KR102147832B1 - Method for allocating dedicated network of application, method for providing third parties billing service, and telecommunicatin system and user terminal implementing the methods - Google Patents

Abstract

A method of providing a third-party billing service by interworking with a core network and a terminal by a data policy control device, comprising: a data billing burden policy of a third party for a specific application, and allocated to the core network for transmitting and receiving traffic of the specific application. Storing dedicated network information, controlling access to a dedicated network of the specific application installed in terminals, based on the data charging burden policy, and determining the amount of data used to transmit and receive traffic of the specific application in the dedicated network to the third It includes the step of billing the person. Each terminal having the specific application installed transmits the traffic of the specific application to the dedicated network or the public network according to the control of the data policy control device.

Description

A method of allocating an application-only network, a method of providing a third-party billing service through it, and a communication network system and user terminal implementing the same, and METHOD FOR PROVIDING THIRD PARTIES BILLING SERVICE, AND TELECOMMUNICATIN SYSTEM AND USER TERMINAL IMPLEMENTING THE METHODS }

The present invention relates to a wireless communication network system and a data communication service thereof.

The user is given a certain amount of data every month according to the carrier's plan, and the amount of data is deducted each time data is transmitted or received through a communication network. Since the user runs the application on the terminal and uses the content provided from the remote server, the user bears a communication network fee for using the content. That is, even if the user purchases a paid application or purchases paid content within the application, the user must pay the communication network usage fee.

Meanwhile, some content providers pay customers' communication network usage fees instead for various purposes such as market expansion. In this case, the communication company registers 5 tuples for specifying the billing support target of the content provider in the core network, and changes the billing for all traffic corresponding to the registered 5 tuples to the content provider as a third party. At this time, since the P-GW must recognize the content server address of the packet to separate user billing and content provider billing, all destination information of the remote host used by the application must be provided to the carrier. In addition, it is difficult to determine the billing target by the content server address due to frequent linkages between applications. In addition, as the billing target for generated traffic is collectively changed to the content provider, it is difficult for the content provider to determine the amount of data to be billed in advance, it is difficult to control the billing, and it is impossible to apply various billing services that charge for certain data usage. .

Since the user has no choice but to use the data service depending on the rate plan, even if the content provider wants to provide a differentiated content service, it depends on the QoS of the communication network to which the user subscribes. Therefore, the content development of the content provider has no choice but to rely on the communication network.

In this way, even if the content provider distributes the application to the terminal through the application market, the use of the application depends on the user's communication network plan and QoS. Communication companies can increase the amount of communication network usage if the content provider pays the billing for the traffic generated by a specific application, but it is difficult to classify the traffic used by users in the core network into personal billing and content provider billing.

Until now, it was natural for individual users to bear the communication network usage fee for application use, but in an era in which all objects are connected through a communication network to consume content, a technology that allows various subjects to bear the content distribution cost through the communication network is required. do.

The problem to be solved by the present invention is to provide a method of allocating a dedicated network for a specific application, controlling access to a dedicated network of an application, and a communication network system and a user terminal implementing the same.

The problem to be solved by the present invention is to provide a third-party billing service for a specific application, and in particular, a method of controlling third-party billing by reflecting the data billing burden policy of the third party on the terminal in real time, and a communication network implementing the same. It is to provide a system and a user terminal.

The problem to be solved by the present invention is to provide a routing management method of allocating a dedicated APN to an application or a common APN according to the control of a data policy control device in a terminal supporting setting of a plurality of access point names (APNs). To provide.

In addition, a problem to be solved by the present invention is to provide a user interface through which a user can easily and intuitively control access network change for each application or use of a third-party billing service.

A method of providing a third-party billing service by interworking with a core network and a terminal by a data policy control device according to an embodiment, wherein a third party's data billing burden policy for a specific application, and the traffic transmission/reception of the specific application Managing dedicated network information allocated to a core network, controlling access to a dedicated network of the specific application installed in terminals based on the data charging burden policy, and data used for transmitting and receiving traffic of the specific application in the dedicated network And charging the amount to the third party. Each terminal having the specific application installed transmits the traffic of the specific application to the dedicated network or the public network according to the control of the data policy control device.

In the controlling of access to the dedicated network of the specific application, when the data charging burden policy is valid, the dedicated network access may be permitted so that the traffic of the specific application is transmitted to the dedicated network. A terminal permitted to access the dedicated network may set a first routing policy for transmitting the traffic of the specific application to the dedicated network using the dedicated network access information.

The private network access information may be an access point name (APN) of a private network allocated to the core network.

The data charging burden policy may include the amount of purchase data of the third party. The controlling of access to the dedicated network of the specific application includes, when the amount of data charged to the third party reaches the amount of purchased data of the third party, terminals that are permitted to access the dedicated network for the specific application. Can instruct authentication cancellation. Each terminal whose authentication has been released may change to a second routing policy that transmits the traffic of the specific application to the public network.

The controlling of the access to the dedicated network of the specific application includes transmitting the dedicated network access information allocated to the specific application to the terminals, receiving an authentication request for accessing the dedicated network of the specific application from any of the terminals. And authenticating the dedicated network access to the specific application based on the application authentication policy set by the third party, and allowing the private network access to the random terminal. Traffic of the specific application executed in the random terminal may be transmitted to a dedicated network corresponding to the dedicated network access information.

The application authentication policy may include an identifier of the specific application and integrity information.

The specific application may be a company-specific application connected to a company's internal network or an application connected to a content server through an Internet network.

The third-party billing service providing method includes the steps of monitoring a residual amount of the purchase data amount of the third party, which varies according to traffic transmission/reception in the dedicated network, and notifying the remaining amount to the third party, and data from the third party. Upon receiving a request for addition, the step of updating the data billing burden policy may be further included.

In the step of billing to a third party, when traffic to be charged to a plurality of third parties is transmitted and received together in the dedicated network, the traffic transmitted and received in the dedicated network can be classified for each application and charged to a third party corresponding to each application. have.

A method for a terminal to route traffic of an application to a designated network according to another embodiment, comprising: requesting authentication for access to a dedicated network of a specific application to a data policy control device, and accessing the dedicated network of the specific application from the data policy control device. And receiving an authorization result to be permitted, and setting a routing policy for transmitting the traffic of the specific application to a dedicated network allocated to the specific application. The traffic of the specific application is transmitted to the dedicated network created in the core network based on the dedicated network access information while authentication for accessing the dedicated network is valid.

In the requesting authentication for access to the dedicated network, when a user motion of moving the specific application displayed on a user interface screen into a specific area is input, the data policy control device may request authentication for access to the dedicated network of the specific application. When access to the dedicated network is permitted from the data policy control device, the specific application may be located in the specific area, and when access to the dedicated network is not permitted from the data policy control device, the specific application may be located outside the specific area.

The step of requesting authentication for access to the dedicated network may include, when a request for execution of the specific application located in the specific area is input, requesting authentication for access to the dedicated network of the specific application to the data policy control device, and controlling the data policy If the device is not permitted to access the dedicated network, the specific application can be moved out of the specific area.

The routing method may further include receiving an authentication release for access to a dedicated network for the specific application from the data policy control device, and changing a routing policy for transmitting the traffic of the specific application to a public network. .

In the step of setting the routing policy, a routing policy of the specific application may be set by mapping the specific application permitted to access a dedicated network to a routing container to which a virtual network interface is assigned. The virtual network interface may be connected to a first network interface connected to the dedicated network. For applications not mapped to the routing container, a routing policy connected to a second network interface accessing a public network may be set.

When the specific application is a third-party charging application that a third party pays for data charging, the specific application may indicate that the specific application is the third-party charging application on a user interface screen while authentication for access to a dedicated network is valid.

The setting of the routing policy includes managing first network access information for public network access and at least one second network access information for accessing at least one private network, and if the specific application is allowed to access the private network, When the second network access information corresponding to the dedicated network is mapped to the specific application, and when access to the dedicated network of the specific application is not permitted, the first network access information may be mapped to the specific application.

The specific application may be a company-specific application or a third-party billing application that a third party charges for data.

A method for a terminal to install a third-party billing application according to another embodiment, comprising the steps of downloading and installing installation information including information on a third-party billing application and billing communication network information from an application market, and from the billing network information Accessing the indicated data policy control device to notify the installation of the third-party charging application, and setting a routing policy for mapping the dedicated network access information received from the data policy control device to the third-party charging application. Include. The traffic of the third party charging application is transmitted to the dedicated network corresponding to the dedicated network access information while authentication for accessing the dedicated network is valid.

The setting of the routing policy may include requesting authentication for access to a dedicated network of the third-party charging application to the data policy control device, and receiving an authentication result including permission to access a private network from the data policy control device, the routing Policy can be set.

The third-party billing application installation method includes receiving authentication cancellation for access to a private network for the third-party billing application from the data policy control device, and transmitting private network access information mapped to the third-party billing application to a public network. It may further include the step of setting a routing policy to change to access information.

According to the embodiment, since the terminal can additionally set network access information different from the public network (for example, a dedicated APN) for an application that accesses the private network, it is not necessary to change the currently set network access information according to the application being executed. . In particular, since network access information of general applications and security applications requiring security (for example, enterprise applications) can be set separately, general applications and security applications can be used at the same time, and traffic of general applications is It can prevent entry into the network (intranet). In addition, according to an embodiment, when configuring a dedicated network for an application, since an internal network or the like may be set as a target PDN (Packet Data Network), tunneling (VPN) for network packet security is not required.

According to an embodiment, a third party may pay for a specific application traffic, thereby activating the application's content usage, and consequently increasing the traffic. In particular, a third party may change his/her own data charging burden policy in real time, and the data policy control device may reflect the third party's data charging burden policy to the terminal in real time. In addition, since various subjects can bear the communication network usage fee for a specific application, it is possible to provide various types of data network convergence applications and distribute contents.

According to an embodiment, by differently allocating network access information for each application, a traffic transmission path of a general application charged to a user and a third party charging application may be separated. Accordingly, the core network can charge a third party for the traffic transmitted to the designated dedicated network without separating user billing and third-party billing through the content server address.

According to an embodiment, since a dedicated network with guaranteed QoS can be allocated to a specific application, a user can use content such as video and AR/VR games in a dedicated network with guaranteed QoS.

According to an embodiment, a content provider may promote application use (e.g., data use fee free) or sell a communication network fee for an application as a separate product to customers based on the amount of data/QoS purchased from a communication company. .

According to an embodiment, through a container in the form of a folder/box displayed on a terminal screen, a user can conveniently and intuitively control a change in an access network for each application or a request to use a third-party billing service.

According to an embodiment, by converging an application installed in a terminal, a content provider providing content through the application, and a communication network that transmits and receives traffic, various subjects can bear the cost of content distribution through the communication network as desired. As a result, it is possible to increase the use of contents by users and provide communication services such as QoS optimized for contents without having to rely on a user plan.

1 is a communication network system that provides a third party billing service for each application according to an embodiment.
2 is a diagram exemplarily illustrating billing for each application according to an embodiment.
3 is a diagram illustrating an interworking structure of an apparatus for controlling a data policy according to an embodiment.
4 is a flowchart of a method for providing a data billing service according to an embodiment.
5 is a flowchart of a method for controlling a real-time data billing service by a data policy control apparatus according to an embodiment.
6 is a flowchart of a method for controlling a real-time data billing service by a data policy control apparatus according to another embodiment.
7 is a diagram conceptually illustrating an application routing control structure based on a routing container according to an embodiment.
8 is a diagram conceptually illustrating an application routing control structure based on routing policy management according to another embodiment.
9 is a diagram illustrating access to a dedicated network in a routing container-based terminal structure according to an embodiment.
10 is an example of a terminal interface screen including an application container according to an embodiment.
11 is an example of a terminal interface screen displaying a third-party billing application according to an embodiment.
12 is a flowchart of a method for installing a third party billing application according to an embodiment.
13 is a diagram illustrating a method of providing a CP-oriented dedicated network service according to an embodiment.
14 is a diagram illustrating a method of providing a user-selectable dedicated network service according to an embodiment.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings so that those of ordinary skill in the art can easily implement the embodiments of the present invention. However, the present invention may be implemented in various different forms and is not limited to the embodiments described herein. In the drawings, parts irrelevant to the description are omitted in order to clearly describe the present invention, and similar reference numerals are assigned to similar parts throughout the specification.

Throughout the specification, when a part "includes" a certain component, it means that other components may be further included rather than excluding other components unless otherwise stated. In addition, terms such as "... unit", "... group", and "module" described in the specification mean units that process at least one function or operation, which can be implemented by hardware or software or a combination of hardware and software. have.

The devices described in the present invention are composed of hardware including at least one processor, a memory device, a communication device, and the like, and a program that is combined with the hardware and executed is stored in a designated place. The hardware has a configuration and capability to implement the method of the present invention. The program includes instructions for implementing the operating method of the present invention described with reference to the drawings, and executes the present invention by combining it with hardware such as a processor and a memory device.

In the present invention, the terminal is a mobile station (MS), a mobile terminal (MT), a subscriber station (SS), a portable subscriber station (PSS), and a user equipment (UE). , Access Terminal (AT), and the like, and may include all or part of functions such as a mobile station, a mobile terminal, a subscriber station, a mobile subscriber station, a user equipment, and an access terminal.

The terminal is a base station (BS), an access point (AP), a radio access station (RAS), a node B (Node B), an advanced node B (evolved NodeB, eNodeB), a transmission/reception base station ( It can be connected to a remote server by accessing network devices such as Base Transceiver Station, BTS), Mobile Multihop Relay (MMR)-BS, 5G NB (gNB), and the like.

The terminals are various types of communication terminals such as mobile terminals such as smart phones, tablet terminals such as smart pads and tablet PCs, computers, and televisions, and may include a plurality of communication interfaces. Communication interfaces can vary. For example, the communication interface is a local area wireless network interface such as WiFi/WLAN/Bluetooth, and a mobile such as 3G/LTE (Long Term Evolution)/LTE-A (Long Term Evolution-Advanced)/5G. It may include a communication network interface, and a terminal manufacturer may add various communication interfaces.

In the present invention, mainly LTE EPC (Evolved Packet Core) is described as an example, but the same can be applied to 5G core.

In the present invention, the public network and the dedicated network mean separate traffic paths, and do not necessarily need to be physically separated. For example, the public network and the private network may be different bearers created in the same physical path.

In the present invention, a "third party billing service" means that a third party charges a user's data usage on behalf of a user, and contracts between a communication company and a third party may vary. The description mainly assumes that a third party purchases data from a telecommunications company, and charges individual users within the limit of the purchased data, but may be charged for data usage in a postpaid basis without a data limit. It may be referred to as a charge-free/zero-rating service in that the amount of data assigned to the user is not deducted, or as a sponsor service in that a third party supports individual users' communication network usage fees.

In the present invention, the "third party" suffices as long as it is a subject capable of subscribing to a communication company product that provides a third-party billing service. For example, a third party may be a company that provides enterprise-specific applications connected to an internal network, or a content provider (CP) that provides content applications connected to a specific content server. It does not have to be limited to the company or CP that distributed it. For example, a third party may charge data for the application for content (eg, a specific channel) distributed through a specific application (eg, Olleh TV mobile application).

In the present invention, a third-party billing application is described as an example as an application to which a dedicated network is allocated, but the dedicated network is not necessarily allocated only to the third-party billing application, and a specific application (e.g., QoS guarantee required Applications, etc.) can be assigned a dedicated network.

The application of the present invention can be called a network convergence application or a data convergence application because a dedicated network is allocated and billing and QoS are controlled through it.

1 is a communication network system that provides a third-party billing service for each application according to an embodiment, and FIG. 2 is a diagram exemplarily illustrating billing for each application according to an embodiment.

Referring to FIG. 1, the communication network system includes a content provider (CP) device 100, a data policy control device 200 of a communication network, and a data policy control device ( 200) and a terminal 300 that sets a routing policy for a third-party billing application. The data policy control device 200 allocates a dedicated network (dedicated data network) to a specific application designated by a CP or a user among a plurality of applications installed in the terminal, through which traffic path separation, QoS difference, and billing separation for each application are performed. can do.

The CP device 100 is operated for each CP and may communicate with the data policy control device 200. The CP device 100 may designate a third-party billing application and transmit a data billing burden policy for the third-party billing application to the data policy control device 200. The CP device 100 sets and manages a data billing burden policy, a third-party billing application authentication policy, a data billing subscriber list, etc. through an interface provided by the data policy control device 200, and uses the amount of purchased data. You can inquire. The CP device 100 receives a report of the application status of the data billing burden policy including the data remaining amount from the data policy control device 200, and receives notification of the remaining amount below the standard and the third party billing service restriction according to the contract limit reached. I can.

Meanwhile, the CP does not necessarily transmit a data billing burden policy or the like through the CP device 100 to the data policy control device 200 and does not need to subscribe for a product through the data policy control device 200. That is, it is sufficient if the CP can sign up for a data billing burden product at an online product sign-up page provided by a telecommunication company or an offline branch office, and a data billing burden policy accordingly is transmitted to the data policy control device 200.

The data policy control device 200 may reflect the CP's data billing burden policy on the terminal 300 in real time by interworking with various devices of the core network. Interworking devices may vary depending on the network, and representatively, they may interwork with the policy and billing control device 10 and the billing device 20. The policy and charging control device 10 may be a Policy and Charging Control Function (PCC)/Policy and Charging Enforcement Function (PCEF) that performs a Policy and Charging (PCC) function for managing policy charging information. Specifically, the policy and billing control device 10 configures a dedicated network corresponding to the CP's data billing burden policy, and distributes private network information such as a dedicated network configuration policy to the data policy control device 200 and the P-GW 33 can do. The billing device 20 is a device that calculates data usage and may vary depending on the core network, but, for example, an OFCS (offline device) that collects data usage (CDR) in the packet data gateway (P-GW) 33 Charging System)/OCS (Online Charging System). The P-GW 33 delivers a call detailed record, call data record, and charged data record (CDR) indicating data usage to the billing device 20, and the application may be classified by information included in the CDR.

When the data policy control device 200 receives a product subscription for a data billing burden from the CP device 100, it may request the configuration of a CP-only network as a core network and obtain CP-only network information from the core network. Alternatively, the CP may subscribe for a data-charged product through a sales branch of a communication company. In this case, the data policy control device 200 may obtain CP-only network information from the core network. The data billing product may be a kind of dedicated network product.

The data policy control apparatus 200 manages the dedicated network information of the CP registered with the data charging burden policy. The CP dedicated network information may include a dedicated network configuration policy, dedicated network access information allocated to a third party charging application of the CP, and the like, and may be transmitted from the policy and charging control device 10. When the terminal 300 is not in a dedicated network access state, the data policy control apparatus 200 may transmit the dedicated network access information to the terminal 300 to request preparation for access to the dedicated network. In this way, according to the control of the data policy control device 200, the third-party charging application and the dedicated network access information are mapped in the terminal 300, so that the traffic of the third-party charging application may be transmitted to the dedicated network. The dedicated network access information may be, for example, an access point name (APN) in an LTE network or a data network name (DNN) in a 5G network, and the dedicated network assigned to the CP is determined according to the network structure. This is information for specifying. In the present invention, the APN is described as an example of network access information.

The terminal 300 receiving the dedicated APN creates a virtual network interface to prepare for access to the dedicated network, and the point at which the data policy control device 200 transmits the dedicated APN to the terminal 300 is based on the dedicated APN allocation and delivery rules. can be different. According to an embodiment, the dedicated APN may be transmitted to the terminal 300 after the configuration of the dedicated network for the CP's data charging burden policy is completed, or after the dedicated network access to the third party charging application designated by the CP is authenticated. . According to another embodiment, the dedicated APN may be delivered to a user terminal capable of accessing a dedicated network (eg, a GiGA Cube subscriber terminal, which is a dedicated network product) in a state in which the dedicated network configuration is completed in the core network. According to another embodiment, the dedicated APN may be stored in advance in the routing profile of the terminal. When the data policy control device 200 receives a request for a third-party billing (private network access) for a third-party billing application from the terminal 300, the device is based on the stored data billing burden policy/third-party billing application authentication policy. The third party billing application installed in 300 authenticates access to the dedicated network. The third party charging application may be controlled to be charged to the CP (third party) at all times according to the data charging burden policy set by the CP, or to be charged to the CP while authentication by the data policy control device 200 is valid. That is, if the data policy control device 200 is before or when the authentication has expired, the terminal 300 sets public network access information (for example, public APN) even if it is a third-party charging application, Treated as a general application that is charged by the user.

The terminal 300 may set a dedicated APN for the third-party charging application authenticated by the data policy control apparatus 200, thereby transmitting traffic generated by the third-party charging application to a dedicated network designated in the dedicated APN. When a packet is generated by the third party charging application of the terminal 300, an access request message including a dedicated APN is transmitted to the mobility management entity (MME) 31 through the base station 30. MME (31) checks the dedicated network configuration policy of the dedicated APN included in the access request message, and through the S-GW (32), P-GW (33), a dedicated network (dedicated bearer) for transmitting and receiving traffic of a third-party billing application. ) Is set. Through this, the traffic of the third party billing application is transmitted and received through the P-GW 33 of the dedicated network allocated to the dedicated APN, and the amount of data transmitted and received in the dedicated network is collected by the billing device 20.

The data policy control device 200 charges the corresponding CP for the data usage of each third-party billing application acquired from the billing device 20. In addition, the data policy control device 200 checks the data limit purchased (contracted) by the CP, and controls the use of free data by a plurality of terminals in real time according to the remaining amount of data. For example, when the data usage of a specific CP reaches the contract limit, the data policy control device 200 checks the third party charging application contracted by the specific CP, and sends the corresponding third party charging application to the terminal 300. You may be notified and indicated that the use of free data through the Internet is restricted. The data policy control device 200 may inform the CP device 100 of the remaining amount of data to induce additional purchase of data.

The data policy control device 200 determines that the exclusive APN usage right of the third-party billing application has lapsed when a termination event such as the amount of purchase data of the CP is exhausted or the contract with the CP is terminated. In addition, the data policy control device 200 transmits, to the terminal 300, authentication release information instructing to release a dedicated APN connection for a third-party charging application. Then, the terminal 300 changes the network access information of the third-party charging application from the dedicated APN to the public APN. Since the third-party billing application mapped to the public APN accesses the public network like a general application, data usage is billed to the user.

Referring to FIG. 2, when the terminal 300 is capable of setting a plurality of APNs (multi-APNs), a dedicated APN (APN1) received from the data policy control device 200 and a third-party billing application (CP1 application) S). When CP1 applications are executed, the terminal 300 requests the core network to connect to APN1 according to a routing rule. At this time, the charge for the traffic transmitted in the dedicated network may be borne by CP1.

The general application (CP2 APP) connects to the public network set as default by mapping the public APN (APN1). The user is responsible for charging for traffic transmitted through the public network.

As described above, the data billing burden policy allows the individual user to use the communication network, instead of deducting the data given to the individual user, but deducting the amount of data purchased by the CP. Through this, the customer can use the content for free through a third-party billing application within the scope of the CP's data billing burden.

The data billing burden policy may be determined as a product to which the CP has subscribed to a communication company, and the data policy control device 200 may receive a product subscription including the data billing burden policy from the CP device 100. The CP may subscribe to a dedicated network product and provide a third-party billing service to customers who use a third-party billing application. On the other hand, in the data billing burden policy, the CP, which is a third party, may all pay for the amount of data used by individual users for a certain period of time through a third-party billing application, but may bear some.

The data billing burden policy may be variously determined according to rates and control conditions, such as a personal plan. For example, the data billing burden policy is the amount of data purchased by CP (for example, 1Tbyte/month), the amount of personal data that CP will provide to each customer (for example, 200Mbyte/month per customer), and CP is billed. List of customers who will be responsible for the service, the application identifier that the CP will pay for, the content server information of the application that the CP will pay for, the time zone for which the CP will pay the bill, QoS level, and contract period (e.g., one month, one week, etc.) And so on. The data charging burden policy may further include an application authentication policy.

The data policy control device 200 manages dedicated network products for each CP, policy content, and dedicated network setting information, as shown in Table 1, for example. QoS may include, for example, GBR (Guaranteed Bit Rate), MBR (Maximum Bit Rate), QCI (QoS Class Identifier), and the like. In the case of a higher QCI applicable to a dedicated bearer, the data policy control device 200 may store a 5-tuple for generating a QoS policy of a product to which the CP subscribes.

CP name Product ID Purchase data volume term QoS 5 tuples kt 20000 unlimited Term GBR, MBR, QCI - cacao 20001 200 TB When exhausted GBR, MBR, QCI - Naver 20002 200 TB When exhausted GBR, MBR, QCI -

3 is a diagram illustrating an interworking structure of an apparatus for controlling a data policy according to an embodiment.

Referring to FIG. 3, the data policy control device 200 includes a CP policy management unit 210 interworking with the CP device 100, a terminal authentication unit 230 interworking with the terminal 300, and a profile storage unit 250. Include. The CP policy management unit 210 and the terminal authentication unit 230 may interwork with each other and manage the profile storage unit 250. Although the CP policy management unit 210 is described as communicating with the core network, a connection relationship between the core network and the data policy control device 200 may be designed in various ways.

The CP policy management unit 210 registers the subscription for the data billing burden product received from the CP device 100 by interworking with the core network devices of the telecommunication company, configures a dedicated network for the data billing burden policy, and provides a third-party billing application. The related data usage can be charged to the CP. The core network devices that the CP policy management unit 210 interlocks with are determined according to the network, for example, the CP policy management unit 210 interlocks with a business support system (BSS) for subscription of data-charged products. can do. The CP policy management unit 210 may interwork with PCRF/PCEF that performs a PCC function in order to apply a network configuration policy of a data-charged product. The CP policy management unit 210 may link data usage with OCS/OFCS. The CP policy management unit 210 may check a user profile by interworking with a home subscriber server (HSS).

The terminal authentication unit 230 authenticates access to a dedicated network of third-party billing applications installed in terminals based on an application authentication policy designated by the CP. The application authentication policy may include third-party billing application information (application identifier), integrity information (Signiture), and user information to which a dedicated network is allocated. The terminal authentication unit 230 may perform application authentication in connection with the application market.

Data billing burden products subscribed to by CP may not be subject to application immediately upon subscription. The CP may sell a third-party billing application to an individual user and generate an application authentication policy based on user information who purchases (installs) the third-party billing application. The CP device 100 may share the authentication policy by transmitting the application authentication policy to the data policy control device 200. Meanwhile, the application authentication policy may be generated by the CP device 100.

The terminal authentication unit 230 executes a third-party billing application in the terminal 300 or receives a request for access to a dedicated network for a third-party billing application (third-party billing request), based on the application authentication policy designated by the CP. The dedicated network connection is authenticated for the application.

In the authenticated third-party charging application, routing information from the terminal 300 to the dedicated network is mapped. Meanwhile, the dedicated network access information (dedicated APN) may be transmitted together with authentication for a dedicated network access request (third party billing request), or may be stored in the terminal in advance before authentication. For example, the dedicated network access information may be pre-stored in the terminal profile when a third-party billing application is installed or when the terminal requests dedicated network information. At this time, the terminal 300 may prepare a dedicated network connection by creating a virtual network interface in a routing container that can collectively map authenticated applications, and connecting the virtual network interface to a network interface in which a dedicated APN is set (Fig. 9).

The profile storage unit 250 stores and manages a data billing burden policy for each CP, an application authentication policy, and dedicated network information, and is referred to by the CP policy management unit 210 and the terminal authentication unit 230.

In this way, the CP may directly set and manage a data billing burden policy, a data billing subscriber list, etc. through the CP device 100 interworking with the data policy control device 200, and inquire data usage inquiry. The CP may receive a report of the application status of the data charging burden policy including the data burden amount/data remaining amount through the CP device 100. Through this, the CP can immediately reflect the data network policy to the telecommunication company and can grasp the usage status in real time.

4 is a flowchart of a method for providing a data billing service according to an embodiment.

Referring to FIG. 4, the data policy control apparatus 200 receives a subscription for a product for data billing for a specific application from a CP (S110). The subscription content may include various data billing policies including purchase data amount, contract period, QoS, etc.

The data policy control device 200 registers a data billing burden product in the core network, and requests a dedicated network allocation according to the data billing burden policy (S120). For example, PCRF creates a dedicated network configuration policy and distributes the dedicated network configuration policy to the P-GW. When an internal network other than a public network is connected to the P-GW, the physical network interworking task can be performed together.

The data policy control device 200 is notified of the completion of the configuration of the dedicated network for the data charging burden service of the CP from the core network (S122). The dedicated network configuration completion notification message includes information on the dedicated network allocated to the CP. If the dedicated network is allocated for each CP, the dedicated network APN may be included. The data policy control device 200 stores the CP's data billing burden policy and information on a dedicated network allocated to the CP.

The data policy control device 200 notifies the CP device 100 of the completion of the configuration of a dedicated network for a data-charged product (S124). That is, the data policy control device 200 notifies that the third party billing application is ready to use the dedicated network.

The data policy control device 200 receives an authentication policy of an application subject to charging from the CP device 100 (S130). The application authentication policy may include third-party billing application information (application identifier), integrity information (Signiture), and user information. If the application authentication policy requires information about the user who installed the application, it may be updated every time the application is installed. According to the application authentication policy, the application authentication policy may be included in the data billing burden policy and contracted.

The data policy control apparatus 200 receives an authentication request for access to a dedicated network of a specific application from the terminal 300 (S140). Authentication may be performed according to a method designated by an individual application, or may be requested by a user moving an application from a display screen to an application container.

When the data billing burden policy is valid (data residual amount exists, etc.), the data policy control device 200 authenticates the application identifier included in the authentication request based on the application authentication policy, and permits the terminal 300 to access a dedicated network. (S142).

The terminal 300 maps the specific application for which the dedicated network access is permitted and the dedicated network access information (dedicated APN) (S150). That is, the terminal 300 changes the routing policy so that a specific application accesses the dedicated network. To change the routing policy, the routing container described in FIG. 7 may be used, or an access network discovery and selection function (ANDSF) described in FIG. 8 may be used. When the mapping between the specific application and the dedicated network access information is completed, the terminal 300 displays the user to know that the third party is charged.

When a specific application is executed, the terminal 300 accesses the dedicated network according to the routing policy (S160). The terminal 300 accesses a content server of a specific application through a dedicated network and transmits and receives traffic. The dedicated network is allocated according to the data charging burden policy, and different QoS from the public network can be set, and the dedicated network configuration policy is distributed to core network devices such as P-GW.

The data policy control device 200 receives CP billing information from the billing device of the core network (S170). When a dedicated network is allocated for each CP, data usage through the dedicated network is charged to the CP as it is. If a plurality of CPs with different billing subjects are assigned a dedicated network, the data usage to be borne by each CP may be calculated based on an identifier of a third party billing application designated by each CP.

The data policy control device 200 reports the application state of the data charging burden policy including the remaining amount of data to the CP device 100 (S180).

Meanwhile, the data policy control apparatus 200 may acquire a data charging burden policy including an application authentication policy when a subscription for a data charging burden product of the CP is received. In this case, the data policy control apparatus 200 starts authentication for access to the dedicated network (third party charging) for the application designated by the CP when notifying the completion of the configuration of the dedicated network for the CP's data billing product from the core network.

In FIG. 4, a method of delivering a dedicated APN to a terminal is not described in detail, but a method of delivering a dedicated APN to a terminal may be implemented in various ways depending on the number of APNs supported by the terminal and the number of dedicated networks to which the terminal can access. I can.

For example, when the number of APNs supported by the terminal is not limited, a dedicated network may be allocated for each CP, and an APN for each dedicated network may be allocated. In this case, whenever there is a CP that subscribes to a data-charged product, the dedicated network access information for CP (dedicated APN) can be provided to the terminal.

However, when the number of APNs supported by the terminal is limited, dedicated APNs and public APNs may be classified according to the number of APNs. If the terminal supports two APNs, the terminal creates network interfaces in the terminal operating system (OS) kernel with a public APN (default APN) for access to the public network and a dedicated APN for access to the dedicated network, and accesses the dedicated network. Can be prepared. Thereafter, the terminal may route the traffic of the third party charging application to the dedicated network by mapping the authenticated third party charging application to the dedicated APN network interface. In this case, CPs share a dedicated network.

FIG. 5 is a flowchart of a method for controlling a real-time data billing service by a data policy control device according to an embodiment, and FIG. 6 is a flowchart of a method for controlling a real-time data billing service by a data policy control device according to another embodiment to be.

Referring to FIG. 5, the data policy control apparatus 200 monitors the remaining amount of data that varies according to traffic transmission/reception in a CP-only network (S210).

When the data remaining amount of the specific CP reaches the contract limit, the data policy control device 200 informs the CP device of the data exhaustion schedule (S220).

The data policy control device 200 receives a request for adding data from a corresponding CP device (S230).

The data policy control device 200 updates the CP's data billing burden policy (S240).

The data policy control device 200 notifies the update of the data charging burden policy to the corresponding CP device (S250).

Referring to FIG. 6, the data policy control apparatus 200 monitors the remaining amount of data that varies according to the transmission and reception of traffic in the CP-only network (S310).

When the data remaining amount of a specific CP reaches the contract limit, the data policy control device 200 notifies the corresponding CP device of the data exhaustion schedule (S320).

The data policy control device 200 deletes the dedicated network information allocated to the third party charging application of the CP from the application authentication policy when the data charging burden policy of the corresponding CP is not updated (data added) and the remaining amount of data is exhausted. (S330).

The data policy control apparatus 200 is a terminal that has been granted access to a private network for a third-party billing application, and instructs the application to release authentication for access to the private network (S340). The data policy control device 200 determines that the exclusive network use right of the third-party billing application has lapsed when an event such as a case where the amount of contract data is exhausted or the contract with the CP is terminated occurs. In addition, the data policy control device 200 transmits, to the terminal 300, authentication release information indicating that the third party billing application does not have permission to use the dedicated network.

The terminal 300 notified of the authentication release changes the routing policy so that the third-party charging application accesses the network to the public APN charged to the user (S350). That is, the routing policy of the third-party charging application is changed from a dedicated APN to a public APN. The terminal 300 may respond to an authentication release notification to the data policy control device 200.

The terminal 300 displays that the third-party billing application is changed to a general application billed by the user (S360). The terminal 300 changes the routing policy from the CP-only APN to the public APN that is charged to the user, and then displays a state change to a general application. For example, the terminal 300 may delete the third-party charging indication displayed on the application icon or delete the corresponding application from the routing container included in the third-party charging applications.

Meanwhile, in order to map an application and a specific APN, an API (PDN Select API) capable of specifying the network interface of the terminal operating system (OS) was individually included in the application. However, in this method, the application must include the PDN Select API, and it is difficult to change the routing information in real time according to the change of the data charging burden policy or the authentication policy.

In the following, a method of changing the network access information (dedicated APN, public APN) for each application by the terminal according to the control of the data policy control apparatus 200 without application modification will be described. Through this, the terminal 300 may connect a network interface to which a dedicated APN is assigned to an application designated by a third party or a network interface to which a public APN is assigned according to the control of the data policy control device 200. Through this, specific application traffic may be transmitted to a dedicated network/public network under the control of the data policy control device 200, and a data billing service of a third party (CP) may be activated.

7 is a diagram conceptually illustrating a routing container-based application routing control structure according to an embodiment, and FIG. 8 is a diagram conceptually illustrating a routing policy management-based application routing control structure according to another embodiment.

Referring to FIGS. 7 and 8, the terminal 300 routes the authenticated application to the dedicated APN in order to branch (route) the traffic of the application authenticated from the data policy control device 200 to the dedicated network. I need a function. The routing function may be implemented according to the application framework of the terminal and the operating system (OS).

First, referring to FIG. 7, when the application framework of the terminal 300a and the operating system provide an application-unit routing function, the terminal 300a communicates with the data policy control device 200 to access a dedicated network for a specific application. A routing authentication unit 310 for receiving authentication or deauthentication, a routing management unit 330a for integrated management of routing rules for applications, and a routing container 350 for managing dedicated network access information for specific authenticated applications. ). The routing management unit 330a manages not only a routing rule (general routing rule) for accessing a public network, but also a routing rule (dedicated routing rule) for the routing container 350. The general routing rule may include a routing rule connecting App1/App2 to a public APN.

When the routing authentication unit 310 receives a request for access to a dedicated network for App 3/App 4 from a user, it requests authentication for access to the dedicated network for App 3/App 4 to the data policy control device 200. The routing authentication unit 310 receives an authentication result for access to a private network from the data policy control device 200.

When App3/App4 access to a dedicated network is permitted, the routing management unit 330a sets a dedicated routing rule for mapping App3/App4 to a dedicated APN. That is, the routing management unit 330a manages a dedicated routing rule so that App3/App4 is connected to a dedicated APN through the routing container 350.

The routing container 350 is assigned a virtual network interface for connecting an application group authenticated by the data policy control device 200 to a dedicated network according to a dedicated routing rule.

When two APNs can be set in the terminal, a public APN (default APN) for access to a public network and a dedicated APN for access to a dedicated network can be set. The dedicated APN is an intranet APN assigned to a corporate dedicated network connected to a specific company's intranet as shown in Fig. 7(a), or a CP dedicated network connected to a content server of a specific CP as shown in Fig. 7(b). It may be an assigned sponsor APN.

Referring to (a) of FIG. 7, it is assumed that a plurality of applications are installed in the terminal 300a, and among them, App 3 and App 4 are specific enterprise-specific applications that are connected to the internal network of a specific company. It is assumed that the amount of data used by a specific enterprise-specific application is borne by a specific enterprise. In this case, the data policy control device 200 allocates a dedicated network for a company and configures a dedicated network for transmitting the traffic generated from App 3 and App 4 to the corporate network of a specific company.

When the routing authentication unit 310 is permitted to access the dedicated network of App3/App4 from the data policy control device 200, App3/App4 is mapped to the routing container 350 connected to the dedicated APN. Through this, App3/App4 can access the dedicated network. The routing container 350 may be a container for a specific enterprise-specific application.

When App3/App4 is executed, the traffic of App3/App4 is transmitted to the dedicated network connected through the dedicated APN.

If the routing authentication unit 310 receives the deauthentication of App3/App4 from the data policy control device 200, the routing management unit 330a maps App3/App4 to a general routing rule. Then, App3/App4 accesses the public APN according to the general routing rule instead of the routing container 350 connected to the dedicated APN.

Referring to FIG. 7B, it is assumed that a plurality of applications are installed in the terminal 300a, and App3 and App4 are sponsor applications in which a specific CP provides a third-party billing service. It is assumed that the amount of data used by the sponsor application is borne by a specific CP. In this case, the data policy control device 200 allocates a dedicated CP network and configures a dedicated network for transmitting the traffic generated from App 3 and App 4 to a specific content server.

The dedicated network access authentication and dedicated network access method for the sponsor application is similar to the enterprise dedicated application described in FIG. 7A. Even if the destination PDN of the dedicated APN and the public APN is the same Internet network, the traffic path is separated according to the APN.

On the other hand, App 3 and App 4 need not necessarily be sponsor applications provided by the same CP. That is, when App 3 and App 4 using the same dedicated network are charged to different CPs, the charging device can classify the application based on the application identifier or destination address, and thus, can charge the data usage for each application.

Referring to FIG. 8, when the application framework of the terminal 300b and the operating system (OS) fail to provide an application-unit routing function, the terminal 300b maps and routes specific authenticated applications to the routing container 350. Can't.

To this end, since the terminal 300b does not provide a routing function per application, an Inter-System Mobility Policy (ISMP)/Inter-System Routing (ISRP) of an access network discovery and selection function (ANDSF) Policy) can be used. ISMP can define an access preference network among LTE/WiFi, and ISRP can define an access preference network according to an APN of a destination data network (PDN). However, since ISMP/ISRP only exists with an IP Flow Routing Rule based on a source/destination, an ANDSF management unit 370 for setting an application-based routing policy is added.

The ANDSF management unit 370 may additionally define an APN for each application according to an extended management object (MO). Here, the extended MO is an extension of the MO that defines the APN and the access network to the application, and is defined so that the application-APN-access network can be routed as a full set. The extended MO may be additionally implemented in the ANDSF-related model implemented in the terminal. In this way, the ANDSF management unit 370 may provide authentication information of a dedicated network and applications required by ISRP through the extended MO. An algorithm for the ANDSF management unit 370 to add/delete/update the application-based routing policy may follow the OMA-DM (Device Management) standard.

As shown in FIG. 7, when the routing authentication unit 310 authenticates App1's access to the dedicated network from the data policy control device 200, it transmits App1 access information (dedicated APN) to the ANDSF management unit 370. Then, the ANDSF management unit 370 reflects the dedicated network access information (dedicated APN) of App 1 to the routing management unit 330b.

When App1 is executed, it is connected to a dedicated network through a dedicated APN according to a routing rule mapped to App1 by the routing management unit 330b.

If the routing authentication unit 310 receives the deauthentication of App 1 from the data policy control device 200, the ANDSF management unit 370 changes the APN of App 1 to a public APN and reflects it to the routing management unit 330b. .

9 is a diagram illustrating access to a dedicated network in a routing container-based terminal structure according to an embodiment.

Referring to FIG. 9, the terminal 300 communicates with the data policy control device 200 to prepare a dedicated network connection, and manages network access information (APN) and network interfaces through a profile as shown in Table 2. The terminal 300 is a subscriber terminal capable of accessing a dedicated network, and may be a dedicated network product subscriber or a third party billing application subscriber.

Service type APN Network interface Virtual interface General LTE (wireless network #1) lte.kt.com rmnet0 - MMS lte.kt.com rmnet0 - IMS ims.kt.com rmnet1 - Dedicated LTE (wireless network #2) special.lte.kt.com rmnet2 vEthernet1

Referring to (a) of FIG. 9, in order to access a dedicated network based on a routing container, the terminal 300 connects a dedicated APN (Special.lte.kt.com) to the dedicated network (wireless network #2) network interface (rmnet2). To allocate. The terminal 300 may update the dedicated APN according to the control of the data policy control device 200.

In addition, the terminal 300 connects the virtual network interface vEthernet1 and the network interface rmnet2 of the routing container. The virtual network interface (vEthernet1) may be connected to the global network interface of the terminal at the L2 level. If the terminal supports setting of a plurality of APNs, a plurality of routing containers may be generated corresponding to APNs for each dedicated network.

Referring to (b) of FIG. 9, when access to the dedicated network of App3/App4 is permitted by the data policy control device 200, the terminal 300 is a virtual network interface of a routing container for App3/App4. Set the routing rule to (vEthernet1). Since the virtual network interface (vEthernet1) is mapped one-to-one to the dedicated network (wireless network #2) network interface (rmnet2), the traffic of App3/App4 is routed to the dedicated network (wireless network #2) network interface (rmnet2). App1/App2 has a routing rule for accessing a public network (wireless network #1), and can receive authentication for access to a dedicated network from the data policy control device 200. Then, App1/App2 is also applied with the routing rule connected to the virtual network interface (vEthernet1) of the routing container.

Meanwhile, application containers for applications connected to the virtual network interface (vEthernet1) of the routing container may be generated in the application layer. In the following, a method for the terminal to display a third-party charging application (or dedicated network access application) and a general application (or public network access application) charged to an individual user through an application container, and to authenticate access to the private network will be described. do.

10 is an example of a terminal interface screen including an application container according to an embodiment.

Referring to FIG. 10A, there is an application container 400 as a user interface for distinguishing between an application charged to a third party and an application charged to an individual user. The application container 400 is in the form of a folder/box, and an authenticated third-party billing application may be located in the application container 400. At this time, the user moves the application located outside the application container into the application container by various methods such as drag and drop, and the terminal 300 charges a third party for the application to the data policy control device 200. You can request certification for In addition, the dedicated network may not be used by moving it out of the application container. The application container 400 may be managed and protected by a mobile device management (MDM) solution.

The terminal 300 places only applications that have been authenticated by the data policy control device 200 in the application container 400. The terminal 300 changes routing information so that applications located in the application container 400 can access a dedicated network rather than a public network. If the application located in the application container moves outside, the terminal 300 changes routing information so that the application can access a public network rather than a dedicated network.

To this end, the routing authentication unit 310 recognizes the application moved to the application container 400, requests authentication to the data policy control device 200, and manages the application to be included in the application container 400 according to the authentication result. . For the application located in the application container 400, a dedicated APN may be mapped by the routing container 350 as shown in FIG. 7 or a dedicated APN may be mapped by the ANDSF management unit 370 as shown in FIG. 8.

Referring to FIG. 10B, an application authenticated by the data policy control device 200 and permitted to access a dedicated network is finally transferred from outside the application container to the inside. If the application is finally located outside the application container, it is an application that cannot access a dedicated network.

On the other hand, if the application for which authentication is requested is not an application of a CP providing a third-party billing service, the data policy control apparatus 200 does not permit access to a dedicated network of course.

In addition, the data policy control apparatus 200 may not permit access to a dedicated network according to the data charging burden policy even if the application for which authentication is requested is an application of a CP that provides a third-party charging service. For example, when the remaining amount of the total amount of data purchased by the CP is less than or equal to the reference value, the data policy control apparatus 200 may not allow access to a dedicated network charged by the CP for an application for which authentication is requested. Alternatively, the data policy control apparatus 200 may not allow access to a dedicated network charged by the CP for an application that has requested authentication outside a contract time period when the CP pays only for a specific time period.

Referring to FIG. 10C, when a user executes an application located in a container, the terminal 300 may request authentication from the data policy control device 200.

When the terminal 300 receives authentication cancellation for a specific application located in the container from the data policy control device 200, the terminal 300 moves the authentication canceled application out of the application container. When the terminal 300 stores the authentication release condition, an application that satisfies the authentication release condition may be moved out of the application container.

When the total amount of data purchased by the CP is exhausted, the data policy control device 200 may notify the terminal 300 of deauthorization of a specific application located in the container. Alternatively, when the CP pays billing only for a specific time period, the data policy control apparatus 200 may notify the terminal 300 of the release of authentication for a specific application located in the container after the contract time period passes.

In this way, the user can intuitively distinguish between the third-party charging application and the user charging application through the application container, and can simply request authentication by moving the application to the application container. In addition, the terminal 300 manages routing information of applications included in the application container 400 by connecting the routing container 350 configured with a virtual network interface for access to the dedicated network and the application container 400 of the application layer. can do.

The data policy control apparatus 200 may apply the CP's data charging burden policy in real time to put the application in the application container or remove the application from the application container.

11 is an example of a terminal interface screen displaying a third-party billing application according to an embodiment.

Referring to FIG. 11, an application to be charged by a third party may be displayed for each application to be classified. An application icon displayed on the terminal interface screen can distinguish a third-party billing application from a general application. In the case of a third-party billing application, a free badge may be attached to the icon or the icon design may be different.

Particularly, when the CP provides individual data amount (for example, 200 Mbyte/month per customer) to each customer, the icon of the third-party billing application can visually display the consumption/remaining amount of the allocated data amount. For example, the icons 500 and 510 of the third-party billing application may include a gradient, and may additionally display the consumption/remaining amount of the data amount as the gradient density.

The application list 520 may provide an interface screen for checking the consumption/remaining amount/QoS of the data amount of each application.

Even if an application targeted for a third-party billing service is not authenticated, it may be indicated on the icon that third-party billing is possible. In addition, when the user is permitted to access the dedicated network by the data policy control device 200 by performing a designated authentication operation (eg, long-touching an icon, moving to an application container, etc.), the terminal 300 provides the authenticated application. The display can be changed (for example, a free badge or gradation display) with a third-party billing application. When authentication is canceled by the data policy control device 200, the terminal 300 may change an icon displayed as an application charged by a third party into a general application icon.

12 is a flowchart of a method for installing a third party billing application according to an embodiment.

Referring to FIG. 12, a user downloads and installs a third-party billing application from the application market, and then the terminal 300 interworks with the data policy control device 200 to transmit the traffic of the application to a dedicated network or route to a public network. Change. Accordingly, the third-party billing application may be similar to a general application installation method, but a CP or a company distributing the application may subscribe only to a dedicated network product of a specific communication company, or a product contracted for each communication company may be different. Therefore, a communication network registration procedure is added when a third-party billing application is installed as follows.

The application market 600 registers the third-party billing application and billing burden communication network information (eg, kt) (S410). The billing network information is information on the communication network that CP subscribes to products that pay for third-party billing. In some cases, the CP subscribes to only some of the carrier's products and provides third-party billing services only to some of the carrier's subscribers. can do.

The terminal 300 downloads installation information including information on a third-party billing application and a billing burden communication network from the application market 600 (S420). The installation information may further include meta information for verifying the integrity of the installed third party billing application.

The terminal 300 checks the charging communication network information of the third party charging application, accesses the data policy control device 200 indicated by the charging communication network information, and notifies the installation of the third party charging application (S430). If, as a result of checking the information on the charging network, the terminal cannot use the communication network to which the CP has subscribed to the product for which the third party is charged (for example, a third party subscriber), the third party charging application is the same as the general application. The communication step with the data policy control device 200 is omitted.

The data policy control apparatus 200 registers the installation of a third party billing application of the terminal 300 (S440). Meanwhile, the data policy control device 200 may receive terminal information on which a third-party billing application is installed from the application market 600 or the CP device 100.

According to an embodiment, the data policy control device 200 authenticates the third-party billing application of the terminal 300 according to the third-party billing application authentication policy designated by the CP, and sends a third-party billing application to the authenticated terminal 300. Dedicated network access information for the billing application may be delivered (S450). Then, the terminal 300 may map the third party billing application for which the private network access is permitted and the private network access information (S460). In this case, when the CP charges for an unlimited number of third-party charging applications, for example, in the case of a company-only application, installation registration and access to the dedicated network may be permitted.

According to another embodiment, the CP provides an application capable of third-party billing, but the third-party billing may not be possible according to the data billing burden policy. Accordingly, after registering the installation of the third-party billing application, the data policy control apparatus 200 may check the CP data billing burden policy and transmit the CP's dedicated network access information when receiving a request for access to the private network from the terminal 300. Alternatively, the data policy control device 200 registers the installation of the third-party billing application, and then transmits the CP's dedicated network access information to the terminal 300, but when a request for access to the dedicated network is received from the terminal 300, the CP data charging burden policy is checked. After that, the CP can be allowed to access the dedicated network.

So far, a service in which the terminal 300 interworks with the data policy control device 200 to route to a dedicated network in an application unit, and based on this, has been described a service in which a third party charges for traffic generated in the dedicated network. In the following, various communication services using a dedicated network allocation method for each application will be further described.

13 is a diagram illustrating a method of providing a CP-oriented dedicated network service according to an embodiment.

Referring to FIG. 13, a CP purchases a large amount of data that can be used by multiple applications from a communication company. The data policy control apparatus 200 may allocate a dedicated network and configure a network for a plurality of applications designated by the CP, and provide dedicated network access information to the terminal. In this case, the terminal may create an application container for each CP. The user may download a CP application container including applications designated by a specific CP or add designated applications to the CP application container.

On the other hand, the CP can purchase a large amount of data that can be used by a plurality of applications from a communication company and sell a product that bears the customer's data bill. This can be called a B2B2C service. That is, the CP may sell content through an application or purchase within the application, and may also sell a communication network (dedicated network) product for the application.

For example, a CP subscribes to a network product dedicated to a communication company and purchases a large amount of data that can be used by multiple applications from a communication company. In addition, the CP may design at least one CP product (including a rate, QoS level, etc.) capable of accommodating a plurality of applications, and provide it to a customer. That is, instead of the individual user subscribing to the dedicated network product of the communication company, the CP may subscribe to the dedicated network product of the communication company and provide a dedicated network service to applications of the CP.

The data policy control device 200 controls the authenticated terminals to access the dedicated network according to the various data charging burden policies of the CPs, and controls the traffic of applications designated by the CP to be transmitted and received in the dedicated network within the purchase data limit of each CP. .

The method of designing the amount of data and QoS contracted by the CP as a product and providing it to customers can be designed according to various purposes such as marketing. For example, CP may sell CP products to customers for a fee. In addition, CP may provide CP products to customers for free, or pay for data usage issued while customers use applications.

For example, the CP-only network product may include a data amount and/or a QoS level that can use the dedicated network. Users subscribe to a dedicated CP network product and use the dedicated network for free when using a designated application (CP pays for data usage) or use a dedicated network with guaranteed QoS (payment for data usage is borne by the individual or by the CP. )can do. As shown in Table 3, CP-only network products can be variously designed by CP.

CP name application Data volume/QoS time Plan CP1 CP1 designated application 5GB, QoS level Until data is exhausted oooo won/month 3GB, QoS level oooo won/month 1GB, QoS level oooo won/month CP2 CP2 designated application QoS level At the event free

As a result, when the user uses an application specified in the CP application container, the user directly pays the communication network cost to the CP, and the QoS contracted by the CP with the communication company can be guaranteed.

14 is a diagram illustrating a method of providing a user-selectable dedicated network service according to an embodiment.

Referring to FIG. 14, users up to now subscribe to a single rate plan and use a communication network within the data limit agreed by the rate plan. According to the present invention, a user can subscribe to a private network rate plan for accessing a private network in addition to a public network rate plan for accessing the public network. The user can select the amount of data that can use the dedicated network. The data policy control apparatus 200 may provide a user interface for easily selecting the amount of data to the terminal as shown in FIG. 14A.

Referring to FIG. 14B, the terminal provides an application container (eg, GiGA cube) on the display screen, and the user puts an application that desires to transmit/receive traffic through a dedicated network in the application container. Then, as described above, the terminal sets routing information so that applications contained in the application container can access the dedicated network. To this end, the terminal obtains dedicated network access information (eg, dedicated network APN) from the data policy control device 200 and sets a network interface. Applications located outside the application container access the public network.

For example, a user may subscribe to a dedicated network plan for an application requiring QoS and use the corresponding content by putting the application in an application container. If the contracted dedicated network data amount is exhausted, the user can increase the data amount in the user interface as shown in FIG. 14A. In addition, the data policy control device 200 monitors the dedicated network usage, and when the contracted private network data amount is exhausted, the routing authentication unit 310 of the terminal releases authentication of applications contained in the application container to control access to the dedicated network I can. In this case, the routing information is changed so that applications contained in the application container move out of the application container and connect to the public network.

The embodiments of the present invention described above are not implemented only through an apparatus and a method, but may be implemented through a program that realizes a function corresponding to the configuration of the embodiment of the present invention or a recording medium on which the program is recorded.

Although the embodiments of the present invention have been described in detail above, the scope of the present invention is not limited thereto, and various modifications and improvements by those skilled in the art using the basic concept of the present invention defined in the following claims are also provided. It belongs to the scope of rights.

Claims (20)

As a method for a data policy control device to provide a third-party billing service in connection with a core network and a terminal,
Managing a third party's data billing burden policy for a specific application, and dedicated network information allocated to the core network for transmitting and receiving traffic of the specific application,
Controlling access to a dedicated network of the specific application installed in terminals based on the data charging burden policy, and
Including the step of charging the third party for the amount of data used to transmit and receive the traffic of the specific application in the dedicated network,
Controlling the access to the dedicated network of the specific application
When the data charging burden policy is in effect, access to the dedicated network is permitted so that the traffic of the specific application is transmitted to the dedicated network, and when the amount of data charged to the third party reaches the amount of purchased data of the third party, the specific application Terminals that are permitted to access the dedicated network for the
Each terminal having the specific application installed transmits the traffic of the specific application to the dedicated network or a public network according to the control of the data policy control device. In claim 1,
A method for providing a third party billing service, wherein a terminal authorized to access a dedicated network sets a first routing policy for transmitting the traffic of the specific application to the dedicated network by using dedicated network access information. In paragraph 2,
The dedicated network access information is
A method for providing a third-party billing service, which is an access point name (APN) of a dedicated network allocated to the core network. In claim 1,
The data charging burden policy includes the amount of purchase data of the third party,
Each terminal whose authentication has been released is changed to a second routing policy that transmits the traffic of the specific application to a public network. In claim 1,
Controlling the access to the dedicated network of the specific application
Transmitting dedicated network access information allocated to the specific application to the terminals,
Receiving an authentication request for access to a dedicated network of the specific application from any of the terminals, and
And authenticating access to the dedicated network for the specific application based on the application authentication policy set by the third party, and allowing access to the dedicated network to the random terminal,
The traffic of the specific application executed in the random terminal is transmitted to a dedicated network corresponding to the dedicated network access information, a third party billing service providing method. In clause 5,
The application authentication policy is
Including the identifier and integrity information of the specific application, a third party billing service providing method. In claim 1,
The specific application is a company-specific application that is connected to a corporate network or an application that is connected to a content server through an Internet network. In claim 1,
Monitoring the remaining amount of the purchase data amount of the third party that changes according to the traffic transmission/reception in the dedicated network, and notifying the remaining amount to the third party; and
Upon receiving a request for data addition from the third party, updating the data billing burden policy
Third party billing service providing method further comprising a. In claim 1,
The step of charging the third party
When traffic to be billed to a plurality of third parties is transmitted and received together in the dedicated network, the traffic transmitted and received in the dedicated network is classified for each application and charged to a third party corresponding to each application. As a method for a terminal to route application traffic to a designated network,
Downloading the application container,
Receiving dedicated network access information allocated to the application container from a data policy control device,
When a specific third-party charging application included in the application container is executed, requesting authentication for access to a dedicated network of the specific third-party charging application to a data policy control device,
Receiving an authentication result permitting access to a dedicated network of the specific third-party charging application from the data policy control device, and
Transmitting the traffic of the specific third-party charging application to a dedicated network created in the core network based on the dedicated network access information
Including a routing method. delete In claim 10,
The step of requesting authentication for access to the dedicated network
When an execution request for the specific third-party charging application located in the application container is input, requesting authentication for access to a dedicated network of the specific third-party charging application to the data policy control device. In claim 10,
Receiving authentication cancellation for access to a dedicated network for the specific third-party charging application from the data policy control device, and
Changing a routing policy for transmitting the traffic of the specific third party charging application to a public network
Routing method further comprising a. In claim 10,
The step of transmitting to the dedicated network
Mapping the specific third-party charging application permitted to access a dedicated network to a routing container to which a virtual network interface is assigned to set a routing policy of the specific third-party charging application,
The virtual network interface is connected to a first network interface connected to a dedicated network,
A routing method in which applications not mapped to the routing container are connected to a second network interface connected to a public network. In claim 10,
Wherein the specific third-party billing application indicates that the third-party billing application is the third-party billing application on a user interface screen while authentication for access to a dedicated network is valid. In claim 10,
The step of transmitting to the dedicated network
Manages the first network access information for accessing the public network and at least one second network access information for accessing at least one private network, and when the specific third-party charging application is permitted to access the private network, corresponding to the permitted private network Mapping the second network access information to the specific third-party charging application, and mapping the first network access information to the specific application when the specific third-party charging application is not permitted to access the dedicated network. delete As a method for the terminal to install a third party billing application,
Downloading and installing installation information including information on a third-party billing application and billing communication network information from the application market,
Connecting to a data policy control device indicated by the billing burden communication network information and notifying the installation of the third party billing application,
Receiving dedicated network access information from the data policy control device,
When the third-party billing application is executed, requesting authentication for access to a dedicated network of the third-party billing application to the data policy control device,
When receiving an authentication result including permission to access a private network from the data policy control device, transmitting the traffic of the third party charging application to a private network corresponding to the private network access information
Including a third party billing application installation method. delete In paragraph 18,
Receiving authentication cancellation for access to the private network for the third-party charging application from the data policy control device, and
Setting a routing policy for changing private network access information mapped to the third-party charging application to public network access information
Third-party billing application installation method further comprising a.

Images