CN1535068A - Method of proceeding grouping business audiomonitoring according to user mark - Google Patents
Method of proceeding grouping business audiomonitoring according to user mark Download PDFInfo
- Publication number
- CN1535068A CN1535068A CNA031215904A CN03121590A CN1535068A CN 1535068 A CN1535068 A CN 1535068A CN A031215904 A CNA031215904 A CN A031215904A CN 03121590 A CN03121590 A CN 03121590A CN 1535068 A CN1535068 A CN 1535068A
- Authority
- CN
- China
- Prior art keywords
- pdsn
- monitoring system
- haaa
- user
- address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
A method for auditing packet service according to user ID includes using new radius attribute to transmit target user setting message from auditing system to HAAA, setting up the target user in HAAA, storing the radius attribute in HAAA, transmitting the auditing request to PDSN as soon as the target user accesses the packet network, judging if the auditing is active by PDSN, linking to auditing system if it is, and transmitting the audited service stream.
Description
Technical field
The present invention relates to mobile communication technology field and safe practice field, relate in particular to that a kind of (Network Access Identifier NAI) carries out the method for Packet Service Lawful Interception according to network access Identifier.
Background technology
Current, all have higher requirement for national security in countries in the world, and various countries have proposed the Lawful Interception demand to telecommunication apparatus respectively.China is all making legal monitoring interface specification aspect fixed network and gsm (GSM) communication in succession, for using increasingly extensive Packet Service, needs to formulate legal monitor method equally.Described Packet Service refers to the Packet data service in telecommunication network system, in cdma system, combines other telecommunication apparatus with aaa server by PDSN and realizes this kind business.
In existing C DMA system, target terminal user (MS) is carried out communication by base station sub-system (BBS), each BBS and the group data service node on it (PDSN) communicate, and communicate by the equipment (HAAA) of this node and the checking of cdma system Packet Service, authentication, charging.In this cdma system, HAAA be one according to authentication request carry out authentication and the response, or charge and the simple services device of response according to the request record that charges, this HAAA does not have the function of the information that Lawful Interception needs, and does not equally have the function that triggers Lawful Interception yet.In addition, in the prior art, also proposed network configuration, but specific embodiment does not propose about the cdma system monitoring.
Along with the rapid growth of data service and the needs of national security, need to formulate about CDMA being carried out the solution of finishing of Lawful Interception.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of method of carrying out the Packet Service monitoring according to user ID.When this method is applied in the cdma system,, reached the purpose of carrying out Lawful Interception according to dial user's name by HAAA equipment in the cdma system packet network is increased attribute, expanded function.
The present invention carries out the method that Packet Service is monitored for a kind of according to user ID, may further comprise the steps:
The targeted customer that A, monitoring system send this monitoring is identified on the HAAA, and HAAA is monitored according to this user of this targeted customer's identity marking, and then, HAAA sends the PDSN address of the current access of targeted customer to monitoring system;
B, monitoring system judge whether the PDSN effective address of receiving that the targeted customer inserts, if according to this address, monitoring system and PDSN connect by interacting message, and transmission monitoring service stream; Otherwise, monitoring system is waited for, insert PDSN up to the targeted customer, HAAA writes down the current access of this user PDSN address and knows that according to this user ID these user's needs are monitored, then, HAAA triggers monitoring system with the current access of this user PDSN address, and monitoring system and PDSN connect by interacting message, transmission monitoring service stream.
Wherein, this method further comprises if user access network, and then HAAA is kept at self according to user ID with the PDSN effective address of the current access of this user; If user's deviated from network, then HAAA is invalid value according to user ID with this user's PDSN address setting.
Wherein, among the step B, described monitoring system judges whether to receive that the PDSN effective address that the targeted customer inserts comprises:
Monitoring system judges whether the PDSN address field of receiving is 0 or is empty, if then the PDSN address is invalid; Otherwise the PDSN address field is effective.
Wherein, monitoring system further sends to the monitoring system address on the HAAA in the steps A, and HAAA is according to this address of targeted customer's identification record;
HAAA described in the step B triggers monitoring system according to the current access of this user PDSN address and comprises: HAAA is according to the monitoring system address, and the current access PDSN address that identifies this user according to the targeted customer sends to monitoring system, triggers and monitors.
Wherein:
Monitoring system further sends to the monitoring system address on the HAAA in the steps A, and HAAA is according to this address of targeted customer's identification record;
HAAA described in the step B triggers monitoring system according to the current access of this user PDSN address and comprises: HAAA sends to the monitoring system address on the PDSN of the current access of this user according to this targeted customer's sign, and this PDSN triggers monitoring system according to the monitoring system address.
Wherein, on PDSN, preestablish the monitoring system address, HAAA described in the step B triggers monitoring system according to the current access of this user PDSN address and comprises: HAAA notifies this user of the current access of this user PDSN to be monitored, and this PDSN triggers according to predefined monitoring system address and monitors.
Wherein:
In the steps A, the targeted customer that monitoring system sends this monitoring is identified to and further comprises on the HAAA and send this monitor sign in HAAA, HAAA judges whether this monitor sign is invalid, if, then HAAA carries out common authentication, otherwise described HAAA is monitored to HAAA is this monitor sign in the monitoring attribute that the targeted customer is set certainly on one's body according to this user of this targeted customer's identity marking, and described HAAA sends the PDSN address and further comprises this monitor sign of transmission to monitoring system;
Among the step B, if monitoring system is not received the PDSN effective address, then described HAAA writes down the current access of this user PDSN address and further comprises this monitor sign of record, describedly know that these user's needs are monitored further comprise that according to this user ID monitoring system judges whether this monitor sign is effective, if, then trigger, otherwise, do not trigger.
Wherein, describedly judge that whether invalid monitor sign for judging that whether the monitor sign field is 0 or for sky, if then monitor sign is invalid; Describedly judge that monitor sign is whether effectively for judging that whether monitor sign is the integer greater than 0, if then monitor sign is effective.
Wherein, described monitoring system and PDSN connect by interacting message and further comprise: PDSN responds user's current business state to monitoring system.
Wherein, described monitoring system connects by interacting message with PDSN and comprises: the form of monitoring system by generic route encapsulation (GRE) set up with PDSN between be connected.
Wherein, this method further comprises:
Switch if the user strides PDSN, the user inserts new PDSN, carries out described step B, and when monitoring system and new PDSN set up monitoring when being connected, monitoring system is cancelled monitoring on former PDSN.
Wherein, if the monitoring system cancellation is monitored the targeted customer, this method further comprises:
Monitoring system sends message, and it is invalid that this user's of notice HAAA monitor sign is set to.HAAA sends to monitoring system and replys, and informs the monitoring of monitoring system cancellation to this targeted customer.
Wherein, the PDSN that further passes through any one appointment in the monitoring scope between described monitoring system and the HAAA transmits message.
Wherein, described user ID is network access Identifier (NAI).
Wherein, this method further comprises international mobile subscriber identity (IMSI) or electronics string number (ESN) or mobile number thin (MDN) is converted to NAI by fixed correspondence.
Wherein, described Packet Service is code division multiple access (CDMA) 2000 systems, CDMA 1X system, only is used for CDMA2000 1X enhanced edition (CDMA2000 1X EV-DO, HRPD) Packet Service of system, CDMA2000 1X enhanced edition (CDMA2000 1XEV-DV) system that is used for data and speech transmissions, wireless lan (wlan) system, wireless local loop (WLL) system of transfer of data.
As seen, this method realized the monitoring to packet network, and this method has the following advantages by increasing the radius attribute of HAAA:
1, solves the eavesdropping target well and had the mobile problem of being brought;
2, realized monitoring when the eavesdropping target has begun Packet Service midway;
3, realized according to NAI find the eavesdropping target and to monitoring;
4, solved the problem that roaming is monitored;
In a word, this method is by increasing the radius attribute of HAAA, realized equipment being carried out under the minimum prerequisite of changing, the function that the targeted customer is monitored, this method can be applied to use among the disparate networks of AAA and PDSN, range of application is wide, and has made useful contribution for the national security problem.
Description of drawings
Fig. 1 is that networking diagram is monitored in the grouping of cdma system.
Fig. 2 is among the embodiment 1, when the user had inserted packet network when monitoring system was carried out the ownership goal setting, realizes the sequential chart of monitoring.
Fig. 3 is among the embodiment 1, when the user did not insert packet network as yet when monitoring system was carried out the ownership goal setting, realizes the sequential chart of monitoring.
Fig. 4 is among the embodiment 1, and monitoring system is monitored the sequential chart of cancelling to PDSN.
Fig. 5 is among the embodiment 1, and monitoring system is carried out the sequential chart of targeted customer's cancellation.
Embodiment
The present invention is for carrying out the method that Packet Service is monitored according to user ID, this method is by increasing the radius attribute on HAAA, and expansion HAAA function has realized the function of the targeted customer being monitored according to NAI.In the method, the newly-increased radius attribute of monitoring system utilization is finished targeted customer's setting on HAAA, the PDSN address that HAAA utilizes newly-increased radius attribute notice monitoring system targeted customer to insert, thereby connect between the monitoring system of making and the PDSN, transmission monitoring service stream is to realize monitoring.
Describe the present invention referring to accompanying drawing.
Referring to cdma system monitoring system networking diagram shown in Figure 1, this monitoring system comprises LIAF and LEA, wherein, LEA is for collecting, handle the functional entity of snoop results, LIAF specifically comprises ADMF, DF2 and three functional entitys of DF3, and wherein, ADMF finishes the control and the management function of monitoring activity, DF2 finishes the function of reception and the professional dependent event of distribute packets, and DF3 finishes the function of reception and distribute packets business tine.The present invention expands the function of AAA by increasing the radius attribute on the AAA shown in Figure 1 in advance, thereby assists monitoring system to finish monitoring work.Following three attributes of concrete increase are respectively:
PDSN Address, the IP address of the PDSN that the expression user is inserting;
ADMF Address, the IP address of expression monitoring system, wherein, ADMF finishes the control of monitoring activity, the functional entity of management function in the monitoring system;
Tap ID, the unique identification of this monitoring.These three newly-increased attributes satisfy the radius standard, and particular content can below provide the content of these three attributes in the embodiment of the invention according to this standard setting:
PDSN Address: the IP address of the PDSN that the user is inserting
Type:26
Length=12
Vendor?ID:5535
Vendor-Type=xxx
Vendor-Length=6
Vendor-Value=4?octet?IP?address
ADMF Address: the IP address of monitoring system
Type:26
Length=12
Vendor?ID:5535
Vendor-Type=xxx
Vendor-Length=6
Vendor-Value=4?octet?IP?address
Tap ID: the unique identification of this monitoring
Type:26
Length=16
Vendor?ID:5535
Vendor-Type=xxx
Vendor-Length=10
Vendor-Value=Tap?ID
These three newly-increased attributes satisfy the radius standard, and property content is determined according to this standard.
In view of all not open HAAA of current most of operators, and in line with the principle of simplifying the monitoring system interface, in the embodiment of the invention monitoring system will monitor in the scope arbitrary PDSN or fixedly the PDSN conduct act on behalf of PDSN, monitoring system by this act on behalf of PDSN with forwards to HAAA.Certainly, if the open HAAA of operator, the message that also can directly carry out between monitoring system and the HAAA transmits.The user can insert a PDSN when inserting packet network, be the PDSN of difference as the agency, and in the following stated, the PDSN that is connected when the user inserts packet network is called service PDSN.
When the user inserted packet network, this user inserted a service PDSN, utilizes this service PDSN to carry out authentication on HAAA, and authentication is recorded in this user's current access service PDSN on the HAAA according to this user ID by HAAA then.When this user stopped Packet Service, HAAA was invalid value according to user ID with this user's PDSN address setting.
Embodiment 1:
Consider the different relations of intercept target user and packet network, below the branch situation discuss monitor method of the present invention.
1, monitoring system is carried out the targeted customer when setting, and the user has inserted packet network:
Referring to shown in Figure 2, at this moment, monitoring needs following steps:
Step 2.1: monitoring system sends targeted customer's setup message to acting on behalf of PDSN, have Tap ID and ADMF Address attribute and user in the setup message and insert sign, the embodiment of the invention fixing acted on behalf of PDSN to send this targeted customer's setup message is example to one with monitoring system, and inserts sign with network access Identifier (NAI) as described user and give an example;
Step 2.2: this is acted on behalf of PDSN and receives this targeted customer's setup message, generation does not have access request (access request) message of user cipher, and according to targeted customer's setup message of receiving message sets Tap ID and ADMF Address attribute and NAI in inserting request, then, should insert request message and send to HAAA;
Step 2.3:HAAA receives this access request message, judges that the Tap ID that obtains in the message greater than 0, shows that this is a target user setup message, does not need the user is carried out authentication, and HAAA finishes following operation according to NAI in this locality:
(1) targeted customer's Tap ID property value is set for inserting the Tap ID property value in the request message;
(2) targeted customer's ADMF Address property value is set for inserting the ADMFAddress property value in the request message;
(3) send access request-reply (access accept) message and act on behalf of PDSN to this, wherein, because this targeted customer has inserted packet network, therefore, comprise a newly-increased attribute PDSNAddress in this message, this attribute is service PDSN address;
Step 2.4: this is acted on behalf of PDSN and receives access request-reply message, generates the targeted customer and sets response message, sends to monitoring system, and this targeted customer sets and comprises Tap ID and PDSN Address attribute in the response message at least;
Above step is finished the setting of monitoring system to the targeted customer;
Step 2.5: the service PDSN Address during monitoring system is replied according to targeted customer's setting, PDSN sends interception request to service, wherein, comprise NAI, Tap ID in this interception request, comprise listening mode and monitor IP address and the port numbers of listen requirement, DF2 and the DF3 of content, wherein, DF2 is a functional entity of realizing reception and distribution service dependent event function in the monitoring system, and DF3 is a functional entity of finishing reception and distribution service content in the monitoring system;
Step 2.6: this service PDSN receives interception request, send the interception request response message to monitoring system, inform that this service of monitoring system PDSN accepts interception request, wherein, in this interception request response message, can further include the user data service state information, activate or resting state to inform that this service of monitoring system PDSN is in;
Step 2.7: PDSN is according to DF2 address and port numbers in the interception request, to DF2 reporting service dependent event in service; And the DF3 transmission in monitoring system is connected the request of foundation with port numbers according to the DF3 address in the interception request to serve PDSN, begins to set up professional connection;
Step 2.8: monitoring system is received and is connected the request of foundation, send connection to service PDSN and set up request-reply message, service PDSN receives this message, begin to carry out and monitoring system between Business Stream transmit, realize the monitoring of monitoring system, wherein, in the present embodiment, monitoring service stream adopts the form of generic route encapsulation (GRE), and the key field in GRE packet header is set to Tap ID; Also can adopt other packing forms, satisfy the monitoring service demand and get final product.
2, monitoring system is carried out the targeted customer when setting, and the targeted customer does not also insert packet network:
Referring to shown in Figure 3, at this moment, monitoring needs following steps:
Step 3.1: monitoring system sends targeted customer's setup message to the arbitrary PDSN that acts on behalf of in the monitoring scope, includes Tap ID and ADMF Address attribute and NAI greater than 0 in this message; The embodiment of the invention is an example with a fixing PDSN that acts on behalf of;
Step 3.2: this is acted on behalf of PDSN and receives targeted customer's setup message, generation does not have the user of user cipher to insert request (access request) message, according to targeted customer's setup message of receiving, insert on the request message this user and to set Tap ID and ADMF Address attribute and NAI, this is acted on behalf of PDSN and this user is inserted request message sends to HAAA;
Step 3.3:HAAA receives this user and inserts request message, and obtaining this according to the Tap ID in this message greater than 0 determined property is user's setup message, need not subscription authentication, and HAAA finishes following content in this locality:
(1) according to NAI targeted customer's Tap ID property value is set at the user and inserts Tap ID property value in the request message;
(2) targeted customer's ADMF Address property value is set for inserting the ADMFAddress property value in the request message;
(3) reply to insert request-reply message to acting on behalf of PDSN, wherein,, insert therefore that not have PDSN address or PDSN property value in the request-reply be 0 because the targeted customer does not insert packet network as yet;
Step 3.4: act on behalf of PDSN and receive this access request, generate the targeted customer and set response message, send to monitoring system, this targeted customer sets and comprises Tap ID and PDSNAddress in the response message at least; Monitoring system receives that the targeted customer sets response message, judges that obtaining not having in this message PDSN address field or this address word segment value is 0, and monitoring system is not done action according to this judged result on the monitoring interface, and the wait user inserts to trigger and monitors;
Step 3.5: as user during by the dial-up access network, service PDSN generates the request of inserting (accessrequest), and this request is sent to HAAA;
Step 3.6:HAAA receives this access request message, judges to obtain there is not Tap ID attribute in this access request message, and obtaining this message is a common access request message, and HAAA carries out following content:
(1) at first the user is carried out authentication, authentication is by the PDSN address in the record request message then;
(2) send access request-reply (access accept or access reject) to service PDSN, because the property value of this user Tap ID is greater than 0 in the HAAA database, comprise Tap ID attribute and ADMF Address in this access request-reply message, wherein, property value is the respective attributes value of this user among the HAAA;
Step 3.7: service PDSN receives this access request-reply message, judges to obtain comprising in this message Tap ID attribute field, sends the monitoring triggering message that comprises Tap ID to monitoring system according to the ADMF Address in this message;
Step 3.8: it is effective that the monitoring system judgement obtains this Tap ID, PDSN sends the monitoring triggering response message to service, wherein, comprise in this monitoring triggering response message as the IP address of the IP address of listening mode, the listen requirement of monitoring content, DF2 and port numbers, DF3 and port numbers, Tap ID;
Step 3.9~3.10: service PDSN receives the monitoring triggering response message, according to address and the port numbers of the DF2 in this message, to DF2 reporting service dependent event; Simultaneously, service PDSN sends connecting request according to address and the port of the DF3 in this message to monitoring system, and monitoring system receives this request and respond to connect and set up request-reply, and begins to set up business between the service PDSN and is connected.Wherein, in the present embodiment, monitoring service stream adopts the form of generic route encapsulation (GRE), and wherein, the key field in GRE packet header is set to Tap ID; Also can adopt other packing forms, satisfy the monitoring service demand and get final product.
When 3, the user strides the PDSN switching:
When the user strides the PDSN switching, this user's switching enters new PDSN, its flow process and monitoring system are carried out the targeted customer when setting, step when the targeted customer does not also insert packet network is identical, simultaneously, this user also need monitor at former PDSN and cancel, and referring to shown in Figure 4, idiographic flow comprises:
ADMF in the monitoring system sends to monitor to former service PDSN and cancels message, the corresponding setting of cancelling this targeted customer of former service PDSN, and the ADMF in monitoring system sends to monitor and cancels response message then;
In embodiments of the present invention, when monitoring system desire cancellation during,, need following steps referring to shown in Figure 5 to targeted customer's monitoring:
ADMF in the monitoring system sends the targeted customer and cancels message to acting on behalf of PDSN, has value in this message and be 0 Tap ID; Act on behalf of PDSN and receive this message, generating does not have the user of user cipher to insert request (access request) message, and inserts this user that setting Tap ID value is 0 on the request message, acts on behalf of PDSN and sends this user to HAAA and insert request message; HAAA receives this access request message, judge that the Tap ID property value that obtains in the message is 0, show that this message cancels message for the targeted customer, not to subscription authentication, carry out following operation: the Tap ID property value that intercepted user is set is 0, sends access request-reply (access accept) message to acting on behalf of PDSN; Act on behalf of PDSN and receive this access request-reply message, generate the targeted customer and cancel response message, send to monitoring system; Monitoring system judges that according to the content that the targeted customer cancels in the response message obtaining the targeted customer cancels success, does not do action at interface;
Can realize roaming the problem of monitoring when striding the PDSN switching to targeted customer's monitoring, when targeted customer any one PDSN in the monitoring scope inserts packet network, still can realize in time, monitor accurately by the user.
In embodiments of the present invention, when the user stops Packet Service, according to the cdma network packet oriented protocol, PDSN generates request (accounting stop) message of chargeing, and the sessioncontinue field in this message is changed to 0, send to HAAA, HAAA receives this message, and the PDSN Address property value of HAAA being gone up this user is changed to 0; And for by the user that monitored, monitoring system discharges and serves that the monitoring service about this user is connected between the PDSN.
In embodiments of the present invention, according to actual networking situation, the message between each PDSN and the HAAA transmits may pass through one or more broker AAA equipment.
In embodiments of the present invention, message between each PDSN and the HAAA transmits and can concentrate the equipment of realizing above-mentioned described newly-increased radius attribute and monitoring miscellaneous function through one, and PDSN is gone up normal authentication request and the request of chargeing is transmitted to HAAA by this equipment.Can realize thus HAAA is not added change.
In embodiments of the present invention,, can utilize IMSI, realize the process of the foregoing description 1 as user ID by the corresponding relation between international mobile subscriber identity (IMSI) and the NAI; Perhaps can also utilize the corresponding relation between electronics string number (ESN) or mobile number thin (MDN) and the NAI, obtain NAI, realize the process of the foregoing description 1.
Embodiment 2:
More than for the present invention is applied to preferred embodiment in the cdma system, wherein use Tap ID as the sign of once monitoring, distinguishing each time monitoring, and make snoop procedure efficiently feasible.The present invention can also monitor according to user ID and monitoring system address simple realization Packet Service, is specially:
When monitoring system is carried out each targeted customer's assignment procedure among the embodiment 1, comprise ADMF Address and NAI in targeted customer's setup message, and no longer comprise and in like manner, all no longer comprise Tap ID in other each bar message with the Tap ID of this monitoring that makes a check mark; Monitoring system carries out that the targeted customer sets and the targeted customer does not also insert under the situation of packet network, present embodiment identifies according to the targeted customer, in HAAA, judge whether to have preserved ADMF Address attribute, if, show that then this user needs to monitor, otherwise this user need not monitor, all the other processes are consistent with process among the embodiment 1, and difference only is that each bar message does not comprise Tap ID in the present embodiment.
Present embodiment is applicable to monitors the less relatively situation of number of times, no longer comprises TapID in each bar message, makes that message is simple and saves transmission space.
Embodiment 3:
In above embodiment 1 and 2, monitoring system carry out the targeted customer when setting the targeted customer also do not insert under the situation of packet network, HAAA all adopts the PDSN by the current access of targeted customer to trigger monitoring system, in the present embodiment, be the simplified message flow process, employing directly triggers monitoring system by HAAA, specifically the process that triggers monitoring system after the HAAA authentication is changed into:
After HAAA receives the access request message of service PDSN, carry out authentication, after authentication is passed through, directly obtain ADMF Address attribute according to user ID, send monitoring triggering message according to this attribute to monitoring system, trigger the address that comprises the current access service PDSN of this user that preserves among the HAAA in the message, monitoring system is set up according to this address and is connected with the monitoring of this PDSN, specifically set up process and the foregoing description to set up process consistent.
Embodiment 4:
For the fixing situation in monitoring system address, the present invention also can be set in advance in the monitoring system address on each service PDSN, in such cases, need not from HAAA, to obtain the monitoring system address in the trigger process of the monitoring system of present embodiment, only need to obtain the monitoring system address and get final product on the PDSN that the user inserts, all the other processes are consistent with the process of the foregoing description.
The present invention also can be applicable in cdma2000, cdma 1x, EV-DO, EV-DV, WLAN, the WLL system; its application process is consistent with the described step of above embodiment; these those skilled in the art need not creative work and can realize; therefore, being applied to the monitor method of the present invention of the above system should be within protection range of the present invention.Equally, for the system that uses AAA in conjunction with PDSN, the present invention also can be applicable on it, and concrete implementation step is same as the previously described embodiments.
As seen, the present invention is by newly-increased radius attribute on HAAA, make monitoring system can utilize these attributes on HAAA, to carry out targeted customer's setting, in a single day the targeted customer inserts the PDSN in the monitoring scope, then set this PDSN and monitoring system connects according to the targeted customer on the HAAA, transmission monitoring service stream is realized monitoring.This method has realized the monitoring of packet network, and has well solved following monitoring problem, is respectively:
Roaming monitoring problem inserts packet network for the eavesdropping target from any one PDSN in the monitoring scope, and the present invention all can trigger monitoring system to realize monitoring by HAAA;
Monitor problem in advance, for after monitoring system is sent snoop command, inserted the situation of packet network by the eavesdropping target, the present invention can realize monitoring by utilizing HAAA to trigger monitoring system when this user access network;
Monitor problem midway, before sending snoop command in monitoring system, inserted the situation of packet network by the eavesdropping target, the present invention can trigger monitoring system by HAAA, realizes the monitoring to this object;
The present invention only needs to do small size change to existing equipment, implements simply, efficient, has a good application prospect.
Claims (16)
1, a kind of method of carrying out the Packet Service monitoring according to user ID is characterized in that this method may further comprise the steps:
The targeted customer that A, monitoring system send this monitoring is identified on the HAAA, and HAAA is monitored according to this user of this targeted customer's identity marking, and then, HAAA sends the PDSN address of the current access of targeted customer to monitoring system;
B, monitoring system judge whether the PDSN effective address of receiving that the targeted customer inserts, if according to this address, monitoring system and PDSN connect by interacting message, and transmission monitoring service stream; Otherwise, monitoring system is waited for, insert PDSN up to the targeted customer, HAAA writes down the current access of this user PDSN address and knows that according to this user ID these user's needs are monitored, then, HAAA triggers monitoring system with the current access of this user PDSN address, and monitoring system and PDSN connect by interacting message, transmission monitoring service stream.
2, monitor method according to claim 1 is characterized in that this method further comprises if user access network, and then HAAA is kept at self according to user ID with the PDSN effective address of the current access of this user; If user's deviated from network, then HAAA is invalid value according to user ID with this user's PDSN address setting.
3, monitor method according to claim 1 is characterized in that among the step B, and described monitoring system judges whether to receive that the PDSN effective address that the targeted customer inserts comprises:
Monitoring system judges whether the PDSN address field of receiving is 0 or is empty, if then the PDSN address is invalid; Otherwise the PDSN address field is effective.
4, monitor method according to claim 1 is characterized in that monitoring system further sends to the monitoring system address on the HAAA in the steps A, and HAAA is according to this address of targeted customer's identification record;
HAAA described in the step B triggers monitoring system with the current access of this user PDSN address and comprises: HAAA is according to the monitoring system address, and the current access PDSN address that identifies this user according to the targeted customer sends to monitoring system, triggers and monitors.
5, monitor method according to claim 1 is characterized in that monitoring system further sends to the monitoring system address on the HAAA in the steps A, and HAAA is according to this address of targeted customer's identification record;
HAAA described in the step B triggers monitoring system with the current access of this user PDSN address and comprises: HAAA sends to the monitoring system address on the PDSN of the current access of this user according to this targeted customer's sign, and this PDSN triggers monitoring system according to the monitoring system address.
6, monitor method according to claim 1, it is characterized in that on PDSN, preestablishing the monitoring system address, HAAA described in the step B triggers monitoring system with the current access of this user PDSN address and comprises: HAAA notifies this user of the current access of this user PDSN to be monitored, and this PDSN triggers according to predefined monitoring system address and monitors.
7, monitor method according to claim 1 is characterized in that:
In the steps A, the targeted customer that monitoring system sends this monitoring is identified to and further comprises on the HAAA and send this monitor sign in HAAA, HAAA judges whether this monitor sign is invalid, if, then HAAA carries out common authentication, otherwise described HAAA is monitored to HAAA is this monitor sign in the monitoring attribute that the targeted customer is set certainly on one's body according to this user of this targeted customer's identity marking, and described HAAA sends the PDSN address and further comprises this monitor sign of transmission to monitoring system;
Among the step B, if monitoring system is not received the PDSN effective address, then described HAAA writes down the current access of this user PDSN address and further comprises this monitor sign of record, describedly know that these user's needs are monitored further comprise that according to this user ID monitoring system judges whether this monitor sign is effective, if, then trigger, otherwise, do not trigger.
8, monitor method according to claim 7 is characterized in that describedly judging that whether invalid monitor sign for judging that whether the monitor sign field is 0 or for sky, if then monitor sign is invalid; Describedly judge that monitor sign is whether effectively for judging that whether monitor sign is the integer greater than 0, if then monitor sign is effective.
9, monitor method according to claim 1, it is characterized in that described monitoring system and PDSN connect by interacting message further to comprise: PDSN responds user's current business state to monitoring system.
10, monitor method according to claim 1 is characterized in that described monitoring system connects by interacting message with PDSN to comprise: monitoring system by the form of generic route encapsulation (GRE) set up with PDSN between be connected.
11, monitor method according to claim 1 is characterized in that this method further comprises:
Switch if the user strides PDSN, the user inserts new PDSN, carries out described step B, and when monitoring system and new PDSN set up monitoring when being connected, monitoring system is cancelled monitoring on former PDSN.
12, monitor method according to claim 1 is characterized in that this method further comprises if the monitoring system cancellation is monitored the targeted customer:
Monitoring system sends message, and it is invalid that this user's of notice HAAA monitor sign is set to.HAAA sends to monitoring system and replys, and informs the monitoring of monitoring system cancellation to this targeted customer.
13, monitor method according to claim 1 is characterized in that the PDSN that further passes through any one appointment in the monitoring scope between described monitoring system and the HAAA transmits message.
14, monitor method according to claim 1 is characterized in that described user ID is network access Identifier (NAI).
15, monitor method according to claim 14 is characterized in that this method further comprises international mobile subscriber identity (IMSI) or electronics string number (ESN) or mobile number thin (MDN) are converted to NAI by fixed correspondence.
16, monitor method according to claim 1, it is characterized in that described Packet Service is code division multiple access (CDMA) 2000 systems, CDMA 1X system, only is used for CDMA2000 1X enhanced edition (CDMA2000 1X EV-DO, HRPD) Packet Service of system, CDMA2000 1X enhanced edition (the CDMA2000 1X EV-DV) system that is used for data and speech transmissions, wireless lan (wlan) system, wireless local loop (WLL) system of transfer of data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB031215904A CN100353794C (en) | 2003-04-02 | 2003-04-02 | Method of proceeding grouping business audiomonitoring according to user mark |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB031215904A CN100353794C (en) | 2003-04-02 | 2003-04-02 | Method of proceeding grouping business audiomonitoring according to user mark |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1535068A true CN1535068A (en) | 2004-10-06 |
| CN100353794C CN100353794C (en) | 2007-12-05 |
Family
ID=34285749
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB031215904A Expired - Fee Related CN100353794C (en) | 2003-04-02 | 2003-04-02 | Method of proceeding grouping business audiomonitoring according to user mark |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100353794C (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101257412B (en) * | 2007-03-02 | 2010-09-29 | 中兴通讯股份有限公司 | Alarming interception system and method for WiMAX network |
| CN101159625B (en) * | 2007-11-07 | 2011-04-20 | 中兴通讯股份有限公司 | System and method of implementing monitor for police for WiMAX |
| CN101227339B (en) * | 2007-01-19 | 2011-07-13 | 中兴通讯股份有限公司 | Method for monitoring data traffic based on contents and/or IP address |
| WO2011088653A1 (en) * | 2010-01-21 | 2011-07-28 | 中兴通讯股份有限公司 | Method and system for distributing packet data service node |
| CN101447918B (en) * | 2008-03-12 | 2011-08-10 | 中兴通讯股份有限公司 | Notification method of user equipment access protocol and system thereof |
| CN102202293A (en) * | 2011-04-27 | 2011-09-28 | 海能达通信股份有限公司 | Method, device and system for realization of remote monitoring |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5983074A (en) * | 1996-06-17 | 1999-11-09 | Reactel, Inc. | Remote command, control and monitoring of apparatus by way of existing paging service network |
| EP1159817B1 (en) * | 1999-03-12 | 2011-11-16 | Nokia Corporation | Interception system and method |
| AU2001272283A1 (en) * | 2000-07-25 | 2002-02-05 | Telefonaktiebolaget Lm Ericsson (Publ) | Packet core function and method of automatic pdsn discovery, monitoring, and failure handover |
| US6999449B2 (en) * | 2000-08-18 | 2006-02-14 | Telefonaktiebolaget Lm Ericsson (Publ) | System and method of monitoring and reporting accounting data based on volume |
-
2003
- 2003-04-02 CN CNB031215904A patent/CN100353794C/en not_active Expired - Fee Related
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101227339B (en) * | 2007-01-19 | 2011-07-13 | 中兴通讯股份有限公司 | Method for monitoring data traffic based on contents and/or IP address |
| CN101257412B (en) * | 2007-03-02 | 2010-09-29 | 中兴通讯股份有限公司 | Alarming interception system and method for WiMAX network |
| CN101159625B (en) * | 2007-11-07 | 2011-04-20 | 中兴通讯股份有限公司 | System and method of implementing monitor for police for WiMAX |
| CN101447918B (en) * | 2008-03-12 | 2011-08-10 | 中兴通讯股份有限公司 | Notification method of user equipment access protocol and system thereof |
| WO2011088653A1 (en) * | 2010-01-21 | 2011-07-28 | 中兴通讯股份有限公司 | Method and system for distributing packet data service node |
| CN102202293A (en) * | 2011-04-27 | 2011-09-28 | 海能达通信股份有限公司 | Method, device and system for realization of remote monitoring |
| CN102202293B (en) * | 2011-04-27 | 2014-05-14 | 海能达通信股份有限公司 | Method, device and system for realization of remote monitoring |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100353794C (en) | 2007-12-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR102209599B1 (en) | Service management method and device | |
| CN1209938C (en) | Method and device for attaching a user equipment to a telecommunication network | |
| CN1232088C (en) | Method for supporting mobility on internet | |
| CN1210920C (en) | Method of checking amount of transmitted data | |
| CN1233120C (en) | Mobile communication system, communication control method, and mobile terminal device and control method | |
| CN1203650C (en) | Method and apparatus for secure communication | |
| CN1444824A (en) | Common charging identifier for communication networks | |
| CN101911748A (en) | Diagnostic monitoring by a wireless device | |
| CN1494235A (en) | Communication system | |
| CN1663151A (en) | Multimedia service providing method in a radio mobile communication system | |
| CN1859165A (en) | Method and system for service tracking | |
| CN1315302C (en) | Method of route inquiry under condition of wireless local area network and mobile network intercommunication | |
| CN112311906B (en) | Wireless screen projection method and device | |
| CN1866882A (en) | System and method for carrying out monitoring on mobile IP user | |
| CN1717076A (en) | System and method for realizing colony service | |
| CN1535068A (en) | Method of proceeding grouping business audiomonitoring according to user mark | |
| CN1925671A (en) | Method for realizing system switch in encryption mode | |
| CN1848823A (en) | System and method for intercommunicating with mobile network short message based on IP switch-in network | |
| CN1711785A (en) | System and method for managing access of a communication network to a mobile terminal | |
| CN1538778A (en) | Method of proceeding grouping business listening based on mobile telephone number | |
| CN1310567C (en) | Performing terminal authentication and call processing in private wireless high-speed data system | |
| CN100337458C (en) | Method of providing appearing information from radio local network to appearing system | |
| CN1863398A (en) | Method for controlling user access in mobile communication | |
| CN1197398C (en) | Data transmitting method in mobile communication system | |
| CN1489314A (en) | Method for establishing and removing MBMS business in SGSN and GGSN |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20160513 Address after: American California Patentee after: Snaptrack, Inc. Address before: 518057 Guangdong city of Shenzhen province science and Technology Park of HUAWEI Road Service Building Patentee before: Huawei Technologies Co., Ltd. |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20071205 Termination date: 20190402 |