WO2013056628A1 - Method, application server, network database, and system for achieving heartbeat mechanism - Google Patents

Method, application server, network database, and system for achieving heartbeat mechanism Download PDF

Info

Publication number
WO2013056628A1
WO2013056628A1 PCT/CN2012/082714 CN2012082714W WO2013056628A1 WO 2013056628 A1 WO2013056628 A1 WO 2013056628A1 CN 2012082714 W CN2012082714 W CN 2012082714W WO 2013056628 A1 WO2013056628 A1 WO 2013056628A1
Authority
WO
WIPO (PCT)
Prior art keywords
network
application server
network database
application
user
Prior art date
Application number
PCT/CN2012/082714
Other languages
French (fr)
Chinese (zh)
Inventor
吴强
江华
符涛
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2013056628A1 publication Critical patent/WO2013056628A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/10Active monitoring, e.g. heartbeat, ping or trace-route

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to a method, an application server, a network database, and a system for implementing a heartbeat mechanism.
  • Background technique
  • the heartbeat packet mechanism is usually used.
  • the so-called heartbeat packet mechanism is a mechanism for sending and receiving heartbeat packets (referred to as heartbeat packets). It is actually a custom protocol, a specific, cyclically transmitted data packet, which is mainly used to determine whether a network node is still connected.
  • This protocol needs to be supported by each node. It is generally used to determine whether the peer (device, process, or other network element) is running normally. It uses a timed to send a simple communication packet. If the response is not received within the specified time period, it is judged. The connection to the other party has been interrupted.
  • the client after logging in to the server, the client needs to maintain a connection between the client and the server to ensure that: 1.
  • the server and the client can know each other at the time.
  • the status determines whether the other party can receive and process the message; 2.
  • the server can correctly locate the address of the client and send a message to the client.
  • the Chinese Patent Application No. 200710140469 discloses "a method, a server and a system for implementing a heartbeat mechanism", and aims to provide a method, a server and a system for implementing a heartbeat mechanism, The above technical problem of not being able to perform targeted client identification on the heartbeat request message is solved.
  • the Chinese Patent Application No./Patent No. CN200880127966.4 discloses "A Method and Apparatus for Implementing a Heartbeat Mechanism in a Communication Network", which is completed by introducing a proxy device between a control device and an execution device of the communication network. Work status monitoring between the device and the execution device Processing, thereby greatly reducing the burden of controlling device processing status monitoring related information.
  • the proxy device obtains the working status information of the multiple execution devices, and reports the information to the control device by using one or more uplink report messages. After receiving the uplink report message reported by the proxy device, the control device is based on the uplink report message. , Get the working status information of multiple execution devices.
  • the invention is particularly applicable to device state monitoring based on a heartbeat mechanism in a softswitch network.
  • the correspondence between the client account and the address information (for example, the IP address and the port number) is established.
  • Each heartbeat message interaction requires the network terminal device to collect its own state information at regular intervals, and then send it to the network address translation server through the network through the heartbeat data packet; the network address translation server performs address translation processing on the heartbeat packet information.
  • the heartbeat data packet is forwarded to the central heartbeat server; for the heartbeat data packet that has passed the check, the relevant record information is written; if the check fails, the current heartbeat data packet is discarded; and the central task manager according to the related record information
  • the processing of transmitting the corresponding feedback information heartbeat data packet to the client system is performed, and the network address translation server sends the data packet to the corresponding network terminal device.
  • the network terminal equipment collects and compresses its own state information at regular intervals, and then sends the UDP heartbeat data packet to the network address translation server through the network using the UDP protocol;
  • the network address translation server performs address translation processing on the UDP heartbeat packet information sent by the network terminal device, that is, converts the IP address and port of the network terminal device into the IP address and port of the network address translation server, and then the UDP The heartbeat packet information is forwarded to the central heartbeat server through the network;
  • the central heartbeat server After receiving the corresponding UDP heartbeat packet information, the central heartbeat server sends the heartbeat manager through the network;
  • the heartbeat manager performs decompression verification processing on the UDP heartbeat packet information, and then performs format translation processing on the corresponding information. If the information format is incorrect, the heartbeat manager discards the current UDP heartbeat packet and sends the packet to the client.
  • the system sends the UDP heartbeat packet information to retransmit the required feedback information UDP packet; if the information format is correct, the related record information is forwarded to the central Write to the database in the database server;
  • the central task manager performs processing for transmitting the corresponding feedback information UDP heartbeat data packet to the client system according to the related record information written in the central database server;
  • the network address translation server receives the feedback information UDP data packet of the central server system through the network, and performs reverse address translation processing on the network address conversion server, that is, the IP address and port of the network address translation server, and the IP address and port of the network terminal device. ;
  • the network address translation server sends the feedback information UDP data packet to the corresponding network terminal device
  • the network terminal device performs corresponding subsequent processing according to the feedback information UDP data packet. Therefore, after the HTTP login by the client, the server performs the heartbeat data packet transmission on the IP address and the port number corresponding to the client account according to the correspondence between the account and the address information in the related record information of the client. Receive, that is, the interaction of heartbeat connections. These heartbeat messages are short data packets sent by the server and client application layer and forwarded by the IP network bearer layer.
  • the frequency of heartbeat messages is very high and the user base is large, it will affect the performance of the IP network bearer layer, especially the wireless bearer layer such as the wireless cellular network, which is manifested in the following aspects:
  • the wireless terminal frequently switches between idle (Idle) and active (Active) states; 2) increases control plane signaling, and increases signaling overhead of the radio access network RAN and the packet core network;
  • Wireless terminals will always occupy wireless resources
  • the application server needs to maintain a dynamic mapping relationship between the service account and the IP address and the port number, and needs to implement registration address information, such as an IP address and a port number, in the login process of the client;
  • the security login in the case where the registered address information of the client belongs to the change; there is also the problem of secondary login caused by the change of the address information; the application service server needs to handle the service addressing function, thereby making the business process too complicated.
  • the technical problem solved by the present invention is to provide a method, an application server, a network database and a system for realizing a heartbeat mechanism, which can effectively reduce the transmission frequency of short data packets between the network and the terminal, and reduce the network load.
  • the present invention provides a method for implementing a heartbeat mechanism, the method comprising:
  • the application server establishes a security mechanism with the network database
  • a heartbeat mechanism is established between the application server and the network database.
  • the method further includes:
  • the network database maintains a mapping relationship between the identity identification and the location identification of the terminal user, and locates the application client where the terminal user is located according to the mapping relationship.
  • the method further includes: the network database is based on information that is reported by the network access device or that is queried by other network elements in the network, and maintains status information of the terminal user; the status information includes: Online status, offline status.
  • the method further includes:
  • the method further includes:
  • An inquiry mechanism is established between the application server and the network database, and the application server queries the network database for terminal user status information and/or terminal user information according to service requirements.
  • the method further includes: when the application client stops the service application, the application server notifies the network database to stop the heartbeat mechanism.
  • the manner in which the application server establishes a security association with the network database includes, but is not limited to, Internet Protocol Security (IPsec), two-way authentication authorization, and virtual private network (VPN) access.
  • IPsec Internet Protocol Security
  • VPN virtual private network
  • the present invention also provides an application server for implementing a heartbeat mechanism, the application server comprising: an application client user identity management module, configured to: establish a mapping relationship between a user network layer identity and a network database;
  • the application client login status maintenance module is configured to: maintain whether the application client is in the login state, and request the establishment of the heartbeat mechanism to the network database when the application client logs in and activates the service application;
  • a heartbeat mechanism module configured to: perform heartbeat interaction with the network database to determine state information of the application client;
  • a security mechanism module configured to: perform secure interaction with the network database, complete two-way authentication between the application server and the network database, establish a security association between the application server and the network database; and, with the application The client performs a secure interaction and completes the authentication of the application client.
  • the application server further includes a user status query module, configured to: establish a state reservation mechanism with the network database, and notify the network database to notify the application server of the state change of the terminal user.
  • a user status query module configured to: establish a state reservation mechanism with the network database, and notify the network database to notify the application server of the state change of the terminal user.
  • the user status query module is further configured to: establish a query mechanism with the network database, and query the network database for terminal user status information and/or terminal user information according to service requirements.
  • the application client login status maintenance module is further configured to: the application client When the business application is stopped, the network database is notified to stop the heartbeat mechanism.
  • the present invention further provides a network database for implementing a heartbeat mechanism, the network database comprising: a heartbeat mechanism unit, configured to: perform a heartbeat interaction with an application server, so that the application server can determine status information of the application client;
  • the security mechanism unit is configured to: perform secure interaction with the application server, complete two-way authentication between the application server and the network database, and establish a security association between the application server and the network database.
  • the network database further includes:
  • the user status maintenance unit is configured to: according to the information that is reported by the network access device or that is queried by other network elements in the network, and maintains the status information of the terminal user; the status information includes: online status, offline State
  • the user status query unit is configured to: when the application server initiates the query, return corresponding terminal user status information and/or terminal user information to the application server.
  • the user status query unit is further configured to: establish a state reservation mechanism with the network database, and notify the application server of a status change of the terminal user.
  • the network database further includes:
  • the service addressing unit is configured to: maintain a mapping relationship between the identity identification and the location identification of the terminal user, and locate the application client where the terminal user is located according to the mapping relationship.
  • the present invention also provides a system for implementing a heartbeat mechanism, the system comprising: an application server, an application client, and a network database, wherein:
  • the application server is configured to: after the application client logs in, activate the service application, establish a heartbeat mechanism with the network user database, obtain the online status information of the user, and establish a correspondence between the client account and the network layer user identification;
  • the application client is configured to: send a heartbeat request message according to the login response information or a heartbeat response message;
  • the network database is configured to save network layer user identification information, maintain user online status, and establish a heartbeat mechanism with the application server, and provide user online status information to the application server.
  • the application server side further includes:
  • the application client user identity management module is configured to: establish a mapping relationship between the user network layer identity and the network database;
  • the application client login status maintenance module is configured to: maintain the application client is in a login state, and request the establishment of a heartbeat mechanism to the network database when the application client logs in and activates the service application;
  • a heartbeat mechanism module configured to: perform heartbeat interaction with the network database to determine state information of the application client;
  • a security mechanism module configured to: perform secure interaction with the network database, complete two-way authentication between the application server and the network database, establish a security association between the application server and the network database; and, with the application The client performs a secure interaction and completes the authentication of the application client.
  • the application server further includes a user status query module, configured to: establish a state reservation mechanism with the network database, and notify the network database to notify the application server of a status change of the terminal user; And/or establishing a query mechanism with the network database, and querying the network database for terminal user status information and/or terminal user information according to service requirements.
  • a user status query module configured to: establish a state reservation mechanism with the network database, and notify the network database to notify the application server of a status change of the terminal user; And/or establishing a query mechanism with the network database, and querying the network database for terminal user status information and/or terminal user information according to service requirements.
  • the application client login state maintenance module is further configured to: notify the network database to stop the heartbeat mechanism when the application client stops the service application.
  • the network database comprises:
  • a heartbeat mechanism unit configured to: perform heartbeat interaction with an application server, so that the application server can determine status information of the application client;
  • the security mechanism unit is configured to: perform secure interaction with the application server, complete two-way authentication between the application server and the network database, and establish a security association between the application server and the network database.
  • the network database further includes:
  • the user status maintenance unit is configured to: maintain the status information of the terminal user according to the information that is reported by the network access device or that is queried by other network elements in the network; Including: online status, offline status;
  • the user status query unit is configured to: when the application server initiates the query, return corresponding terminal user status information and/or terminal user information to the application server; and establish a state reservation mechanism with the network database, Notifying the application server of the status change of the end user.
  • the network database further includes:
  • the service addressing unit is configured to: maintain a mapping relationship between the identity identification and the location identification of the terminal user, and locate the application client where the terminal user is located according to the mapping relationship.
  • FIG. 1 is a schematic diagram of a server for implementing a heartbeat mechanism according to an embodiment of the present invention
  • FIG. 2 is a schematic diagram of a network database for implementing a heartbeat mechanism according to an embodiment of the present invention
  • Figure 3 is a schematic diagram of a network architecture of an identity location separation scheme of a network
  • FIG. 4 is a schematic flow chart of a method for implementing a heartbeat mechanism according to an embodiment of the present invention
  • FIG. 5 is a schematic diagram of a host protocol stack of a host-based identity location separation scheme according to an embodiment of the present invention
  • Figure 6 is a schematic diagram of a host-based identity location separation scheme.
  • the present embodiment provides a technical solution for implementing a heartbeat mechanism:
  • the network database stores user state information required by the application server, and the network database replaces the terminal, and establishes a heartbeat mechanism with the application server to report the connection state between the terminal and the application server.
  • the embodiment provides a method for implementing a heartbeat mechanism, where the method includes at least the following steps: Step 1.
  • the application server establishes a security mechanism with the network database;
  • Step 2. Establish a mapping relationship between the network layer user identity between the application server and the network database;
  • Step 3 When the application client, that is, the network terminal user activates the service application, a heartbeat mechanism is established between the application server and the network database. Further, the method further includes one or more of the following steps:
  • Step 4 The network database queries other network elements in the network for the status information of the maintenance terminal host.
  • Step 5. The application server establishes a state reservation mechanism with the network database. For example, the application server makes an appointment to the network database: The service application is actively notified when the user status changes, including the status notification process of the user going online and offline.
  • Step 6 When the application client, that is, the network terminal user stops using the service, the application server notifies the network database to stop the heartbeat mechanism.
  • Step 7. Establish a query mechanism between the application server and the network database. The application server can query the user status and user information when needed according to the business process.
  • the embodiment further provides a server for implementing a heartbeat mechanism.
  • the server mainly includes:
  • the application client user identity management module is configured to: the corresponding application server does not need to maintain a dynamic binding relationship between the IP address and the port number corresponding to the client account, and establish a relationship between the client account and the network layer user identification. Static correspondence
  • the application client login status maintenance module is configured to: maintain whether the application client is in the login state, and interact with the network database to notify the application client whether it is in the login state;
  • the heartbeat mechanism module is configured to: interact with the network database To determine the current state of the client, whether it can receive and process messages;
  • a security mechanism module configured to: perform secure interaction with a network database, complete two-way authentication between the application server and the network database, establish a security association between the application server and the network database; and perform secure interaction with the application client to complete Authentication of the application client.
  • the application server can query according to the business process when needed User status and user information.
  • the network database stores the location information of the application client, and when the application server needs it, it can initiate a query to the network database.
  • the embodiment further provides a network database for implementing a heartbeat mechanism.
  • the network database mainly includes:
  • a heartbeat mechanism unit configured to: interact with an application server, so that the application server can determine a current state of the client, and the application server can determine whether the message can be received and processed;
  • the security mechanism unit is configured to: perform secure interaction with the application server, complete two-way authentication between the application server and the network database, and establish a security association between the application server and the network database.
  • the foregoing network database may further include one or more of the following units: a user status query unit, configured to: the application server may query the user status and user information when needed according to the business process, and the network database provides the query interface to the network database. .
  • a user status query unit configured to: the application server may query the user status and user information when needed according to the business process, and the network database provides the query interface to the network database.
  • the location information of the application client is saved in the network database, and the query can be initiated to the network database when the application server needs the business;
  • the user status maintenance unit is configured to: query, according to the needs of the application server, the network database to query the status information of the maintenance application client, that is, the network terminal host, to other network elements in the network.
  • These status information includes, but is not limited to, user network terminal host location information, network terminal host arrears status, online status, etc.;
  • the service addressing unit is configured to: the network database real-time maintenance application client, that is, the corresponding mapping relationship between the network terminal host identity identifier and the location identifier.
  • the address of the network terminal host, that is, the application client, can be located by the identity of the network terminal host.
  • the Internet application layer user account When the data communication network is routed based on the IP address, the Internet application layer user account, such as the instant communication number and the email address, does not have the function of identifying the location of the application layer client, and cannot be directly used for addressing and routing at the network layer.
  • the Internet application layer service client When the Internet application layer service client communicates, the input communication peer is identified as an application layer user account.
  • a function module is required to query the network layer routable location identifier through the application layer user account, and the network layer routes the data packet to the routable location identifier. The location of the communication peer.
  • the application server and the network database establish a static mapping relationship between the application layer user account and the network layer user identification, or the network layer user identification can be directly used as the application layer user account.
  • the application layer server can realize the end-to-end communication process between the application clients of the Internet application layer through the network layer service addressing function.
  • the embodiment further provides a system for implementing a heartbeat mechanism, the system comprising: an application server, a client, and a network database,
  • the application server is mainly used for: after the client is online, the application service is activated, and the corresponding application server establishes a heartbeat mechanism with the network user database to obtain the online status information of the user.
  • the corresponding application server does not maintain the dynamic binding relationship between the IP address and the port number corresponding to the client account, and establishes a static correspondence between the client account and the network layer user identification.
  • the client is mainly configured to: send a heartbeat request message according to the login response information or a heartbeat response message.
  • the network database stores the identity information of the network user, and is mainly used to: cooperate with the access management device in the network, save the network layer user identification information, maintain the online state of the user; and interface with the application server, and the application server Establish a heartbeat mechanism to provide user online status information to the application layer.
  • application server specifically includes the following functional modules:
  • the application client user identity management module is configured to: establish a mapping relationship between the user network layer identity and the network database;
  • the application client login status maintenance module is configured to: maintain whether the application client is in a login state, and request the establishment of a heartbeat mechanism to the network database when the application client logs in and activates the service application;
  • a heartbeat mechanism module configured to: perform a heartbeat interaction with the network database to determine state information of the application client;
  • a security mechanism module configured to: perform secure interaction with the network database, complete two-way authentication between the application server and the network database, establish a security association between the application server and the network database; and, with the application The client performs a secure interaction and completes the authentication of the application client.
  • the application server further includes a user status query module, configured to: establish a state reservation mechanism with the network database, and reserve the terminal user with the network database. Notifying the application server of the status change; and/or establishing a query mechanism with the network database to query the network database for terminal user status information and/or terminal user information according to service requirements.
  • a user status query module configured to: establish a state reservation mechanism with the network database, and reserve the terminal user with the network database. Notifying the application server of the status change; and/or establishing a query mechanism with the network database to query the network database for terminal user status information and/or terminal user information according to service requirements.
  • the application client login state maintenance module is further configured to: when the application client stops the service application, notify the network database to stop the heartbeat mechanism.
  • network database specifically includes the following units:
  • a heartbeat mechanism unit configured to: perform heartbeat interaction with an application server, so that the application server can determine status information of the application client;
  • a security mechanism unit configured to: perform secure interaction with the application server, complete two-way authentication between the application server and the network database, and establish a security association between the application server and the network database.
  • the network database further includes:
  • the user status maintenance unit is configured to: maintain the status information of the terminal user according to the information that is reported by the network access device or that is queried by other network elements in the network; and the status information includes: online status, offline State
  • a user status query unit configured to: when the application server initiates the query, return corresponding terminal user status information and/or terminal user information to the application server; and establish a state reservation mechanism with the network database, Notifying the application server of the status change of the end user.
  • the network database further includes:
  • the service addressing unit is configured to: maintain a mapping relationship between the identity identification and the location identification of the terminal user, and locate the application client where the terminal user is located according to the mapping relationship.
  • the IP address in the TCP/IP protocol widely used in the existing Internet has a dual function, which serves as both the location identifier of the communication terminal host network interface of the network layer in the network topology and the identity of the transport layer host network interface.
  • the TCP/IP protocol was not designed at the beginning of the host. However, as host mobility becomes more prevalent, the semantic overload defects of such IP addresses are becoming increasingly apparent. When the IP address of the host changes, not only the route changes, but also the identity of the host of the communication terminal changes.
  • a network router-based implementation method and a host-based implementation method are related.
  • Two mainstream solutions for identity and location separation After the identity and location are separated, the network layer identity of the terminal host can be fixed. It does not need to be changed due to the change of the terminal host location.
  • the basic network maintains the dynamic mapping relationship between the terminal identity and the location identifier of the terminal, and completes the data packet. The process of identifying the location identifier by the identity identifier completes the process of addressing and forwarding the data packet.
  • the network element included in the network-based solution can be abstracted from the logical function: host, network database, mapping encapsulation execution node/forwarding device.
  • Hosts in the network have two types of identity: host identity and location route identity.
  • the host identity indicates the user identity, and is used to identify the communication peer end when the end-to-end communication is used;
  • the location identifier indicates the current location of the terminal user, and is used for routing the data packet.
  • the network database stores the correspondence between the identity identifier of the terminal host and the location identifier through the mapping table.
  • the identity is kept static as the host account information.
  • the location identifier is assigned by the currently accessed mapping encapsulation node based on the host location.
  • the mapping encapsulation execution node cooperates with the network database, and through the registration update process, the mapping relationship between the host identity and the location identifier saved in the network database is updated in real time.
  • the mapping encapsulation executing node 1 queries the network database for the location identifier of the host 2 according to the communication peer identity identifier, and saves the query result in the mapping routing table of the mapping encapsulation execution node 1,
  • the mapping table maintains the identity/location identification mapping information of the host 2 in real time, and implements data packet encapsulation processing, routing, and forwarding according to the mapping routing table.
  • the mapping encapsulation execution node 2 After receiving the data packet sent by the encapsulating execution node 1, the mapping encapsulation execution node 2 performs location identification decapsulation processing, and sends the decapsulated data to the communication peer.
  • mapping encapsulation execution node When the location of the host on the communication end changes, the mapping encapsulation execution node registers a new location identifier with the network database and notifies the communication peer. Thereafter, both ends of the communication will communicate with the new location identifier.
  • the above network-based identity location separation scheme provides a unified and unique identity for the host.
  • the network database saves the terminal master The identity of the machine, and dynamically maintain the mapping relationship between the identity and the location identity.
  • the method for implementing the heartbeat mechanism in this embodiment mainly includes the following steps: Step S101.
  • the application server establishes a security mechanism with the network database.
  • the application server establishes a security association with the network database. Because of the security association between the network-side devices, the processing efficiency, the convenience of the device management upgrade, the professional level, the security strength, and the flexibility of the security mechanism are all largely Upgrade.
  • the ways to establish security associations include but are not limited to: IPsec, two-way authentication and authorization, and VPN access.
  • Step S102 The application server establishes a mapping relationship between the user identification and the network database.
  • the corresponding application server does not need to maintain the dynamic binding relationship between the IP address and the port number corresponding to the client account, and establish a client account and a network layer user identification. Static correspondence between the two.
  • the static correspondence between the client account and the network layer user identification can be entered when the client account is opened, or can be obtained through the application service layer signaling interaction when the user first logs in.
  • the application server and the network database should have an interaction confirmation mechanism to ensure that the client account and the network layer user identification correspond to the same user.
  • Step S103 The application client, that is, the network terminal user starts to use the service, and the heartbeat mechanism is established between the application server and the network database.
  • the application server receives the login request from the client, and after successful verification, returns a login response message to the client.
  • the application server initiates a heartbeat request to the network database and establishes a heartbeat mechanism with the network database.
  • the network database performs application server identification, and the network database returns a heartbeat response message, and a heartbeat mechanism is established between the application server and the network database. Otherwise the process ends.
  • Step S104 The application server makes a reservation to the network database, and actively notifies the service application when the user status changes, including the status notification process of the user going online or offline.
  • the network database stores state information of the application client, that is, the network terminal user, and the information includes whether the user is online or the like.
  • the application server can initiate an appointment to the network database, and the network database actively notifies the service application when the user state changes.
  • Step S105. Establish a query mechanism between the application server and the network database.
  • the application server can query the user status and user information when needed according to the business process.
  • Step S106 The network database queries other network elements in the network for maintaining the status information of the terminal host.
  • Step S107 The application client, that is, the network terminal user stops using the service, and the application server notifies the network database to stop the heartbeat mechanism.
  • step S101 and step S102 have no strict sequence in sequence.
  • Step S104, step S105, and step S106 also have no strict sequence in sequence.
  • the method of the embodiment has at least the following beneficial effects:
  • the network can know whether the terminal is online, the connection status information with the network, and the information exchange between the network database and other network elements of the network, and the network database can maintain and store the connection status information.
  • the heartbeat mechanism for confirming the connection state between the terminal (application client) and the application server is implemented by a heartbeat mechanism between the application server and the network user database, and the terminal (application client) no longer participates in the heartbeat between the application server and the application server. mechanism. It effectively reduces the frequency of sending short packets between the network and the user, and reduces the data load on the user's access to the network.
  • wireless methods such as wireless cellular networks can effectively improve the utilization of wireless resources, improve the battery standby/working time of wireless terminals such as mobile phones, and enhance the user experience.
  • the technical solution provided by the embodiment of the present invention replaces the heartbeat mechanism between the application server and the terminal by using a heartbeat mechanism between the application server and the network database.
  • a network attack initiated by a heartbeat mechanism between the terminal and the application server will be effectively controlled.
  • the security mechanism between the terminal and the application server translates into a security mechanism between the application server and the network database.
  • Comparing the terminal, the application server and the network database are network-side devices. Because of the security association between the network-side devices, both the processing efficiency, the convenience of device management upgrade, the professional level, the security strength, and the flexibility of the security mechanism are all Great improvement.
  • the purposeful security guarantee of the heartbeat interaction process can be realized, which will greatly improve the security of the system, reduce potential hidden dangers, and realize the organic unification of network security and efficiency.
  • This embodiment is based on the identity identification and location separation solution of the host, and is specific to the present invention. Description:
  • the basic idea of a host-based identity and location separation solution is to introduce a host identity layer between the network layer and the transport layer of the host.
  • the host identification layer separates the originally tightly coupled transport layer from the network layer.
  • the IP address no longer acts as the identity host. It is only responsible for the routing and forwarding of packets, that is, it is only used as a location identifier.
  • the host name is represented by the host identifier. .
  • the host identification layer is logically located between the network layer and the transport layer, and the host completes the host identifier and IP address translation in the packet.
  • the network layer is shielded from the transport layer, and any changes in the network layer (for example, changes in the host IP address during communication) do not affect the transport layer link unless the quality of service changes.
  • the transport layer connection is established on top of the host ID.
  • the IP address can only be used for network layer routing and is no longer used to identify the host identity.
  • the host-based solution includes network elements abstracted from logical functions: host, network database.
  • the network database saves the mapping relationship between the host identifier and the terminal IP address in real time.
  • the initiator host 4 queries the network database for the IP address of the responder host according to the host ID of the responder, and obtains the host ID/IP address mapping of the responder, and the initiator and the responder establish security. Associate and communicate.
  • the host at the communication end changes, register a new IP address with the network database and notify the communication peer. After that, both ends of the communication will communicate with the new IP address.
  • the above host-based identity location separation scheme provides a unified and unique identity for the host.
  • the network database stores the identity of the terminal host, and dynamically maintains the mapping relationship between the identity identifier and the location identifier.
  • Step S201 The application server establishes a security mechanism with the network database.
  • the application server establishes a security association with the network database. Because of the security association between the network-side devices, the processing efficiency, the convenience of the device management upgrade, the professional level, the security strength, and the flexibility of the security mechanism are all largely Upgrade. Ways to establish security associations include, but are not limited to, Internet Protocol Security (IPsec), two-way authentication, and virtual private network (VPN) access.
  • IPsec Internet Protocol Security
  • VPN virtual private network
  • Step S202 The application server establishes a mapping relationship between the user identification and the network database.
  • the corresponding application server does not need to maintain the dynamic binding relationship between the IP address and the port number corresponding to the client account, and establish a client account and a network layer user identification. Static correspondence between the two.
  • the static correspondence between the client account and the network layer user identification may be entered when the client account is opened, or may be obtained through application service layer signaling interaction when the user first logs in.
  • the application server and the network database should have an interaction confirmation mechanism to ensure that the client account and the network layer user identification correspond to the same user.
  • Step S203 The application client, that is, the network terminal user starts to use the service, and the heartbeat mechanism is established between the application server and the network database.
  • the application server receives the login request from the client, and after successful verification, returns a login response message to the client.
  • the application server initiates a heartbeat request to the network database and establishes a heartbeat mechanism with the network database.
  • the network database performs application server identification, and the network database returns a heartbeat response message, and a heartbeat mechanism is established between the application server and the network database. Otherwise the process ends.
  • Step S204 The application server makes a reservation to the network database, and actively notifies the service application when the user status changes, including the status notification process of the user going online or offline.
  • the network database stores state information of the application client, that is, the network terminal user, and the information includes whether the user is online or the like.
  • the application server can initiate an appointment to the network database, and the network database actively notifies the service application when the user state changes.
  • Step S205 A query mechanism is established between the application server and the network database.
  • the application server can query user status and user information as needed based on business processes.
  • Step S206 The network database queries other network elements in the network for maintaining the status information of the terminal host.
  • Step S207 The application client, that is, the network terminal user stops using the service, and the application server notifies the network database to stop the heartbeat mechanism.
  • step S201 and step S202 have no strict sequence in sequence.
  • step S204, step S205, and step S206 There is no strict sequence in sequence between step S204, step S205, and step S206.
  • the method of the embodiment has at least the following beneficial effects:
  • the network can know whether the terminal is online, the connection status information with the network, and the information exchange between the network database and other network elements of the network, and the network database can maintain and store the connection status information.
  • the heartbeat mechanism for confirming the connection state between the terminal (application client) and the application server is implemented by a heartbeat mechanism between the application server and the network user database, and the terminal (application client) no longer participates in the heartbeat between the application server and the application server. mechanism. It effectively reduces the frequency of sending short packets between the network and the user, and reduces the data load on the user's access to the network.
  • wireless methods such as wireless cellular networks can effectively improve the utilization of wireless resources, improve the battery standby/working time of wireless terminals such as mobile phones, and enhance the user experience.
  • the heartbeat mechanism between the application server and the network database is used instead of the heartbeat mechanism between the application server and the terminal.
  • Network attacks using the heartbeat mechanism between the terminal and the application server will be effectively controlled.
  • the security mechanism between the terminal and the application server translates into a security mechanism between the application server and the network database. Comparing the terminal, the application server and the network database are network-side devices. Because of the security association between the network-side devices, both the processing efficiency, the convenience of device management upgrade, the professional level, the security strength, and the flexibility of the security mechanism are all Great improvement.
  • the trusted mechanism between the application server and the network database the purposeful security of the heartbeat interaction process can be achieved, which will greatly improve the security of the system, reduce potential risks, and achieve organic integration of network security and efficiency.
  • This embodiment mainly describes a specific implementation of using a network database for service addressing.
  • Another function of the existing heartbeat mechanism between the application client and the application server is to register the address information of the application client account, such as an IP address and a port number, after the application client logs in, and maintain the application client on the application server.
  • the real-time correspondence between the end account and the IP address port number It can be used to address service flow when applying a client account when a service occurs.
  • the underlying network assigns each user a unique host identity that remains constant throughout the network and does not change over time.
  • identity There are two types of identity in the underlying network: host identity and location route identity.
  • the basic network database stores the mapping relationship between the host identity and the location identifier.
  • the basic network maintains the mapping relationship in real time through processes such as registration update and handover.
  • the underlying network is unique through the user The host identity is always able to find the corresponding location identifier in the network database, and realize the correct routing of user data streams and service flows.
  • the application server maintains a static mapping relationship between the service account and the user network identity identification, and the basic network provides a unique network layer user identity identification to the application service, and the service addressing function is provided by the basic network. .
  • the application server no longer maintains the dynamic mapping between the service account and the IP address and port number.
  • the method of the embodiment is used to effectively simplify the following business processes of the application service server:
  • the address information such as the IP address and the port number
  • the secure login in the case where the registered address information of the client is changed is realized, and the problem of secondary login due to the change of the address information is also avoided.
  • modules or steps of the present invention can be implemented by a general-purpose computing device, which can be concentrated on a single computing device or distributed over a network composed of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device, such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein.
  • the steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps are fabricated as a single integrated circuit module.
  • the invention is not limited to any particular combination of hardware and software.
  • the heartbeat mechanism for confirming the connection state between the terminal and the application server in the embodiment of the present invention is implemented by a heartbeat mechanism between the application server and the network user database, thereby effectively reducing the network.
  • the frequency of sending short packets between the network and the user reduces the data load on the user's access network.
  • wireless methods such as wireless cellular networks can effectively improve the utilization of wireless resources, improve the battery standby/working time of wireless terminals such as mobile phones, and improve the user experience.
  • the application server maintains a static mapping relationship between the service account and the user's network identity. It does not need to maintain the dynamic mapping between the service account and the IP address.
  • the network provides unique network layer user identification to the application service, and the service addressing function is provided by the network, which effectively simplifies the business process of the application service server.
  • the embodiment of the present invention utilizes the heartbeat mechanism between the application server and the network database to replace the heartbeat mechanism between the application server and the terminal, and the purpose of the heartbeat interaction process can be achieved through the trusted mechanism between the application server and the network database.
  • the security guarantee will greatly improve the security of the system, reduce potential hidden dangers, and achieve the organic unification of network security and efficiency.

Landscapes

  • Health & Medical Sciences (AREA)
  • Cardiology (AREA)
  • General Health & Medical Sciences (AREA)
  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Disclosed are a method, an application server, a network database and a system for achieving a heartbeat mechanism. A secure mechanism is established by an application server and a network database; a mapping relationship between user network layer identifiers is established by the application server and the network database; when a network terminal user activates a service application by logging into the application server via an application client, the heartbeat mechanism is established between the application server and the network database. The solution can effectively reduce the transmission frequency of short packets between the network and the terminal, and decrease the network load; in addition, it simplifies the service flow of application service servers.

Description

实现心跳机制的方法、 应用服务器、 网络数据库及系统  Method for realizing heartbeat mechanism, application server, network database and system
技术领域 Technical field
本发明涉及通信技术领域, 尤其涉及一种实现心跳机制的方法、 应用服 务器、 网络数据库及系统。 背景技术  The present invention relates to the field of communications technologies, and in particular, to a method, an application server, a network database, and a system for implementing a heartbeat mechanism. Background technique
在某些业务领域如即时消息、 长距离远程监控领域里, 目前大多釆用短 数据包的方式进行数据传输, 利用基于 TCP ( Transmission Control Protocol , 传输控制协议 ) /IP协议的 Internet或 GPRS ( General Packet Radio Service, 通用分组无线月良务技术) 、 CDMA ( Code Division Multiple Access, 码分多 址)等进行数据传送, 通信可靠性成为保障业务质量的关键。 为了保持基于 TCP/IP协议远程通信的快速性和稳定性, 通常釆用心跳包机制。 所谓心跳包 机制, 就是收发心跳数据包(简称心跳包)机制, 实际就是一个自定义协议 的、 特定的、 循环发送的数据包, 主要用于判断网络节点是否还在连接。 该 协议需要各节点都支持, 一般用来判断对端 (设备, 进程或其他网元)是否 正常运行, 釆用定时发送简单的通信包, 如果在指定时间段内未收到对方响 应, 则判断与对方的连接已经中断。  In some business areas, such as instant messaging and long-distance remote monitoring, most of them use short data packets for data transmission, using TCP (Transmission Control Protocol) / IP protocol based Internet or GPRS (General Packet Radio Service, General Packet Radio Access Technology, and CDMA (Code Division Multiple Access) perform data transmission. Communication reliability is the key to ensuring service quality. In order to maintain the speed and stability of remote communication based on TCP/IP protocol, the heartbeat packet mechanism is usually used. The so-called heartbeat packet mechanism is a mechanism for sending and receiving heartbeat packets (referred to as heartbeat packets). It is actually a custom protocol, a specific, cyclically transmitted data packet, which is mainly used to determine whether a network node is still connected. This protocol needs to be supported by each node. It is generally used to determine whether the peer (device, process, or other network element) is running normally. It uses a timed to send a simple communication packet. If the response is not received within the specified time period, it is judged. The connection to the other party has been interrupted.
在各种基于客户端-服务器模式的技术方案中,客户端在登录到服务器端 后, 需要在客户端与服务器端之间保持连接, 以保证: 1、 服务器端和客户端 相互能够知道对方当时的状态, 确定对方是否能够接收和处理消息; 2、服务 器端能正确的定位到客户端的地址, 向客户端发送消息。  In various client-server-based technical solutions, after logging in to the server, the client needs to maintain a connection between the client and the server to ensure that: 1. The server and the client can know each other at the time. The status determines whether the other party can receive and process the message; 2. The server can correctly locate the address of the client and send a message to the client.
已公开的专利文献中, 申请号 /专利号为 200710140469的中国专利公开 了 《一种实现心跳机制的方法、 服务器和系统》 , 其目的在于提供一种实现 心跳机制的方法、 服务器及系统, 以解决上述不能对心跳请求消息进行有目 的的客户端识别的技术问题。  In the published patent document, the Chinese Patent Application No. 200710140469 discloses "a method, a server and a system for implementing a heartbeat mechanism", and aims to provide a method, a server and a system for implementing a heartbeat mechanism, The above technical problem of not being able to perform targeted client identification on the heartbeat request message is solved.
此外, 申请号 /专利号为 CN200880127966.4的中国专利公开了 《一种在 通信网络中实现心跳机制的方法和装置》 , 通过在通信网络的控制设备和执 行设备之间引入代理设备, 完成控制设备和执行设备之间有关工作状态监控 的处理,从而极大地降低了控制设备处理状态监控相关信息的负担。具体地, 代理设备先获得多个执行设备的工作状态信息, 并通过一条或多条上行报告 消息上报给控制设备; 控制设备在接收到来自代理设备报告的上行报告消息 后, 基于上述上行报告消息, 获取多个执行设备的工作状态信息。 本发明尤 其适用于软交换网络中基于心跳机制的设备状态监控。 In addition, the Chinese Patent Application No./Patent No. CN200880127966.4 discloses "A Method and Apparatus for Implementing a Heartbeat Mechanism in a Communication Network", which is completed by introducing a proxy device between a control device and an execution device of the communication network. Work status monitoring between the device and the execution device Processing, thereby greatly reducing the burden of controlling device processing status monitoring related information. Specifically, the proxy device obtains the working status information of the multiple execution devices, and reports the information to the control device by using one or more uplink report messages. After receiving the uplink report message reported by the proxy device, the control device is based on the uplink report message. , Get the working status information of multiple execution devices. The invention is particularly applicable to device state monitoring based on a heartbeat mechanism in a softswitch network.
相关技术的方案中,客户端登录后,建立了客户端账号与地址信息(如, IP地址和端口号)的对应关系。 每一次心跳消息交互都需要网络终端设备每 隔一定时间将自身的状态信息进行收集后, 通过心跳数据包通过网络发送到 网络地址转换服务器上; 网络地址转换服务器将心跳数据包信息进行地址转 换处理后, 将心跳数据包转发到中央心跳服务器上; 对于经过检查合格的心 跳数据包, 写入相关的记录信息; 检查不合格的, 丟弃当前的心跳数据包; 中央任务管理器根据相关记录信息进行向客户端系统发送相应反馈信息心跳 数据包的处理, 网络地址转换服务器将数据包发送给相应的网络终端设备。  In the related art solution, after the client logs in, the correspondence between the client account and the address information (for example, the IP address and the port number) is established. Each heartbeat message interaction requires the network terminal device to collect its own state information at regular intervals, and then send it to the network address translation server through the network through the heartbeat data packet; the network address translation server performs address translation processing on the heartbeat packet information. Afterwards, the heartbeat data packet is forwarded to the central heartbeat server; for the heartbeat data packet that has passed the check, the relevant record information is written; if the check fails, the current heartbeat data packet is discarded; and the central task manager according to the related record information The processing of transmitting the corresponding feedback information heartbeat data packet to the client system is performed, and the network address translation server sends the data packet to the corresponding network terminal device.
相关技术中用于实现客户端与服务器端之间心跳连接的方法中, 有一种 基于 UDP ( User Datagram Protocol , 用户数据报协议)协议的网络心跳监控 方法, 该方法包括以下步骤:  In the related art method for implementing a heartbeat connection between a client and a server, there is a network heartbeat monitoring method based on a UDP (User Datagram Protocol) protocol, the method comprising the following steps:
( 1 )网络终端设备每隔一定时间将自身的状态信息进行收集并进行压缩 打包处理, 然后使用 UDP协议将 UDP心跳数据包通过网络发送到网络地址 转换服务器上;  (1) The network terminal equipment collects and compresses its own state information at regular intervals, and then sends the UDP heartbeat data packet to the network address translation server through the network using the UDP protocol;
( 2 ) 网络地址转换服务器将网络终端设备发送的 UDP心跳数据包信息 进行地址转换处理, 即, 将网络终端设备的 IP地址和端口转换为网络地址转 换服务器的 IP地址和端口, 再将该 UDP心跳数据包信息通过网络转发到中 央心跳服务器上;  (2) The network address translation server performs address translation processing on the UDP heartbeat packet information sent by the network terminal device, that is, converts the IP address and port of the network terminal device into the IP address and port of the network address translation server, and then the UDP The heartbeat packet information is forwarded to the central heartbeat server through the network;
( 3 ) 中央心跳服务器在接收到相应的 UDP心跳数据包信息之后, 通过 网络发给心跳管理器;  (3) After receiving the corresponding UDP heartbeat packet information, the central heartbeat server sends the heartbeat manager through the network;
( 4 ) 心跳管理器对该 UDP心跳数据包信息进行解压缩验证处理, 然后 对相应信息进行格式翻译处理, 如果信息格式不正确, 则心跳管理器丟弃当 前 UDP心跳数据包, 并向客户端系统发送 UDP心跳数据包信息重发所要求 的反馈信息 UDP数据包; 如果信息格式正确,则将相关记录信息转发至中央 数据库服务器中写入数据库; (4) The heartbeat manager performs decompression verification processing on the UDP heartbeat packet information, and then performs format translation processing on the corresponding information. If the information format is incorrect, the heartbeat manager discards the current UDP heartbeat packet and sends the packet to the client. The system sends the UDP heartbeat packet information to retransmit the required feedback information UDP packet; if the information format is correct, the related record information is forwarded to the central Write to the database in the database server;
( 5 )中央任务管理器根据中央数据库服务器中写入的相关记录信息,进 行向客户端系统发送相应反馈信息 UDP心跳数据包的处理;  (5) The central task manager performs processing for transmitting the corresponding feedback information UDP heartbeat data packet to the client system according to the related record information written in the central database server;
( 6 ) 网络地址转换服务器通过网络接收到中央服务器系统的反馈信息 UDP数据包, 对其进行反向地址转换处理, 即将网络地址转换服务器的 IP 地址和端口转换位网络终端设备的 IP地址和端口;  (6) The network address translation server receives the feedback information UDP data packet of the central server system through the network, and performs reverse address translation processing on the network address conversion server, that is, the IP address and port of the network address translation server, and the IP address and port of the network terminal device. ;
( 7 ) 网络地址转换服务器将反馈信息 UDP数据包发送给相应的网络终 端设备;  (7) The network address translation server sends the feedback information UDP data packet to the corresponding network terminal device;
( 8 ) 网络终端设备根据该反馈信息 UDP数据包进行相应的后续处理。 所以, 客户端每次 HTTP登录后, 服务器端根据所述客户端的相关记录 信息中的账号与地址信息的对应关系,在所述客户端账号对应的 IP地址和端 口号上完成心跳数据包发送、 接收, 即心跳连接的交互。 这些心跳消息是由 服务器与客户端应用层发出, 由 IP网络承载层负责转发的短数据报文。  (8) The network terminal device performs corresponding subsequent processing according to the feedback information UDP data packet. Therefore, after the HTTP login by the client, the server performs the heartbeat data packet transmission on the IP address and the port number corresponding to the client account according to the correspondence between the account and the address information in the related record information of the client. Receive, that is, the interaction of heartbeat connections. These heartbeat messages are short data packets sent by the server and client application layer and forwarded by the IP network bearer layer.
由于心跳消息的频次很高, 用户基数大, 因此会对 IP网络承载层性能产 生影响, 特别是对无线蜂窝网等无线方式的承载层产生严重影响, 具体表现 在以下方面:  Because the frequency of heartbeat messages is very high and the user base is large, it will affect the performance of the IP network bearer layer, especially the wireless bearer layer such as the wireless cellular network, which is manifested in the following aspects:
一方面, 当应用层消息(如 heartbeat )间隔大于去激活定时器( inactivity timer ) 时, 则会产生如下问题:  On the one hand, when the application layer message (such as heartbeat) interval is larger than the inactivity timer, the following problems occur:
1 )无线终端会频繁的在空闲 (Idle )和激活 (Active )状态转换; 2 )增加控制面信令, 加大无线接入网 RAN和分组核心网的信令开销; 1) The wireless terminal frequently switches between idle (Idle) and active (Active) states; 2) increases control plane signaling, and increases signaling overhead of the radio access network RAN and the packet core network;
3 )减少手机电池待机 /工作时间, 影响用户体验; 3) Reduce the standby/working time of the mobile phone battery and affect the user experience;
另一方面,当应用层消息(如 heartbeat )间隔小于去激活定时器( inactivity timer ) 时, 则会产生如下问题:  On the other hand, when the application layer message (such as heartbeat) interval is smaller than the inactivity timer, the following problems occur:
1 )无线终端会始终占据无线资源;  1) Wireless terminals will always occupy wireless resources;
2 )浪费无线资源, 降低利用率;  2) waste wireless resources and reduce utilization;
3 )减少手机电池待机 /工作时间, 影响用户体验。  3) Reduce the standby/working time of the mobile phone battery and affect the user experience.
另外, 鉴于现在的网络环境日益恶化, 各种各样的恶意攻击层出不穷, 特别^ ^于客户端实现对于网络服务器攻击的行为, 危害更大。 因此, 也有 必要提供心跳交互安全性的技术方案。 In addition, given the deteriorating network environment, a variety of malicious attacks are emerging. In particular, it is more harmful to the behavior of the web server attack on the client side. Therefore, it is also necessary to provide a technical solution for the safety of heartbeat interaction.
此外, 现有技术中还存在如下问题: 应用服务器需要维护业务账号与 IP 地址、 端口号之间的动态映射关系, 需实现所属客户端登录过程中登记地址 信息,如 IP地址和端口号; 实现对于所属客户端已登记地址信息改变的情况 下的安全登录; 还存在因改变地址信息导致的二次登录的问题; 应用业务服 务器需处理业务寻址功能, 因而使得业务流程过于复杂。  In addition, the following problems exist in the prior art: The application server needs to maintain a dynamic mapping relationship between the service account and the IP address and the port number, and needs to implement registration address information, such as an IP address and a port number, in the login process of the client; The security login in the case where the registered address information of the client belongs to the change; there is also the problem of secondary login caused by the change of the address information; the application service server needs to handle the service addressing function, thereby making the business process too complicated.
发明内容 Summary of the invention
本发明解决的技术问题是提供一种实现心跳机制的方法、 应用服务器、 网络数据库及系统, 能够有效减少网络与终端之间短数据包的发送频率, 降 低网络负荷。  The technical problem solved by the present invention is to provide a method, an application server, a network database and a system for realizing a heartbeat mechanism, which can effectively reduce the transmission frequency of short data packets between the network and the terminal, and reduce the network load.
为解决上述技术问题, 本发明提供了一种实现心跳机制的方法, 所述方 法包括:  To solve the above technical problem, the present invention provides a method for implementing a heartbeat mechanism, the method comprising:
应用服务器与网络数据库建立安全机制;  The application server establishes a security mechanism with the network database;
所述应用服务器与所述网络数据库建立用户网络层身份识别之间的映射 关系;  Establishing, by the application server, a mapping relationship between the user network layer identity and the network database;
网络终端用户通过应用客户端登录所述应用服务器激活业务应用时, 所 述应用服务器与所述网络数据库之间建立心跳机制。  When the network terminal user activates the service application by logging in to the application server by using the application client, a heartbeat mechanism is established between the application server and the network database.
优选地, 所述方法还包括:  Preferably, the method further includes:
所述网络数据库维护所述终端用户的身份识别与位置识别的映射关系, 并根据所述映射关系定位到所述终端用户所在的应用客户端。  The network database maintains a mapping relationship between the identity identification and the location identification of the terminal user, and locates the application client where the terminal user is located according to the mapping relationship.
优选地, 所述方法还包括: 所述网络数据库根据网络接入设备上报的、 或者向网络中的其它网元查询到的信息, 并维护所述终端用户的状态信息; 所述状态信息包括: 上线状态、 下线状态。  Preferably, the method further includes: the network database is based on information that is reported by the network access device or that is queried by other network elements in the network, and maintains status information of the terminal user; the status information includes: Online status, offline status.
优选地, 所述方法还包括:  Preferably, the method further includes:
所述应用服务器与所述网络数据库之间建立状态预约机制, 所述网络数 据库将所述终端用户的状态变化通知所述应用服务器。 优选地, 所述方法还包括: Establishing a state reservation mechanism between the application server and the network database, the number of the network The database notifies the application server of the status change of the terminal user. Preferably, the method further includes:
所述应用服务器与所述网络数据库之间建立查询机制, 所述应用服务器 根据业务需要向所述网络数据库查询终端用户状态信息和 /或终端用户信息。  An inquiry mechanism is established between the application server and the network database, and the application server queries the network database for terminal user status information and/or terminal user information according to service requirements.
优选地, 所述方法还包括: 所述应用客户端停止业务应用时, 所述应用 服务器通知所述网络数据库停止心跳机制。  Preferably, the method further includes: when the application client stops the service application, the application server notifies the network database to stop the heartbeat mechanism.
优选地, 所述应用服务器与所述网络数据库之间建立安全关联的方式包 括但不限于: Internet协议安全 (IPsec), 双向鉴权授权, 虚拟专用网络 (VPN) 接入。  Preferably, the manner in which the application server establishes a security association with the network database includes, but is not limited to, Internet Protocol Security (IPsec), two-way authentication authorization, and virtual private network (VPN) access.
本发明还提供了一种实现心跳机制的应用服务器,所述应用服务器包括: 应用客户端用户身份识别管理模块, 设置为: 与网络数据库建立用户网 络层身份识别之间的映射关系;  The present invention also provides an application server for implementing a heartbeat mechanism, the application server comprising: an application client user identity management module, configured to: establish a mapping relationship between a user network layer identity and a network database;
应用客户端登录状态维护模块, 设置为: 维护应用客户端是否处于登录 状态, 在所述应用客户端登录并激活业务应用时, 向所述网络数据库请求建 立心 ϋ机制;  The application client login status maintenance module is configured to: maintain whether the application client is in the login state, and request the establishment of the heartbeat mechanism to the network database when the application client logs in and activates the service application;
心跳机制模块, 设置为: 与所述网络数据库进行心跳交互, 以确定应用 客户端的状态信息;  a heartbeat mechanism module, configured to: perform heartbeat interaction with the network database to determine state information of the application client;
安全机制模块, 设置为: 与所述网络数据库进行安全交互, 完成应用服 务器与网络数据库之间的双向鉴权, 建立应用服务器与所述网络数据库之间 的安全关联; 以及, 与所述的应用客户端进行安全交互, 完成对应用客户端 的鉴权。  a security mechanism module, configured to: perform secure interaction with the network database, complete two-way authentication between the application server and the network database, establish a security association between the application server and the network database; and, with the application The client performs a secure interaction and completes the authentication of the application client.
优选地, 所述应用服务器还包括用户状态查询模块, 设置为: 与所述网 络数据库之间建立状态预约机制, 向所述网络数据库预约将所述终端用户的 状态变化通知所述应用服务器。  Preferably, the application server further includes a user status query module, configured to: establish a state reservation mechanism with the network database, and notify the network database to notify the application server of the state change of the terminal user.
优选地, 所述用户状态查询模块还设置为: 与所述网络数据库之间建立 查询机制,根据业务需要向所述网络数据库查询终端用户状态信息和 /或终端 用户信息。  Preferably, the user status query module is further configured to: establish a query mechanism with the network database, and query the network database for terminal user status information and/or terminal user information according to service requirements.
优选地, 所述应用客户端登录状态维护模块还设置为: 所述应用客户端 停止业务应用时 , 通知所述网络数据库停止心跳机制。 本发明还提供了一种实现心跳机制的网络数据库,所述网络数据库包括: 心跳机制单元, 设置为: 与应用服务器进行心跳交互, 以使所述应用服 务器能够确定应用客户端的状态信息; Preferably, the application client login status maintenance module is further configured to: the application client When the business application is stopped, the network database is notified to stop the heartbeat mechanism. The present invention further provides a network database for implementing a heartbeat mechanism, the network database comprising: a heartbeat mechanism unit, configured to: perform a heartbeat interaction with an application server, so that the application server can determine status information of the application client;
安全机制单元, 设置为: 与应用服务器进行安全交互, 完成所述应用服 务器与所述网络数据库之间的双向鉴权, 建立所述应用服务器与所述网络数 据库之间的安全关联。 优选地, 所述网络数据库还包括:  The security mechanism unit is configured to: perform secure interaction with the application server, complete two-way authentication between the application server and the network database, and establish a security association between the application server and the network database. Preferably, the network database further includes:
用户状态维护单元, 设置为: 根据网络接入设备上报的、 或者向网络中 的其它网元查询到的信息, 并维护所述终端用户的状态信息; 所述状态信息 包括: 上线状态、 下线状态;  The user status maintenance unit is configured to: according to the information that is reported by the network access device or that is queried by other network elements in the network, and maintains the status information of the terminal user; the status information includes: online status, offline State
用户状态查询单元, 设置为: 所述应用服务器发起查询时, 向所述应用 服务器返回相应的终端用户状态信息和 /或终端用户信息。  The user status query unit is configured to: when the application server initiates the query, return corresponding terminal user status information and/or terminal user information to the application server.
优选地, 所述用户状态查询单元, 还设置为: 与所述网络数据库之间建 立状态预约机制, 将所述终端用户的状态变化通知所述应用服务器。  Preferably, the user status query unit is further configured to: establish a state reservation mechanism with the network database, and notify the application server of a status change of the terminal user.
优选地, 所述网络数据库还包括:  Preferably, the network database further includes:
业务寻址单元, 设置为: 维护所述终端用户的身份识别与位置识别的映 射关系, 并根据所述映射关系定位到所述终端用户所在的应用客户端。  The service addressing unit is configured to: maintain a mapping relationship between the identity identification and the location identification of the terminal user, and locate the application client where the terminal user is located according to the mapping relationship.
本发明还提供了一种实现心跳机制的系统, 所述系统包括: 应用服务器 端、 应用客户端和网络数据库, 其中:  The present invention also provides a system for implementing a heartbeat mechanism, the system comprising: an application server, an application client, and a network database, wherein:
所述应用服务器端设置为: 应用客户端登录后, 激活业务应用, 并与网 络用户数据库建立心跳机制, 获取用户在线状态信息; 并建立客户端账号与 网络层用户识别之间的对应关系;  The application server is configured to: after the application client logs in, activate the service application, establish a heartbeat mechanism with the network user database, obtain the online status information of the user, and establish a correspondence between the client account and the network layer user identification;
所述应用客户端设置为: 根据所述登录应答信息或心跳应答消息, 发送 心跳请求消息;  The application client is configured to: send a heartbeat request message according to the login response information or a heartbeat response message;
所述网络数据库设置为 ,保存网络层用户识别信息 ,维护用户在线状态; 并与应用服务器建立心跳机制, 向所述应用服务器提供用户在线状态信息。 优选地, 所述应用服务器端还包括: The network database is configured to save network layer user identification information, maintain user online status, and establish a heartbeat mechanism with the application server, and provide user online status information to the application server. Preferably, the application server side further includes:
应用客户端用户身份识别管理模块, 设置为: 与网络数据库建立用户网 络层身份识别之间的映射关系;  The application client user identity management module is configured to: establish a mapping relationship between the user network layer identity and the network database;
应用客户端登录状态维护模块, 设置为: 维护应用客户端是否处于登录 状态, 在所述应用客户端登录并激活业务应用时, 向所述网络数据库请求建 立心跳机制;  The application client login status maintenance module is configured to: maintain the application client is in a login state, and request the establishment of a heartbeat mechanism to the network database when the application client logs in and activates the service application;
心跳机制模块, 设置为: 与所述网络数据库进行心跳交互, 以确定应用 客户端的状态信息;  a heartbeat mechanism module, configured to: perform heartbeat interaction with the network database to determine state information of the application client;
安全机制模块, 设置为: 与所述网络数据库进行安全交互, 完成应用服 务器与网络数据库之间的双向鉴权, 建立应用服务器与所述网络数据库之间 的安全关联; 以及, 与所述的应用客户端进行安全交互, 完成对应用客户端 的鉴权。  a security mechanism module, configured to: perform secure interaction with the network database, complete two-way authentication between the application server and the network database, establish a security association between the application server and the network database; and, with the application The client performs a secure interaction and completes the authentication of the application client.
优选地, 所述应用服务器端还包括用户状态查询模块, 设置为: 与所述 网络数据库之间建立状态预约机制, 向所述网络数据库预约将所述终端用户 的状态变化通知所述应用服务器; 和 /或, 与所述网络数据库之间建立查询机 制,根据业务需要向所述网络数据库查询终端用户状态信息和 /或终端用户信 息。  Preferably, the application server further includes a user status query module, configured to: establish a state reservation mechanism with the network database, and notify the network database to notify the application server of a status change of the terminal user; And/or establishing a query mechanism with the network database, and querying the network database for terminal user status information and/or terminal user information according to service requirements.
优选地, 所述应用客户端登录状态维护模块还设置为: 所述应用客户端 停止业务应用时, 通知所述网络数据库停止心跳机制。  Preferably, the application client login state maintenance module is further configured to: notify the network database to stop the heartbeat mechanism when the application client stops the service application.
优选地, 所述网络数据库包括:  Preferably, the network database comprises:
心跳机制单元, 设置为: 与应用服务器进行心跳交互, 以使所述应用服 务器能够确定应用客户端的状态信息;  a heartbeat mechanism unit, configured to: perform heartbeat interaction with an application server, so that the application server can determine status information of the application client;
安全机制单元, 设置为: 与应用服务器进行安全交互, 完成所述应用服 务器与所述网络数据库之间的双向鉴权, 建立所述应用服务器与所述网络数 据库之间的安全关联。  The security mechanism unit is configured to: perform secure interaction with the application server, complete two-way authentication between the application server and the network database, and establish a security association between the application server and the network database.
优选地, 所述网络数据库还包括:  Preferably, the network database further includes:
用户状态维护单元, 设置为: 根据网络接入设备上报的、 或者向网络中 的其它网元查询到的信息, 并维护所述终端用户的状态信息; 所述状态信息 包括: 上线状态、 下线状态; The user status maintenance unit is configured to: maintain the status information of the terminal user according to the information that is reported by the network access device or that is queried by other network elements in the network; Including: online status, offline status;
用户状态查询单元, 设置为: 所述应用服务器发起查询时, 向所述应用 服务器返回相应的终端用户状态信息和 /或终端用户信息;并与所述网络数据 库之间建立状态预约机制,将所述终端用户的状态变化通知所述应用服务器。  The user status query unit is configured to: when the application server initiates the query, return corresponding terminal user status information and/or terminal user information to the application server; and establish a state reservation mechanism with the network database, Notifying the application server of the status change of the end user.
优选地, 所述网络数据库还包括:  Preferably, the network database further includes:
业务寻址单元, 设置为: 维护所述终端用户的身份识别与位置识别的映 射关系, 并根据所述映射关系定位到所述终端用户所在的应用客户端。  The service addressing unit is configured to: maintain a mapping relationship between the identity identification and the location identification of the terminal user, and locate the application client where the terminal user is located according to the mapping relationship.
附图概述 BRIEF abstract
此处所说明的附图用来提供对本发明的进一步理解, 构成本申请的一部 分, 本发明的示意性实施例及其说明用于解释本发明, 并不构成对本发明的 不当限定。 在附图中:  The drawings are intended to provide a further understanding of the invention, and are intended to be illustrative of the invention. In the drawing:
图 1是本发明实施例实现心跳机制的服务器示意图;  1 is a schematic diagram of a server for implementing a heartbeat mechanism according to an embodiment of the present invention;
图 2是本发明实施例实现心跳机制的网络数据库示意图;  2 is a schematic diagram of a network database for implementing a heartbeat mechanism according to an embodiment of the present invention;
图 3 于网络的身份位置分离方案的网络架构示意图;  Figure 3 is a schematic diagram of a network architecture of an identity location separation scheme of a network;
图 4是依据本发明实施例的实现心跳机制的方法流程示意图;  4 is a schematic flow chart of a method for implementing a heartbeat mechanism according to an embodiment of the present invention;
图 5是本发明实施例基于主机的身份位置分离方案的主机协议栈的示意 图;  5 is a schematic diagram of a host protocol stack of a host-based identity location separation scheme according to an embodiment of the present invention;
图 6是基于主机的身份位置分离方案的示意图。  Figure 6 is a schematic diagram of a host-based identity location separation scheme.
本发明的较佳实施方式 Preferred embodiment of the invention
本实施方式提供了一种实现心跳机制的技术方案: 网络数据库保存应用 服务器需要的用户状态信息, 由网络数据库代替终端, 与应用服务器建立心 跳机制, 以报告终端与应用服务器间的连接状态。  The present embodiment provides a technical solution for implementing a heartbeat mechanism: The network database stores user state information required by the application server, and the network database replaces the terminal, and establishes a heartbeat mechanism with the application server to report the connection state between the terminal and the application server.
具体地, 本实施方式提供了一种实现心跳机制的方法, 该方法至少包括 如下步骤: 步骤 1. 应用服务器与网络数据库建立安全机制; 步骤 2. 应用服务器与网络数据库之间建立网络层用户身份识别的映射 关系; Specifically, the embodiment provides a method for implementing a heartbeat mechanism, where the method includes at least the following steps: Step 1. The application server establishes a security mechanism with the network database; Step 2. Establish a mapping relationship between the network layer user identity between the application server and the network database;
步骤 3. 应用客户端即网络终端用户激活业务应用时, 应用服务器与网 络数据库之间建立心跳机制。 进一步地, 所述方法还包括如下步骤中的一个或多个:  Step 3. When the application client, that is, the network terminal user activates the service application, a heartbeat mechanism is established between the application server and the network database. Further, the method further includes one or more of the following steps:
步骤 4. 网络数据库向网络中的其它网元查询维护终端主机的状态信息。 步骤 5. 应用服务器与网络数据库建立状态预约机制。 如, 应用服务器 向网络数据库预约: 在用户状态变化时主动通知业务应用, 其中包括用户上 线、 下线的状态通知过程。  Step 4. The network database queries other network elements in the network for the status information of the maintenance terminal host. Step 5. The application server establishes a state reservation mechanism with the network database. For example, the application server makes an appointment to the network database: The service application is actively notified when the user status changes, including the status notification process of the user going online and offline.
步骤 6. 应用客户端即网络终端用户停止业务使用时, 应用服务器通知 网络数据库停止心跳机制。 步骤 7. 应用服务器与网络数据库之间建立查询机制。 应用服务器可以 根据业务流程在需要时查询用户状态及用户信息。  Step 6. When the application client, that is, the network terminal user stops using the service, the application server notifies the network database to stop the heartbeat mechanism. Step 7. Establish a query mechanism between the application server and the network database. The application server can query the user status and user information when needed according to the business process.
需要说明的是, 以上各步骤之间并不存在时序上严格的先后顺序。  It should be noted that there is no strict sequence of timing between the above steps.
本实施方式还提供了一种实现心跳机制的服务器, 如图 1所示, 该服务 器主要包括:  The embodiment further provides a server for implementing a heartbeat mechanism. As shown in FIG. 1, the server mainly includes:
应用客户端用户身份识别管理模块, 用于: 对应的应用服务器端不需要 维护客户端账号对应的 IP地址和端口号之间的动态绑定关系,建立客户端账 号与网络层用户识别之间的静态对应关系;  The application client user identity management module is configured to: the corresponding application server does not need to maintain a dynamic binding relationship between the IP address and the port number corresponding to the client account, and establish a relationship between the client account and the network layer user identification. Static correspondence
应用客户端登录状态维护模块, 用于: 维护应用客户端是否处于登录的 状态, 并与网络数据库进行交互, 通知应用客户端是否处于登录的状态; 心跳机制模块,用于:与网络数据库进行交互,以确定客户端当前状态, 是否能够接收和处理消息;  The application client login status maintenance module is configured to: maintain whether the application client is in the login state, and interact with the network database to notify the application client whether it is in the login state; the heartbeat mechanism module is configured to: interact with the network database To determine the current state of the client, whether it can receive and process messages;
安全机制模块, 用于: 与网络数据库进行安全交互, 完成应用服务器与 网络数据库之间的双向鉴权,建立应用服务器与网络数据库之间的安全关联; 以及, 与应用客户端进行安全交互, 完成对应用客户端的鉴权。  a security mechanism module, configured to: perform secure interaction with a network database, complete two-way authentication between the application server and the network database, establish a security association between the application server and the network database; and perform secure interaction with the application client to complete Authentication of the application client.
用户状态查询模块, 用于: 应用服务器可以根据业务流程在需要时查询 用户状态及用户信息。 例如: 网络数据库中保存了应用客户端的位置信息, 在应用服务器业务需要时, 可以向网络数据库发起查询。 User status query module, used for: The application server can query according to the business process when needed User status and user information. For example: The network database stores the location information of the application client, and when the application server needs it, it can initiate a query to the network database.
此外, 本实施方式还提供了一种实现心跳机制的网络数据库, 如图 2所 示, 该网络数据库主要包括:  In addition, the embodiment further provides a network database for implementing a heartbeat mechanism. As shown in FIG. 2, the network database mainly includes:
心跳机制单元, 用于: 与应用服务器进行交互, 使得应用服务器能够确 定客户端当前状态, 应用服务器能够确定是否能够接收和处理消息;  a heartbeat mechanism unit, configured to: interact with an application server, so that the application server can determine a current state of the client, and the application server can determine whether the message can be received and processed;
安全机制单元, 用于: 与应用服务器进行安全交互, 完成应用服务器与 网络数据库之间的双向鉴权,建立应用服务器与网络数据库之间的安全关联。 进一步地, 上述的网络数据库还可以包括以下单元中的一个或多个: 用户状态查询单元, 用于: 应用服务器可以根据业务流程在需要时查询 用户状态及用户信息, 网络数据库向其提供查询接口。 例如: 网络数据库中 保存了应用客户端的位置信息, 在应用服务器业务需要时, 可以向网络数据 库发起查询;  The security mechanism unit is configured to: perform secure interaction with the application server, complete two-way authentication between the application server and the network database, and establish a security association between the application server and the network database. Further, the foregoing network database may further include one or more of the following units: a user status query unit, configured to: the application server may query the user status and user information when needed according to the business process, and the network database provides the query interface to the network database. . For example: The location information of the application client is saved in the network database, and the query can be initiated to the network database when the application server needs the business;
用户状态维护单元, 用于: 网络数据库根据应用服务器的需要, 向网络 中的其它网元查询维护应用客户端即网络终端主机的状态信息。 这些状态信 息包括但不限于用户网络终端主机位置信息, 网络终端主机欠费状态, 在线 状态等;  The user status maintenance unit is configured to: query, according to the needs of the application server, the network database to query the status information of the maintenance application client, that is, the network terminal host, to other network elements in the network. These status information includes, but is not limited to, user network terminal host location information, network terminal host arrears status, online status, etc.;
业务寻址单元, 用于: 网络数据库实时维护应用客户端即网络终端主机 身份标识与位置标识之间的对应映射关系。 能够通过网络终端主机的身份标 识定位到网络终端主机即应用客户端的地址。  The service addressing unit is configured to: the network database real-time maintenance application client, that is, the corresponding mapping relationship between the network terminal host identity identifier and the location identifier. The address of the network terminal host, that is, the application client, can be located by the identity of the network terminal host.
数据通信网基于 IP地址进行路由时,互联网应用层用户账号如即时通信 号码、 邮件地址等, 不具有标识应用层客户端所在位置的作用, 不能够直接 用于网络层的寻址和路由。 互联网应用层业务客户端之间进行通信时, 输入 的通信对端识别为应用层用户账号。 为实现互联网应用层业务客户端之间端 到端的通信过程, 需要有一个功能模块负责通过应用层用户账号查询网络层 可路由的位置标识, 网络层通过可路由的位置标识将数据报文路由到通信对 端所在位置。 应用服务器与网络数据库建立了应用层用户账号和网络层用户 识别之间的静态映射关系, 或者将网络层用户识别可直接作为应用层用户账 号使用, 应用层服务器可以通过网络层业务寻址功能, 实现互联网应用层业 务客户端之间端到端的通信过程。 When the data communication network is routed based on the IP address, the Internet application layer user account, such as the instant communication number and the email address, does not have the function of identifying the location of the application layer client, and cannot be directly used for addressing and routing at the network layer. When the Internet application layer service client communicates, the input communication peer is identified as an application layer user account. In order to realize the end-to-end communication process between the Internet application layer service clients, a function module is required to query the network layer routable location identifier through the application layer user account, and the network layer routes the data packet to the routable location identifier. The location of the communication peer. The application server and the network database establish a static mapping relationship between the application layer user account and the network layer user identification, or the network layer user identification can be directly used as the application layer user account. No. The application layer server can realize the end-to-end communication process between the application clients of the Internet application layer through the network layer service addressing function.
此外, 本实施方式还提供了一种实现心跳机制的系统, 该系统包括: 应 用服务器端、 客户端和网络数据库,  In addition, the embodiment further provides a system for implementing a heartbeat mechanism, the system comprising: an application server, a client, and a network database,
所述的应用服务器端主要用于: 在客户端上线后, 激活应用业务, 对应 的应用服务器端与网络用户数据库建立心跳机制, 获取用户在线状态信息。 对应的应用服务器端不再维护客户端账号对应的 IP地址和端口号之间的动 态绑定关系, 建立客户端账号与网络层用户识别之间的静态对应关系。  The application server is mainly used for: after the client is online, the application service is activated, and the corresponding application server establishes a heartbeat mechanism with the network user database to obtain the online status information of the user. The corresponding application server does not maintain the dynamic binding relationship between the IP address and the port number corresponding to the client account, and establishes a static correspondence between the client account and the network layer user identification.
所述的客户端主要用于: 根据所述登录应答信息或心跳应答消息, 发送 心跳请求消息。  The client is mainly configured to: send a heartbeat request message according to the login response information or a heartbeat response message.
所述的网络数据库保存了该网络用户的身份识别信息, 主要用于: 与网 络中的接入管理设备配合, 保存网络层用户识别信息, 维护用户在线状态; 并与应用服务器接口, 与应用服务器建立心跳机制, 向应用层提供用户在线 状态信息。  The network database stores the identity information of the network user, and is mainly used to: cooperate with the access management device in the network, save the network layer user identification information, maintain the online state of the user; and interface with the application server, and the application server Establish a heartbeat mechanism to provide user online status information to the application layer.
进一步地, 所述应用服务器端具体包括以下功能模块:  Further, the application server specifically includes the following functional modules:
应用客户端用户身份识别管理模块, 用于: 与网络数据库建立用户网络 层身份识别之间的映射关系;  The application client user identity management module is configured to: establish a mapping relationship between the user network layer identity and the network database;
应用客户端登录状态维护模块, 用于: 维护应用客户端是否处于登录状 态, 在所述应用客户端登录并激活业务应用时, 向所述网络数据库请求建立 心 ϋ机制;  The application client login status maintenance module is configured to: maintain whether the application client is in a login state, and request the establishment of a heartbeat mechanism to the network database when the application client logs in and activates the service application;
心跳机制模块, 用于: 与所述网络数据库进行心跳交互, 以确定应用客 户端的状态信息;  a heartbeat mechanism module, configured to: perform a heartbeat interaction with the network database to determine state information of the application client;
安全机制模块, 用于: 与所述网络数据库进行安全交互, 完成应用服务 器与网络数据库之间的双向鉴权, 建立应用服务器与所述网络数据库之间的 安全关联; 以及, 与所述的应用客户端进行安全交互, 完成对应用客户端的 鉴权。  a security mechanism module, configured to: perform secure interaction with the network database, complete two-way authentication between the application server and the network database, establish a security association between the application server and the network database; and, with the application The client performs a secure interaction and completes the authentication of the application client.
进一步地, 所述应用服务器端还包括用户状态查询模块, 用于: 与所述 网络数据库之间建立状态预约机制, 向所述网络数据库预约将所述终端用户 的状态变化通知所述应用服务器; 和 /或, 与所述网络数据库之间建立查询机 制,根据业务需要向所述网络数据库查询终端用户状态信息和 /或终端用户信 息。 Further, the application server further includes a user status query module, configured to: establish a state reservation mechanism with the network database, and reserve the terminal user with the network database. Notifying the application server of the status change; and/or establishing a query mechanism with the network database to query the network database for terminal user status information and/or terminal user information according to service requirements.
进一步地, 所述应用客户端登录状态维护模块还用于: 所述应用客户端 停止业务应用时, 通知所述网络数据库停止心跳机制。  Further, the application client login state maintenance module is further configured to: when the application client stops the service application, notify the network database to stop the heartbeat mechanism.
进一步地, 所述网络数据库具体包括以下单元:  Further, the network database specifically includes the following units:
心跳机制单元, 用于: 与应用服务器进行心跳交互, 以使所述应用服务 器能够确定应用客户端的状态信息;  a heartbeat mechanism unit, configured to: perform heartbeat interaction with an application server, so that the application server can determine status information of the application client;
安全机制单元, 用于: 与应用服务器进行安全交互, 完成所述应用服务 器与所述网络数据库之间的双向鉴权, 建立所述应用服务器与所述网络数据 库之间的安全关联。  And a security mechanism unit, configured to: perform secure interaction with the application server, complete two-way authentication between the application server and the network database, and establish a security association between the application server and the network database.
进一步地, 所述网络数据库还包括:  Further, the network database further includes:
用户状态维护单元, 用于: 根据网络接入设备上报的、 或者向网络中的 其它网元查询到的信息, 并维护所述终端用户的状态信息; 所述状态信息包 括: 上线状态、 下线状态;  The user status maintenance unit is configured to: maintain the status information of the terminal user according to the information that is reported by the network access device or that is queried by other network elements in the network; and the status information includes: online status, offline State
用户状态查询单元, 用于: 所述应用服务器发起查询时, 向所述应用服 务器返回相应的终端用户状态信息和 /或终端用户信息; 并与所述网络数据库 之间建立状态预约机制, 将所述终端用户的状态变化通知所述应用服务器。  a user status query unit, configured to: when the application server initiates the query, return corresponding terminal user status information and/or terminal user information to the application server; and establish a state reservation mechanism with the network database, Notifying the application server of the status change of the end user.
进一步地, 所述网络数据库还包括:  Further, the network database further includes:
业务寻址单元, 用于: 维护所述终端用户的身份识别与位置识别的映射 关系, 并根据所述映射关系定位到所述终端用户所在的应用客户端。  The service addressing unit is configured to: maintain a mapping relationship between the identity identification and the location identification of the terminal user, and locate the application client where the terminal user is located according to the mapping relationship.
现有因特网广泛使用的 TCP/IP协议中 IP地址具有双重功能, 既作为网 络层的通信终端主机网络接口在网络拓朴中的位置标识, 又作为传输层主机 网络接口的身份标识。 TCP/IP协议设计之初并未考虑主机移动的情况。但是, 当主机移动越来越普遍时, 这种 IP地址的语义过载缺陷日益明显。 当主机的 IP地址发生变化时, 不仅路由要发生变化, 通信终端主机的身份标识也发生 变化。  The IP address in the TCP/IP protocol widely used in the existing Internet has a dual function, which serves as both the location identifier of the communication terminal host network interface of the network layer in the network topology and the identity of the transport layer host network interface. The TCP/IP protocol was not designed at the beginning of the host. However, as host mobility becomes more prevalent, the semantic overload defects of such IP addresses are becoming increasingly apparent. When the IP address of the host changes, not only the route changes, but also the identity of the host of the communication terminal changes.
相关技术中, 基于网络路由器的实现方法、 基于主机的实现方法是有关 身份标识和位置分离的两种主流解决方案。 实现身份标识和位置分离后, 终 端主机的网络层身份标识可以固定下来, 不必因终端主机位置变化而变化, 基础网络维护终端主机身份标识与位置标识之间的动态映射关系, 并完成数 据报文由身份标识查找位置标识的过程, 完成数据报文的寻址转发过程。 In the related art, a network router-based implementation method and a host-based implementation method are related. Two mainstream solutions for identity and location separation. After the identity and location are separated, the network layer identity of the terminal host can be fixed. It does not need to be changed due to the change of the terminal host location. The basic network maintains the dynamic mapping relationship between the terminal identity and the location identifier of the terminal, and completes the data packet. The process of identifying the location identifier by the identity identifier completes the process of addressing and forwarding the data packet.
实施例一  Embodiment 1
本实施例基于网络路由器的身份标识和位置分离解决方案, 对本发明的 具体实施进行描述:  This embodiment describes the specific implementation of the present invention based on the identity identification and location separation solution of the network router:
如图 3所示,基于网络的解决方案包括的网元从逻辑功能上可以抽象为: 主机, 网络数据库, 映射封装执行节点 /转发设备。 网络中的主机有两种标识 类型: 主机身份标识和位置路由标识。 其中主机身份标识指示用户身份, 用 于端到端通信时标识通信对端; 位置标识指示终端用户当前所在的位置, 用 于数据报文转发时的路由。 网络数据库通过映射表保存了终端主机的身份标 识和位置标识的对应关系。  As shown in Figure 3, the network element included in the network-based solution can be abstracted from the logical function: host, network database, mapping encapsulation execution node/forwarding device. Hosts in the network have two types of identity: host identity and location route identity. The host identity indicates the user identity, and is used to identify the communication peer end when the end-to-end communication is used; the location identifier indicates the current location of the terminal user, and is used for routing the data packet. The network database stores the correspondence between the identity identifier of the terminal host and the location identifier through the mapping table.
身份标识作为主机开户信息保持静态不变。 位置标识是由当前接入的映 射封装执行节点根据主机位置分配。 映射封装执行节点与网络数据库配合, 通过注册更新流程, 将实时更新网络数据库中保存的主机身份标识和位置标 识的映射关系。  The identity is kept static as the host account information. The location identifier is assigned by the currently accessed mapping encapsulation node based on the host location. The mapping encapsulation execution node cooperates with the network database, and through the registration update process, the mapping relationship between the host identity and the location identifier saved in the network database is updated in real time.
主机 1向主机 2发起通信时, 映射封装执行节点 1根据通信对端身份标 识, 到网络数据库查询主机 2的位置标识, 并将查询结果保存在映射封装执 行节点 1的映射路由表中,釆用映射路由表实时性的维护主机 2的身份标识 / 位置标识映射信息,并根据映射路由表实现数据报文封装处理、路由和转发。 映射封装执行节点 2收到映射封装执行节点 1发出的数据报文后, 进行位置 标识解封装处理, 将解封装后的数据 "^文送达通信对端。  When the host 1 initiates communication with the host 2, the mapping encapsulation executing node 1 queries the network database for the location identifier of the host 2 according to the communication peer identity identifier, and saves the query result in the mapping routing table of the mapping encapsulation execution node 1, The mapping table maintains the identity/location identification mapping information of the host 2 in real time, and implements data packet encapsulation processing, routing, and forwarding according to the mapping routing table. After receiving the data packet sent by the encapsulating execution node 1, the mapping encapsulation execution node 2 performs location identification decapsulation processing, and sends the decapsulated data to the communication peer.
通信一端主机位置变化时, 映射封装执行节点向网络数据库注册新的位 置标识并通知通信对端, 此后通信两端将以新的位置标识进行通信。  When the location of the host on the communication end changes, the mapping encapsulation execution node registers a new location identifier with the network database and notifies the communication peer. Thereafter, both ends of the communication will communicate with the new location identifier.
以上基于网络的身份位置分离方案, 为主机提供了统一的唯一的身份标 识。  The above network-based identity location separation scheme provides a unified and unique identity for the host.
本实施例中, 基于以上的身份位置分离方案, 网络数据库保存了终端主 机的身份标识, 并动态维护身份标识与位置标识之间的映射关系。 本实施例的实现心跳机制的方法, 如图 4所示, 主要包括如下步骤: 步骤 S101. 应用服务器与网络数据库建立安全机制。 In this embodiment, based on the above identity location separation scheme, the network database saves the terminal master The identity of the machine, and dynamically maintain the mapping relationship between the identity and the location identity. The method for implementing the heartbeat mechanism in this embodiment, as shown in FIG. 4, mainly includes the following steps: Step S101. The application server establishes a security mechanism with the network database.
应用服务器与网络数据库建立安全关联, 由于是网络侧设备间的安全关 联, 无论在处理效率, 设备管理升级的便利性、 专业程度, 还是安全强度以 及安全机制的灵活性, 都有很大程度的提升。 建立安全关联的方式包括但不 限于: IPsec, 双向鉴权授权, VPN接入。  The application server establishes a security association with the network database. Because of the security association between the network-side devices, the processing efficiency, the convenience of the device management upgrade, the professional level, the security strength, and the flexibility of the security mechanism are all largely Upgrade. The ways to establish security associations include but are not limited to: IPsec, two-way authentication and authorization, and VPN access.
步骤 S102.应用服务器与网络数据库建立用户身份识别之间的映射关系。 通过应用服务器中的应用客户端用户身份识别管理单元, 对应的应用服 务器端不需要维护客户端账号对应的 IP地址和端口号之间的动态绑定关系, 建立客户端账号与网络层用户识别之间的静态对应关系。 该客户端账号与网 络层用户识别之间静态对应关系, 可以在客户端账号开户时录入, 也可以在 用户初次登录时通过应用业务层信令交互获取。 在业务流程必要时, 应用服 务器与网络数据库应有交互确认机制, 以保证客户端账号与网络层用户识别 对应的是同一用户。  Step S102: The application server establishes a mapping relationship between the user identification and the network database. Through the application client user identification management unit in the application server, the corresponding application server does not need to maintain the dynamic binding relationship between the IP address and the port number corresponding to the client account, and establish a client account and a network layer user identification. Static correspondence between the two. The static correspondence between the client account and the network layer user identification can be entered when the client account is opened, or can be obtained through the application service layer signaling interaction when the user first logs in. When the business process is necessary, the application server and the network database should have an interaction confirmation mechanism to ensure that the client account and the network layer user identification correspond to the same user.
步骤 S103. 应用客户端即网络终端用户开始使用业务, 应用服务器与网 络数据库之间建立心跳机制。 应用服务器收到客户端的登录请求, 经过验证成功的, 向所述客户端返 回登录应答消息。 应用服务器向网络数据库发起心跳请求, 与网络数据库之 间建立心跳机制。  Step S103. The application client, that is, the network terminal user starts to use the service, and the heartbeat mechanism is established between the application server and the network database. The application server receives the login request from the client, and after successful verification, returns a login response message to the client. The application server initiates a heartbeat request to the network database and establishes a heartbeat mechanism with the network database.
网络数据库进行应用服务器识别, 识别通过的, 所述的网络数据库返回 心跳应答消息, 应用服务器与网络数据库之间建立了心跳机制。 否则结束流 程。  The network database performs application server identification, and the network database returns a heartbeat response message, and a heartbeat mechanism is established between the application server and the network database. Otherwise the process ends.
步骤 S104. 应用服务器向网络数据库预约, 在用户状态变化时主动通知 业务应用, 其中包括用户上线、 下线的状态通知过程。  Step S104. The application server makes a reservation to the network database, and actively notifies the service application when the user status changes, including the status notification process of the user going online or offline.
网络数据库保存了应用客户端即网络终端用户的状态信息, 这些信息包 括用户是否在线等。 应用服务器可以向网络数据库发起预约, 网络数据库在 用户状态变化时主动通知业务应用。 步骤 S105. 应用服务器与网络数据库之间建立查询机制。应用服务器可 以根据业务流程在需要时查询用户状态及用户信息。 The network database stores state information of the application client, that is, the network terminal user, and the information includes whether the user is online or the like. The application server can initiate an appointment to the network database, and the network database actively notifies the service application when the user state changes. Step S105. Establish a query mechanism between the application server and the network database. The application server can query the user status and user information when needed according to the business process.
步骤 S106. 网络数据库向网络中的其它网元查询维护终端主机的状态信 息的过程。  Step S106. The network database queries other network elements in the network for maintaining the status information of the terminal host.
步骤 S107. 应用客户端即网络终端用户停止业务使用, 应用服务器通知 网络数据库停止心跳机制。 以上步骤中, 步骤 S101和步骤 S102没有时序上严格的先后顺序。 步骤 S104, 步骤 S105 , 步骤 S106之间也没有时序上严格的先后顺序。  Step S107. The application client, that is, the network terminal user stops using the service, and the application server notifies the network database to stop the heartbeat mechanism. In the above steps, step S101 and step S102 have no strict sequence in sequence. Step S104, step S105, and step S106 also have no strict sequence in sequence.
根据以上描述可知, 本实施例方法至少具有以下有益效果:  According to the above description, the method of the embodiment has at least the following beneficial effects:
1. 网络能够掌握终端是否在线, 与网络的连接状态信息, 通过网络数据 库与网络其它网元间的信息交互, 网络数据库能够维护保存这些连接状态信 息。 用于确认终端 (应用客户端)与应用服务器间的连接状态的心跳机制, 由应用服务器与网络用户数据库之间的心跳机制实现, 终端 (应用客户端) 不再参与与应用服务器之间的心跳机制。 有效减少了网络与用户间短数据包 的发送频率, 降低用户接入网络上的数据负荷。 特别是对无线蜂窝网等无线 方式, 能够有效提高无线资源利用率, 提高手机等无线终端的电池待机 /工作 时间, 提升用户体验。  1. The network can know whether the terminal is online, the connection status information with the network, and the information exchange between the network database and other network elements of the network, and the network database can maintain and store the connection status information. The heartbeat mechanism for confirming the connection state between the terminal (application client) and the application server is implemented by a heartbeat mechanism between the application server and the network user database, and the terminal (application client) no longer participates in the heartbeat between the application server and the application server. mechanism. It effectively reduces the frequency of sending short packets between the network and the user, and reduces the data load on the user's access to the network. In particular, wireless methods such as wireless cellular networks can effectively improve the utilization of wireless resources, improve the battery standby/working time of wireless terminals such as mobile phones, and enhance the user experience.
2. 本发明的实施例提供的技术方案中,利用应用服务器与网络数据库之 间的心跳机制, 代替应用服务器与终端之间的心跳机制。 利用终端与应用服 务器之间的心跳机制发起的网络攻击将有效控制。 终端与应用服务器之间的 安全机制, 转化为应用服务器与网络数据库之间的安全机制。 对比终端, 应 用服务器与网络数据库是网络侧设备, 由于是网络侧设备间的安全关联, 无 论在处理效率, 设备管理升级的便利性、 专业程度, 还是安全强度以及安全 机制的灵活性, 都有很大程度的提升。 通过应用服务器与网络数据库之间的 可信机制, 可以实现心跳交互过程的有目的的安全保障, 将大大提高系统得 安全性, 减少潜在的隐患, 而且能够实现网络安全和效率的有机统一。  2. The technical solution provided by the embodiment of the present invention replaces the heartbeat mechanism between the application server and the terminal by using a heartbeat mechanism between the application server and the network database. A network attack initiated by a heartbeat mechanism between the terminal and the application server will be effectively controlled. The security mechanism between the terminal and the application server translates into a security mechanism between the application server and the network database. Comparing the terminal, the application server and the network database are network-side devices. Because of the security association between the network-side devices, both the processing efficiency, the convenience of device management upgrade, the professional level, the security strength, and the flexibility of the security mechanism are all Great improvement. Through the trusted mechanism between the application server and the network database, the purposeful security guarantee of the heartbeat interaction process can be realized, which will greatly improve the security of the system, reduce potential hidden dangers, and realize the organic unification of network security and efficiency.
实施例二  Embodiment 2
本实施例基于主机的身份标识和位置分离解决方案, 对本发明的具体实 施进行描述: This embodiment is based on the identity identification and location separation solution of the host, and is specific to the present invention. Description:
如图 5所示, 基于主机的身份标识和位置分离解决方案的基本思想是在 主机的网络层和传输层之间引入了主机标识层。 主机标识层将原来紧密耦合 的传输层和网络层分开, IP地址不再扮演标识主机的角色, 它只负责数据包 的路由转发, 即仅用作位置标识符, 主机名称由主机标识符来表示。 主机标 识层在逻辑上位于网络层与传输层之间, 由主机完成数据包中的主机标识符 和 IP地址转换。 网络层对于传输层是屏蔽的, 网络层的任何变化(例如, 在 通信过程中主机 IP地址的变化)不会影响传输层链路, 除非服务质量发生变 化。 传输层的连接建立在主机标识之上, IP地址只能被用于网络层路由, 而 不再用于标识主机身份。  As shown in Figure 5, the basic idea of a host-based identity and location separation solution is to introduce a host identity layer between the network layer and the transport layer of the host. The host identification layer separates the originally tightly coupled transport layer from the network layer. The IP address no longer acts as the identity host. It is only responsible for the routing and forwarding of packets, that is, it is only used as a location identifier. The host name is represented by the host identifier. . The host identification layer is logically located between the network layer and the transport layer, and the host completes the host identifier and IP address translation in the packet. The network layer is shielded from the transport layer, and any changes in the network layer (for example, changes in the host IP address during communication) do not affect the transport layer link unless the quality of service changes. The transport layer connection is established on top of the host ID. The IP address can only be used for network layer routing and is no longer used to identify the host identity.
如图 6所示, 基于主机的解决方案包括的网元从逻辑功能上抽象为: 主 机, 网络数据库。通过主机与网络数据库间进行的 "验证注册更新"等流程, 网络数据库实时地保存了主机标识与终端 IP地址之间的映射关系。发起方与 响应方进行数据通信时, 发起方主机 4艮据响应方主机标识向网络数据库查询 响应方主机的 IP地址, 获得响应方的主机标识 /IP地址映射后, 发起方与响 应方建立安全关联并进行通信。 通信一端主机位置变化时, 向网络数据库注 册新的 IP地址并通知通信对端, 此后通信两端将以新的 IP地址进行通信。  As shown in Figure 6, the host-based solution includes network elements abstracted from logical functions: host, network database. Through the process of "authentication registration update" between the host and the network database, the network database saves the mapping relationship between the host identifier and the terminal IP address in real time. When the initiator communicates with the responder, the initiator host 4 queries the network database for the IP address of the responder host according to the host ID of the responder, and obtains the host ID/IP address mapping of the responder, and the initiator and the responder establish security. Associate and communicate. When the host at the communication end changes, register a new IP address with the network database and notify the communication peer. After that, both ends of the communication will communicate with the new IP address.
以上基于主机的身份位置分离方案, 为主机提供了统一的唯一的身份标 识。  The above host-based identity location separation scheme provides a unified and unique identity for the host.
本实施例中, 基于以上身份位置分离的解决方案, 网络数据库保存了终 端主机的身份标识, 并动态维护身份标识与位置标识之间的映射关系。  In this embodiment, based on the solution of the above identity location separation, the network database stores the identity of the terminal host, and dynamically maintains the mapping relationship between the identity identifier and the location identifier.
本实施例的实现心跳机制的方法, 主要包括如下步骤:  The method for implementing the heartbeat mechanism in this embodiment mainly includes the following steps:
步骤 S201. 应用服务器与网络数据库建立安全机制。  Step S201. The application server establishes a security mechanism with the network database.
应用服务器与网络数据库建立安全关联, 由于是网络侧设备间的安全关 联, 无论在处理效率, 设备管理升级的便利性、 专业程度, 还是安全强度以 及安全机制的灵活性, 都有很大程度的提升。 建立安全关联的方式包括但不 限于: Internet协议安全 (IPsec), 双向鉴权授权, 虚拟专用网络 (VPN)接入。  The application server establishes a security association with the network database. Because of the security association between the network-side devices, the processing efficiency, the convenience of the device management upgrade, the professional level, the security strength, and the flexibility of the security mechanism are all largely Upgrade. Ways to establish security associations include, but are not limited to, Internet Protocol Security (IPsec), two-way authentication, and virtual private network (VPN) access.
步骤 S202.应用服务器与网络数据库建立用户身份识别之间的映射关系。 通过应用服务器中的应用客户端用户身份识别管理单元, 对应的应用服 务器端不需要维护客户端账号对应的 IP地址和端口号之间的动态绑定关系, 建立客户端账号与网络层用户识别之间的静态对应关系。 该客户端账号与网 络层用户识别之间静态对应关系, 可以在客户端账号开户时录入, 也可以在 用户初次登录时通过应用业务层信令交互获取。 在业务流程必要时, 应用服 务器与网络数据库应有交互确认机制, 以保证客户端账号与网络层用户识别 对应的是同一用户。 Step S202: The application server establishes a mapping relationship between the user identification and the network database. Through the application client user identification management unit in the application server, the corresponding application server does not need to maintain the dynamic binding relationship between the IP address and the port number corresponding to the client account, and establish a client account and a network layer user identification. Static correspondence between the two. The static correspondence between the client account and the network layer user identification may be entered when the client account is opened, or may be obtained through application service layer signaling interaction when the user first logs in. When the business process is necessary, the application server and the network database should have an interaction confirmation mechanism to ensure that the client account and the network layer user identification correspond to the same user.
步骤 S203. 应用客户端即网络终端用户开始使用业务, 应用服务器与网 络数据库之间建立心跳机制。 应用服务器收到客户端的登录请求, 经过验证成功的, 向所述客户端返 回登录应答消息。 应用服务器向网络数据库发起心跳请求, 与网络数据库之 间建立心 ϋ机制。  Step S203. The application client, that is, the network terminal user starts to use the service, and the heartbeat mechanism is established between the application server and the network database. The application server receives the login request from the client, and after successful verification, returns a login response message to the client. The application server initiates a heartbeat request to the network database and establishes a heartbeat mechanism with the network database.
网络数据库进行应用服务器识别, 识别通过的, 所述的网络数据库返回 心跳应答消息, 应用服务器与网络数据库之间建立了心跳机制。 否则结束流 程。  The network database performs application server identification, and the network database returns a heartbeat response message, and a heartbeat mechanism is established between the application server and the network database. Otherwise the process ends.
步骤 S204. 应用服务器向网络数据库预约, 在用户状态变化时主动通知 业务应用, 其中包括用户上线、 下线的状态通知过程。  Step S204. The application server makes a reservation to the network database, and actively notifies the service application when the user status changes, including the status notification process of the user going online or offline.
网络数据库保存了应用客户端即网络终端用户的状态信息, 这些信息包 括用户是否在线等。 应用服务器可以向网络数据库发起预约, 网络数据库在 用户状态变化时主动通知业务应用。  The network database stores state information of the application client, that is, the network terminal user, and the information includes whether the user is online or the like. The application server can initiate an appointment to the network database, and the network database actively notifies the service application when the user state changes.
步骤 S205. 应用服务器与网络数据库之间建立查询机制。应用服务器可 以根据业务流程在需要时查询用户状态及用户信息。  Step S205. A query mechanism is established between the application server and the network database. The application server can query user status and user information as needed based on business processes.
步骤 S206. 网络数据库向网络中的其它网元查询维护终端主机的状态信 息的过程。  Step S206. The network database queries other network elements in the network for maintaining the status information of the terminal host.
步骤 S207. 应用客户端即网络终端用户停止业务使用, 应用服务器通知 网络数据库停止心跳机制。 以上步骤中, 步骤 S201 , 步骤 S202没有时序上严格的先后顺序。 步骤 S204, 步骤 S205 , 步骤 S206之间没有时序上严格的先后顺序。 根据以上描述可知, 本实施例方法至少具有以下有益效果:Step S207. The application client, that is, the network terminal user stops using the service, and the application server notifies the network database to stop the heartbeat mechanism. In the above steps, step S201 and step S202 have no strict sequence in sequence. There is no strict sequence in sequence between step S204, step S205, and step S206. According to the above description, the method of the embodiment has at least the following beneficial effects:
1. 网络能够掌握终端是否在线, 与网络的连接状态信息, 通过网络数据 库与网络其它网元间的信息交互, 网络数据库能够维护保存这些连接状态信 息。 用于确认终端 (应用客户端)与应用服务器间的连接状态的心跳机制, 由应用服务器与网络用户数据库之间的心跳机制实现, 终端 (应用客户端) 不再参与与应用服务器之间的心跳机制。 有效减少了网络与用户间短数据包 的发送频率, 降低用户接入网络上的数据负荷。 特别是对无线蜂窝网等无线 方式, 能够有效提高无线资源利用率, 提高手机等无线终端的电池待机 /工作 时间, 提升用户体验。 1. The network can know whether the terminal is online, the connection status information with the network, and the information exchange between the network database and other network elements of the network, and the network database can maintain and store the connection status information. The heartbeat mechanism for confirming the connection state between the terminal (application client) and the application server is implemented by a heartbeat mechanism between the application server and the network user database, and the terminal (application client) no longer participates in the heartbeat between the application server and the application server. mechanism. It effectively reduces the frequency of sending short packets between the network and the user, and reduces the data load on the user's access to the network. In particular, wireless methods such as wireless cellular networks can effectively improve the utilization of wireless resources, improve the battery standby/working time of wireless terminals such as mobile phones, and enhance the user experience.
2. 本实施例中, 利用应用服务器与网络数据库之间的心跳机制, 代替应 用服务器与终端之间的心跳机制。 利用终端与应用服务器之间的心跳机制发 起的网络攻击将有效控制。 终端与应用服务器之间的安全机制, 转化为应用 服务器与网络数据库之间的安全机制。 对比终端, 应用服务器与网络数据库 是网络侧设备, 由于是网络侧设备间的安全关联, 无论在处理效率, 设备管 理升级的便利性、 专业程度, 还是安全强度以及安全机制的灵活性, 都有很 大程度的提升。 通过应用服务器与网络数据库之间的可信机制, 可以实现心 跳交互过程的有目的的安全保障, 将大大提高系统得安全性, 减少潜在的隐 患, 而且能够实现网络安全和效率的有机统一。  2. In this embodiment, the heartbeat mechanism between the application server and the network database is used instead of the heartbeat mechanism between the application server and the terminal. Network attacks using the heartbeat mechanism between the terminal and the application server will be effectively controlled. The security mechanism between the terminal and the application server translates into a security mechanism between the application server and the network database. Comparing the terminal, the application server and the network database are network-side devices. Because of the security association between the network-side devices, both the processing efficiency, the convenience of device management upgrade, the professional level, the security strength, and the flexibility of the security mechanism are all Great improvement. Through the trusted mechanism between the application server and the network database, the purposeful security of the heartbeat interaction process can be achieved, which will greatly improve the security of the system, reduce potential risks, and achieve organic integration of network security and efficiency.
实施例三  Embodiment 3
本实施例主要描述了利用网络数据库进行业务寻址的具体实现。  This embodiment mainly describes a specific implementation of using a network database for service addressing.
现有的应用客户端与应用服务器间心跳机制的另一功能, 是在应用客户 端登录后, 登记该应用客户端账号的地址信息, 如 IP地址和端口号等, 维护 应用服务器上该应用客户端账号与 IP地址端口号之间的实时对应关系。用于 在业务发生时, 通过应用客户端账号能够进行业务流寻址。  Another function of the existing heartbeat mechanism between the application client and the application server is to register the address information of the application client account, such as an IP address and a port number, after the application client logs in, and maintain the application client on the application server. The real-time correspondence between the end account and the IP address port number. It can be used to address service flow when applying a client account when a service occurs.
在基于身份位置分离的解决方案中, 基础网络为每个用户分配唯一的主 机身份标识, 该主机身份标识在网络中始终保持不变, 不随时间位置的变化 而变化。 基础网络中有两种标识类型: 主机身份标识和位置路由标识。 基础 网络数据库保存了主机身份标识和位置标识间的映射关系, 基础网络通过注 册更新、 切换等流程将实时维护这一映射关系。 基础网络通过用户唯一不变 得主机身份标识, 总是能够在网络数据库中查到对应的位置标识, 实现用户 数据流、 业务流的正确路由。 In an identity-based location separation solution, the underlying network assigns each user a unique host identity that remains constant throughout the network and does not change over time. There are two types of identity in the underlying network: host identity and location route identity. The basic network database stores the mapping relationship between the host identity and the location identifier. The basic network maintains the mapping relationship in real time through processes such as registration update and handover. The underlying network is unique through the user The host identity is always able to find the corresponding location identifier in the network database, and realize the correct routing of user data streams and service flows.
通过图 4所示的步骤 S101和步骤 S102, 应用服务器维护业务账号与用 户网络身份识别之间的静态映射关系, 基础网络向应用业务提供唯一网络层 用户身份识别, 业务寻址功能由基础网络提供。 应用服务器不再维护业务账 号与 IP地址、 端口号之间的动态映射关系。  Through the steps S101 and S102 shown in FIG. 4, the application server maintains a static mapping relationship between the service account and the user network identity identification, and the basic network provides a unique network layer user identity identification to the application service, and the service addressing function is provided by the basic network. . The application server no longer maintains the dynamic mapping between the service account and the IP address and port number.
釆用本实施例方法, 有效简化了应用业务 Λ良务器的如下业务流程: 对于 所属客户端登录过程中登记地址信息, 如 IP地址和端口号。安全实现心跳连 接的基础上,实现对于所属客户端已登记地址信息改变的情况下的安全登录, 同时也避免了因改变地址信息导致的二次登录的问题。  The method of the embodiment is used to effectively simplify the following business processes of the application service server: For the login process of the client, the address information, such as the IP address and the port number, is registered. On the basis of the secure implementation of the heartbeat connection, the secure login in the case where the registered address information of the client is changed is realized, and the problem of secondary login due to the change of the address information is also avoided.
以上仅为本发明的优选实施案例而已, 并不用于限制本发明, 本发明还 可有其他多种实施例, 在不背离本发明精神及其实质的情况下, 熟悉本领域 的技术人员可根据本发明做出各种相应的改变和变形, 但这些相应的改变和 变形都应属于本发明所附的权利要求的保护范围。 The above is only a preferred embodiment of the present invention, and is not intended to limit the present invention. The present invention may be embodied in various other embodiments without departing from the spirit and scope of the invention. Various changes and modifications may be made to the invention, and such changes and modifications are intended to be included within the scope of the appended claims.
显然, 本领域的技术人员应该明白, 上述的本发明的各模块或各步骤可 以用通用的计算装置来实现, 它们可以集中在单个的计算装置上, 或者分布 在多个计算装置所组成的网络上, 可选地, 它们可以用计算装置可执行的程 序代码来实现, 从而, 可以将它们存储在存储装置中由计算装置来执行, 并 且在某些情况下, 可以以不同于此处的顺序执行所示出或描述的步骤, 或者 将它们分别制作成各个集成电路模块, 或者将它们中的多个模块或步骤制作 成单个集成电路模块来实现。 这样, 本发明不限制于任何特定的硬件和软件 结合。  Obviously, those skilled in the art should understand that the above modules or steps of the present invention can be implemented by a general-purpose computing device, which can be concentrated on a single computing device or distributed over a network composed of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device, such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein. The steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps are fabricated as a single integrated circuit module. Thus, the invention is not limited to any particular combination of hardware and software.
工业实用 4生 本发明实施例具有如下有益效果: Industrial Applicability 4 The embodiments of the present invention have the following beneficial effects:
1.本发明实施例中用于确认终端与应用服务器间的连接状态的心跳机制 , 是由应用服务器与网络用户数据库之间的心跳机制实现, 因而有效减少了网 络与用户间短数据包的发送频率, 降低用户接入网络上的数据负荷。 特别是 对无线蜂窝网等无线方式, 能够有效提高无线资源利用率, 提高手机等无线 终端的电池待机 /工作时间, 提升用户体验。 The heartbeat mechanism for confirming the connection state between the terminal and the application server in the embodiment of the present invention is implemented by a heartbeat mechanism between the application server and the network user database, thereby effectively reducing the network. The frequency of sending short packets between the network and the user reduces the data load on the user's access network. In particular, wireless methods such as wireless cellular networks can effectively improve the utilization of wireless resources, improve the battery standby/working time of wireless terminals such as mobile phones, and improve the user experience.
2. 应用服务器维护业务账号与用户网络身份识别之间的静态映射关系, 无需再维护业务账号与 IP地址之间的动态映射关系。网络向应用业务提供唯 一网络层用户身份识别, 业务寻址功能由网络提供, 有效简化了应用业务服 务器的业务流程。  2. The application server maintains a static mapping relationship between the service account and the user's network identity. It does not need to maintain the dynamic mapping between the service account and the IP address. The network provides unique network layer user identification to the application service, and the service addressing function is provided by the network, which effectively simplifies the business process of the application service server.
3. 本发明实施例利用应用服务器与网络数据库之间的心跳机制,代替应 用服务器与终端之间的心跳机制, 通过应用服务器与网络数据库之间的可信 机制, 可以实现心跳交互过程的有目的的安全保障, 将大大提高系统的安全 性, 减少潜在的隐患, 而且能够实现网络安全和效率的有机统一。  3. The embodiment of the present invention utilizes the heartbeat mechanism between the application server and the network database to replace the heartbeat mechanism between the application server and the terminal, and the purpose of the heartbeat interaction process can be achieved through the trusted mechanism between the application server and the network database. The security guarantee will greatly improve the security of the system, reduce potential hidden dangers, and achieve the organic unification of network security and efficiency.

Claims

权 利 要 求 书 Claim
1、 一种实现心跳机制的方法, 所述方法包括:  A method for implementing a heartbeat mechanism, the method comprising:
应用服务器与网络数据库建立安全机制;  The application server establishes a security mechanism with the network database;
所述应用服务器与所述网络数据库建立用户网络层身份识别之间的映射 关系;  Establishing, by the application server, a mapping relationship between the user network layer identity and the network database;
网络终端用户通过应用客户端登录所述应用服务器激活业务应用时, 所 述应用服务器与所述网络数据库之间建立心跳机制。  When the network terminal user activates the service application by logging in to the application server by using the application client, a heartbeat mechanism is established between the application server and the network database.
2、 如权利要求 1所述的方法, 其中, 所述方法还包括:  2. The method according to claim 1, wherein the method further comprises:
所述网络数据库维护所述终端用户的身份识别与位置识别的映射关系, 并根据所述映射关系定位到所述终端用户所在的应用客户端。  The network database maintains a mapping relationship between the identity identification and the location identification of the terminal user, and locates the application client where the terminal user is located according to the mapping relationship.
3、 如权利要求 1所述的方法, 其中, 所述方法还包括:  3. The method according to claim 1, wherein the method further comprises:
所述网络数据库根据网络接入设备上报的、 或者向网络中的其它网元查 询到的信息, 并维护所述终端用户的状态信息;  The network database is based on information reported by the network access device or queried by other network elements in the network, and maintains status information of the terminal user;
所述状态信息包括: 上线状态、 下线状态。  The status information includes: an online status and an offline status.
4、 如权利要求 3所述的方法, 其中, 所述方法还包括:  4. The method of claim 3, wherein the method further comprises:
所述应用服务器与所述网络数据库之间建立状态预约机制, 所述网络数 据库将所述终端用户的状态变化通知所述应用服务器。  A state reservation mechanism is established between the application server and the network database, and the network database notifies the application server of a change in state of the terminal user.
5、 如权利要求 1所述的方法, 其中, 所述方法还包括: 5. The method of claim 1, wherein the method further comprises:
所述应用服务器与所述网络数据库之间建立查询机制, 所述应用服务器 根据业务需要向所述网络数据库查询终端用户状态信息和 /或终端用户信息。  An inquiry mechanism is established between the application server and the network database, and the application server queries the network database for terminal user status information and/or terminal user information according to service requirements.
6、 如权利要求 1所述的方法, 其中, 所述方法还包括:  The method of claim 1, wherein the method further comprises:
所述应用客户端停止业务应用时, 所述应用服务器通知所述网络数据库 停止心跳机制。  When the application client stops the service application, the application server notifies the network database to stop the heartbeat mechanism.
7、 如权利要求 1所述的方法, 其中,  7. The method of claim 1, wherein
所述应用服务器与所述网络数据库之间建立安全关联的方式包括但不限 于: Internet协议安全 (IPsec), 双向鉴权授权, 虚拟专用网络 (VPN)接入。 The manner in which the application server establishes a security association with the network database includes, but is not limited to, Internet Protocol Security (IPsec), two-way authentication authorization, and virtual private network (VPN) access.
8、 一种实现心跳机制的应用服务器, 所述应用服务器包括: 应用客户端用户身份识别管理模块, 设置为: 与网络数据库建立用户网 络层身份识别之间的映射关系; 8. An application server for implementing a heartbeat mechanism, the application server comprising: an application client user identity management module, configured to: establish a mapping relationship between a user network layer identity and a network database;
应用客户端登录状态维护模块, 设置为: 维护应用客户端是否处于登录 状态, 在所述应用客户端登录并激活业务应用时, 向所述网络数据库请求建 立心跳机制;  The application client login status maintenance module is configured to: maintain the application client is in a login state, and request the establishment of a heartbeat mechanism to the network database when the application client logs in and activates the service application;
心跳机制模块, 设置为: 与所述网络数据库进行心跳交互, 以确定应用 客户端的状态信息;  a heartbeat mechanism module, configured to: perform heartbeat interaction with the network database to determine state information of the application client;
安全机制模块, 设置为: 与所述网络数据库进行安全交互, 完成应用服 务器与网络数据库之间的双向鉴权, 建立应用服务器与所述网络数据库之间 的安全关联; 以及, 与所述的应用客户端进行安全交互, 完成对应用客户端 的鉴权。  a security mechanism module, configured to: perform secure interaction with the network database, complete two-way authentication between the application server and the network database, establish a security association between the application server and the network database; and, with the application The client performs a secure interaction and completes the authentication of the application client.
9、 如权利要求 8所述的应用服务器, 其中,  9. The application server according to claim 8, wherein
所述应用服务器还包括用户状态查询模块, 设置为: 与所述网络数据库 之间建立状态预约机制, 向所述网络数据库预约将所述终端用户的状态变化 通知所述应用服务器。  The application server further includes a user status query module, configured to: establish a state reservation mechanism with the network database, and notify the network database to notify the application server of the state change of the terminal user.
10、 如权利要求 9所述的应用服务器, 其中,  10. The application server according to claim 9, wherein
所述用户状态查询模块还设置为:与所述网络数据库之间建立查询机制, 根据业务需要向所述网络数据库查询终端用户状态信息和 /或终端用户信息。  The user status query module is further configured to: establish a query mechanism with the network database, and query the network database for terminal user status information and/or terminal user information according to service requirements.
11、 如权利要求 9所述的应用服务器, 其中,  11. The application server according to claim 9, wherein
所述应用客户端登录状态维护模块还设置为: 所述应用客户端停止业务 应用时, 通知所述网络数据库停止心跳机制。  The application client login status maintenance module is further configured to: notify the network database to stop the heartbeat mechanism when the application client stops the service application.
12、 一种实现心跳机制的网络数据库, 所述网络数据库包括:  12. A network database implementing a heartbeat mechanism, the network database comprising:
心跳机制单元, 设置为: 与应用服务器进行心跳交互, 以使所述应用服 务器能够确定应用客户端的状态信息;  a heartbeat mechanism unit, configured to: perform heartbeat interaction with an application server, so that the application server can determine status information of the application client;
安全机制单元, 设置为: 与应用服务器进行安全交互, 完成所述应用服 务器与所述网络数据库之间的双向鉴权, 建立所述应用服务器与所述网络数 据库之间的安全关联。 The security mechanism unit is configured to: perform secure interaction with the application server, complete two-way authentication between the application server and the network database, and establish the application server and the network number According to the security association between the libraries.
13、 如权利要求 12所述的网络数据库, 其中, 所述网络数据库还包括: 用户状态维护单元, 设置为: 根据网络接入设备上报的、 或者向网络中 的其它网元查询到的信息, 并维护所述终端用户的状态信息; 所述状态信息 包括: 上线状态、 下线状态; The network database of claim 12, wherein the network database further comprises: a user status maintenance unit, configured to: according to information reported by the network access device or queried by other network elements in the network, And maintaining status information of the terminal user; the status information includes: an online status and an offline status;
用户状态查询单元, 设置为: 所述应用服务器发起查询时, 向所述应用 服务器返回相应的终端用户状态信息和 /或终端用户信息。  The user status query unit is configured to: when the application server initiates the query, return corresponding terminal user status information and/or terminal user information to the application server.
14、 如权利要求 13所述的网络数据库, 其中,  14. The network database according to claim 13, wherein
所述用户状态查询单元, 还设置为: 与所述网络数据库之间建立状态预 约机制, 将所述终端用户的状态变化通知所述应用服务器。  The user status query unit is further configured to: establish a state reservation mechanism with the network database, and notify the application server of a status change of the terminal user.
15、 如权利要求 12所述的网络数据库, 其中, 所述网络数据库还包括: 业务寻址单元, 设置为: 维护所述终端用户的身份识别与位置识别的映 射关系, 并根据所述映射关系定位到所述终端用户所在的应用客户端。  The network database of claim 12, wherein the network database further comprises: a service addressing unit, configured to: maintain a mapping relationship between the identity identification and the location identification of the terminal user, and according to the mapping relationship Targeting the application client where the end user is located.
16、 一种实现心跳机制的系统, 所述系统包括: 应用服务器端、 应用客 户端和网络数据库, 其中:  16. A system for implementing a heartbeat mechanism, the system comprising: an application server, an application client, and a network database, wherein:
所述应用服务器端设置为: 应用客户端登录后, 激活业务应用, 并与网 络用户数据库建立心跳机制, 获取用户在线状态信息; 并建立客户端账号与 网络层用户识别之间的对应关系;  The application server is configured to: after the application client logs in, activate the service application, establish a heartbeat mechanism with the network user database, obtain the online status information of the user, and establish a correspondence between the client account and the network layer user identification;
所述应用客户端设置为: 根据所述登录应答信息或心跳应答消息, 发送 心跳请求消息;  The application client is configured to: send a heartbeat request message according to the login response information or a heartbeat response message;
所述网络数据库设置为 ,保存网络层用户识别信息 ,维护用户在线状态; 并与应用服务器建立心跳机制, 向所述应用服务器提供用户在线状态信息。  The network database is configured to save network layer user identification information, maintain user online status, and establish a heartbeat mechanism with the application server, and provide user online status information to the application server.
17、 如权利要求 16所述的系统, 其中, 所述应用服务器端还包括: 应用客户端用户身份识别管理模块, 设置为: 与网络数据库建立用户网 络层身份识别之间的映射关系;  The system of claim 16, wherein the application server further comprises: an application client user identity management module, configured to: establish a mapping relationship between the user network layer identity and the network database;
应用客户端登录状态维护模块, 设置为: 维护应用客户端是否处于登录 状态, 在所述应用客户端登录并激活业务应用时, 向所述网络数据库请求建 立心跳机制; The application client login status maintenance module is configured to: maintain whether the application client is in the login state, and request the establishment of the network database when the application client logs in and activates the service application. Heartbeat mechanism
心跳机制模块, 设置为: 与所述网络数据库进行心跳交互, 以确定应用 客户端的状态信息;  a heartbeat mechanism module, configured to: perform heartbeat interaction with the network database to determine state information of the application client;
安全机制模块, 设置为: 与所述网络数据库进行安全交互, 完成应用服 务器与网络数据库之间的双向鉴权, 建立应用服务器与所述网络数据库之间 的安全关联; 以及, 与所述的应用客户端进行安全交互, 完成对应用客户端 的鉴权。  a security mechanism module, configured to: perform secure interaction with the network database, complete two-way authentication between the application server and the network database, establish a security association between the application server and the network database; and, with the application The client performs a secure interaction and completes the authentication of the application client.
18、 如权利要求 17所述的系统, 其中,  18. The system of claim 17, wherein
所述应用服务器端还包括用户状态查询模块, 设置为: 与所述网络数据 库之间建立状态预约机制, 向所述网络数据库预约将所述终端用户的状态变 化通知所述应用服务器; 和 /或, 与所述网络数据库之间建立查询机制, 根据 业务需要向所述网络数据库查询终端用户状态信息和 /或终端用户信息。  The application server side further includes a user status query module, configured to: establish a state reservation mechanism with the network database, and notify the network database to notify the application server of a status change of the terminal user; and/or Establishing a query mechanism with the network database, and querying the network database for terminal user status information and/or terminal user information according to service requirements.
19、 如权利要求 17或 18所述的系统, 其中,  19. The system of claim 17 or 18, wherein
所述应用客户端登录状态维护模块还设置为: 所述应用客户端停止业务 应用时, 通知所述网络数据库停止心跳机制。  The application client login status maintenance module is further configured to: notify the network database to stop the heartbeat mechanism when the application client stops the service application.
20、如权利要求 16、 17或 18所述的系统,其中,所述网络数据库包括: 心跳机制单元, 设置为: 与应用服务器进行心跳交互, 以使所述应用服 务器能够确定应用客户端的状态信息;  20. The system of claim 16, 17 or 18, wherein the network database comprises: a heartbeat mechanism unit, configured to: perform heartbeat interaction with an application server to enable the application server to determine status information of an application client ;
安全机制单元, 设置为: 与应用服务器进行安全交互, 完成所述应用服 务器与所述网络数据库之间的双向鉴权, 建立所述应用服务器与所述网络数 据库之间的安全关联。  The security mechanism unit is configured to: perform secure interaction with the application server, complete two-way authentication between the application server and the network database, and establish a security association between the application server and the network database.
21、 如权利要求 20所述的系统, 其中, 所述网络数据库还包括: 用户状态维护单元, 设置为: 根据网络接入设备上报的、 或者向网络中 的其它网元查询到的信息, 并维护所述终端用户的状态信息; 所述状态信息 包括: 上线状态、 下线状态; The system of claim 20, wherein the network database further comprises: a user status maintenance unit, configured to: according to information reported by the network access device or queried to other network elements in the network, and Maintaining status information of the terminal user; the status information includes: an online status and an offline status;
用户状态查询单元, 设置为: 所述应用服务器发起查询时, 向所述应用 服务器返回相应的终端用户状态信息和 /或终端用户信息;并与所述网络数据 库之间建立状态预约机制,将所述终端用户的状态变化通知所述应用服务器。 The user status query unit is configured to: when the application server initiates the query, return corresponding terminal user status information and/or terminal user information to the application server; and establish a state reservation mechanism with the network database, Notifying the application server of the status change of the end user.
22、 如权利要求 20所述的系统, 其中, 所述网络数据库还包括: 业务寻址单元, 设置为: 维护所述终端用户的身份识别与位置识别的映 射关系, 并根据所述映射关系定位到所述终端用户所在的应用客户端。 The system of claim 20, wherein the network database further comprises: a service addressing unit, configured to: maintain a mapping relationship between the identity identification and the location identification of the terminal user, and locate the mapping according to the mapping relationship Go to the application client where the end user is located.
PCT/CN2012/082714 2011-10-21 2012-10-10 Method, application server, network database, and system for achieving heartbeat mechanism WO2013056628A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201110323712.3A CN103067215B (en) 2011-10-21 2011-10-21 Realize method, application server, network data base and the system of heartbeat mechanism
CN201110323712.3 2011-10-21

Publications (1)

Publication Number Publication Date
WO2013056628A1 true WO2013056628A1 (en) 2013-04-25

Family

ID=48109684

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/082714 WO2013056628A1 (en) 2011-10-21 2012-10-10 Method, application server, network database, and system for achieving heartbeat mechanism

Country Status (2)

Country Link
CN (1) CN103067215B (en)
WO (1) WO2013056628A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105210328A (en) * 2013-09-27 2015-12-30 华为技术有限公司 Method and device for asynchronous communication

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9510217B2 (en) * 2013-05-28 2016-11-29 Qualcomm Incorporated Method and apparatus for enhanced application signaling from a wireless communications device
CN104376005B (en) * 2013-08-14 2017-09-15 中国移动通信集团甘肃有限公司 The software heartbeat mechanism detailed form processing method of signaling access probe user and system
CN105611597B (en) * 2015-12-24 2022-08-26 武汉塔兰智能科技有限公司 Network system of mobile ad hoc network
CN105554150A (en) * 2015-12-29 2016-05-04 北京捷思锐科技股份有限公司 Network logging-in method and apparatus
CN106209890A (en) * 2016-07-25 2016-12-07 天脉聚源(北京)教育科技有限公司 A kind of method and device of long-distance education client login authentication
CN108494744B (en) * 2018-03-07 2021-08-24 杭州迪普科技股份有限公司 IPsec VPN client message processing method and device
CN108965400B (en) 2018-06-25 2020-03-31 阿里巴巴集团控股有限公司 Information processing method, device, equipment and system
CN110222084B (en) * 2019-05-06 2021-10-22 奇安信科技集团股份有限公司 Method and device for reporting monitoring information of hotspot equipment, storage medium and terminal
CN110288356B (en) * 2019-05-31 2022-03-08 威富通科技有限公司 Payment service processing method, device, electronic equipment, storage medium and system
CN111209025A (en) * 2020-01-19 2020-05-29 山东浪潮通软信息科技有限公司 SaaS platform implementation method based on heartbeat mechanism
CN111988585B (en) * 2020-08-17 2022-04-29 海宇星联(山东)智慧科技有限公司 Video transmission method suitable for satellite data communication network

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101971564A (en) * 2008-08-15 2011-02-09 上海贝尔股份有限公司 A method for implementing a heartbeat mechanism in a communication network and the apparatus thereof
CN102045374A (en) * 2009-10-10 2011-05-04 中兴通讯股份有限公司 Implementation method and system supporting capability of actively pushing data messages

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100496043C (en) * 2004-05-20 2009-06-03 华为技术有限公司 Method and system for acquiring initial protocol network node status of a session
US20060104214A1 (en) * 2004-11-18 2006-05-18 Borella Michael S System and method for automated provisioning of wireless access gateways
CN102209302A (en) * 2011-07-07 2011-10-05 深圳市金立通信设备有限公司 System and method for realizing information push of mobile terminal

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101971564A (en) * 2008-08-15 2011-02-09 上海贝尔股份有限公司 A method for implementing a heartbeat mechanism in a communication network and the apparatus thereof
CN102045374A (en) * 2009-10-10 2011-05-04 中兴通讯股份有限公司 Implementation method and system supporting capability of actively pushing data messages

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
WU, QIANG ET AL.: "Constructing Internet Unified Identifier System, Promoting IPv6 Development", TELECOMMUNICATIONS SCIENCE, vol. 2011, no. 6, June 2011 (2011-06-01), pages 84 - 88 *
WU, QIANG ET AL.: "Naming Technology in Mobile Internet", TELECOMMUNICATIONS SCIENCE, April 2011 (2011-04-01), pages 73 - 78 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105210328A (en) * 2013-09-27 2015-12-30 华为技术有限公司 Method and device for asynchronous communication

Also Published As

Publication number Publication date
CN103067215B (en) 2018-02-13
CN103067215A (en) 2013-04-24

Similar Documents

Publication Publication Date Title
WO2013056628A1 (en) Method, application server, network database, and system for achieving heartbeat mechanism
US7693056B2 (en) Method and system for a communication node with a plurality of network interfaces
EP1650916B1 (en) The system and method for realize multimedia call crossover the private network
US8095681B2 (en) Load balancing server and system
EP1798890B1 (en) Methods, device and computer program product for maintaining mapping relationship
US20070047585A1 (en) Methods and apparatus for network address change for mobile devices
WO2015143802A1 (en) Service function chaining processing method and device
KR101368615B1 (en) Method for realizing end-to-end call, end-to-end call terminal and system
WO2011137792A1 (en) Method and apparatus for cooperation between push devices
KR102117434B1 (en) Method for improved handling of at least one communication exchange between a telecommunication network and at least one user equipment, telecommunication network, user equipment, systems, programs and computer program products
WO2011032462A1 (en) Method for data transmission and receiving, system and router thereof
CN106464596A (en) Openflow communication method, system, controller, and service gateway
WO2011032450A1 (en) Implement method and system for networks interworking
WO2011131097A1 (en) Data message processing method, system and access service node
WO2011032447A1 (en) Method, system and communication terminal for implementing inter-communication between new network and internet
WO2021169291A1 (en) Route advertising method, network elements, system, and device
CN102045250B (en) Forwarding method of multicast message in VPLS and service provider edge equipment
JP2020010326A (en) DATA TRANSMISSION METHOD, DATA RECEPTION METHOD, AND DATA COMMUNICATION METHOD USING WiFi MANAGEMENT FRAME
WO2014075485A1 (en) Processing method for network address translation technology, nat device and bng device
WO2011038639A1 (en) Realizing method for end-to-end instant messaging, terminal and system for end-to-end instant messaging
EP3632081B1 (en) Session layer communications using an id-oriented network
WO2011032487A1 (en) Method for updating local mapping table of access router and access router thereof
WO2007069046A1 (en) Power-efficient address mapping scheme
WO2011032417A1 (en) Method and system for initiating forwarding of communicaiton, information and data message and for routing configuration
CN101621528B (en) Conversation system based on Ethernet switch cluster management and method for realizing conversation passage

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12842636

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12842636

Country of ref document: EP

Kind code of ref document: A1