the MAC address comparison result.
In the embodiment of the present application, the authentication module 405 may be further specifically configured to:
if the first authentication result or the second authentication result represents authentication failure, intercepting and filtering the call request.
And if the first authentication result and the second authentication result are both indicative of successful authentication, executing the step of accessing the IP telephone into the service according to the authentication result.
In the embodiment of the present application, the execution module 406 may be further specifically configured to:
according to the authentication result, the outbound call request is sent to the relay gateway, so that the relay gateway sends the outbound call request to the target mobile phone through the operator and the PLMN;
receiving outbound call information fed back by a target mobile phone according to an outbound call request;
and establishing IP telephone access service of the IP telephone and the target mobile phone according to the outbound call information.
In the embodiment of the present application, the execution module 406 may be further specifically configured to:
according to the authentication result, sending the incoming call request to the IP telephone;
receiving incoming call information fed back by the IP telephone according to the incoming call request;
and establishing IP telephone access service of the IP telephone and the target mobile phone according to the incoming call information.
Fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present application. As shown in fig. 5, the electronic device 50 includes:
a processor 501 of one or more processing cores, a memory 502 of one or more computer readable storage media, a communication component 503, and the like. The processor 501, the memory 502, and the communication unit 503 are connected via a bus 504.
In a specific implementation, at least one processor 501 executes computer-executable instructions stored in memory 502, such that at least one processor 501 performs an IP phone access method as described above.
The specific implementation process of the processor 501 may refer to the above-mentioned method embodiment, and its implementation principle and technical effects are similar, and this embodiment will not be described herein again.
In the embodiment shown in fig. 5, it should be understood that the processor may be a central processing unit (english: central Processing Unit, abbreviated as CPU), or may be other general purpose processors, digital signal processors (english: digital Signal Processor, abbreviated as DSP), application specific integrated circuits (english: application Specific Integrated Circuit, abbreviated as ASIC), or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with the present invention may be embodied directly in a hardware processor for execution, or in a combination of hardware and software modules in a processor for execution.
The Memory may comprise high-speed Memory (Random Access Memory, RAM) or may further comprise Non-volatile Memory (NVM), such as at least one disk Memory.
The bus may be an industry standard architecture (Industry Standard Architecture, ISA) bus, an external device interconnect (Peripheral Component, PCI) bus, or an extended industry standard architecture (Extended Industry Standard Architecture, EISA) bus, among others. The buses may be divided into address buses, data buses, control buses, etc. For ease of illustration, the buses in the drawings of the present application are not limited to only one bus or one type of bus.
In some embodiments, a computer program product is also presented, comprising a computer program or instructions which, when executed by a processor, implement the steps in any of the above IP phone access methods.
The specific implementation of each operation above may be referred to the previous embodiments, and will not be described herein.
Those of ordinary skill in the art will appreciate that all or a portion of the steps of the various methods of the above embodiments may be performed by instructions, or by instructions controlling associated hardware, which may be stored in a computer-readable storage medium and loaded and executed by a processor.
To this end, embodiments of the present application provide a computer readable storage medium having stored therein a plurality of instructions capable of being loaded by a processor to perform steps in any of the IP phone access methods provided by the embodiments of the present application.
Wherein the storage medium may include: read Only Memory (ROM), random access Memory (RAM, random Access Memory), magnetic or optical disk, and the like.
According to one aspect of the present application, there is provided a computer program product or computer program comprising computer instructions stored in a computer readable storage medium.
The instructions stored in the storage medium may perform steps in any one of the IP phone access methods provided in the embodiments of the present application, so that the beneficial effects that any one of the IP phone access methods provided in the embodiments of the present application can be achieved, which are detailed in the previous embodiments and are not repeated herein.
Other embodiments of the present application will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the application following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the application pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
It is to be understood that the present application is not limited to the precise arrangements and instrumentalities shown in the drawings, which have been described above, and that various modifications and changes may be effected without departing from the scope thereof. The scope of the application is limited only by the appended claims.

Claims (11)

1. An IP phone access method, comprising:
acquiring communication information, wherein the communication information comprises an IP address, an MAC address and a voice account number of a target mobile phone;
the communication information is sent to an account management unit, so that the account management unit determines voice account information according to the communication information;
receiving voice account information sent by the account management unit, and sending the communication information to a positioning unit, so that the positioning unit determines area range information of the target mobile phone according to the communication information, wherein the area range information comprises an IP address set of a legal account and an MAC address set of the legal account;
receiving the regional range information sent by the positioning unit;
authenticating the voice account information and the regional range information to obtain an authentication result;
and executing the IP telephone access service according to the authentication result.
2. The method of claim 1, wherein the obtaining communication information comprises:
acquiring an outbound call request of a data receiving unit, wherein the outbound call request is a request sent to the data receiving unit by an IP telephone;
determining data message information according to the outbound call request;
and obtaining communication information according to the data message information.
3. The method of claim 1, wherein the obtaining communication information comprises:
acquiring an incoming call request of a data receiving unit, wherein the incoming call request is a request sent to the data receiving unit by the target mobile phone through an operator and a voice relay gateway;
determining data message information according to the incoming call request;
and obtaining communication information according to the data message information.
4. The method of claim 1, wherein authenticating the voice account information and the regional scope information to obtain an authentication result comprises:
determining attribute information of a voice account in the voice account information;
authenticating the operator information in the attribute information of the voice account to obtain a first authentication result;
according to the regional range information, authenticating the IP address and the MAC address of the target mobile phone in the communication information to obtain a second authentication result;
and obtaining an authentication result according to the first authentication result and the second authentication result.
5. The method of claim 4, wherein authenticating the IP address and the MAC address of the target mobile phone in the communication information according to the regional scope information to obtain the second authentication result includes:
comparing the IP address of the target mobile phone in the communication information with the IP address set of the legal account number in the regional range information to obtain an IP address comparison result;
comparing the MAC address of the target mobile phone in the communication information with the MAC address set of the legal account number in the regional range information to obtain an MAC address comparison result;
and obtaining a second authentication result according to the IP address comparison result and the MAC address comparison result.
6. The method of claim 4, wherein after obtaining an authentication result based on the first authentication result and the second authentication result, the method further comprises:
if the first authentication result or the second authentication result represents authentication failure, intercepting and filtering the call request;
and if the first authentication result and the second authentication result are both characterized as successful authentication, executing the step of executing the IP telephone access service according to the authentication result.
7. The method of claim 1, wherein said performing IP phone access service according to the authentication result comprises:
according to the authentication result, sending the outbound call request to a relay gateway, so that the relay gateway sends the outbound call request to the target mobile phone through an operator and PLMN;
receiving outbound call information fed back by the target mobile phone according to the outbound call request;
and establishing IP telephone access service of the IP telephone and the target mobile phone according to the outbound call information.
8. The method of claim 1, wherein said performing IP phone access service according to the authentication result comprises:
according to the authentication result, sending an incoming call request to an IP telephone;
receiving incoming call information fed back by the IP telephone according to the incoming call request;
and establishing IP telephone access service of the IP telephone and the target mobile phone according to the incoming call information.
9. An IP phone access device, comprising:
the acquisition module is used for acquiring communication information, wherein the communication information comprises an IP address, an MAC address and a voice account number of a target mobile phone;
the sending module is used for sending the communication information to the account management module so that the account management module can determine voice account information according to the communication information;
the first receiving module is used for receiving the voice account information sent by the account management module and sending the communication information to the positioning module so that the positioning module can determine the regional range information of the target mobile phone according to the communication information, wherein the regional range information comprises an IP address set of a legal account and an MAC address set of the legal account;
the second receiving module is used for receiving the regional range information sent by the positioning module;
the authentication module is used for authenticating the voice account information and the regional range information to obtain an authentication result;
and the execution module is used for executing the IP telephone access service according to the authentication result.
10. An electronic device, comprising: a processor, and a memory communicatively coupled to the processor;
the memory stores computer-executable instructions;
the processor executes computer-executable instructions stored in the memory to implement the method of any one of claims 1 to 8.
11. A computer readable storage medium having stored therein computer executable instructions which when executed by a processor are adapted to carry out the method of any one of claims 1 to 8.
CN202311519524.7A 2023-11-15 2023-11-15 IP telephone access method, device, equipment and storage medium Pending CN117579749A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311519524.7A CN117579749A (en) 2023-11-15 2023-11-15 IP telephone access method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311519524.7A CN117579749A (en) 2023-11-15 2023-11-15 IP telephone access method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN117579749A true CN117579749A (en) 2024-02-20

Family

ID=89861812

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311519524.7A Pending CN117579749A (en) 2023-11-15 2023-11-15 IP telephone access method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN117579749A (en)

Similar Documents

Publication Publication Date Title
US7739196B2 (en) Policy control and billing support for call transfer in a session initiation protocol (SIP) network
US8090944B2 (en) Method and apparatus for authenticating users of an emergency communication network
US9264539B2 (en) Authentication method and system for screening network caller ID spoofs and malicious phone calls
US8385888B2 (en) Authentication of mobile devices over voice channels
EP2334111B1 (en) Authentication of mobile devices over voice channels
CN113067859B (en) Communication method and device based on cloud mobile phone
RU2642483C2 (en) Method and device for conference access
TW201830949A (en) Methods for sharing sim card and mobile terminals
US20130303124A1 (en) Transaction method between two servers including a prior validating step using two mobile telephones
CN109995769B (en) Multi-stage heterogeneous trans-regional full-real-time safety management and control method and system
CN107872588B (en) Call processing method, related device and system
US7656794B2 (en) Method and apparatus for authenticated quality of service reservation
JP4897864B2 (en) Protection against CLI spoofing of services in mobile networks
CN114928460A (en) Multi-tenant application integration framework system based on micro-service architecture
CN114070939A (en) Network voice call method, system, storage medium and server
US20110283337A1 (en) Method and system for authenticating network nodes of a peer-to-peer network
CN117579749A (en) IP telephone access method, device, equipment and storage medium
US20020042820A1 (en) Method of establishing access from a terminal to a server
CN111246409B (en) Communication service processing method and device
US20100293609A1 (en) Processing communication events in a communications system
JP2002041476A (en) System and method for user authentication
CN101763482A (en) Method of internet computer software lock and service system thereof
RU53085U1 (en) ACCESS SYSTEM FOR USERS ACCESS TO PRIVATE DATA THROUGH A COMPUTER NETWORK
CN107995587B (en) Authentication method, authentication platform, authentication system and service provider platform
JP2000209284A (en) Device and method for authentication

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination