WO2007036141A1 - Systeme et procede de surveillance d'un utilisateur ip mobile - Google Patents

Systeme et procede de surveillance d'un utilisateur ip mobile Download PDF

Info

Publication number
WO2007036141A1
WO2007036141A1 PCT/CN2006/002478 CN2006002478W WO2007036141A1 WO 2007036141 A1 WO2007036141 A1 WO 2007036141A1 CN 2006002478 W CN2006002478 W CN 2006002478W WO 2007036141 A1 WO2007036141 A1 WO 2007036141A1
Authority
WO
WIPO (PCT)
Prior art keywords
monitoring
mobile
data
user
listening
Prior art date
Application number
PCT/CN2006/002478
Other languages
English (en)
Chinese (zh)
Other versions
WO2007036141A8 (fr
Inventor
Haotao Pan
Hongguang Guan
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2007036141A1 publication Critical patent/WO2007036141A1/fr
Publication of WO2007036141A8 publication Critical patent/WO2007036141A8/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W24/00Supervisory, monitoring or testing arrangements
    • H04W24/08Testing, supervising or monitoring using real traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W80/00Wireless network protocols or protocol adaptations to wireless operation
    • H04W80/04Network layer protocols, e.g. mobile IP [Internet Protocol]
    • H04W80/045Network layer protocols, e.g. mobile IP [Internet Protocol] involving different protocol versions, e.g. MIPv4 and MIPv6

Definitions

  • the present invention relates to the field of network communications, and in particular, to a system and method for monitoring mobile IP users.
  • Mobile IP is a solution that provides mobile functionality to users on the Internet. Mobile IP can exceed the limits of the range, with scalability, reliability and security. Mobile IP extends the user's mobility and roaming capabilities, allowing nodes to maintain ongoing communications while switching.
  • the MN mobile node
  • Mobile IP provides a wide range of mobility to the terminal while ensuring the assignability and reachability of the terminal's IP address.
  • Mobile IP systems mainly include MN, FA (foreign agent), HA (home agent) and CN (communication node).
  • the present invention provides a system for monitoring a mobile IP user, comprising:
  • the monitoring device is configured to establish a data channel with the monitored device, receive the monitoring data transmitted by the monitored device through the data channel, and save and analyze the monitoring data; and the monitored device is configured to establish a data channel with the monitoring device, The data channel passes the received monitoring data of the mobile IP user to the listening server.
  • the system further comprises:
  • a home agent of the mobile IP user configured to provide the monitored device with the monitored device information that transmits the mobile IP user data according to the query request of the listening device;
  • the listening device establishes a data channel with the monitored device based on the monitored device information from the home agent.
  • the system further comprises:
  • the resource database is configured to store subscription information of the mobile IP user, and provide the home agent information of the mobile IP user to the monitoring device.
  • the monitoring device includes:
  • the monitoring client is configured to perform monitoring parameter setting, and the set listening parameter is transmitted to the monitoring server, and the analysis result of the received monitoring data is displayed, and the user is provided with the query, statistics and analysis functions of the saved historical monitoring data;
  • the monitoring server is configured to query the monitored device information of the mobile IP user according to the received monitoring parameter, send a monitoring request message to the monitored device, establish a data channel with the monitored device, and transmit the monitored device through the data channel.
  • the listening data coming over is passed to the supervisor.
  • the monitoring server comprises:
  • the interception request module is configured to analyze the listening parameter transmitted by the monitoring client, obtain the home agent information of the mobile IP user, query the monitored device information of the mobile IP user through the home agent, and send a monitoring request message to the monitored device. ;
  • the receiving and listening data module is configured to: according to a response command of the monitoring request message returned by the monitored device, establish a data channel with the monitored device, receive the monitoring data transmitted by the monitored device through the data channel, and transmit the monitoring data to the monitoring device.
  • Data analysis module and listening database ;
  • the monitoring data analysis module is configured to perform service classification on the received monitoring data, analyze the classified monitoring data, and transmit the analysis result to the monitoring client.
  • the monitoring data analysis module comprises:
  • a service classification module configured to perform service classification on the received monitoring data, and transmit the corresponding service analysis module to the corresponding service analysis module;
  • a plurality of service analysis modules each for analyzing the listening data of a service, and sending the analysis result to the monitoring client.
  • the service analysis module comprises: an email analysis module, an IP phone VOIP analysis module, and a data analysis module.
  • the monitored device may include a home agent or access point or a foreign agent of the mobile IP user.
  • the system can be a hierarchical system, including:
  • Local monitoring system used to monitor the data of mobile IP users on the wireless line in the area under its jurisdiction, and transmit the monitored data to the national monitoring system;
  • National Monitoring System Used to monitor the data of mobile IP users on the national backbone and national export wireless lines, and receive the monitoring data transmitted by the local monitoring system.
  • the local monitoring system comprises a national monitoring system and a regional monitoring system.
  • the present invention provides a method for monitoring a mobile IP user, including:
  • a data channel is established between the listening device and the monitored device of the mobile IP user;
  • the monitoring device receives the monitoring data of the mobile IP user transmitted by the monitored device through the data channel, and monitors the mobile IP user.
  • the step A specifically includes:
  • the monitoring device obtains the current monitored device information of the mobile IP user by using the home agent of the mobile IP user;
  • the listening device sends a monitoring request to the monitored device, and establishes a data channel with the monitored device according to the response returned by the monitored device.
  • the step A1 includes:
  • Al l input the monitoring parameter through the graphical interface on the monitoring client, the monitoring parameter includes the operator information and the mobile IP user's number and address information, and the monitoring parameter is transmitted to the monitoring server;
  • the monitoring server obtains the home agent information of the mobile IP user according to the received monitoring parameter, and queries the current monitored device information of the mobile IP user by the home agent.
  • the step A2 includes:
  • a data channel is established between the listening device and the monitored device, and the data channel is a dedicated physical data channel or a tunnel data channel.
  • the step B specifically includes:
  • the monitored device transmits the monitoring data of the mobile IP user directly through the data channel to Listening to the server, or encrypting the monitoring data of the mobile IP user and transmitting it to the listening server through the data channel;
  • the listening client displays the analysis result of the received monitoring data through text, graphics or sound, and the monitoring client also provides a graphical interface for the user to query, count and analyze the saved historical monitoring data.
  • the step B2 further includes:
  • the listening server adopts an open service platform and provides an open service interface, which provides business synthesis and analysis capabilities according to the service interface.
  • the step B further includes:
  • the home node When the home node finds that the mobile IP user moves to another monitored device, it notifies the monitoring server of the information of the other monitored device, and the listening server sends a request for releasing the interception to the previous monitored device of the mobile IP user, and the previous monitored device releases Listen for resources.
  • the mobile IP may include mobile IPv4 and mobile IPv6.
  • FIG. 1 is a structural view of a system of the present invention
  • 2 is a schematic diagram of networking of a hierarchical monitoring system
  • Figure 3 is a process flow diagram of the method of the present invention.
  • FIG. 4 is a schematic diagram of a listening server issuing a listening request to a monitored device
  • Figure 5 is a schematic diagram of a home agent issuing a listening request to a monitored device
  • Figure 6 is a schematic diagram of establishing a data channel between the monitoring server and the monitored device;
  • Figure 7 is a schematic diagram of the listening server providing an open service platform.
  • the invention provides a system and method for monitoring a mobile IP user.
  • the core of the present invention is that the listening server queries the current monitored device information of the user through the HA of the mobile IP user, and establishes a data channel with the monitored device.
  • the monitoring data of the mobile IP user is received through the data channel, and the monitoring data is analyzed and displayed.
  • FIG. 1 is a structural diagram of the system of the present invention, including the following modules:
  • the monitoring device is configured to send a monitoring request message to the monitored device, establish a data channel with the monitored device, receive the monitoring data transmitted by the monitored device through the data channel, save and analyze the monitoring data, and analyze the result. Displayed in a variety of ways.
  • the listening device includes: a listening client, a listening server, and a listening database.
  • the monitored device is configured to receive a listening request message of the monitoring server, and establish a data channel between the monitoring device, and transmit the monitoring data of the received mobile IP user to the monitoring server through the data channel. Release the listening resource after the listener ends.
  • the monitored device can be the FA or Access Router of the mobile IP user.
  • the listening client of the monitoring device is configured to perform monitoring parameter setting in real time, and
  • the listening parameter set by W is passed to the listening server, and the analysis result of the received monitoring data is displayed in real time through text, graphics and sound, and the user is provided with a query for listening to the historical monitoring data stored in the database through a graphical interface. , statistics and analysis capabilities.
  • the listening server of the monitoring device is configured to query the HA of the mobile IP user according to the listening parameter transmitted by the monitoring client, query the information of the monitored device of the mobile IP user through the HA, and send a monitoring request message to the monitored device, and A data channel is established between the monitoring devices, and the monitoring data transmitted by the monitored device through the data channel is received, and the monitoring data is transmitted to the monitoring database, and the monitoring data is analyzed, and the analysis result is transmitted to the monitoring client.
  • the monitoring server includes: a listening request module, a receiving listening data module, and a listening data analyzing module.
  • the listening server can interact with the resource database storing the mobile IP user subscription information to obtain the HA of the mobile IP user.
  • the listening database of the listening device is used to save the monitoring data transmitted by the monitoring server. Provides an interface to the listening client for query, statistics, and analysis of saved listener data.
  • the listening request module of the monitoring server is configured to analyze the listening parameter transmitted by the monitoring client, query the HA of the mobile IP user, query the monitored device information of the mobile IP user through the HA, and send a monitoring request to the monitored device. Message.
  • the receiving and listening data module of the monitoring server is configured to: according to a response command of the monitoring request message returned by the monitored device, establish a data channel with the monitored device, and receive the monitoring data transmitted by the monitored device through the data channel, and The listener data is passed to the listener data analysis module and the listener database.
  • the monitoring data analysis module of the monitoring server includes a service classification module, and a service analysis module such as an email analysis module, a VOIP analysis module, and a data analysis module.
  • the service classification module is configured to perform service classification on the received monitoring data, and transmit the data to the corresponding service analysis module.
  • Each service analysis module is configured to analyze the monitoring data, and transmit the analysis result. Handed to the listening client.
  • An open interface is provided in the listening data analysis module for extending the new business analysis module.
  • FIG. 2 the networking diagram of the hierarchical monitoring system is shown in FIG. 2 .
  • the hierarchical listening system can be set to a two-level or three-level structure.
  • it When it is a three-level structure, it includes a provincial monitoring system, a large-area monitoring system, and a national monitoring system; when it is a two-level structure, it includes a provincial monitoring system and a national monitoring system.
  • each province/region is a secure listening domain; in general, the province/region can only listen to the data of its scope.
  • the national monitoring system monitors data from national backbones and national exports.
  • the National Monitoring Center can also monitor the data in the province through the provincial/regional monitoring system.
  • Step 31 The user inputs the monitoring by monitoring the client, that is, the graphical interface provided by the monitoring terminal in FIG. 4 and FIG. Parameters, such as: carrier information, mobile IP user number, etc., pass the input listening parameters to the listening server through the listening request.
  • Step 32 The interception server queries the resource database according to the interception parameter in the received interception request, and obtains information such as the HA address of the mobile IP user and the address of the mobile IP user. As shown in Figure 4 and Figure 5, the listening server interacts with the resource database on interface C to obtain information such as the HA address of the mobile IP user and the address of the mobile IP user.
  • Step 33 The listening server queries the HA of the mobile IP user for parameter information such as an IP address, a security authorization code, and a security feature of the user data of the current roaming access device of the mobile IP user, where the roaming device is the mobile IP user.
  • the listening device can be the FA or Access Router of the mobile IP user.
  • the interception server sends a query request via message 3 to interface A between the HA and the HA.
  • Step 34 The HA queries the AAA (Authentication, Authorization, and Accounting) for the security attribute of the mobile IP user.
  • the security attribute may be, for example, an already assigned security association parameter of the user, which may be used to decode the tunnel data of the user.
  • Step 35 The HA returns the security attribute information of the queried mobile IP user to the monitoring server. As can be seen from Figure 4 and Figure 5, HA returns the query result to the listening server via message 4 on interface A.
  • Step 36 The interception server sends a snoop request message to the monitored device through the interface B shown in FIG. 4, that is, the message 1 in FIG. 4, and the monitored device accepts or rejects the interception request message of the listening server according to the actual situation.
  • the interception request message may include a user IP, a service flow identifier, an encrypted transmission, a security attribute alliance parameter, a start and end time range, and the like.
  • the service flow identifier is the service quintuple: source IP, source port, destination IP destination port, and protocol number.
  • the listening request message that is, the message 1 in FIG. 5, may also be sent by the HA to the monitored device through the interface C in FIG.
  • the monitored device After receiving the monitoring request message, the monitored device determines whether to receive the monitoring request of the monitoring server according to whether it has the capability of performing monitoring data replication, and whether an abnormality occurs, and if yes, executing step 37; otherwise, the process may be directly ended, or A rejection message is returned to the listening server.
  • Step 37 If the monitored device accepts the interception request message sent by the listening device, establish a data channel of the listening server and the monitored device, and return a monitoring response message to the monitoring server, that is, message 2 in FIG. 4 and FIG. 5.
  • FIG. 6 A schematic diagram of establishing a data channel between the monitoring server and the monitored device is shown in FIG. 6, and the data channel includes two types:
  • the processing can be performed by physically copying the line information, transmitting the monitoring data to the monitoring server through the transmission network, and recovering the information of the monitoring data by the monitoring server.
  • IPinIP IP in IP encapsulation
  • GRE General routing encapsulation
  • minimum encapsulation technologies IP in IP encapsulation
  • Step 38 After receiving the data of the mobile IP user, the monitored device may select to directly send the monitored number to the monitoring server through the data channel according to whether the monitoring request encrypts the transmission option, or may adopt IPSec (IP security).
  • IP security IP security
  • Technology or other data encryption technology encrypts the monitoring data and sends it to the listening server through the data channel.
  • the key distribution and transmission can be statically allocated or dynamically allocated by IKE (Internet Key Exchange).
  • Step 39 The interception server sends the interception data to the corresponding service analysis module according to the service type of the received interception data. If the interception data has been encrypted, the interception data is first performed according to the security attribute of the queried mobile IP user. Decryption processing.
  • the business analysis module performs analysis processing such as decoding and synthesizing the monitoring data.
  • the analysis result is sent to the monitoring client, and the monitoring client displays the analysis result by means of text, graphics and sound.
  • the monitoring server can use cluster technology or load sharing according to users or services.
  • the listening server learns the service type of the monitoring data, and may determine the type of the service to be monitored when the listening server sends the monitoring command; or may be learned according to the application port in the IP packet of the monitoring data, for example, the IP port of the email is 25. Determining whether the listening data is encrypted can be determined according to the instructions in the header of the IP packet.
  • the schematic diagram of the listening server providing an open service platform is as shown in FIG. 7, and includes: a monitoring platform, an open application interface, and an application synthesizing component, wherein the monitoring platform is configured to execute the foregoing sending a listening request, acquire monitoring data, and the like, and use an open application interface.
  • the data acquired by the monitoring platform is analyzed and provided to various application synthesizing components, and the application synthesizing component is used for synthesizing the various IP packet data to be listened to and restored to the content that can be listened to and viewed.
  • Step 310 After the HA discovers that the mobile IP user moves to another monitored device, it notifies the monitoring server of the attributes of the new monitored device, including IP address, security authorization code and other parameter information.
  • the listening server may send a monitoring request message to the monitored device according to the attribute information, that is, return to perform step 36 and subsequent steps.
  • Step 311 The interception server sends a dismissing request message to the old monitored device of the mobile IP user.
  • Step 312 After receiving the unlisting request message, the monitored device releases the listening resource and returns a response command to the listening server.
  • the user can also query and analyze the user data recorded in the monitoring database by listening to the query statistics function provided by the client.
  • the way of monitoring can be implemented by the user in real time; it can also be automatically monitored. That is, the user sets the monitoring policy, including the object to be monitored, the listening time, the frequency, etc., and the monitoring server executes the process after step 32 in FIG. 7 according to the set monitoring policy.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)
  • Monitoring And Testing Of Exchanges (AREA)

Abstract

Ce système de surveillance d'un utilisateur IP mobile comprend notamment un dispositif de surveillance établissant un canal de données avec le dispositif surveillé, recevant les données transmises par le dispositif surveillé à travers un canal de données, mémorisant et analysant les données de surveillance; un dispositif surveillé établissant le canal de données avec le dispositif de surveillance, transmettant les données de surveillance reçues de l'utilisateur IP mobile vers le serveur de surveillance à travers un canal de données et libérant les ressources de surveillance à la fin de la surveillance. On prévoit aussi un procédé de surveillance d'un utilisateur IP mobile. L'invention offre une solution de surveillance pour IPV4 et IPV6 mobile, assure la surveillance d'un utilisateur IPV4 et d'un utilisateur IPV6 en temps réel et analyse les résultats en vue d'autres applications, notamment VOIP (téléphone IP), la transmission de données et le courriel d'après le protocole IP mobile.
PCT/CN2006/002478 2005-09-27 2006-09-21 Systeme et procede de surveillance d'un utilisateur ip mobile WO2007036141A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CNB2005101055553A CN100454850C (zh) 2005-09-27 2005-09-27 对移动ip用户进行监听的系统和方法
CN200510105555.3 2005-09-27

Publications (2)

Publication Number Publication Date
WO2007036141A1 true WO2007036141A1 (fr) 2007-04-05
WO2007036141A8 WO2007036141A8 (fr) 2007-06-21

Family

ID=37425772

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2006/002478 WO2007036141A1 (fr) 2005-09-27 2006-09-21 Systeme et procede de surveillance d'un utilisateur ip mobile

Country Status (2)

Country Link
CN (1) CN100454850C (fr)
WO (1) WO2007036141A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113671963A (zh) * 2021-08-23 2021-11-19 深圳市小二极客科技有限公司 机器人传输服务三端控制系统

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
RU2435205C2 (ru) * 2007-06-08 2011-11-27 Хуавэй Текнолоджиз Ко., Лтд. Способ законного перехвата информации и устройство для этого
CN101388801B (zh) * 2007-09-14 2011-10-05 华为技术有限公司 合法监听方法、系统和服务器
CN101123541B (zh) * 2007-09-29 2011-06-22 华中科技大学 一种应用于合法监听系统的策略模型的构造方法
CN101448010B (zh) * 2008-02-22 2012-05-23 中兴通讯股份有限公司 获取WiMAX中被监听用户接入网络时位置信息的系统和方法
MY166071A (en) * 2008-07-24 2018-05-23 Ericsson Telefon Ab L M Lawful interception for 2g/3g equipment interworking with evolved packet system
CN101742011B (zh) * 2008-11-13 2013-09-18 中国科学院计算机网络信息中心 一种跨网络电话域的合法监听方法和系统
CN103179292A (zh) * 2011-12-23 2013-06-26 上海亿人通信终端有限公司 Ip电话机的群组功能实现方法
CN106954209A (zh) * 2016-10-10 2017-07-14 常州市善松信息科技有限公司 一种无线局域网安全系统及其方法
CN107833051B (zh) * 2017-10-19 2021-11-19 中国银行股份有限公司 一种数据统计方法以及系统

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1581753A (zh) * 2003-08-15 2005-02-16 华为技术有限公司 实现空中监听的方法和监听设备
US20050143062A1 (en) * 2003-12-30 2005-06-30 Interdigital Technology Corporation Fixed and roving wireless system monitors

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6839323B1 (en) * 2000-05-15 2005-01-04 Telefonaktiebolaget Lm Ericsson (Publ) Method of monitoring calls in an internet protocol (IP)-based network
EP1597841B1 (fr) * 2003-02-04 2014-10-01 SK Telecom Co., Ltd. Procede et systeme de surveillance de la performance en matiere de localisation d'un terminal de communications mobile au moyen d'un reseau de communications sans fil et d'un a-gps
CN100341371C (zh) * 2003-03-28 2007-10-03 华为技术有限公司 一种基于小区位置的监听方法
CN100346613C (zh) * 2003-08-07 2007-10-31 华为技术有限公司 一种监听网络系统及其监听方法

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1581753A (zh) * 2003-08-15 2005-02-16 华为技术有限公司 实现空中监听的方法和监听设备
US20050143062A1 (en) * 2003-12-30 2005-06-30 Interdigital Technology Corporation Fixed and roving wireless system monitors

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113671963A (zh) * 2021-08-23 2021-11-19 深圳市小二极客科技有限公司 机器人传输服务三端控制系统

Also Published As

Publication number Publication date
WO2007036141A8 (fr) 2007-06-21
CN100454850C (zh) 2009-01-21
CN1866882A (zh) 2006-11-22

Similar Documents

Publication Publication Date Title
WO2007036141A1 (fr) Systeme et procede de surveillance d'un utilisateur ip mobile
EP1713289B1 (fr) Pprocédé d'etablissement d'une association de securité entre l'abonne itinerant et le serveur du réseau visité
US7310730B1 (en) Method and apparatus for communicating an encrypted broadcast to virtual private network receivers
US8477941B1 (en) Maintaining secure communication while transitioning networks
EP1976186B1 (fr) Procédé d'écoute légale dans un réseau de nouvelle génération et système associé
US8914520B2 (en) System and method for providing enterprise integration in a network environment
RU2435205C2 (ru) Способ законного перехвата информации и устройство для этого
US8498223B2 (en) Systems and methods for providing emergency service trust in packet data networks
EP2534889B1 (fr) Procédé et appareil de redirection de trafic de données
CA2545272A1 (fr) Communications standards securises par reseau longue portee
WO2007073696A1 (fr) Procede, appareil et systeme pour acces sans fil
WO2011095039A1 (fr) Procédé, système et dispositif de négociation de clé de session de bout en bout
Li et al. A mobile phone based WSN infrastructure for IoT over future internet architecture
WO2012083828A1 (fr) Procédé, station de base et système de mise en œuvre de trafic d'acheminement local
CN113873453B (zh) 通信方法、装置、系统及介质
CN108601093B (zh) 一种无线通信方法及系统
US20040168050A1 (en) System and method for analyzing encrypted packet data
CN102905199B (zh) 一种组播业务实现方法及其设备
CN101364901B (zh) 合法监听方法、合法监听系统、分组数据网关、监听中心
WO2012024905A1 (fr) Procédé, terminal et ggsn de chiffrement et de déchiffrement de données dans un réseau de communication mobile
WO2010096995A1 (fr) Procédé de réalisation d'une architecture convergente de réseau wapi avec mode mac séparé
Rajavelsamy et al. Performance evaluation of VoIP over 3G-WLAN interworking system
Park et al. Survey for secure IoT group communication
WO2010096996A1 (fr) Procédé pour réaliser l'intégration de wapi et capwap en mode mac local
Lai et al. Achieving secure and seamless IP Communications for group-oriented software defined vehicular networks

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06791068

Country of ref document: EP

Kind code of ref document: A1