KR20190084843A - Method for allocating dedicated network of application, method for providing third parties billing service, and telecommunicatin system and user terminal implementing the methods - Google Patents

Abstract

The present invention relates to a method for providing a third party billing service by a data policy controlling device interworking with a core network and a terminal comprising the same; storing a third party data billing burden policy for a specific application, and dedicated network information allocated to the core network for transmitting and receiving traffic of the specific application; controlling access to a dedicated network of the specific application installed in terminals based on the data billing burden policy; and charging a third party with an amount of data used to transmit and receive the traffic of the specific application in the dedicated network. Each terminal having the specific application transmits the traffic of the specific application to the dedicated network or to a public network under the control of the data policy controlling device.

Description

TECHNICAL FIELD The present invention relates to an application dedicated network allocation method, a third party billing service providing method, and a communication network system and a user terminal that implement the method, a method of allocating an application dedicated network, a method of providing a third party billing service, }

The present invention relates to a wireless communication network system and its data communication service.

The user is given a certain amount of data every month according to the carrier plan plan, and the amount of data is subtracted every time data is transmitted or received through the communication network. A user uses a content provided by a remote server by executing an application on a terminal, and thus charges a communication network fee for using the content. That is, even if the user purchases a paid application or purchases paid content in the application, the user must pay the communication fee.

Some content providers, on the other hand, pay for their network fees for various purposes, such as market expansion. In this case, the communication company registers five tuples for specifying a billing support target of the content provider in the core network, and changes the billing for all the traffic corresponding to the registered five tuples to a third party content provider. At this time, since the P-GW recognizes the content server address of the packet and separates the user billing and the content provider billing, all the destination information of the remote host used by the application should be provided to the communication company. In addition, it is not easy to judge an object to be charged with a content server address due to frequent connections between applications. Further, as the charging object for the generated traffic is collectively changed to the contents provider, it is difficult for the contents provider to determine in advance the amount of data to be charged, the charging control is difficult, and various charging services for charging a certain data usage amount can not be applied .

The user can only use the data service depending on the charge plan. Therefore, even if the content provider intends to provide a differentiated content service, the user depends on the QoS of the communication network to which the user subscribes. Therefore, contents development of content provider is dependent on communication network.

In this way, even if the content provider distributes the application to the terminal through the application market, the usage of the application depends on the user's network plan and QoS. The service provider can increase the network usage if the contents provider charges the traffic for the specific application, but it is not easy to classify the traffic that the user uses in the core network into the personal billing and contents provider billing.

Until now, it has been natural for an individual user to pay a fee to use a communication network for an application. However, in an age when all objects are connected through a communication network to consume contents, various technologies require a technique that various subjects can bear the content distribution cost through the communication network do.

SUMMARY OF THE INVENTION The present invention provides a method for allocating a dedicated network for a specific application and controlling access to a dedicated network of an application, and a communication network system and a user terminal implementing the method.

A third object of the present invention is to provide a third party billing service for a specific application, and more particularly, to a method for controlling third party billing by reflecting a data charging policy of a third party in real time to the terminal, System and a user terminal.

SUMMARY OF THE INVENTION It is an object of the present invention to provide a routing management method for allocating a dedicated APN or assigning a common APN to an application in accordance with the control of a data policy control apparatus in a terminal supporting a plurality of access point name (APN) .

Another object of the present invention is to provide a user interface in which a user can easily and intuitively control the access network change or the use of the third party charging service by an application.

A method for providing a third party billing service in cooperation with a core network and a terminal, the method comprising: providing a third party data charging charge policy for a specific application; Managing dedicated network information allocated to the core network, controlling a dedicated network connection of the specific application installed in the terminals based on the data charging charge policy, and transmitting data used for traffic transmission / reception of the specific application in the dedicated network To the third party. Each terminal installed with the specific application transmits traffic of the specific application to the dedicated network or transmits it to the public network under the control of the data policy controller.

The step of controlling the dedicated network connection of the specific application may permit the dedicated network connection so that the traffic of the specific application is transmitted to the dedicated network when the data charging charge policy is valid. A terminal that is permitted to access the dedicated network can set a first routing policy for transmitting traffic of the specific application to the dedicated network by using the dedicated network connection information.

The dedicated network connection information may be an access point name (APN) of a dedicated network allocated to the core network.

The data charging charge policy may include an amount of the third party's purchase data. Wherein the step of controlling the dedicated network connection of the specific application comprises: when the amount of data charged to the third party reaches the amount of purchase data of the third party, the terminals that are permitted to access the dedicated network for the specific application, It is possible to instruct the release of authentication. Each of the terminals that have been deauthenticated may change to a second routing policy for transmitting the traffic of the specific application to the public network.

The step of controlling the dedicated network connection of the specific application may include transmitting the dedicated network connection information allocated to the specific application to the terminals, receiving an authentication request for accessing the dedicated network of the specific application from the arbitrary terminal among the terminals And authenticating the dedicated network connection to the specific application based on the application authentication policy set by the third party, and allowing the arbitrary terminal to access the dedicated network. The traffic of the specific application executed in the certain terminal may be transmitted to the dedicated network corresponding to the dedicated network connection information.

The application authentication policy may include an identifier of the specific application and integrity information.

The specific application may be an enterprise-specific application connected to an internal company network or an application connected to a content server through an Internet network.

Wherein the third party charging method comprises the steps of monitoring a remaining amount of the third party's purchasing data amount fluctuating according to traffic transmission / reception in the private network and notifying the remaining amount to the third party, And further updating the data charging charge policy when the request for addition is received.

The charging the third party may include charging the third party corresponding to each application by classifying traffic transmitted and received in the dedicated network when traffic to be charged to a plurality of third parties is transmitted and received together in the dedicated network have.

A method for routing an application traffic to a designated network according to another embodiment of the present invention includes the steps of requesting authentication of a specific application for a dedicated network connection with a data policy control apparatus, Receiving an authentication result to be granted, and setting a routing policy to transmit the traffic of the specific application to a dedicated network allocated to the specific application. The traffic of the specific application is transmitted to the dedicated network generated in the core network based on the dedicated network connection information while the authentication for the dedicated network connection is valid.

In the step of requesting authentication for access to the dedicated network, when a user operation for moving the specific application displayed on the user interface screen into a specific area is input, the data policy control apparatus can request authentication for accessing the dedicated network of the specific application. If the dedicated network connection is permitted from the data policy control device, the specific application is located in the specific area, and if the dedicated network connection is not permitted from the data policy control device, the specific application may be located outside the specific area.

Wherein the step of requesting authentication for access to the dedicated network requests authentication to access the dedicated network of the specific application to the data policy control apparatus when an execution request for the specific application located in the specific area is input, If the dedicated network connection is not permitted from the device, the specific application can be moved out of the specific area.

The routing method may further include receiving an authentication release from the data policy control apparatus for the dedicated network connection to the specific application, and changing the traffic of the specific application to a routing policy for transmitting the traffic to the public network .

The setting of the routing policy may set the routing policy of the specific application by mapping the specific application permitted to the private network connection to the routing container to which the virtual network interface is allocated. The virtual network interface may be connected to a first network interface connected to the dedicated network. Applications that are not mapped to the routing container may be configured with a routing policy connected to a second network interface connecting to the public network.

If the specific application is a third-party charging application in which a third party charges data, the specific application may indicate that the third-party charging application is on the user interface screen while the authentication for the dedicated network connection is valid.

Wherein the setting of the routing policy comprises managing first network access information for a public network connection and at least one second network access information for at least one dedicated network access, The second network access information corresponding to the private network is mapped to the specific application and the first network access information can be mapped to the specific application if the dedicated network access of the specific application is not permitted.

The specific application may be a proprietary application or a third party charging application that a third party pays for data charges.

A method of installing a third party charging application in a terminal according to another embodiment of the present invention includes the steps of downloading and installing installation information including a third party charging application and charging network information in an application market, Setting a routing policy for mapping the dedicated network connection information received from the data policy control device to the third party charging application by connecting to the data policy control device instructing the third party charging application to notify the third party charging application installation; . The traffic of the third party charging application is transmitted to the dedicated network corresponding to the dedicated network connection information while the authentication for the dedicated network connection is valid.

Wherein the setting of the routing policy comprises: requesting the data policy control apparatus for authentication for accessing a private network of the third-party charging application; receiving an authentication result including a dedicated network connection permission from the data policy control apparatus, You can set policies.

Wherein the third party charging application installation method further comprises the steps of: receiving an authentication release from the data policy control device for a dedicated network connection to the third party charging application; And setting the routing policy to change the connection information to the connection information.

According to the embodiment, the network connection information (for example, dedicated APN) different from that of the public network can be additionally set for the application connected to the dedicated network by the terminal, so it is not necessary to change the network connection information currently set according to the executed application . In particular, since network access information of general applications and security applications (for example, enterprise applications) requiring security can be set separately, general applications and security applications can be used at the same time, And can be prevented from entering the network (intranet) or the like. In addition, according to the embodiment, since the in-house network or the like can be set as a destination PDN (Packet Data Network) in the dedicated network configuration of the application, tunneling (VPN) for network packet security is not required.

According to the embodiment, the third party can bear the charge for the specific application traffic, thereby enabling the use of the content of the application and consequently increasing the traffic. In particular, the third party can change his / her data charging charge policy in real time, and the data policy control device can reflect the data charging charge policy of the third party in real time in the terminal. In addition, various entities can bear the communication network fee of a specific application, so that various types of data network convergence applications can be provided and contents distribution can be performed.

According to the embodiment, by allocating different network connection information to each application, it is possible to separate traffic transmission paths of a general application and a third party charging application that are charged to a user. Thus, the core network can bill a third party for traffic sent to the designated dedicated network, without having to separate user billing and third party billing through the content server address.

According to the embodiment, since the QoS-guaranteed dedicated network can be allocated to a specific application, the user can use contents such as moving images and AR / VR games in a QoS-guaranteed dedicated network.

According to the embodiment, the content provider can promote application use (for example, free of data usage fee) based on the amount of data / QoS purchased from the communication company, or sell the network usage fee for application to the customer as a separate product .

According to the embodiment, the user can easily and intuitively control the access network change by application or the third party charging service use request through the folder / box type container displayed on the terminal screen.

According to the embodiment, by integrating an application installed in a terminal, a content provider providing content through an application, and a communication network transmitting and receiving traffic, various entities can bear the cost of content distribution through a communication network as desired. As a result, it is possible to increase the use of the user's content and to provide a communication service such as QoS optimized for the content without having to rely on the user's fee.

1 is a communication network system for providing a third party charging service for each application according to an embodiment.
FIG. 2 is a diagram illustrating an example of accounting for an application according to an embodiment.
3 is a view for explaining an interlocking structure of a data policy control apparatus according to an embodiment.
4 is a flowchart of a method of providing a data charging burden service according to an embodiment.
5 is a flowchart of a method for a data policy control apparatus according to an embodiment to control a real time data charging burden service.
6 is a flowchart of a method for controlling a data policy control apparatus according to another embodiment of the present invention.
7 is a diagram conceptually illustrating a routing container-based application routing control structure according to an embodiment.
8 is a diagram conceptually illustrating a routing policy management application based on a routing policy management according to another embodiment of the present invention.
9 is a view for explaining a dedicated network connection in a routing container-based terminal structure according to an embodiment.
10 is an illustration of a terminal interface screen including an application container according to an embodiment.
11 is an illustration of a terminal interface screen displaying a third party charging application according to an embodiment.
12 is a flowchart of a third party charging application installation method according to an embodiment.
13 is a view for explaining a method of providing a CP-centered dedicated network service according to an embodiment.
14 is a view for explaining a method for providing a user-selectable dedicated network service according to an embodiment.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings so that those skilled in the art can easily carry out the present invention. The present invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. In order to clearly illustrate the present invention, parts not related to the description are omitted, and similar parts are denoted by like reference characters throughout the specification.

Throughout the specification, when an element is referred to as "comprising ", it means that it can include other elements as well, without excluding other elements unless specifically stated otherwise. Also, the terms " part, "" module," and " module ", etc. in the specification mean a unit for processing at least one function or operation and may be implemented by hardware or software or a combination of hardware and software have.

The apparatuses described in the present invention consist of hardware including at least one processor, a memory device, a communication device, and the like, and stores a program that is executed in combination with hardware at a specified location. The hardware has a configuration and performance capable of executing the method of the present invention. The program includes instructions implementing the method of operation of the invention described with reference to the drawings, and in combination with hardware such as a processor and a memory device to implement the invention.

A mobile station (MS), a mobile terminal (MT), a subscriber station (SS), a portable subscriber station (PSS), a user equipment (UE) An access terminal (AT), or the like, and may include all or some of functions of a mobile station, a mobile terminal, a subscriber station, a mobile subscriber station, a user equipment, an access terminal, and the like.

A terminal includes a base station (BS), an access point (AP), a radio access station (RAS), a node B, an evolved NodeB (eNodeB) Such as a Base Transceiver Station (BTS), a Mobile Multihop Relay (MMR) -BS, a 5G NB (gNB), and the like.

The terminal may be a mobile terminal such as a smart phone, a tablet terminal such as a smart pad and a tablet PC, a communication terminal such as a computer and a television, and may have a plurality of communication interfaces. The communication interface may vary. For example, the communication interface may include a short-range wireless network interface such as WiFi / WLAN / Bluetooth, and a mobile terminal such as 3G / LTE / LTE-5 / A communication network interface, and the terminal manufacturer may add various communication interfaces.

In the present invention, LTE EPC (Evolved Packet Core) is mainly described, but the same applies to 5G core.

In the present invention, the public network and the private network mean separate traffic paths, and need not necessarily be physically separated. For example, the public network and the private network may be different bearers created on the same physical path.

In the present invention, the "third party billing service" is a method in which a third party pays for the data usage amount of the user on behalf of the user, and the contract between the communication company and the third party may vary. In the description, it is assumed that the third party purchases data from the communication company and charges the individual users within the purchased data limit, but may be charged postpaid for the data usage without the data limit. A zero-rating service in that the amount of data granted to the user is not deducted, or a sponsor service in that a third party supports the network user fee of an individual user.

In the present invention, the "third party" may suffice to be a subscriber to a communication company product that provides a third party charging service. For example, the third party may be a company providing enterprise-specific applications connected to the intra-company network, or a content provider (CP) providing content applications connected to a specific content server. It does not need to be limited to the distributing company or CP. For example, a third party can bear data charges for the application for content (e.g., a particular channel) that is distributed through a particular application (e.g., an ole tv mobile application).

In the present invention, a third party charging application is described as an example of an application to which a dedicated network is allocated, but a dedicated network is not necessarily allocated to a third party charging application. Even if user charging is performed, Application, etc.) may be assigned a dedicated network.

The application of the present invention can be called a network convergence application or a data convergence application because the dedicated network is allocated and the billing and QoS are controlled through it.

FIG. 1 is a communication network system for providing a third party billing service for each application according to an embodiment. FIG. 2 is a diagram for explaining billing for each application according to an embodiment.

1, a communication network system includes a content provider (CP) apparatus 100, a data policy control apparatus 200 of a communication network, and a data policy control apparatus 200 that bear data charges for a third party charging application 200 to set a routing policy of the third party charging application. The data policy control apparatus 200 allocates a dedicated network (dedicated data network) to a CP or a specific application specified by a user among a plurality of applications installed in the terminal, and performs a traffic path separation, a QoS difference, and a billing separation can do.

The CP device 100 is operated on a per CP basis and can communicate with the data policy control device 200. The CP device 100 may designate a third party charging application and may transmit the data charging charge policy for the third party charging application to the data policy control device 200. [ The CP device 100 establishes and manages a data charging charge policy, a third party charging application authentication policy, a data charging burden subscriber list, and the like through an interface provided by the data policy control device 200, And so on. The CP device 100 receives the data charging charge policy including the data remaining amount from the data policy control device 200 and receives notification of the remaining amount less than the standard amount and the third party charging service limit according to the contract limit reached .

Meanwhile, the CP does not necessarily transmit a data charging charge policy or the like to the data policy control device 200 through the CP device 100, and does not need to subscribe for goods through the data policy control device 200. That is, the CP can join the data charging charge product at the online product registration page or the off-line store provided by the communication company, and the data charging charge policy corresponding thereto can be transmitted to the data policy control device 200.

The data policy control apparatus 200 can reflect the data charging charge policy of the CP in the terminal 300 in real time in cooperation with various devices of the core network. The interworking devices may vary depending on the network, and may be typically associated with the policy and billing control device 10 and the billing device 20. The policy and billing control apparatus 10 may be a Policy and Charging Control Function (PCRF) or a Policy and Charging Enforcement Function (PCEF) that performs a policy and charging function for managing policy charging information. Specifically, the policy and billing control apparatus 10 constitutes a dedicated network corresponding to the data charging burden policy of the CP, and distributes the dedicated network information such as a dedicated network configuration policy to the data policy control apparatus 200 and the P-GW 33 can do. The billing apparatus 20 is an apparatus for calculating the amount of data used and may be different depending on the core network. For example, OFCS (offline) collecting data usage amount (CDR) in a packet data gateway (P-GW) Charging System / OCS (Online Charging System). The P-GW 33 transmits a detailed call record (CDR), which represents a data usage amount, to the billing apparatus 20, and can distinguish the application from the information included in the CDR.

When the data policy control apparatus 200 receives a data charging subscription from the CP apparatus 100, the data policy control apparatus 200 requests the CP network configuration with the core network and obtains CP private network information from the core network. Alternatively, the CP can subscribe to the data charging charge product through the sales point of the communication company. In this case, the data policy control apparatus 200 can obtain the CP private network information from the core network. The data charging charge product may be a kind of private network product.

The data policy control apparatus 200 manages the private network information of the CP registered with the data charging burden policy. The CP private network information may include a dedicated network configuration policy, a dedicated network connection information allocated to the third party charging application of the CP, and the like, and may be transmitted from the policy and billing control apparatus 10. [ If the terminal 300 is not in the state of being able to access the private network, the data policy control apparatus 200 may transmit the private network connection information to the terminal 300 to request preparation for access to the private network. According to the control of the data policy control apparatus 200, the third party charging application and the dedicated network connection information are mapped in the terminal 300, so that the traffic of the third party charging application can be transmitted to the private network. The dedicated network connection information may be, for example, an access point name (APN) in an LTE network or a data network name (DNN) in a 5G network. It is information for specifying. In the present invention, an APN is described as an example of network connection information.

The terminal 300 receiving the dedicated APN creates a virtual network interface to prepare for access to the private network. When the data policy control apparatus 200 transmits the dedicated APN to the terminal 300, can be different. According to one embodiment, the dedicated APN may be sent to the terminal 300 after the dedicated network configuration for the CP's data charging charge policy is completed, or after the dedicated network connection to the CP-specified third party charging application is authenticated . According to another embodiment, the dedicated APN can be delivered to a user terminal (for example, a GiGA Cube subscriber terminal, which is a dedicated network product) capable of accessing a private network, in a state in which the dedicated network configuration in the core network is completed. According to another embodiment, the dedicated APN may be pre-stored in the routing profile of the terminal. When the data policy control apparatus 200 receives a request from a terminal 300 for a third party charging (a dedicated network connection) for a third party charging application, the data policy controlling apparatus 200 transmits the data charging policy / third party charging application authentication policy Authenticates the private network connection of the third-party charging application installed in the third-party charging device 300. The third party charging application can be always charged to the CP (third party) according to the data charging charge policy set by the CP, or to be charged to the CP while the authentication by the data policy control device 200 is valid. That is, if the data policy control apparatus 200 has not performed the dedicated network connection authentication or the authentication has expired, the terminal 300 sets the public network connection information (for example, public APN) even if it is a third party charging application, It treats it as a general application that charges users.

The terminal 300 can transmit the traffic generated in the third party charging application to the dedicated network designated in the dedicated APN by setting the dedicated APN for the third party charging application authenticated by the data policy controlling apparatus 200. [ When a packet is generated in the third party charging application of the terminal 300, an access request message including a dedicated APN is transmitted to the Mobility Management Entity (MME) 31 via the base station 30. The MME 31 confirms the dedicated network configuration policy of the dedicated APN included in the connection request message and transmits a dedicated network for dedicated traffic transmission / reception of the third party charging application via the S-GW 32 and the P- ). In this way, the traffic of the third party charging application is transmitted / received through the P-GW 33 of the dedicated network assigned to the dedicated APN, and the amount of data transmitted / received in the dedicated network is collected in the charging device 20.

The data policy control apparatus 200 charges the data usage amount of each third party charging application acquired from the charging apparatus 20 to the corresponding CP. The data policy control apparatus 200 confirms the data limit (purchased) contracted by the CP, and real-time controls the free data use of a plurality of terminals according to the remaining data amount. For example, when the data usage of a specific CP is different from the contract limit, the data policy control apparatus 200 confirms the third-party charging application contracted by the specific CP and transmits the third- Can be notified and displayed. The data policy control apparatus 200 may notify the remaining amount of data to the CP apparatus 100 and may induce additional data purchase.

The data policy control apparatus 200 determines that the dedicated APN usage right of the third party charging application is lost when an end event such as exhaustion of the CP purchase data amount or termination of the contract with the CP occurs. Then, the data policy control apparatus 200 transmits to the terminal 300 the authentication release information instructing the third party charging application to cancel the dedicated APN connection. Then, the terminal 300 changes the network connection information of the third party charging application from the dedicated APN to the common APN. The third party billing application mapped to the public APN accesses the public network like a normal application, so data usage is charged to the user.

2, when the terminal 300 can set a plurality of APNs (multi-APNs), the dedicated APN (APN1) received from the data policy control apparatus 200 and the third party charging application ). When the CP1 applications are executed, the terminal 300 requests a connection to the APN1 to the core network according to a routing rule. At this time, CP1 may bear the charge for the traffic transmitted through the private network.

In the general application (CP2 APP), the public APN (APN1) is mapped and connected to the public network set as the default. Users are responsible for charging for traffic transmitted over the public network.

As such, the data charging burden policy ensures that even if an individual user uses a communication network, the data allocated to the individual user is not deducted but deducted from the amount of data purchased by the CP. This allows the customer to use the content for free through a third party billing application within the CP's data billing scope.

The data charging policy may be determined to be a product that the CP belongs to the communication company and the data policy control device 200 may receive the product subscription including the data charging charge policy from the CP device 100. [ CP may subscribe to private network products and provide third party billing services to customers using third party billing applications. On the other hand, the data charging charge policy can be borne by the third party, the CP, for the amount of data used by the individual users for a certain period of time through the third party charging application, but it can be partially borne.

The data charging charge policy can be variously determined according to the charge and control conditions, such as the personal charge plan. For example, the data charging burden policy may include the amount of data purchased by the CP (e.g., 1Tbyte / month), the amount of individual data that the CP will provide to each customer (e.g., 200Mbytes / month per customer) (E.g., a month, a week, etc.) of the CP, the content server information of the application to which the CP will bear the charge, the time zone in which the CP charges the charge, the QoS level, And so on. The data charging burden policy may further include an application authentication policy.

The data policy control apparatus 200 manages, for example, the CP dedicated network product, policy content, and dedicated network setting information as shown in Table 1. QoS may include, for example, Guaranteed Bit Rate (GBR), Maximum Bit Rate (MBR), and QoS Class Identifier (QCI). In the case of a higher QCI applicable to a dedicated bearer, the data policy control apparatus 200 may store a 5-tuple for creating a QoS policy of a product to which the CP belongs.

CP name Product ID Purchasing data amount term QoS 5 tuple kt 20000 unlimited Term GBR, MBR, QCI - cacao 20001 200 TB Exhausted GBR, MBR, QCI - Naver 20002 200 TB Exhausted GBR, MBR, QCI -

3 is a view for explaining an interlocking structure of a data policy control apparatus according to an embodiment.

3, the data policy control apparatus 200 includes a CP policy management unit 210 interworking with the CP apparatus 100, a terminal authentication unit 230 interworking with the terminal 300, and a profile storage unit 250 . The CP policy management unit 210 and the terminal authentication unit 230 may interwork with each other and manage the profile storage unit 250. The CP policy management unit 210 communicates with the core network. However, the connection relationship between the core network and the data policy control apparatus 200 can be variously designed.

The CP policy management unit 210 registers subscription of the data charging charge product received from the CP device 100 in cooperation with the core network devices of the communication company, constitutes a dedicated network for the data charging charge policy, The associated data usage can be billed to the CP. For example, the CP policy management unit 210 interworks with a business support system (BSS) for subscription to a data charging charge product. For example, can do. The CP policy management unit 210 may interoperate with the PCRF / PCEF, which performs the PCC function, to apply the network configuration policy of the data chargeable goods. The CP policy management unit 210 can link the data usage with the OCS / OFCS. The CP policy management unit 210 can check the user profile by interworking with a home subscriber server (HSS).

The terminal authentication unit 230 authenticates the dedicated network connection of the third party charging application installed in the terminals based on the application authentication policy designated by the CP. The application authentication policy may include third party billing application information (application identifier), integrity information (Signiture), and user information to which the private network is allocated. The terminal authentication unit 230 can perform application authentication in cooperation with the application market.

CPs can not be identified immediately after subscription. The CP can sell the third party billing application to the individual user, and can generate the application authentication policy based on the user information (purchased) of the third party billing application. The CP device 100 may share the authentication policy by transmitting the application authentication policy to the data policy control device 200. [ On the other hand, the application authentication policy can be generated in the CP device 100.

The terminal authentication unit 230 executes a third party charging application in the terminal 300 or receives a dedicated network connection request (a third party charging request) for a third party charging application, Authenticates the dedicated network connection to the application.

In the authenticated third party charging application, the routing information from the terminal 300 to the private network is mapped. On the other hand, the dedicated network connection information (dedicated APN) may be transmitted together with authentication for a dedicated network connection request (third party charging request), or may be stored in advance in the terminal before authentication. For example, the dedicated network connection information can be stored in advance in the terminal profile when installing the third party billing application or when requesting the private network information at the terminal. At this time, the terminal 300 can create a virtual network interface in a routing container capable of collectively mapping authenticated applications, and prepare a dedicated network connection by connecting a virtual network interface to a network interface having a dedicated APN 9).

The profile storage unit 250 stores and manages the per-CP data charging charge policy, the application authentication policy, the private network information, and the like, and is referred to by the CP policy management unit 210 and the terminal authentication unit 230.

As described above, the CP can directly set and manage a data charging charge policy, a data charging burden subscriber list, and the like through the CP device 100 interlocked with the data policy control apparatus 200, and inquire data usage inquiry. The CP can receive the status of application of the data charging charge policy including the data charge amount / data remaining amount through the CP device 100. [ This enables the CP to immediately reflect the data network policy to the carrier and to understand the usage status in real time.

4 is a flowchart of a method of providing a data charging burden service according to an embodiment.

Referring to FIG. 4, the data policy control apparatus 200 receives a data charging charge for a specific application from the CP (S110). The subscription content may include various data charging charge policies including purchase data amount, contract period, QoS, and the like.

The data policy control apparatus 200 registers a data charging charge product in the core network and requests allocation of a dedicated network according to a data charging charge policy (S120). For example, the PCRF creates a private network configuration policy and distributes a private network configuration policy to the P-GW. If a private network is connected to the P-GW instead of a public network, the physical network interworking can be performed together.

The data policy control apparatus 200 is informed of the completion of the dedicated network configuration for the data charging service of the CP from the core network (S122). The dedicated network configuration completion notification message includes the dedicated network information allocated to the CP. If the dedicated network is allocated to each CP, the CP dedicated APN can be included. The data policy control apparatus 200 stores the data charging charge policy of the CP and the dedicated network information allocated to the CP.

The data policy control apparatus 200 notifies completion of the dedicated network configuration for the data chargeable goods subscribed to the CP apparatus 100 (S124). That is, the data policy control apparatus 200 informs the third party charging application that the dedicated network is ready for use.

The data policy control apparatus 200 receives the authentication policy of the application to be charged with billing from the CP apparatus 100 (S130). The application authentication policy may include third party billing application information (application identifier), integrity information (Signiture), and user information. When the application authentication policy requests user information for installing the application, it can be updated each time the application is installed. According to the application authentication policy, the application authentication policy can be contracted by being included in the data charging charge policy.

The data policy control apparatus 200 receives an authentication request for accessing a dedicated network of a specific application from the terminal 300 (S140). The authentication may be performed according to a method specified by an individual application, or the user may request authentication by moving an application from the display screen to an application container.

The data policy control apparatus 200 authenticates the application identifier included in the authentication request based on the application authentication policy and permits the terminal 300 to access the dedicated network when the data charging burden policy is valid (S142).

The terminal 300 maps the specific network connection information (dedicated APN) with the specific application permitted to access the dedicated network (S150). That is, the terminal 300 changes the routing policy so that a specific application accesses the dedicated network. The routing policy change may use the routing container described in FIG. 7 or use the access network discovery and selection function (ANDSF) described in FIG. When the mapping between the specific application and the dedicated network connection information is completed, the terminal 300 displays such that the user can know that the third party is charged.

When the specific application is executed, the terminal 300 accesses the dedicated network according to the routing policy (S160). The terminal 300 accesses a content server of a specific application through a private network and transmits and receives traffic. The dedicated network is allocated according to the data charging charge policy, the QoS different from that of the public network can be set, and the dedicated network configuration policy is distributed to the core network devices such as P-GW.

The data policy control apparatus 200 receives the CP charging information from the charging apparatus of the core network (S170). When a dedicated network is allocated for each CP, the data usage amount through the private network is directly charged to the CP. If a plurality of CPs having different billing entities are allocated to one dedicated network, the data usage amount to be borne by each CP can be calculated based on the identifiers of the third-party billing applications designated by the CPs.

The data policy control apparatus 200 reports the application status of the data charging charge policy including the remaining data amount to the CP apparatus 100 (S180).

On the other hand, when the data policy control device 200 subscribes to the CP's data charging charge product, the data policy control device 200 can obtain the data charging charge policy including the application authentication policy. In this case, when the data policy control apparatus 200 is notified from the core network of the completion of the dedicated network configuration for the data charging fee product of the CP, the data policy control apparatus 200 starts authentication for the dedicated network connection (third party charging) for the application specified by the CP.

4, a method of transmitting a dedicated APN to a terminal is not described in detail. However, a method of transmitting a dedicated APN to a terminal may be variously implemented depending on the number of APNs supported by the terminal, the number of dedicated networks to which the terminal can access, and the like .

For example, if the number of APNs supported by the terminal is not limited, a dedicated network may be allocated for each CP, and an APN for each dedicated network may be allocated. In this case, the CP-dedicated network access information (dedicated APN) can be provided to the terminal whenever there is a CP joining the data charging burden product.

However, if the number of APNs supported by the terminal is limited, a dedicated APN and a common APN can be distinguished according to the number of APNs. If the terminal supports two APNs, the terminal generates network interfaces in a terminal operating system (OS) kernel using a public APN (default APN) for access to the public network and a dedicated APN for access to a private network, Can be prepared. The terminal may then map the authenticated third party billing application to the dedicated APN network interface to route the traffic of the third party billing application to the dedicated network. In this case, the CPs share the private network.

FIG. 5 is a flowchart of a method of controlling a real-time data charging and paying service according to an embodiment of the present invention, FIG. 6 is a flowchart of a method of controlling a real- to be.

Referring to FIG. 5, the data policy control apparatus 200 monitors the amount of data that is fluctuated according to traffic transmission / reception in the CP-dedicated network (S210).

If the data remaining amount of the specific CP is different from the contract limit, the data policy control apparatus 200 notifies the corresponding CP apparatus of the data exhaustion schedule (S220).

The data policy control apparatus 200 is requested to add data from the corresponding CP apparatus (S230).

The data policy control apparatus 200 updates the data charging charge policy of the CP (S240).

The data policy control apparatus 200 notifies the corresponding CP apparatus of the data charging burden policy update (S250).

Referring to FIG. 6, in step S310, the data policy control apparatus 200 monitors the amount of data that is fluctuated according to traffic transmission / reception in the CP dedicated network.

If the data remaining amount of the specific CP is different from the contract limit, the data policy control apparatus 200 informs the corresponding CP apparatus of the data exhaustion schedule (S320).

The data policy control apparatus 200 deletes the dedicated network information allocated to the third party charging application of the corresponding CP in the application authentication policy when the data charging charge policy of the corresponding CP is not updated (data added) and the remaining data amount is exhausted (S330).

The data policy control apparatus 200 instructs the terminals that are permitted to access the private network for the third party charging application to cancel the authentication for the access to the private network of the corresponding application (S340). The data policy control apparatus 200 determines that the third party charging application's right to use the private network has expired when an event such as when the contract data amount is exhausted or when the contract with the CP is canceled. Then, the data policy control apparatus 200 transmits authentication release information indicating that the third party charging application does not have a dedicated network usage right to the terminal 300. [

The terminal 300 that has been notified of the release of the authentication changes the routing policy so that the third party charging application connects to the network using the public APN charged to the user (S350). That is, the routing policy of the third party billing application is changed from the dedicated APN to the public APN. The terminal 300 may respond to the authentication release notification to the data policy control device 200. [

The terminal 300 indicates that the third party charging application is changed to a general application in which the user is charged (S360). The terminal 300 changes the routing policy to the public APN to be charged to the user in the CP-only APN, and then displays the status change to the general application. For example, the terminal 300 may delete the third-party charging indication displayed on the application icon, or delete the application from the routing container included in the third-party charging applications.

Meanwhile, in order to map an APN with an application, an API (PDN Select API) that can specify a network interface of a terminal operating system (OS) is separately included in the application. However, this method requires the application to include the PDN Select API and it is difficult to change the routing information in real time due to the change of the data charging burden policy or the authentication policy.

Next, a method in which the terminal changes application-specific network access information (dedicated APN, public APN) under the control of the data policy control apparatus 200 without application modification will be described. Accordingly, the terminal 300 can connect a network interface to which a dedicated APN is allocated to an application specified by a third party under the control of the data policy control apparatus 200, or can connect a network interface to which a common APN is assigned. Accordingly, the specific application traffic can be transmitted to the private network / public network under the control of the data policy control apparatus 200, and the data charging service of the third party (CP) can be activated.

FIG. 7 conceptually illustrates a routing container based application routing control structure according to an embodiment, and FIG. 8 conceptually illustrates a routing policy management based application routing control structure according to another embodiment.

7 and 8, in order to branch (route) the traffic of the application authenticated from the data policy control apparatus 200 to the dedicated network, the AT 300 transmits a routing request for routing the authenticated application to the dedicated APN Function is required. The routing function may be implemented according to the application framework and the operating system of the terminal.

7, when providing an application-based routing function in the application framework of the terminal 300a and the operating system, the terminal 300a communicates with the data policy control apparatus 200 to access a dedicated network for a specific application A routing management unit 330 for integrally managing routing rules for applications, and a routing container 350 for managing dedicated network access information for specific authenticated applications. ). The routing management unit 330a manages routing rules (dedicated routing rules) for the routing container 350 as well as routing rules (general routing rules) for accessing the public network. The generic routing rule may include a routing rule that links app 1 / app 2 to a public APN.

When the routing authentication unit 310 receives a request for a dedicated network connection to the app 3 / app 4 from the user, the data authentication unit 310 requests the data policy control apparatus 200 to authenticate access to the dedicated network of the app 3 / app 4. The routing authentication unit 310 receives an authentication result for the dedicated network connection from the data policy control apparatus 200. [

When access to the dedicated network of the app 3 / app 4 is permitted, the routing management unit 330a sets a dedicated routing rule for mapping the app 3 / app 4 to the dedicated APN. That is, the routing management unit 330a manages a dedicated routing rule so that the App 3 / App 4 is connected to the dedicated APN through the routing container 350.

The routing container 350 is assigned a virtual network interface for connecting an application group authenticated by the data policy control apparatus 200 to a private network in accordance with a dedicated routing rule.

When two APNs can be set in the terminal, a public APN (default APN) for public network connection and a dedicated APN for private network connection can be set. The dedicated APN may be an intranet APN allocated to a corporate network dedicated to an enterprise intranet as shown in FIG. 7A or a CP private network connected to a content server of a specific CP as shown in FIG. 7B It can be an assigned sponsor APN.

Referring to FIG. 7A, it is assumed that a plurality of applications are installed in the terminal 300a, and the application 3 and the application 4 are specific enterprise specific applications connected to a company's internal network. It is assumed that the amount of data used in a specific enterprise-specific application is borne by a specific company. In this case, the data policy control apparatus 200 allocates a dedicated enterprise network and an exclusive network for delivering the traffic generated in the app 3 and the app 4 to the in-house network of a specific company.

When the routing authentication unit 310 is permitted to access the dedicated network of the application 3 / application 4 from the data policy control apparatus 200, the application 3 / application 4 is mapped to the routing container 350 connected to the dedicated APN. As a result, the app 3 / app 4 becomes ready to access the private network. The routing container 350 may be a container for a specific enterprise-specific application.

When the App 3 / App 4 is executed, the traffic of the App 3 / App 4 is transmitted to the dedicated network connected through the dedicated APN.

If the routing authentication unit 310 receives the authentication release of the application 3 / application 4 from the data policy control apparatus 200, the routing management unit 330a maps the application 3 / application 4 to the general routing rule. Then, the application 3 / application 4 accesses the public APN according to the general routing rule instead of the routing container 350 connected to the dedicated APN.

7B, it is assumed that a plurality of applications are installed in the terminal 300a, and that the app 3 and the app 4 are sponsor applications in which a specific CP provides a third party charging service. It is assumed that the amount of data used in the sponsor application is borne by a specific CP. In this case, the data policy control apparatus 200 allocates the CP-dedicated network and the dedicated network for delivering the traffic generated in the app 3 and the app 4 to the specific content server.

The dedicated network connection authentication and the dedicated network access method for the sponsor application is similar to the enterprise dedicated application described in (a) of FIG. Even if the dedicated APN and the destination PDN of the public APN are the same Internet network, the traffic path is separated according to the APN.

On the other hand, the app 3 and the app 4 do not necessarily have to be sponsor applications provided by the same CP. That is, when the app 3 and the app 4 using the same dedicated network are charged to different CPs, the charging device can distinguish the applications based on the application identifier, the destination address, etc., so that the data usage amount can be charged for each application.

Referring to FIG. 8, when the application framework and the operating system of the terminal 300b can not provide the application-based routing function, the terminal 300b maps the authenticated specific applications to the routing container 350 and routes them I can not.

For this, the terminal 300b can not provide an application-based routing function. Therefore, the terminal 300b can perform inter-system mobility policy (ISMP) / inter-system routing (ISRP) of the access network discovery and selection function Policy) can be used. The ISMP defines a connection preference network among LTE / WiFi, and the ISRP can define a connection preference network according to the APN of the PDN. However, since ISMP / ISRP includes only an IP flow routing rule based on a source / destination, an ANDSF management unit 370 for setting an application-based routing policy is added.

The ANDSF management unit 370 can further define an APN for each application according to an extended MO (Management Object). Here, the extended MO is an extension of an AP and an MO defining an access network to an application, and defines an application-APN-access network to be routed to a full set. The extended MO can be further implemented in the ANDSF related model implemented in the terminal. In this way, the ANDSF management unit 370 can provide the authentication information of the private network and the application requested by the ISRP through the extended MO. The algorithm that the ANDSF management unit 370 adds / deletes / updates the application-based routing policy may follow the specification of OMA-DM (Device Management).

As shown in FIG. 7, when the routing authentication unit 310 authenticates the dedicated network connection of the application 1 from the data policy control apparatus 200, the routing authentication unit 310 delivers the dedicated network access information (dedicated APN) of the APP 1 to the ANDSF management unit 370. Then, the ANDSF management unit 370 reflects the dedicated network connection information (dedicated APN) of the app 1 to the routing management unit 330b.

When the application 1 is executed, the routing manager 330b is connected to the private network through the dedicated APN according to the routing rule mapped to the application 1.

If the routing authentication unit 310 receives the deactivation of the application 1 from the data policy control apparatus 200, the ANDSF management unit 370 changes the APN of the application 1 to the common APN and reflects it to the routing management unit 330b .

9 is a view for explaining a dedicated network connection in a routing container-based terminal structure according to an embodiment.

Referring to FIG. 9, the MS 300 manages the network access information (APN) and the network interface through the profile as shown in Table 2, by preparing a dedicated network connection by communicating with the data policy control apparatus 200. The terminal 300 is a subscriber terminal capable of accessing a private network, and may be a private network product subscriber or a third party charging application subscriber.

Type of service APN Network interface Virtual interface General LTE (Wireless Network # 1) lte.kt.com rmnet0 - MMS lte.kt.com rmnet0 - IMS ims.kt.com rmnet1 - Dedicated LTE (Wireless Network # 2) special.lte.kt.com rmnet2 vEthernet1

9A, in order to connect to the private network on the basis of a routing container, the terminal 300 transmits a dedicated APN (Special.lte.kt.com) to the private network (wireless network # 2) network interface (rmnet2) . The terminal 300 can update the dedicated APN under the control of the data policy control apparatus 200. [

Then, the terminal 300 connects the virtual network interface (vEthernet1) of the routing container and the network interface (rmnet2). The virtual network interface (vEthernet1) can be connected to the global network interface of the terminal at L2 level. If the terminal supports a plurality of APN settings, a plurality of routing containers may be created corresponding to APNs for each dedicated network.

Referring to FIG. 9B, when access to the private network of the application 3 / application 4 is permitted by the data policy control apparatus 200, the terminal 300 transmits a virtual network interface (vEthernet1). Since the virtual network interface (vEthernet1) is mapped to the private network (wireless network # 2) network interface (rmnet2) one-to-one, the traffic of the app3 / app4 is routed to the private network (wireless network # 2) network interface (rmnet2). The app 1 / app 2 has a routing rule for accessing the public network (wireless network # 1), and can be authenticated for accessing the private network from the data policy control device 200. App1 / App2 are then also subject to the routing rules that connect to the virtual network interface (vEthernet1) of the routing container.

Meanwhile, an application container for applications connected to the virtual network interface (vEthernet1) of the routing container in the application layer can be created. Next, a description will be given of a method in which a terminal divides and displays a third-party charging application (or a dedicated network connection application) and a general application (or a public network connection application) charged to an individual user through an application container and authenticates a dedicated network connection do.

10 is an illustration of a terminal interface screen including an application container according to an embodiment.

Referring to FIG. 10 (a), there is an application container 400 as a user interface for distinguishing between an application to be charged to a third party and an application to be charged to an individual user. The application container 400 may be in the form of a folder / box, and an authorized third party billing application may be located in the application container 400. At this time, the user moves the application located outside the application container into the application container by various methods such as drag and drop, and the terminal 300 transmits the third party charge of the application to the data policy control apparatus 200 You can request authentication for In addition, the dedicated network may not be used by moving it out of the application container. The application container 400 may be managed and protected by a Mobile Device Management (MDM) solution.

The terminal 300 places only the applications authenticated by the data policy control apparatus 200 in the application container 400. The terminal 300 changes the routing information so that applications located in the application container 400 can access the private network rather than the public network. If the application located in the application container moves out, the terminal 300 changes the routing information so that the application can access the public network instead of the dedicated network.

To this end, the routing authentication unit 310 recognizes the application moved to the application container 400, requests authentication to the data policy control apparatus 200, and manages the application to be included in the application container 400 according to the authentication result . An application located in the application container 400 may be mapped to a dedicated APN by the routing container 350 as shown in FIG. 7 or a dedicated APN may be mapped by the ANDSF management unit 370 as shown in FIG.

10B, an application authenticated by the data policy control apparatus 200 and permitted to access the dedicated network is eventually moved out of the application container. If the application is finally located outside the application container, it is an application that can not access the dedicated network.

On the other hand, if the application for which authentication is requested is not an application of the CP providing the third party charging service, the data policy control apparatus 200 does not permit the dedicated network connection.

In addition, the data policy control apparatus 200 may not allow the dedicated network connection according to the data charging charge policy, even if the CP application providing the third party charging service provides the authentication requested application. For example, if the remaining amount of the total amount of data purchased by the CP is less than or equal to the reference value, the data policy control apparatus 200 may not permit the dedicated network connection in which the CP charges the charging application. Or the data policy control apparatus 200 may not permit a dedicated network connection in which the CP is charged for an application requesting authentication in a time zone other than the contracted time zone when the CP is charged only in a specific time period.

Referring to FIG. 10C, when the user executes an application located in the container, the terminal 300 can request authentication to the data policy control apparatus 200. [

When the terminal 300 receives the authentication release for the specific application located in the container from the data policy control apparatus 200, the terminal 300 moves the unauthenticated application out of the application container. When the terminal 300 stores the authentication release condition, the application satisfying the authentication release condition can be moved out of the application container.

The data policy control apparatus 200 can notify the terminal 300 of the release of the authentication for the specific application placed in the container when the total amount of data purchased by the CP is exhausted. The data policy control apparatus 200 may notify the terminal 300 of the release of the authentication for a specific application located in the container after the contract time zone has elapsed when the CP is charged only in a specific time period.

As described above, the user can intuitively distinguish the third-party charging application and the user charging application through the application container, and can easily request the authentication by moving the application to the application container. The terminal 300 connects the routing container 350 that sets up a virtual network interface for access to the private network with the application container 400 of the application layer and manages the routing information of the applications included in the application container 400 can do.

The data policy control apparatus 200 can reflect the data charging charge policy of the CP in real time and insert the application into the application container or subtract the application from the application container.

11 is an illustration of a terminal interface screen displaying a third party charging application according to an embodiment.

Referring to FIG. 11, it is possible to display the third party charging application by application. The third-party charging application and the general application can be distinguished by the application icon displayed on the terminal interface screen. How to distinguish can be done by attaching a free badge to an icon or designing an icon for a third party billing application.

In particular, if the CP provides each customer with an amount of personal data (e.g., 200 Mbytes / month per customer), the icon of the third party billing application can visually display the consumption / remaining amount of the allocated data amount. For example, icons 500 and 510 of the third party billing application may include a gradient, and the amount of consumption / remaining amount of data amount may be additionally displayed at the gradient density.

The application list 520 can provide an interface screen for checking the consumption amount / remaining amount / QoS of the data amount of each application.

If the application targeted by the third party billing service is not yet authenticated, the third party billing can be displayed on the icon. When the user performs the specified authentication operation (for example, moving the icon to the long touch, moving to the application container, etc.) and the access to the private network is permitted by the data policy control apparatus 200, (For example, display with a free badge or a gradation) by an application that is charged in a three-party manner. When the authentication is canceled by the data policy control apparatus 200, the terminal 300 can change the icon displayed as the third party charging application to the general application icon.

12 is a flowchart of a third party charging application installation method according to an embodiment.

12, the user downloads and installs a third party charging application in the application market, and then the terminal 300 interworks with the data policy controlling apparatus 200 to transmit the application traffic to the private network, . Accordingly, the third party charging application may be similar to the general application installation method, but the CP or the company that distributes the application may subscribe only to the exclusive network product of a specific communication company, or the commodity promised by each communication company may be different. Therefore, the network registration procedure is added when installing the third party billing application as follows.

The application market 600 registers the third party billing application and the chargeable network information (e.g., kt) (S410). The charging network communication information is communication network information in which the CP is subscribed to a product that charges third party charging. In some cases, the CP only subscribes to some of the communication companies of a plurality of communication companies and provides a third party charging service only to some carrier subscribers can do.

The terminal 300 downloads the installation information including the third party charging application and the chargeable network information in the application market 600 (S420). The installation information may further include meta information that can verify the integrity of the installed third party billing application.

The terminal 300 confirms the chargeable network information of the third party charging application and notifies the third party charging application installation by accessing the data policy controlling apparatus 200 indicating in the chargeable network information at step S430. If, as a result of checking the chargeable network information, the terminal can not use the communication network to which the CP belongs to the third party charging device (for example, a third party subscriber), the third party charging application is the same as the general application The communication step with the data policy control apparatus 200 is omitted.

The data policy control apparatus 200 registers the third party charging application installation of the terminal 300 (S440). On the other hand, the data policy control apparatus 200 can receive the terminal information in which the third party charging application is installed from the application market 600 or the CP apparatus 100.

According to one embodiment, the data policy control apparatus 200 authenticates the third party charging application of the terminal 300 according to the third party charging application authentication policy designated by the CP, And may transmit the dedicated network connection information for the charging application (S450). Then, the terminal 300 can map the third party charging application and the dedicated network connection information that are permitted to access the private network (S460). For example, in the case of an enterprise-only application, the CP can permit the access to the private network at the same time as the installation registration, when the CP is charged for the third party charging application with an unlimited amount.

According to another embodiment, the CP may provide an application capable of third party billing, but may not be able to charge the third party according to the data charging burden policy. Accordingly, when the data policy control apparatus 200 receives the request for the dedicated network connection from the terminal 300 after registering the installation of the third-party charging application, the data policy control apparatus 200 can confirm the CP data charging burden policy and then transmit the dedicated network connection information of the CP. Or the data policy control apparatus 200 registers the installation of the third party charging application and then transmits the dedicated network connection information of the CP to the terminal 300. When the data policy control apparatus 200 receives the request for the dedicated network connection from the terminal 300, , The CP can be allowed to access the dedicated network.

Up to now, the terminal 300 has been described in connection with the data policy control apparatus 200, routing it to the private network on an application basis, and charging a third party with the charge for the traffic generated in the private network. Next, various communication services using the dedicated network allocation method for each application will be described.

13 is a view for explaining a method of providing a CP-centered dedicated network service according to an embodiment.

Referring to FIG. 13, the CP purchases a large amount of data that a plurality of applications can use from a communication company. The data policy control apparatus 200 can allocate a dedicated network and configure a network for a plurality of applications designated by the CP, and provide the dedicated network connection information to the terminal. At this time, the terminal can create an application container for each CP. The user can download the CP application container containing the applications specified by the specific CP, or add the applications specified in the CP application container.

On the other hand, the CP can purchase a large amount of data that can be used by a plurality of applications from a communication company, and can sell a product bearing a customer's data charge. This can be called a B2B2C service. That is, the CP can sell contents through an application or purchase in an application, and can also sell a communication network (exclusive network) product for an application.

For example, a CP joins a private network product of a carrier and purchases a large amount of data that can be used by a plurality of applications from a communication company. The CP can design and provide at least one CP product (including a rate, QoS level, etc.) capable of accommodating a plurality of applications to the customer. That is, instead of an individual user joining a private network product of a communication company, the CP can subscribe to a private network product of a communication company and provide a private network service to CP applications.

The data policy control apparatus 200 controls the authorized terminals to access the private network according to the various data charging burden policies of the CPs and controls the traffic of the applications specified by the CP in the purchase data limit of each CP to be transmitted and received in the private network .

The method of designing the data amount and QoS contracted by the CP with the communication company and providing it to the customer can be designed according to various purposes such as marketing. For example, a CP may sell a CP product to a customer for a fee. In addition, the CP may provide the CP product free of charge to the customer or bear the charge for data usage issued by the customer using the application.

For example, the CP private network product may include a data amount and / or a QoS level available for a private network. The user subscribes to the CP private network product, and when using the designated application, he or she can use the private network free of charge (the CP charges the data usage amount) or the QoS guaranteed private network (the data charge is paid by the individual or the CP )can do. As shown in Table 3, the CP-only network product can be designed variously by the CP.

CP name application Data volume / QoS time Plan CP1 CP1 assignment application 5 GB, QoS level Until the data is exhausted oooo yuan / month 3 GB, QoS level oooo yuan / month 1GB, QoS level oooo yuan / month CP2 CP2 assignment application QoS level Event free

As a result, when the user uses the application specified in the CP application container, the CP directly pays the network cost to the CP, and the CP can guarantee the QoS agreed with the communication company.

14 is a view for explaining a method for providing a user-selectable dedicated network service according to an embodiment.

Referring to FIG. 14, the conventional users subscribe to a single rate plan and utilize the communication network within the data limits agreed to in the plan. According to the present invention, the user can subscribe to a private network plan that connects to the private network, in addition to the public network plan that connects to the public network. The user can select the amount of data available for the private network. The data policy control apparatus 200 can provide a terminal with a user interface for easily selecting the amount of data as shown in FIG. 14 (a).

Referring to FIG. 14B, the terminal provides an application container (for example, a GiGA cube) on a display screen, and a user holds an application that wants to transmit and receive traffic through a private network to an application container. Then, as described above, the terminal sets up the routing information so that applications included in the application container can access the dedicated network. To this end, the terminal acquires the dedicated network connection information (for example, the dedicated network APN) from the data policy control apparatus 200 and sets the network interface. Applications located outside the application container connect to the public network.

For example, a user can subscribe to a private network plan for an application that requires QoS, and use the content by placing the application in an application container. If the committed dedicated network data amount is exhausted, the user can increase the amount of data in the user interface as shown in Fig. 14 (a). In addition, when the data policy control apparatus 200 monitors the usage amount of the private network and releases the amount of dedicated network data, the data policy control apparatus 200 releases the authentication of applications included in the application container to the routing authentication unit 310 of the terminal, . In this case, the applications contained in the application container move out of the application container, and the routing information is changed so as to connect to the public network.

The embodiments of the present invention described above are not implemented only by the apparatus and method, but may be implemented through a program for realizing the function corresponding to the configuration of the embodiment of the present invention or a recording medium on which the program is recorded.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, It belongs to the scope of right.

Claims (20)

A method for providing a third party charging service in cooperation with a core network and a terminal,
Managing a third party's data charging charge policy for a specific application, managing dedicated network information allocated to the core network for traffic transmission / reception of the specific application,
Controlling a dedicated network connection of the specific application installed in the terminals based on the data charging charge policy; and
And charging the third party for an amount of data used for traffic transmission / reception of the specific application in the dedicated network,
Wherein each terminal installed with the specific application transmits the traffic of the specific application to the dedicated network or transmits the traffic of the specific application to the public network under the control of the data policy controller. The method of claim 1,
The step of controlling the dedicated network connection of the specific application
When the data charging charge policy is valid, permits a dedicated network connection so that traffic of the specific application is transmitted to the dedicated network,
Wherein the terminal that is permitted to access the dedicated network establishes a first routing policy for transmitting traffic of the specific application to the dedicated network by using the dedicated network connection information. 3. The method of claim 2,
The dedicated network connection information
(APN) of the dedicated network allocated to the core network. The method of claim 1,
Wherein the data charging charge policy includes a purchase data amount of the third party,
The step of controlling the dedicated network connection of the specific application
When the amount of data charged to the third party reaches the purchase data amount of the third party, instructs the terminals that are permitted to access the dedicated network for the specific application to cancel the authentication for the dedicated network connection,
And each of the terminals whose authentication has been released changes the traffic of the specific application to a second routing policy to be transmitted to the public network. The method of claim 1,
The step of controlling the dedicated network connection of the specific application
Transmitting the dedicated network connection information allocated to the specific application to the terminals;
Receiving an authentication request for accessing a dedicated network of the specific application from an arbitrary terminal among the terminals; and
Authenticating a dedicated network connection to the specific application based on the application authentication policy set by the third party and allowing the arbitrary terminal to access the dedicated network,
Wherein the traffic of the specific application executed in the arbitrary terminal is transmitted to a dedicated network corresponding to the dedicated network connection information. The method of claim 5,
The application authentication policy
The identifier of the specific application, and the integrity information. The method of claim 1,
Wherein the specific application is an enterprise-specific application connected to an enterprise in-house network or an application connected to a content server through an Internet network. The method of claim 1,
Monitoring the remaining amount of the third party's purchasing data amount fluctuating in accordance with traffic transmission / reception in the dedicated network, and notifying the remaining amount to the third party; and
Updating the data charging charge policy when the request for data addition is received from the third party,
Further comprising the steps of: The method of claim 1,
The step of charging the third party
A method of providing a third party charging service, the method comprising: dividing traffic transmitted and received in the dedicated network into a plurality of applications and charging a third party corresponding to each application when traffic to be charged to a plurality of third parties is transmitted and received together in the private network. A method for a terminal to route application traffic to a designated network,
Requesting authentication for a dedicated network connection of a specific application with a data policy control device,
Receiving an authentication result from the data policy control device for permitting access to the dedicated network of the specific application; and
Setting a routing policy for transmitting traffic of the specific application to a dedicated network allocated to the specific application,
Wherein the traffic of the specific application is transmitted to the dedicated network generated in the core network based on the dedicated network connection information while the authentication for the dedicated network connection is valid. 11. The method of claim 10,
The step of requesting authentication for the dedicated network connection
When a user operation for moving the specific application displayed on the user interface screen into a specific area is input, the data policy control unit requests authentication for access to the dedicated network of the specific application,
Wherein the specific application is located in the specific area when the dedicated network connection is permitted from the data policy control device and the specific application is located outside the specific area if the dedicated network connection is not permitted from the data policy control device. 12. The method of claim 11,
The step of requesting authentication for the dedicated network connection
Requesting authentication to access the dedicated network of the specific application to the data policy control apparatus when an execution request for the specific application located in the specific area is inputted and if the dedicated network connection is not permitted from the data policy control apparatus, And moving the application out of the specific area. 11. The method of claim 10,
Receiving an authentication release from the data policy control device for a dedicated network connection to the specific application; and
Changing the traffic of the specific application to a routing policy to be transmitted to the public network
≪ / RTI > 11. The method of claim 10,
The step of setting the routing policy
Setting a routing policy of the specific application by mapping the specific application permitted to the private network connection to the routing container to which the virtual network interface is allocated,
Wherein the virtual network interface is connected to a first network interface connecting to the dedicated network,
Wherein a routing policy is established in which applications that are not mapped to the routing container are connected to a second network interface connecting to the public network. 11. The method of claim 10,
When the specific application is a third-party charging application in which a third party charges data, the specific application indicates that the third-party charging application is on the user interface screen while the authentication for the dedicated network connection is valid. 11. The method of claim 10,
The step of setting the routing policy
A first network access information for accessing a public network and at least one second network access information for accessing at least one dedicated network, and when the dedicated network access of the specific application is permitted, a second network access Maps the information to the specific application, and maps the first network access information to the specific application if the dedicated network access of the specific application is not permitted. 11. The method of claim 10,
Wherein the specific application is a third party billing application that is proprietary to an enterprise or a third party charges data. A method for a terminal to install a third party charging application,
Downloading and installing installation information including the third party charging application and the chargeable network information in the application market,
Accessing the data policy control apparatus indicated by the chargeable network information and notifying the third party charging application installation; and
Setting a routing policy for mapping the dedicated network connection information received from the data policy control device to the third party charging application,
And the traffic of the third party charging application is transferred to the dedicated network corresponding to the dedicated network connection information while the authentication for the dedicated network connection is valid. The method of claim 18,
The step of setting the routing policy
A third party that requests authentication for connection to the private network of the third party charging application to the data policy control device and receives the authentication result including the permission for access to the private network from the data policy control device, How to install a billing application. The method of claim 18,
Receiving an authentication release from the data policy control device for a dedicated network connection to the third party charging application; and
Setting a routing policy for changing the dedicated network access information mapped to the third party charging application to public network access information
A third party billing application installation method.

Images