WO2016074570A1 - 安全监听方法及系统 - Google Patents

安全监听方法及系统 Download PDF

Info

Publication number
WO2016074570A1
WO2016074570A1 PCT/CN2015/093448 CN2015093448W WO2016074570A1 WO 2016074570 A1 WO2016074570 A1 WO 2016074570A1 CN 2015093448 W CN2015093448 W CN 2015093448W WO 2016074570 A1 WO2016074570 A1 WO 2016074570A1
Authority
WO
WIPO (PCT)
Prior art keywords
monitoring
communication link
primary
network element
standby
Prior art date
Application number
PCT/CN2015/093448
Other languages
English (en)
French (fr)
Inventor
倪宏
毛晓峻
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2016074570A1 publication Critical patent/WO2016074570A1/zh

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Definitions

  • the present invention relates to the field of communications, and in particular, to a security monitoring method and system.
  • the monitoring device in the security product generally includes a monitoring center and a monitoring gateway, and there are two typical networking modes between the monitoring device and the monitored network element.
  • the first method is that the interception center directly interfaces with the monitored network element, and there are three interfaces between the monitoring center and the monitored network element, namely, HI1, HI2, and HI3.
  • the interface HI1 is mainly used to send a monitoring command of the target user number (that is, the monitored terminal) to the monitored network element, and the monitoring command includes a command, a control command, and a view command.
  • the monitored network element reports the activity information and call status of the monitored terminal to the monitoring center through the second interface HI2.
  • the intercepted network element transmits the call control signaling and the communication content of the monitored terminal to the monitoring center through the three interfaces HI3, thereby implementing lawful interception.
  • the second mode is that the interception center interfaces with the monitored network element by listening to the gateway.
  • There are three interfaces between the monitoring center and the listening gateway namely HI1, HI2 and HI3, which is the same as the first case.
  • the implementation function is similar to HI1, HI2 and HI3 in the first case. The difference is only that the interface standard is different, HI1/HI2/HI3 It is a standard interface, and X1/X2/X3 is often a proprietary custom interface. Therefore, the interception gateway has protocol conversion, message and media forwarding functions.
  • the main technical problem to be solved by the present invention is to provide a security monitoring method and system, which solves the problem that the existing single monitoring device has poor reliability and poor disaster tolerance performance, and cannot meet the monitoring requirement.
  • an embodiment of the present invention provides a security monitoring method, including:
  • the primary listening device and the standby listening device respectively establish a communication link with the monitored network element
  • the primary listening device switches to the alternate listening device.
  • the communication link includes a first communication link for transmitting monitoring instructions, a second communication link for transmitting communication information of the monitored terminal, and a transmission of the monitored terminal. a third communication link of the communication content;
  • the communication link failure between the primary monitoring device and the monitored network element includes a first communication link, a second communication link, and a first communication link between the primary listening device and the monitored network element. At least one fault in the three communication links;
  • the switching to the standby listening device includes:
  • whether the first communication link between the primary monitoring device and the monitored network element is faulty is determined by the primary monitoring device, when the primary monitoring device is When the first communication link between the monitored network elements fails, the switching to the standby monitoring device includes:
  • the primary listening device notifies the standby listening device to perform a first communication link switching, or notifies the standby listening device to perform a first communication link, a second communication link, and a third communication link switching;
  • the standby monitoring device After receiving the notification, the standby monitoring device sends the monitoring command that needs to be sent to the monitored network element through the first communication link between the standby monitoring device and the monitored network element.
  • whether the second communication link between the primary monitoring device and the monitored network element is faulty is determined by the monitored network element; when the monitored network element determines When the second communication link between the primary monitoring device fails, the switching to the standby monitoring device includes:
  • the communication information includes at least one of a communication type and a communication state.
  • whether the third communication link between the primary monitoring device and the monitored network element is faulty is determined by the monitored network element; when the monitored network element determines When the third communication link between the primary monitoring device fails, the switching to the standby monitoring device includes:
  • the communication content includes at least one of a communication control instruction and a media stream.
  • the monitoring instruction includes at least one of a deployment control instruction and a release control instruction; the deployment control instruction includes a target terminal to be monitored; and the release control instruction includes a to-be-revoked monitoring Target terminal
  • the primary monitoring device and the monitored device simultaneously receive the monitoring instruction; or the primary monitoring device first receives the monitoring instruction, and then sends the received monitoring instruction to the standby monitoring instruction;
  • the primary monitoring device When the first communication link between the primary monitoring device and the monitored network element is normal, the primary monitoring device sends a monitoring instruction to the monitored network element through the first communication link, and After receiving the successful response of the monitored network element, the target terminal is added or deleted in the monitoring list, and the target terminal is added to the synchronization list, and the monitored device is obtained during the synchronization process. Synchronize;
  • the standby listening device passes the first communication link between the primary listening device and the monitored network element to the
  • the monitoring network element sends a monitoring instruction, and after receiving the successful response of the monitored network element, adds or deletes the target terminal in its monitoring list, and adds the target terminal to its synchronization list, to be described
  • the primary listening device acquires synchronization during synchronization.
  • the primary listening device and the standby monitoring device are respectively a primary monitoring center and a standby monitoring center;
  • the primary monitoring device and the standby monitoring device are respectively a primary monitoring gateway or an alternate monitoring gateway; the primary monitoring gateway and the secondary monitoring gateway are respectively connected to the monitoring center.
  • the standby monitoring device switches back to the primary monitoring device.
  • the embodiment of the present invention further provides a security monitoring system, including a primary monitoring device, an alternate monitoring device, and a monitored network element:
  • the primary listening device and the standby listening device respectively establish a communication link with the monitored network element
  • the standby listening device replaces the primary listening device when the communication link between the primary monitoring device and the monitored network element fails.
  • the communication link includes a first communication link for transmitting monitoring instructions, a second communication link for transmitting communication information of the monitored terminal, and a transmission of the monitored terminal. a third communication link of the communication content;
  • the communication link failure between the primary monitoring device and the monitored network element includes a first communication link, a second communication link, and a first communication link between the primary listening device and the monitored network element. At least one fault in the three communication links;
  • the standby monitoring device replacing the primary monitoring device includes:
  • the primary listening device determines whether the first communication link with the monitored network element is faulty, and if yes, the primary monitoring device notifies the standby listening device to perform Switching, or notifying the alternate listening device to perform a first communication link, a second communication link, and a third communication link switch;
  • the standby monitoring device After receiving the notification, the standby monitoring device sends the monitoring command that needs to be sent to the monitored network element through the first communication link between the standby monitoring device and the monitored network element.
  • the monitored network element determines whether the second communication link failure between the primary network and the primary monitoring device is faulty, and if so, through the The second communication link sends the communication information to be fed back to the standby listening device; the communication information includes at least one of a communication type and a communication state.
  • the monitored network element determines whether a third communication link failure between the primary network and the primary monitoring device is faulty, and if so, through a The third communication link sends the communication content to be fed back to the standby listening device; the communication content includes at least one of a communication control instruction and a media stream.
  • the monitoring instruction includes at least one of a deployment control instruction and a release control instruction; the deployment control instruction includes a target terminal to be monitored; and the release control instruction includes a to-be-revoked monitoring Target terminal
  • the primary monitoring device and the monitored device simultaneously receive the monitoring instruction; or the primary monitoring device first receives the monitoring instruction, and then sends the received monitoring instruction to the standby monitoring instruction;
  • the primary monitoring device When the first communication link between the primary monitoring device and the monitored network element is normal, the primary monitoring device sends a monitoring instruction to the monitored network element through the first communication link, and After receiving the successful response of the monitored network element, the target terminal is added or deleted in the monitoring list, and the target terminal is added to the synchronization list, and the monitored device is obtained during the synchronization process. Synchronize;
  • the standby listening device passes the first communication link between the primary listening device and the monitored network element to the
  • the monitoring network element sends a monitoring instruction, and after receiving the successful response of the monitored network element, adds or deletes the target terminal in its monitoring list, and adds the target terminal to its synchronization list, to be described
  • the primary listening device acquires synchronization during synchronization.
  • the primary listening device and the standby monitoring device are respectively a primary monitoring center and a standby monitoring center;
  • the primary monitoring device and the standby monitoring device are respectively a primary monitoring gateway or an alternate monitoring gateway;
  • the security monitoring system further includes a monitoring center, and the primary monitoring gateway and the secondary monitoring gateway respectively Listening center communication connection.
  • the security monitoring method and system provided by the present invention include an active monitoring device and an alternate monitoring device, wherein the primary monitoring device and the standby monitoring device respectively establish a communication link for monitoring with the monitored network element; during the monitoring process, When the communication link between the primary monitoring device and the monitored network element fails, the primary listening device switches to the secondary listening device to complete the monitoring. It can be seen that the present invention can switch between the primary and secondary monitoring devices by detecting the communication link failure for monitoring in time, thereby greatly improving the reliability and disaster tolerance performance of the security monitoring, and can better meet the uninterrupted performance. Various listening requirements such as monitoring.
  • FIG. 1 is a schematic diagram of a network of a monitoring system
  • FIG. 2 is a schematic diagram of another monitoring system networking
  • FIG. 3 is a schematic diagram of networking of a monitoring system according to Embodiment 1 of the present invention.
  • FIG. 4 is a schematic diagram of a network of a monitoring system when the monitoring device in FIG. 3 is a monitoring center;
  • FIG. 5 is a schematic diagram of a network of a monitoring system when the listening device in FIG. 3 is a monitoring gateway;
  • FIG. 6 is a schematic diagram of another monitoring system networking provided in Embodiment 1 of the present invention.
  • FIG. 7 is a schematic diagram of another monitoring system networking provided in Embodiment 1 of the present invention.
  • FIG. 8 is a schematic diagram of another monitoring system networking provided in Embodiment 1 of the present invention.
  • FIG. 9 is a schematic flowchart of data synchronization between an active and standby monitoring device according to Embodiment 2 of the present invention.
  • FIG. 10 is a schematic flowchart of a first communication link switching process according to Embodiment 2 of the present invention.
  • FIG. 11 is a schematic flowchart of a second and third communication link switching process according to Embodiment 2 of the present invention.
  • Embodiment 1 is a diagrammatic representation of Embodiment 1:
  • the embodiment provides a security monitoring system, including a primary monitoring device, an alternate monitoring device, and a monitored network element (for example, a Soft Switch (referred to as SS) network element, and an Internet Protocol Multimedia Subsystem. (IP Multimedia Subsystem, abbreviated as IMS) network element, etc.): the primary listening device and the standby listening device respectively establish a communication link with the monitored network element; the standby listening device communicates between the primary listening device and the monitored network element When the link is faulty, instead of the primary listening device, the primary listening device switches to the standby listening device.
  • the primary listening device and the standby monitoring device in this embodiment are respectively a primary monitoring center and an alternate monitoring center; as shown in FIG. 4, the primary monitoring center is directly and monitored through a set of interfaces HI1, HI2, and HI3.
  • the network element is connected, and the standby monitoring center is also connected to the monitored network element through a set of interfaces HI1, HI2, and HI3.
  • the primary listening device and the standby monitoring device in this embodiment may also be a primary listening gateway or an alternate monitoring gateway respectively;
  • the security monitoring system further includes a monitoring center, a primary monitoring gateway, and an alternate monitoring device.
  • the gateway is separately connected to the monitoring center.
  • the monitoring center is directly connected to the primary monitoring gateway through a set of interfaces HI1, HI2, and HI3, and the primary monitoring gateway is directly connected to the monitored network element through a set of interfaces X1, X2, and X3;
  • the group interfaces HI1, HI2, and HI3 are directly connected to the standby listening gateway, and the standby listening gateway is also directly connected to the monitored network element through a set of interfaces X1, X2, and X3.
  • the communication link established between the primary monitoring device and the standby monitoring device and the monitored network element includes a first part for transmitting a monitoring instruction (including at least one of a deployment control instruction, a revocation instruction, and a viewing instruction).
  • a communication link a second communication link for transmitting communication information of the monitored terminal (including a communication type (such as a voice call, a video call, a short message communication, etc.), a communication state (eg, during a call, during a call, etc.))
  • a third communication link for transmitting communication content of the monitored terminal (including at least one of a communication control command and a media stream);
  • the communication link failure between the primary monitoring device and the monitored network element in this embodiment includes a first communication link, a second communication link, and a third communication link between the primary monitoring device and the monitored network element. At least one fault in the road;
  • the alternate listening device replaces the primary listening device in any of the following two ways:
  • Manner 1 Switching the first communication link between the primary monitoring device and the monitored network element, the second communication link, and the communication link in the third communication link to the standby monitoring device; for example, when the first When the communication link is faulty, only the first communication link between the primary monitoring device and the monitored network element is switched to the secondary backup listening device. At this time, the third communication link of the second communication link still uses the primary monitoring. The second communication link and the third communication link between the device and the monitored network element. When the monitored network element feeds back the communication information and the communication content, it still feeds back through the second communication link and the third communication link between the primary monitoring device.
  • Manner 2 The first communication link, the second communication link, and the third communication link between the primary monitoring device and the monitored network element are all switched to the standby monitoring device, and the monitored network element is only reserved.
  • the listening device interacts and does not need to interact with the primary listening device.
  • the communication links established through the interfaces HI1, HI2, and HI3 in FIG. 4 are the first communication link, the second communication link, and the third communication link, respectively; through the interfaces X1, X2, and X3 in FIG.
  • the established communication links are a first communication link, a second communication link, and a third communication link, respectively.
  • the primary listening device determines whether the first communication link with the monitored network element is faulty. If yes, the primary monitoring device notifies the secondary listening device to perform the first communication link switching, or notifies the secondary monitoring device. Performing a first communication link, a second communication link, and a third communication link switching;
  • the standby monitoring device After receiving the notification, the standby monitoring device sends the monitoring command that needs to be sent to the monitored network element through the first communication link between the standby monitoring device and the monitored network element.
  • the primary listening device in this embodiment includes a first link detecting module
  • the monitored network element includes a third link detecting module.
  • the first link detecting module is configured to detect the primary monitoring device and Whether the first communication link between the monitored network elements is faulty, and the third link detection module of the monitored network element cooperates with the first link detection module to complete the detection of the first communication link.
  • the standby monitoring device in this embodiment includes a second link detecting module, configured to detect whether the first communication link between the standby listening device and the monitored network element is faulty; in this process, the monitored network element is The third link detection module cooperates with the second link detection module to complete detection of the first communication link.
  • the monitoring instruction in this embodiment includes at least one of a deployment control instruction, a withdrawal control instruction, a view instruction, and the like; wherein the deployment control instruction includes a target terminal to be monitored; and the release control instruction includes a target terminal to be revoked;
  • the primary listening device and the monitored device may receive the monitoring instruction at the same time, or the primary monitoring device first receives the monitoring instruction, and then sends the received monitoring command to the standby monitoring command; optionally, in FIG. 4
  • the user can directly send the monitoring command to the primary monitoring center and the standby monitoring center, or the user directly issues the monitoring command to the primary monitoring center, and then the primary monitoring center sends the received monitoring command to the standby monitoring center;
  • FIG. 5 the user directly sends a monitoring command to the monitoring center, and then the monitoring center directly sends the monitoring command to the primary monitoring gateway and the standby monitoring gateway at the same time, or the monitoring center sends the received monitoring command to the primary monitoring gateway. And then sent to the standby monitoring gateway by the primary monitoring gateway.
  • the primary monitoring device when the first communication link between the primary monitoring device and the monitored network element is normal, the primary monitoring device sends a monitoring instruction to the monitored network element through the first communication link, and is received after being monitored.
  • the target terminal is added (when the control is performed) or deleted (when the control is removed) in the monitoring list, and the target terminal is added to the synchronization list, and the device to be monitored is to be monitored. Get synchronized during the synchronization process.
  • the monitoring list of the primary monitoring device may be a list established in the local database of the primary monitoring device for storing the monitored terminal list.
  • the identification information of the target terminal and the operation information (for example, control or disarming) and the operation time information are added to the synchronization list.
  • the synchronization monitoring device may send a synchronization request to the primary monitoring device to obtain a synchronization list on the primary monitoring device side, and obtain a comparison with the local synchronization list to determine the two.
  • the standby monitoring device does not perform the target terminal synchronization processing, only clears the local synchronization list, and feeds back the synchronization completion notification to the main monitoring device, and the main monitoring device clears the local synchronization after receiving the synchronization completion notification. If the two are inconsistent, the standby listening device adds or deletes the response to the monitored terminal in the local synchronization list according to the target terminal in the obtained synchronization list, and clears the local synchronization list after the synchronization is completed, and the main synchronization list is The synchronization completion notification is fed back by the monitoring device, and the primary monitoring device clears the local synchronization list after receiving the synchronization completion notification.
  • the primary monitoring device when the first communication link between the primary monitoring device and the monitored network element is normal, receives a successful response after receiving the controlled or uncontrolled operation of the monitored network element, and further The successful response may be sent to the alternate listening device, or the monitored network element simultaneously feeds back the successful response to the alternate listening device when feeding back the successful response to the primary listening device.
  • the standby monitoring device may also add (when the control is performed) or delete (when the control is removed) to the target terminal in the monitoring list, and add the target terminal to its synchronization list, waiting for the subsequent synchronization process. For use.
  • the secondary listening device When the first communication link between the primary monitoring device and the monitored network element fails, the secondary listening device sends a monitoring instruction to the monitored network element through the first communication link between the primary monitoring device and the monitored network element, and receives the monitoring command. After the successful response of the feedback after the monitored network element completes the control or release operation, add (when the control is performed) or delete (when the control is removed) to the target terminal, and add the target terminal to its synchronization list, wait for The primary listening device acquires synchronization during synchronization.
  • the monitoring list of the standby listening device in this embodiment may be a list established in the local database of the standby listening device for storing the monitored terminal list.
  • the identification information of the target terminal and the operation information (for example, control or disarming) and the operation time information are added to the synchronization list.
  • the primary monitoring device sends a synchronization request to the secondary monitoring device to obtain the synchronization request. Synchronization list on the standby monitoring device side, after obtaining The local synchronization list is compared to determine whether the two are consistent.
  • the primary monitoring device does not perform the target terminal synchronization processing, only clears the local synchronization list, and feeds back the synchronization completion notification to the standby monitoring device, and the standby monitoring device receives the same.
  • the local synchronization list is cleared; if the two are inconsistent, the active monitoring device performs the response addition or deletion processing on the monitored terminal in the local synchronization list according to the target terminal in the acquired synchronization list, and the synchronization is completed.
  • the local synchronization list is cleared, the synchronization completion notification is fed back to the standby monitoring device, and the standby monitoring device clears the local synchronization list after receiving the synchronization completion notification.
  • the monitored device may also send the successful response to the primary monitoring device.
  • the active monitoring device may also add (remove control) or delete (when the control is removed) the target terminal in its monitoring list, and add the target terminal to its synchronization list, and wait for subsequent synchronization. Used in comparison.
  • the primary monitoring device in this embodiment further includes a first synchronization module configured to complete the synchronization with the standby monitoring device; the secondary monitoring device further includes a second synchronization module, configured to complete the foregoing and the primary Use the synchronization of the monitoring device.
  • the monitored network element determines the primary monitoring device. Whether the second communication link failure between the devices is faulty, if yes, the communication information to be fed back (including at least one of a communication type and a communication state) is sent to the standby through a second communication link with the standby listening device Listening to the device; otherwise, transmitting the communication information to be fed back to the primary listening device through a second communication link with the primary listening device.
  • the monitored network element determines whether the third communication link failure between the primary network and the primary monitoring device is faulty, and if so, through the The third communication link sends the communication content to be fed back (including at least one of the communication control command, the media stream, and the like) to the standby listening device; otherwise, the third communication link with the primary monitoring device is to be fed back
  • the communication content is sent to the primary monitoring device.
  • the primary monitoring device and the secondary monitoring device further include transmitting the received communication information and the communication content to the monitoring link corresponding to the HI2 interface and the communication link corresponding to the HI3 interface. center.
  • the monitored network element when the monitored network element detects the second communication link and/or the third communication link by using the third link detection module, it may correspond to the primary monitoring device or the standby monitoring device by contacting N times. A handshake is established on the communication link, and if it fails for N consecutive times, it is determined that the corresponding communication link is faulty.
  • the value of N may be 3.
  • the value can also be selected according to the actual application scenario, and is not limited to taking 3.
  • the backup monitoring device when the communication link between the primary monitoring device and the monitored network element is restored from the fault state to normal, the backup monitoring device is further switched back to the primary monitoring device.
  • the communication link of the original fault is switched back to the primary monitoring device; when the secondary monitoring device is switched to the second mode, all the communication links are cut at this time. Go back to the main monitor device.
  • the primary monitoring device and the secondary monitoring device in this embodiment further include a first switching management module and a second switching management module, respectively, and the monitored network element further includes a third switching management module, which are respectively set to For the corresponding handover management in the above handover process, refer to the example description in the following embodiments.
  • Embodiment 2 is a diagrammatic representation of Embodiment 1:
  • the main monitoring device includes a first database, a first link detecting module, a first synchronization module, a first setting control module, a first switching management module, and a first service communication module, and the first database is used for storing the main monitoring
  • the monitoring list and the synchronization list of the device, the first setting control module is configured to send the monitoring instruction, and the target terminal is added to the monitoring list or deleted from the monitoring list, and the first synchronization module is set to add the target terminal to the synchronization list.
  • the first service communication module is configured to implement a corresponding communication service on the three communication links, wherein the first link detection module is further configured to detect a communication link with the standby listening device; the used listening device includes the second database a second link detecting module, a second synchronization module, a second setting control module, a second switching management module, and a second service communication module, wherein the second database is configured to store a monitoring list and a synchronization list of the monitored device, and second The control module is configured to send a monitoring command and to add or remove the target terminal to the monitoring list.
  • the second synchronization module is configured to add the target terminal to the synchronization list, and the second service communication module is configured to implement corresponding communication services on the three communication links, wherein the second link detection module is further configured to cooperate with the first link detection module.
  • the monitored network element includes a third link detection module, a third handover management module, a third service communication module, and a third control module, and the third service communication module is configured
  • the third setting control module is configured to complete the control or release control of the corresponding target terminal according to the deployment control command or the withdrawal control instruction.
  • the first communication link between the primary monitoring device and the standby monitoring device and the monitored network element is normal; the primary monitoring device sends the deployment control command to the monitored network element through the first communication link or After the control command is removed, and the synchronization period is reached, the process of data synchronization between the primary monitoring device and the secondary monitoring device is shown in Figure 9, including:
  • Step 901 The first link detection module of the primary monitoring device sends a link detection request message to the second link detection module of the standby monitoring device.
  • Step 902 After receiving the link detection request message, the second link detection module returns a link detection acknowledgement response to the first link detection module.
  • Step 903 After receiving the link detection acknowledgement response, the first link detection module sends a trigger message of the synchronization data to the first synchronization module.
  • Step 904 After receiving the trigger message of the synchronization data, the first synchronization module first detects whether there is data in the synchronization list in the first database of the primary monitoring device side, and if there is data, sends the data in the synchronization list to the standby monitoring device. Second synchronization module;
  • Step 905 After receiving the synchronization message sent by the first synchronization module, the second synchronization module determines whether there is the record in the synchronization list in the second database on the standby monitoring device side. If the record exists, compares the operation and the operation time. Consistent; if it is inconsistent (such as the control operation on the primary monitoring device and the remote control operation on the standby monitoring device) and the operation time of the standby monitoring device is not up to date, the synchronization processing is performed according to the data in the synchronization list on the primary monitoring device side.
  • the standby monitoring device monitoring list is written or the data is deleted from the monitoring list, and the synchronization list of the recording standby monitoring device is deleted (ie, cleared);
  • the listening device and the standby listening device operate the same. Only records are deleted from the sync list of the alternate listening device. If there is no such record in the synchronization list of the used listening device, and the operation in the main listening device message is the control operation, the monitoring list is written; if the operation in the main monitoring device message is to be removed, and the used monitoring device has The control record of the number deletes the data from the monitoring list; then deletes the record in the synchronization list;
  • Step 906 After the synchronization process is completed, the second synchronization module sends a number synchronization completion response to the first synchronization module.
  • Step 907 After receiving the synchronization completion response, the first synchronization module sends a query message to the first database to query the data in the synchronization list on the local side; if the data is not queried, or the queried data is sent to the second synchronization module. If the data is inconsistent, no processing is performed; if the data is queried and the queried data is consistent with the data sent to the second synchronization module, the data is deleted from the local synchronization list.
  • the handover process when the first communication link between the primary monitoring device and the monitored network element fails is included in the figure, including:
  • Step 1001 The first link detection module of the primary monitoring device sends three consecutive link detection messages to the third link detection module of the monitored network element, and no response is received.
  • Step 1002 The first link detection module sends a message that the first communication link is interrupted to the first service communication module, and the first service communication module saves the first communication link state.
  • Step 1003 The first setting control module sends a deployment control command to the monitored network element, because the first communication link is interrupted and the control fails.
  • Step 1004 The first service communication module sends a message to notify the first handover management module of the primary listening device to notify that the first communication link is interrupted.
  • Step 1005 The first handover management module sends a first communication link switching request to the second handover management module of the standby monitoring center.
  • Step 1006 The second handover management module sends a link handover response to the first handover management module; the concurrent message informs the second setup control module of the standby listening device to resend the deployment control command to the monitored network element.
  • Step 1007 The second setting control module of the standby monitoring device resends the deployment control command to the monitored network element.
  • the switching process includes:
  • Step 1101 The third link detection module of the monitored network element sends a second (or third) communication link detection message to the first link detection module of the primary listening device, and the first link detection of the primary monitoring device The module is not responding;
  • Step 1102 After the second (or third) communication link detection message sent by the third link detection module does not respond for three consecutive times, send the second (or third) communication to the second link detection module of the standby listening device.
  • Link detection message After the second (or third) communication link detection message sent by the third link detection module does not respond for three consecutive times, send the second (or third) communication to the second link detection module of the standby listening device.
  • Step 1103 The second link detecting module of the standby listening device returns a second (or third) communication link response to the third link detecting module.
  • Step 1104 After receiving the second (or third) communication link response three times, the third link detection module sends a second (third) communication link switching notification to the third handover management module of the monitored network element.
  • Step 1105 The third handover management module returns a response to the third link detection module after receiving the second (third) communication link handover notification.
  • Step 1106 The third handover management module sends a link establishment request to the second handover management module of the standby monitoring device.
  • Step 1107 After receiving the link establishment request, the second handover management module returns a response to the link establishment request.
  • Step 1108 The third service communication module of the monitored network element sends the corresponding communication information (communication content) to the standby listening device through the second (third) communication link with the standby listening device.
  • the solution of the embodiment of the present invention only one set of monitoring device hardware needs to be added to the monitoring center or the monitoring gateway side, and the corresponding synchronization module, link detection module, switching management module are added, and the corresponding database is added.
  • the monitored target terminals on the primary and backup listening devices can be synchronized, and the link detection can detect the link fault of the listening interface in time to perform the active/standby switchover, ensuring that the three listening interfaces are on any link.
  • the monitoring service can continue to be implemented normally, which greatly improves the reliability of the security product.
  • the security monitoring method and system provided by the present invention includes an active monitoring device and an alternate monitoring device, wherein the primary monitoring device and the standby monitoring device are respectively configured for monitoring with the monitored network element.
  • the primary monitoring device switches to the secondary listening device to complete the monitoring.
  • the present invention can switch between the primary and secondary monitoring devices by detecting the communication link failure for monitoring in time, thereby greatly improving the reliability and disaster tolerance performance of the security monitoring, and can better meet the uninterrupted performance.
  • Various listening requirements such as monitoring.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明公开了一种安全监听方法及系统,包括主用监听设备和备用监听设备,其中主用监听设备和备用监听设备分别与被监听网元建立用于监听用的通信链路;在监听过程中,当主用监听设备与被监听网元之间的通信链路故障时,由主用监听设备切换至备用监听设备完成监听。可见,本发明可通过及时发现用于监听的通信链路故障而在主用和备用监听设备之间进行切换,从而大大提升了安全监听的可靠性和容灾性能,能更好的满足不间断监听等各种监听要求。

Description

安全监听方法及系统 技术领域
本发明涉及通信领域,具体涉及一种安全监听方法及系统。
背景技术
安全产品中的监听设备一般包括监听中心和监听网关,它们和被监控网元之间有两种典型的组网方式。请参见图1所示,第一种方式是监听中心和被监听网元直接对接,监听中心与被监听网元之间有三个接口即HI1、HI2和HI3。接口HI1主要用于发送目标用户号码(也即被监控终端)的监控指令到被监听网元,监控指令包括布控指令、撤控指令和查看指令等。被监控终端在被监听网元下发生通话或其他通讯活动后,被监听网元通过二接口HI2将被监控终端的活动信息、呼叫状态等情况报告给监听中心。同时,被监听网元把被监控终端的呼叫控制信令和通信内容经过三接口HI3传递到监听中心,从而实现合法监听。请参见图2所示,第二种方式是监听中心通过监听网关来和被监听网元对接。监听中心和监听网关之间有三个接口即HI1、HI2和HI3,这与第一种情况一样。同时监听网关和被监听网元之间还有三个接口即X1、X2和X3,实现功能与第一种情况中的HI1、HI2和HI3类似,区别仅在于接口标准不一样,HI1/HI2/HI3为标准接口,而X1/X2/X3往往是私有的定制接口。所以,监听网关具有协议转换、消息与媒体转发功能。
随着国际政治形势不断变化和恐怖袭击活动日益猖獗,快速、高效、稳定的合法监听显得越来越重要,安全部门对监听设备的可靠性也相应提出了更高的要求。对于上述传统的两种监听系统组网方式都仅包括一套监听设备,但随着合法监听过程中有越来越多的网络拥塞、连接中断问题的频繁出现,三个监听接口链路连接断开而无法及时恢复,从而导致监听业务中断,使得这段时间内的监听目标号码无法布控或监听活动事件、通信内容无法保存,显然这种单监听设备的工作模式无法保证监听设备的可靠性,也无法保证安全部门提出的监听业务不间断的日常工作要求。所以为了保证监听设备在异常宕机或通信连接中断的情况下能继续保持监听三个接口业务功能的正常工作,增加并实现监听设备的容灾备份功能就显得非常重要。
发明内容
本发明要解决的主要技术问题是,提供一种安全监听方法及系统,解决现有单监听设备存在的可靠性以及容灾性能差,不能满足监听要求的问题。
为解决上述技术问题,本发明实施例提供一种安全监听方法,包括:
主用监听设备和备用监听设备分别与被监听网元建立通信链路;
在监听过程中,当所述主用监听设备与所述被监听网元之间的通信链路故障时,由所述 主用监听设备切换至所述备用监听设备。
在本发明的一种实施例中,所述通信链路包括用于传输监控指令的第一通信链路、用于传输被监控终端的通信信息的第二通信链路和用于传输被监控终端的通信内容的第三通信链路;
所述主用监听设备与所述被监听网元之间的通信链路故障包括所述主用监听设备与所述被监听网元之间的第一通信链路、第二通信链路和第三通信链路中的至少一个故障;
所述切换至所述备用监听设备包括:
将所述主用监听设备与所述被监听网元之间的第一通信链路、第二通信链路和第三通信链路中故障的通信链路切换至所述备用监听设备;
或将所述主用监听设备与所述被监听网元之间的第一通信链路、第二通信链路和第三通信链路都切换至所述备用监听设备。
在本发明的一种实施例中,所述主用监听设备与所述被监听网元之间的第一通信链路是否故障由所述主用监听设备判断,当所述主用监听设备与所述被监听网元之间的第一通信链路故障时,切换至所述备用监听设备包括:
所述主用监听设备通知所述备用监听设备进行第一通信链路切换,或通知所述备用监听设备进行第一通信链路、第二通信链路和第三通信链路切换;
所述备用监听设备接收到所述通知后,将当前需要发送的监控指令通过其与所述被监听网元之间的第一通信链路发送给所述被监听网元。
在本发明的一种实施例中,所述主用监听设备与所述被监听网元之间的第二通信链路是否故障由所述被监听网元判断;当所述被监控网元判断与所述主用监听设备之间的第二通信链路故障时,切换至所述备用监听设备包括:
通过与所述备用监听设备之间的第二通信链路将待反馈的通信信息发送给所述备用监听设备;所述通信信息包括通信类型、通信状态中的至少一种。
在本发明的一种实施例中,所述主用监听设备与所述被监听网元之间的第三通信链路是否故障由所述被监听网元判断;当所述被监控网元判断与所述主用监听设备之间的第三通信链路故障时,切换至所述备用监听设备包括:
通过与所述备用监听设备之间的第三通信链路将待反馈的通信内容发送给所述备用监听设备;所述通信内容包括通信控制指令、媒体流中的至少一种。
在本发明的一种实施例中,所述监控指令包括布控指令和撤控指令中的至少一种;所述布控指令包括待被监听的目标终端;所述撤控指令包括待被撤销监听的目标终端;
所述主用监听设备和被监听设备同时接收所述监控指令;或所述主用监听设备先接收所述监控指令,然后将接收到的监控指令发给所述备用监控指令;
所述主用监听设备与所述被监听网元之间的第一通信链路正常时,所述主用监听设备通过所述第一通信链路向所述被监听网元发送监控指令并在收到所述被监听网元的成功响应后,在其监控列表中增加或删除所述目标终端,并将所述目标终端添加到其同步列表中,待所述被监听设备在同步过程中获取进行同步;
所述主用监听设备与所述被监听网元之间的第一通信链路故障时,所述备用监听设备通过其与所述被监听网元之间的第一通信链路向所述被监听网元发送监控指令并在收到所述被监听网元的成功响应后,在其监控列表中增加或删除所述目标终端,并将所述目标终端添加到其同步列表中,待所述主用监听设备在同步过程中获取进行同步。
在本发明的一种实施例中,所述主用监听设备和所述备用监听设备分别为主用监听中心和备用监听中心;
或所述主用监听设备和所述备用监听设备分别为主用监听网关或备用监听网关;所述主用监听网关和所述备用监听网关分别与监听中心通信连接。
在本发明的一种实施例中,还包括所述主用监听设备与所述被监听网元之间的通信链路恢复时,由所述备用监听设备切回至所述主用监听设备。
为了解决上述问题,本发明实施例还提供了一种安全监听系统,包括主用监听设备、备用监听设备和被监听网元:
所述主用监听设备和备用监听设备分别与所述被监听网元建立通信链路;
所述备用监听设备在所述主用监听设备与所述被监听网元之间的通信链路故障时,代替所述主用监听设备。
在本发明的一种实施例中,所述通信链路包括用于传输监控指令的第一通信链路、用于传输被监控终端的通信信息的第二通信链路和用于传输被监控终端的通信内容的第三通信链路;
所述主用监听设备与所述被监听网元之间的通信链路故障包括所述主用监听设备与所述被监听网元之间的第一通信链路、第二通信链路和第三通信链路中的至少一个故障;
所述备用监听设备代替所述主用监听设备包括:
将所述主用监听设备与所述被监听网元之间的第一通信链路、第二通信链路和第三通信链路中故障的通信链路切换至所述备用监听设备;
或将所述主用监听设备与所述被监听网元之间的第一通信链路、第二通信链路和第三通信链路都切换至所述备用监听设备。
在本发明的一种实施例中,所述主用监听设备判断与所述被监听网元之间的第一通信链路是否故障,如是,所述主用监听设备通知所述备用监听设备进行第一通信链路切换,或通知所述备用监听设备进行第一通信链路、第二通信链路和第三通信链路切换;
所述备用监听设备接收到所述通知后,将当前需要发送的监控指令通过其与所述被监听网元之间的第一通信链路发送给所述被监听网元。
在本发明的一种实施例中,所述被监听网元判断其与所述主用监听设备之间的第二通信链路故障是否故障,如是,通过与所述备用监听设备之间的第二通信链路将待反馈的通信信息发送给所述备用监听设备;所述通信信息包括通信类型、通信状态中的至少一种。
在本发明的一种实施例中,所述被监听网元判断其与所述主用监听设备之间的第三通信链路故障是否故障,如是,通过与所述备用监听设备之间的第三通信链路将待反馈的通信内容发送给所述备用监听设备;所述通信内容包括通信控制指令、媒体流中的至少一种。
在本发明的一种实施例中,所述监控指令包括布控指令和撤控指令中的至少一种;所述布控指令包括待被监听的目标终端;所述撤控指令包括待被撤销监听的目标终端;
所述主用监听设备和被监听设备同时接收所述监控指令;或所述主用监听设备先接收所述监控指令,然后将接收到的监控指令发给所述备用监控指令;
所述主用监听设备与所述被监听网元之间的第一通信链路正常时,所述主用监听设备通过所述第一通信链路向所述被监听网元发送监控指令并在收到所述被监听网元的成功响应后,在其监控列表中增加或删除所述目标终端,并将所述目标终端添加到其同步列表中,待所述被监听设备在同步过程中获取进行同步;
所述主用监听设备与所述被监听网元之间的第一通信链路故障时,所述备用监听设备通过其与所述被监听网元之间的第一通信链路向所述被监听网元发送监控指令并在收到所述被监听网元的成功响应后,在其监控列表中增加或删除所述目标终端,并将所述目标终端添加到其同步列表中,待所述主用监听设备在同步过程中获取进行同步。
在本发明的一种实施例中,所述主用监听设备和所述备用监听设备分别为主用监听中心和备用监听中心;
或所述主用监听设备和所述备用监听设备分别为主用监听网关或备用监听网关;所述安全监听系统还包括监听中心,所述主用监听网关和所述备用监听网关分别与所述监听中心通信连接。
本发明的有益效果是:
本发明提供的安全监听方法及系统,包括主用监听设备和备用监听设备,其中主用监听设备和备用监听设备分别与被监听网元建立用于监听用的通信链路;在监听过程中,当主用监听设备与被监听网元之间的通信链路故障时,由主用监听设备切换至备用监听设备完成监听。可见,本发明可通过及时发现用于监听的通信链路故障而在主用和备用监听设备之间进行切换,从而大大提升了安全监听的可靠性和容灾性能,能更好的满足不间断监听等各种监听要求。
附图说明
此处所说明的附图用来提供对本发明的进一步理解,构成本申请的一部分,本发明的示意性实施例及其说明用于解释本发明,并不构成对本发明的不当限定。在附图中:
图1为一种监听系统组网示意图;
图2为另一种监听系统组网示意图;
图3为本发明实施例一中提供的监听系统组网示意图;
图4为图3中监听设备为监听中心时的监听系统组网示意图;
图5为图3中监听设备为监听网关时的监听系统组网示意图;
图6为本发明实施例一中提供的另一监听系统组网示意图;
图7为本发明实施例一中提供的另一监听系统组网示意图;
图8为本发明实施例一中提供的另一监听系统组网示意图;
图9为本发明实施例二中提供的主、备监听设备间数据同步的流程示意图;
图10为本发明实施例二中提供的第一通信链路切换流程示意图;
图11为本发明实施例二中提供的第二和第三通信链路切换流程示意图。
具体实施方式
下面通过具体实施方式结合附图对本发明作进一步详细说明。
实施例一:
请参见图3所示,本实施例提供了安全监听系统,包括主用监听设备、备用监听设备和被监听网元(例如软交换(Soft Switch,简称为SS)网元、互联网协议多媒体子系统(IP Multimedia Subsystem,简称为IMS)网元等):主用监听设备和备用监听设备分别与被监听网元建立通信链路;备用监听设备在主用监听设备与被监听网元之间的通信链路故障时,代替主用监听设备,也即由主用监听设备切换至备用监听设备。本实施例中的主用监听设备和备用监听设备分别为主用监听中心和备用监听中心;请参见图4所示,此时主用监听中心通过一组接口HI1、HI2和HI3直接与被监听网元连接,备用监听中心也通过一组接口HI1、HI2和HI3与被监听网元连接。
请参见图5所示,本实施例中的主用监听设备和备用监听设备也可分别为主用监听网关或备用监听网关;此时安全监听系统还包括监听中心,主用监听网关和备用监听网关分别与监听中心通信连接。可选的,监听中心通过一组接口HI1、HI2和HI3直接与主用监听网关连接,主用监听网关则通过一组接口X1、X2、X3与被监听网元直接连接;监听中心也通过一 组接口HI1、HI2和HI3直接与备用监听网关连接,备用监听网关也通过一组接口X1、X2、X3与被监听网元直接连接。
本实施例中,主用监听设备和备用监听设备与被监听网元之间建立的通信链路包括用于传输监控指令(包括布控指令、撤销指令、查看指令等中的至少一种)的第一通信链路、用于传输被监控终端的通信信息(包括通信类型(例如语音通话、视频通话、短信通信等)、通信状态(例如接通中、通话中等等))的第二通信链路和用于传输被监控终端的通信内容(包括通信控制指令、媒体流中的至少一种)的第三通信链路;
本实施例中的主用监听设备与被监听网元之间的通信链路故障包括主用监听设备与被监听网元之间的第一通信链路、第二通信链路和第三通信链路中的至少一个故障;
备用监听设备代替主用监听设备包括以下两种方式中的任意一种:
方式一:将主用监听设备与被监听网元之间的第一通信链路、第二通信链路和第三通信链路中故障的通信链路切换至备用监听设备;例如,当第一通信链路故障时,则只将主用监听设备与被监听网元之间的第一通信链路切换子备用监听设备,此时的第二通信链路第三通信链路仍采用主用监听设备与被监听网元之间的第二通信链路和第三通信链路中。被监听网元反馈通信信息以及通信内容时仍通过与将主用监听设备之间的第二通信链路和第三通信链路进行反馈。
方式二:将主用监听设备与被监听网元之间的第一通信链路、第二通信链路和第三通信链路全部切换至备用监听设备,此时被监听网元则只与备用监听设备进行交互,并不需要与主用监听设备交互。
本实施例中,图4中通过接口HI1、HI2和HI3建立的通信链路分别为第一通信链路、第二通信链路和第三通信链路;图5中通过接口X1、X2和X3建立的通信链路分别为第一通信链路、第二通信链路和第三通信链路。
本实施例中,由主用监听设备判断与被监听网元之间的第一通信链路是否故障,如是,主用监听设备通知备用监听设备进行第一通信链路切换,或通知备用监听设备进行第一通信链路、第二通信链路和第三通信链路切换;
备用监听设备接收到该通知后,将当前需要发送的监控指令通过其与被监听网元之间的第一通信链路发送给被监听网元。
请参见图6所示,本实施例中的主用监听设备包括第一链路检测模块,被监听网元包括第三链路检测模块;第一链路检测模块设置为检测主用监听设备与被监听网元之间的第一通信链路是否故障,在此过程中被监听网元的第三链路检测模块配合第一链路检测模块完成第一通信链路的检测。对应的,本实施例中的备用监听设备包括第二链路检测模块,设置为检测备用监听设备与被监听网元之间的第一通信链路是否故障;在此过程中被监听网元的第三链路检测模块配合第二链路检测模块完成第一通信链路的检测。
本实施例中的监控指令包括布控指令、撤控指令、查看指令等中的至少一种;其中布控指令包括待被监听的目标终端;撤控指令包括待被撤销监听的目标终端;
本实施例中,主用监听设备和被监听设备可同时接收监控指令,或主用监听设备先接收监控指令,然后将接收到的监控指令发给备用监控指令;可选的,在图4中,用户可以直接下发监控指令给主用监控中心和备用监控中心,或用户直接下发监控指令给主用监控中心,再由主用监控中心将接收到的监控指令下发给备用监控中心;在图5中,用户直接下发监控指令给监控中心,再由监控中心直接同时下发给主用监控网关和备用监控网关,或再由监控中心将接收到的监控指令发给主用监控网关,再由主用监控网关发给备用监控网关。
本实施例中,主用监听设备与被监听网元之间的第一通信链路正常时,主用监听设备通过第一通信链路向被监听网元发送监控指令,并在收到被监听网元完成布控或撤控操作后反馈的成功响应后,在其监控列表中增加(布控时)或删除(撤控时)目标终端,并将目标终端添加到其同步列表中,待被监听设备在同步过程中获取进行同步。本实施例中主用监听设备的监控列表可为主用监听设备的本地数据库中所建立的一个用于存储被监控终端清单的列表。本实施例中的将目标终端添加到同步列表中时包括将目标终端的标识信息以及操作信息(例如布控还是撤控)和操作时间信息添加到同步列表中。本实施例中备用监听设备可以在同步计时器计时触发同步周期后,向主用监听设备发送同步请求以获取主用监听设备侧的同步列表,获取后与本地的同步列表进行比较以判断二者是否一致,如一致,则备用监听设备不做目标终端同步处理,仅清空本地的同步列表,并向主用监听设备反馈同步完成通知,主用监听设备接收到该同步完成通知后清空本地的同步列表;如二者不一致,则备用监听设备根据获取的同步列表中的目标终端对本地的同步列表中的被监控终端进行响应的增加或删除处理,同步完成后清空本地的同步列表,并向主用监听设备反馈同步完成通知,主用监听设备接收到该同步完成通知后清空本地的同步列表。
本实施例中,主用监听设备与被监听网元之间的第一通信链路正常时,主用监听设备在收到被监听网元完成布控或撤控操作后反馈的成功响应后,还可将该成功响应发送给备用监听设备,或被监听网元在向主用监听设备反馈成功响应时同时向备用监听设备反馈该成功响应。备用监听设备收到该成功响应后,也可进行在其监控列表中增加(布控时)或删除(撤控时)目标终端,并将目标终端添加到其同步列表中,待后续同步过程中比对使用。
主用监听设备与被监听网元之间的第一通信链路故障时,备用监听设备通过其与被监听网元之间的第一通信链路向被监听网元发送监控指令,并在收到被监听网元完成布控或撤控操作后反馈的成功响应后,在其监控列表中增加(布控时)或删除(撤控时)目标终端,并将目标终端添加到其同步列表中,待主用监听设备在同步过程中获取进行同步。本实施例中备用监听设备的监控列表可为备用监听设备的本地数据库中所建立的一个用于存储被监控终端清单的列表。本实施例中的将目标终端添加到同步列表中时包括将目标终端的标识信息以及操作信息(例如布控还是撤控)和操作时间信息添加到同步列表中。本实施例中主用监听设备可以在同步计时器计时触发同步周期后,或在主用监听设备与被监听网元之间的第一通信链路恢复后,向备用监听设备发送同步请求以获取备用监听设备侧的同步列表,获取后与 本地的同步列表进行比较以判断二者是否一致,如一致,则主用监听设备不做目标终端同步处理,仅清空本地的同步列表,并向备用监听设备反馈同步完成通知,备用监听设备接收到该同步完成通知后清空本地的同步列表;如二者不一致,则主用监听设备根据获取的同步列表中的目标终端对本地的同步列表中的被监控终端进行响应的增加或删除处理,同步完成后清空本地的同步列表,并向备用监听设备反馈同步完成通知,备用监听设备接收到该同步完成通知后清空本地的同步列表。本实施例中,被用监听设备在收到被监听网元完成布控或撤控操作后反馈的成功响应后,还可将该成功响应发送给主用监听设备。主用监听设备收到该成功响应后,也可进行在其监控列表中增加(布控时)或删除(撤控时)目标终端,并将目标终端添加到其同步列表中,待后续同步过程中比对使用。
请参见图7所示,本实施例中的主用监听设备还包括第一同步模块,设置为完成上述与备用监控设备的同步;备用监听设备还包括第二同步模块,设置为完成上述与主用监控设备的同步。
本实施例中,被监听网元下的被监控终端进行发起呼叫或应答呼叫等通信活动时,被监听网元(可以通过被监听网元的第三链路检测模块)判断其与主用监听设备之间的第二通信链路故障是否故障,如是,通过与备用监听设备之间的第二通信链路将待反馈的通信信息(包括通信类型、通信状态中的至少一种)发送给备用监听设备;否则,通过与主用监听设备之间的第二通信链路将待反馈的通信信息发送给主用监听设备。被监听网元(也可以通过被监听网元的第三链路检测模块)判断其与主用监听设备之间的第三通信链路故障是否故障,如是,通过与备用监听设备之间的第三通信链路将待反馈的通信内容(包括通信控制指令、媒体流等中的至少一种)发送给备用监听设备;否则,通过与主用监听设备之间的第三通信链路将待反馈的通信内容发送给主用监听设备。其中,在图5所示的系统中,主用监听设备和备用监听设备还包括将接收到的通信信息和通信内容分别通过HI2接口对应的通信链路和HI3接口对应的通信链路发给监听中心。
本实施例中,被监听网元通过第三链路检测模块检测第二通信链路和/或第三通信链路时,可以通过联系的N次与主用监控设备或备用监控设备在对应的通信链路上建立握手,若连续N次都失败,则判定对应的通信链路故障。本实施例中N的取值可选为3。当然,其取值还可根据实际应用场景进行选择设定,并不仅局限于取3。
本实施例中,主用监听设备与被监听网元之间的通信链路由故障状态恢复为正常时,还包括由备用监听设备切回至主用监听设备。当切换至备用监听设备采用上述方式一时,此时则将原故障的通信链路切回至主用监听设备;当切换至备用监听设备采用上述方式二时,此时则将所有通信链路切回至主用监听设备。
请参见图8所示,本实施例中的主用监听设备和备用监听设备还分别包括第一切换管理模块和第二切换管理模块,被监听网元还包括第三切换管理模块,分别设置为上述切换过程中进行对应的切换管理,请参见以下实施例中的示例说明。
实施例二:
为了更好的理解本发明,下面结合述图3所示的监听系统为例,针对几种需要进行主备切换的过程为例,对本发明做可选的示例性说明。其中:主用监听设备包括第一数据库、第一链路检测模块、第一同步模块、第一设控模块、第一切换管理模块以及第一业务通信模块,第一数据库用于存储主用监控设备的监控列表和同步列表,第一设控模块设置为发送监控指令,以及从将目标终端添加到监控列表中或从监控列表中删除,第一同步模块设置为将目标终端添加到同步列表中,第一业务通信模块设置为实现三个通信链路上对应的通信业务,其中第一链路检测模块还设置为检测与备用监听设备之间的通信链路;被用监听设备包括第二数据库、第二链路检测模块、第二同步模块、第二设控模块、第二切换管理模块以及第二业务通信模块,第二数据库用于存储被用监控设备的监控列表和同步列表,第二设控模块设置为发送监控指令,以及从将目标终端添加到监控列表中或从监控列表中删除,第二同步模块设置为将目标终端添加到同步列表中,第二业务通信模块设置为实现三个通信链路上对应的通信业务,其中第二链路检测模块还设置为配合第一链路检测模块实现与主用监听设备之间通信链路的检测;被监听网元包括第三链路检测模块、第三切换管理模块、第三业务通信模块以及第三设控模块,第三业务通信模块设置为实现三个通信链路上对应的通信业务,第三设控模块设置为根据布控指令或撤控指令完成对应目标终端的布控或撤控。
基于上述监听系统,以主用监听设备和备用监听设备与被监听网元之间的第一通信链路都正常;主用监听设备通过第一通信链路向被监听网元发送完布控指令或撤控指令后,且同步周期到达时,主用监听设备和备用监听设备之间进行数据同步的过程,请参见图9所示,包括:
步骤901:主用监听设备的第一链路检测模块向备用监听设备的第二链路检测模块发送链路检测请求消息;
步骤902:第二链路检测模块收到链路检测请求消息后,回复链路检测确认响应给第一链路检测模块;
步骤903:第一链路检测模块收到链路检测确认响应后,向第一同步模块发送同步数据的触发消息;
步骤904:第一同步模块收到同步数据的触发消息后,首先检测主用监听设备侧第一数据库中的同步列表中是否有数据,如果有数据则将同步列表中的数据发送给备用监听设备的第二同步模块;
步骤905:第二同步模块收到第一同步模块发的同步消息后,判断备用监听设备侧的第二数据库中的同步列表中是否有该记录,如有该记录,则比较操作及操作时间是否一致;如不一致(比如主用监听设备上是布控操作、备用监听设备上是撤控操作)且备用监听设备的操作时间不是最新,则根据主用监听设备侧的同步列表中的数据进行同步处理;例如,主用监听设备的操作是布控/撤控,则写备用监听设备监控列表或将数据从监控列表中删除,并将记录备用监听设备的同步列表中删除(即清空);如主用监听设备和备用监听设备的操作相同, 则只将记录从备用监听设备的同步列表中删除。如被用监听设备的同步列表中无该记录,同时主用监听设备消息中的操作是布控操作,则写监控列表;如果主用监听设备消息中的操作是撤控,并且被用监听设备有该号码的布控记录,则将数据从监控列表中删除;再删除同步列表中的记录;
步骤906:同步处理完毕后第二同步模块向第一同步模块发送号码同步完成响应;
步骤907:第一同步模块在收到同步完成响应后,发送查询消息给第一数据库查询本侧的同步列表中数据;如果没有查询到数据,或者查询到的数据跟发往第二同步模块的数据不一致,则不做任何处理;如果查询到数据,并且查询到的数据跟发往第二同步模块的数据一致,则将该数据从本端同步列表中删除。
请参见图10所示,该图所述为主用监听设备与被监听网元之间的第一通信链路故障时的切换过程,包括:
步骤1001:主用监听设备的第一链路检测模块向被监听网元的第三链路检测模块连续发送3次链路检测消息均未收到响应;
步骤1002:第一链路检测模块向第一业务通信模块发送第一通信链路中断的消息;第一业务通信模块保存第一通信链路状态;
步骤1003:第一设控模块向被监听网元发送布控命令,由于第一通信链路中断布控失败;
步骤1004:第一业务通信模块发消息通知主用监听设备的第一切换管理模块通知第一通信链路中断;
步骤1005:第一切换管理模块通发送第一通信链路切换请求至备用监听中心的第二切换管理模块;
步骤1006:第二切换管理模块发送链路切换响应给第一切换管理模块;并发消息通知备用监听设备的第二设控模块重新向被监听网元发送布控命令;
步骤1007:备用监听设备的第二设控模块重新发送布控命令至被监听网元。
请参见图11所示,主用监听设备与被监听网元之间的第二通信链路和/或第三通信链路故障时,其切换过程包括:
步骤1101:被监听网元的第三链路检测模块向主用监听设备的第一链路检测模块发送第二(或第三)通信链路检测消息,主用监听设备的第一链路检测模块无响应;
步骤1102:第三链路检测模块发出的第二(或第三)通信链路检测消息连续3次无响应后,向备用监听设备的第二链路检测模块发送第二(或第三)通信链路检测消息;
步骤1103:备用监听设备的第二链路检测模块回复第二(或第三)通信链路响应给第三链路检测模块;
步骤1104:第三链路检测模块连续收到三次第二(或第三)通信链路响应后,向被监听网元的第三切换管理模块发送第二(第三)通信链路切换通知;
步骤1105:第三切换管理模块收到第二(第三)通信链路切换通知后回复响应给第三链路检测模块;
步骤1106:第三切换管理模块发送建链请求给备用监听设备的第二切换管理模块;
步骤1107:第二切换管理模块收到建链请求后,回复响应给建链请求;
步骤1108:被监听网元的第三业务通信模块将相应的通信信息(通信内容)通过与备用监听设备之间的第二(第三)通信链路发给备用监听设备。
可见,通过本发明实施例的方案,只需要在监听中心或监听网关侧新增一套监听设备硬件,并增加相应的同步模块、链路检测模块,切换管理模块,且在对应的数据库中增加同步列表,就可以实现主、备监听设备上的被监听的目标终端保持同步一致,并通过链路检测及时发现监听接口链路故障而进行主备切换,保证了三个监听接口在任一链路中断后监听业务仍能继续正常实现,从而大大提高了安全产品的可靠性。
工业实用性:通过上述描述可知,本发明提供的安全监听方法及系统,包括主用监听设备和备用监听设备,其中主用监听设备和备用监听设备分别与被监听网元建立用于监听用的通信链路;在监听过程中,当主用监听设备与被监听网元之间的通信链路故障时,由主用监听设备切换至备用监听设备完成监听。可见,本发明可通过及时发现用于监听的通信链路故障而在主用和备用监听设备之间进行切换,从而大大提升了安全监听的可靠性和容灾性能,能更好的满足不间断监听等各种监听要求。
以上内容是结合可选的实施方式对本发明所作的进一步详细说明,不能认定本发明的实施只局限于这些说明。对于本发明所属技术领域的普通技术人员来说,在不脱离本发明构思的前提下,还可以做出若干简单推演或替换,都应当视为属于本发明的保护范围。

Claims (15)

  1. 一种安全监听方法,包括:
    主用监听设备和备用监听设备分别与被监听网元建立通信链路;
    在监听过程中,当所述主用监听设备与所述被监听网元之间的通信链路故障时,由所述主用监听设备切换至所述备用监听设备。
  2. 如权利要求1所述的安全监听方法,其中,
    所述通信链路包括用于传输监控指令的第一通信链路、用于传输被监控终端的通信信息的第二通信链路和用于传输被监控终端的通信内容的第三通信链路;
    所述主用监听设备与所述被监听网元之间的通信链路故障包括所述主用监听设备与所述被监听网元之间的第一通信链路、第二通信链路和第三通信链路中的至少一个故障;
    所述切换至所述备用监听设备包括:
    将所述主用监听设备与所述被监听网元之间的第一通信链路、第二通信链路和第三通信链路中故障的通信链路切换至所述备用监听设备;
    或将所述主用监听设备与所述被监听网元之间的第一通信链路、第二通信链路和第三通信链路都切换至所述备用监听设备。
  3. 如权利要求2所述的安全监听方法,其中,所述主用监听设备与所述被监听网元之间的第一通信链路是否故障由所述主用监听设备判断,当所述主用监听设备与所述被监听网元之间的第一通信链路故障时,切换至所述备用监听设备包括:
    所述主用监听设备通知所述备用监听设备进行第一通信链路切换,或通知所述备用监听设备进行第一通信链路、第二通信链路和第三通信链路切换;
    所述备用监听设备接收到所述通知后,将当前需要发送的监控指令通过其与所述被监听网元之间的第一通信链路发送给所述被监听网元。
  4. 如权利要求2所述的安全监听方法,其中,所述主用监听设备与所述被监听网元之间的第二通信链路是否故障由所述被监听网元判断;当所述被监控网元判断与所述主用监听设备之间的第二通信链路故障时,切换至所述备用监听设备包括:
    通过与所述备用监听设备之间的第二通信链路将待反馈的通信信息发送给所述备用监听设备;所述通信信息包括通信类型、通信状态中的至少一种。
  5. 如权利要求2所述的安全监听方法,其中,所述主用监听设备与所述被监听网元之间的第三通信链路是否故障由所述被监听网元判断;当所述被监控网元判断与所述主用监听设备之间的第三通信链路故障时,切换至所述备用监听设备包括:
    通过与所述备用监听设备之间的第三通信链路将待反馈的通信内容发送给所述备用监听设备;所述通信内容包括通信控制指令、媒体流中的至少一种。
  6. 如权利要求3所述的安全监听方法,其中,
    所述监控指令包括布控指令和撤控指令中的至少一种;所述布控指令包括待被监听的目标终端;所述撤控指令包括待被撤销监听的目标终端;
    所述主用监听设备和被监听设备同时接收所述监控指令;或所述主用监听设备先接收所述监控指令,然后将接收到的监控指令发给所述备用监控指令;
    所述主用监听设备与所述被监听网元之间的第一通信链路正常时,所述主用监听设备通过所述第一通信链路向所述被监听网元发送监控指令并在收到所述被监听网元的成功响应后,在其监控列表中增加或删除所述目标终端,并将所述目标终端添加到其同步列表中,待所述被监听设备在同步过程中获取进行同步;
    所述主用监听设备与所述被监听网元之间的第一通信链路故障时,所述备用监听设备通过其与所述被监听网元之间的第一通信链路向所述被监听网元发送监控指令并在收到所述被监听网元的成功响应后,在其监控列表中增加或删除所述目标终端,并将所述目标终端添加到其同步列表中,待所述主用监听设备在同步过程中获取进行同步。
  7. 如权利要求1-6任一项所述的安全监听方法,其中,
    所述主用监听设备和所述备用监听设备分别为主用监听中心和备用监听中心;
    或所述主用监听设备和所述备用监听设备分别为主用监听网关或备用监听网关;所述主用监听网关和所述备用监听网关分别与监听中心通信连接。
  8. 如权利要求1-6任一项所述的安全监听方法,其中,还包括所述主用监听设备与所述被监听网元之间的通信链路恢复时,由所述备用监听设备切回至所述主用监听设备。
  9. 一种安全监听系统,包括主用监听设备、备用监听设备和被监听网元:
    所述主用监听设备和备用监听设备分别与所述被监听网元建立通信链路;
    所述备用监听设备在所述主用监听设备与所述被监听网元之间的通信链路故障时,代替所述主用监听设备。
  10. 如权利要求9所述的安全监听系统,其中,
    所述通信链路包括用于传输监控指令的第一通信链路、用于传输被监控终端的通信信息的第二通信链路和用于传输被监控终端的通信内容的第三通信链路;
    所述主用监听设备与所述被监听网元之间的通信链路故障包括所述主用监听设备与所述被监听网元之间的第一通信链路、第二通信链路和第三通信链路中的至少一个故障;
    所述备用监听设备代替所述主用监听设备包括:
    将所述主用监听设备与所述被监听网元之间的第一通信链路、第二通信链路和第三通信链路中故障的通信链路切换至所述备用监听设备;
    或将所述主用监听设备与所述被监听网元之间的第一通信链路、第二通信链路和第三通信链路都切换至所述备用监听设备。
  11. 如权利要求10所述的安全监听系统,其中,
    所述主用监听设备判断与所述被监听网元之间的第一通信链路是否故障,如是,所述主用监听设备通知所述备用监听设备进行第一通信链路切换,或通知所述备用监听设备进行第一通信链路、第二通信链路和第三通信链路切换;
    所述备用监听设备接收到所述通知后,将当前需要发送的监控指令通过其与所述被监听网元之间的第一通信链路发送给所述被监听网元。
  12. 如权利要求10所述的安全监听系统,其中,所述被监听网元判断其与所述主用监听设备之间的第二通信链路故障是否故障,如是,通过与所述备用监听设备之间的第二通信链路将待反馈的通信信息发送给所述备用监听设备;所述通信信息包括通信类型、通信状态中的至少一种。
  13. 如权利要求10所述的安全监听系统,其中,所述被监听网元判断其与所述主用监听设备之间的第三通信链路故障是否故障,如是,通过与所述备用监听设备之间的第三通信链路将待反馈的通信内容发送给所述备用监听设备;所述通信内容包括通信控制指令、媒体流中的至少一种。
  14. 如权利要求11所述的安全监听系统,其中,
    所述监控指令包括布控指令和撤控指令中的至少一种;所述布控指令包括待被监听的目标终端;所述撤控指令包括待被撤销监听的目标终端;
    所述主用监听设备和被监听设备同时接收所述监控指令;或所述主用监听设备先接收所述监控指令,然后将接收到的监控指令发给所述备用监控指令;
    所述主用监听设备与所述被监听网元之间的第一通信链路正常时,所述主用监听设备通过所述第一通信链路向所述被监听网元发送监控指令并在收到所述被监听网元的成功响应后,在其监控列表中增加或删除所述目标终端,并将所述目标终端添加到其同步列表中,待所述被监听设备在同步过程中获取进行同步;
    所述主用监听设备与所述被监听网元之间的第一通信链路故障时,所述备用监听设备通过其与所述被监听网元之间的第一通信链路向所述被监听网元发送监控指令并在收到所述被监听网元的成功响应后,在其监控列表中增加或删除所述目标终端,并将所述目标终端添加到其同步列表中,待所述主用监听设备在同步过程中获取进行同步。
  15. 如权利要求9-14任一项所述的安全监听系统,其中,
    所述主用监听设备和所述备用监听设备分别为主用监听中心和备用监听中心;
    或所述主用监听设备和所述备用监听设备分别为主用监听网关或备用监听网关;所 述安全监听系统还包括监听中心,所述主用监听网关和所述备用监听网关分别与所述监听中心通信连接。
PCT/CN2015/093448 2014-11-11 2015-10-30 安全监听方法及系统 WO2016074570A1 (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410629695.XA CN105656836A (zh) 2014-11-11 2014-11-11 安全监听方法及系统
CN201410629695.X 2014-11-11

Publications (1)

Publication Number Publication Date
WO2016074570A1 true WO2016074570A1 (zh) 2016-05-19

Family

ID=55953728

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/093448 WO2016074570A1 (zh) 2014-11-11 2015-10-30 安全监听方法及系统

Country Status (2)

Country Link
CN (1) CN105656836A (zh)
WO (1) WO2016074570A1 (zh)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112615755A (zh) * 2019-12-18 2021-04-06 北京金风慧能技术有限公司 数据传输方法和系统

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108173959B (zh) * 2018-01-09 2020-09-04 郑州云海信息技术有限公司 一种集群存储系统
CN110557611B (zh) * 2019-08-28 2021-12-17 视联动力信息技术股份有限公司 信息同步方法、装置及存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101119187A (zh) * 2007-09-06 2008-02-06 上海可鲁系统软件有限公司 一种主从设备切换控制方法
CN101304339A (zh) * 2007-05-09 2008-11-12 中兴通讯股份有限公司 一种双归属网络中的备机监听系统和方法
JP4305380B2 (ja) * 2004-03-11 2009-07-29 ダイキン工業株式会社 設備機器監視システム
US20090300406A1 (en) * 2008-05-30 2009-12-03 Fujitsu Limited Information processing system and information processing device

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001077919A (ja) * 1999-09-03 2001-03-23 Fujitsu Ltd 冗長構成監視制御システム並びにその監視制御装置及び被監視制御装置
CN101431428B (zh) * 2007-11-09 2011-07-27 中国电信股份有限公司 安全监控服务恢复方法及系统
CN101783836B (zh) * 2009-11-11 2014-04-09 中兴通讯股份有限公司 监听链路倒换装置、对监听链路倒换的方法以及网元
WO2013097141A1 (zh) * 2011-12-29 2013-07-04 华为技术有限公司 数据监听方法、设备和系统

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4305380B2 (ja) * 2004-03-11 2009-07-29 ダイキン工業株式会社 設備機器監視システム
CN101304339A (zh) * 2007-05-09 2008-11-12 中兴通讯股份有限公司 一种双归属网络中的备机监听系统和方法
CN101119187A (zh) * 2007-09-06 2008-02-06 上海可鲁系统软件有限公司 一种主从设备切换控制方法
US20090300406A1 (en) * 2008-05-30 2009-12-03 Fujitsu Limited Information processing system and information processing device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112615755A (zh) * 2019-12-18 2021-04-06 北京金风慧能技术有限公司 数据传输方法和系统
CN112615755B (zh) * 2019-12-18 2022-03-29 北京金风慧能技术有限公司 数据传输方法和系统

Also Published As

Publication number Publication date
CN105656836A (zh) 2016-06-08

Similar Documents

Publication Publication Date Title
CN101217353B (zh) 一种呼叫中心多点双机冗余系统的控制方法
US9684574B2 (en) Method and system for implementing remote disaster recovery switching of service delivery platform
WO2016082412A1 (zh) 实现数据可靠传输的方法、装置及计算机存储介质
WO2011063757A1 (zh) 一种备份方法、设备和系统
WO2011009324A1 (zh) 主备切换接口模块、网元系统和链路信息同步检测方法
WO2017024697A1 (zh) 一种调度自动化系统跨网段的消息转发方法
CN104853138A (zh) 一种视频会议网络监控方法、服务器和客户端
WO2016074570A1 (zh) 安全监听方法及系统
WO2015070615A1 (zh) 一种视频会议恢复方法及系统
WO2016095344A1 (zh) 链路切换方法、装置及线卡
WO2011015068A1 (zh) 一种故障检测的方法和系统
WO2011147152A1 (zh) 一种实现接入层安全算法同步的方法及系统
US9350872B2 (en) Recovery of established emergency calls
WO2017016196A1 (zh) 同步数据方法、装置及系统
CN108270593B (zh) 一种双机热备份方法和系统
WO2016065751A1 (zh) 恢复链路通讯的方法、业务线卡及系统
CN103299584A (zh) 用于在暂时性失去连接之后优化网络性能的方法
US8965199B2 (en) Method and apparatus for automatically restoring node resource state in WSON system
JP7064132B2 (ja) 障害監視システム及び障害監視方法
WO2011143888A1 (zh) 一种对协议状态的设备间备份的方法及系统
JP2012164222A (ja) 時刻同期方法及び計算機システム
CN103944781A (zh) 一种防止堆叠系统单边分裂的方法及系统
CA2865456C (en) Recovery of established emergency calls
WO2016177211A1 (zh) 地址解析协议arp表项的同步方法及装置
JP6253315B2 (ja) 中継装置、ベアラ再確立方法、及び通信システム。

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15858384

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15858384

Country of ref document: EP

Kind code of ref document: A1