WO2017092403A1 - Procédé et dispositif de commande permettant un accès au réseau de groupe - Google Patents

Procédé et dispositif de commande permettant un accès au réseau de groupe Download PDF

Info

Publication number
WO2017092403A1
WO2017092403A1 PCT/CN2016/095515 CN2016095515W WO2017092403A1 WO 2017092403 A1 WO2017092403 A1 WO 2017092403A1 CN 2016095515 W CN2016095515 W CN 2016095515W WO 2017092403 A1 WO2017092403 A1 WO 2017092403A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal user
group
internet
traffic
information
Prior art date
Application number
PCT/CN2016/095515
Other languages
English (en)
Chinese (zh)
Inventor
熊伟
周富星
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2017092403A1 publication Critical patent/WO2017092403A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • H04L67/025Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W28/00Network traffic management; Network resource management
    • H04W28/02Traffic management, e.g. flow control or congestion control

Definitions

  • the present invention relates to the field of communications, and in particular to a method and apparatus for controlling a group's Internet access.
  • 4G network has gradually become an indispensable tool in people's daily work and life, especially for some working groups, such as TV stations, online media, Internet-related and other working people.
  • Mobile Internet access is a must for work. Selecting, for those users with large network traffic demand, the operators open the related services of the Group's Internet access, but the legitimacy of the users of the group users, traffic control, and related monitoring have always been a problem to be solved by the operators.
  • the embodiment of the invention provides a method and a device for controlling the group's Internet access, so as to at least solve the problem that the group user's Internet service monitoring and flow control are imperfect in the related art.
  • a method for controlling a group access network including:
  • the group process control system receives the online request information forwarded by the core network, where the online request information is the online request information of the terminal user received by the core network;
  • the group process control system generates the Internet access control information of the terminal user according to the Internet access request information and the pre-set Internet traffic permission of the terminal user by the group process control system, and sends the online control information And the network control, wherein the network access control information is used by the core network to perform online traffic control on the terminal user.
  • the method further includes: In the case that the Internet access request information includes the group to which the terminal user belongs and the online information of the terminal user, the group flow control system identifies the group to which the terminal user belongs according to the group information, and End user identity authentication;
  • the group process control system generates the internet access control information of the terminal user according to the online request information and the pre-set Internet traffic permission of the terminal user by the group process control system, including: After the identity authentication is passed, the group process control system generates the access control information of the terminal user according to the online information and the pre-set Internet traffic permission of the group to the terminal user.
  • the group process control system generates the internet access control information of the terminal user according to the online request information and the pre-set Internet traffic permission of the terminal user by the group process control system, including:
  • the Internet access request information includes the Internet content or the Internet access location information
  • the group process control system generates the internet access control information of the terminal user according to the online request information and the pre-set Internet traffic permission of the terminal user by the group process control system, including:
  • the Internet access control information generating, by the network access control information, the Internet access control information, where the Internet access control information is used to indicate the Internet access speed of the terminal user on the Internet access URL. Accelerate to a predetermined threshold;
  • the Internet access control information that does not collect the Internet traffic of the terminal user on the Internet access URL is generated.
  • the group process control system generates the internet access control information of the terminal user according to the online request information and the pre-set Internet traffic permission of the terminal user by the group process control system, including:
  • the method includes:
  • the group process control system sends a traffic query request to the core network
  • the group process control system receives a query result of the core network for the traffic query request
  • the group flow control system instructs the core network to terminate the terminal user accessing the Internet;
  • the group flow control system instructs the core network to reduce the terminal user The Internet access speed, wherein the preset first threshold is greater than the preset second threshold.
  • the group flow control system sends traffic allocation request information to one or more target end users of the core network, where the traffic distribution information is used to indicate that the group flow control system is ready to be allocated to the The total number of traffic for one or more target end users;
  • the group flow control system receives the traffic distribution response information sent by the core network, where the traffic distribution response information is used to indicate the target terminal user that has applied for the traffic and the corresponding target traffic that is requested;
  • the group flow control system instructs the core network to allocate the target traffic to the target end user who applies for the target traffic, wherein the terminal user includes the target terminal user.
  • a group network control device which is located in a group process control system, and includes:
  • the receiving module is configured to receive the online request information forwarded by the core network, where the online request information is the online request information of the terminal user received by the core network;
  • the sending module is configured to generate the access control information of the terminal user according to the online request information and the pre-set Internet traffic permission of the group user, and send the online control information to The core network, wherein the Internet access control information is used by the core network to perform online traffic control on the terminal user.
  • the device further includes:
  • the authentication module is configured to: before the generating the online control information of the terminal user according to the online request information and the pre-set Internet traffic permission of the group user, the online request information includes the terminal In the case that the user belongs to the group and the online information of the terminal user, the group flow control system identifies the group to which the terminal user belongs according to the group information, and performs identity authentication on the terminal user;
  • the internet access control information of the terminal user is generated according to the online information and the pre-set Internet traffic permission of the group to the terminal user.
  • the device further includes:
  • the monitoring module is configured to determine, when the Internet access request information includes the Internet content or the Internet access location information, whether the Internet content or the Internet access location information is legal, and if so, generate the Internet access control information for instructing the terminal user to access the Internet. If not, generate online control information for instructing to terminate the Internet access of the terminal user.
  • the device further includes:
  • the acceleration module is configured to generate the access control information when the Internet access address included in the Internet access request information is in the preset accelerated URL list, where the Internet access control information is used to indicate that the terminal user is in the The Internet access speed of the Internet website is accelerated to a predetermined threshold;
  • the traffic free module is configured to generate, when the Internet access information included in the online information is in the preset traffic free URL list, the online control information that does not collect the Internet traffic of the terminal user on the Internet access URL.
  • the device further includes:
  • the time module is configured to determine whether the online time included in the online request information is in a preset online time period, and if the online time is in the preset online time period, generate an online control for indicating that the terminal user is allowed to access the Internet The information, if not in the preset online time period, generates online control information for instructing termination of the terminal user to access the Internet.
  • the device further includes:
  • a query module configured to send a traffic query request to the core network
  • the query module is further configured to receive a query result of the core network for the traffic query request;
  • the query module instructs the core network to terminate the terminal user accessing the Internet;
  • the query module instructs the core network to reduce the network of the terminal user. Speed, wherein the preset first threshold is greater than the preset second threshold.
  • the device further includes:
  • a distribution module configured to send traffic distribution request information to one or more target end users of the core network, wherein the traffic distribution information is used to indicate that the group flow control system is ready to be allocated to the one or more targets The total number of end user traffic;
  • the issuance module is further configured to receive the traffic distribution response information sent by the core network, where the traffic distribution response information is used to indicate the target terminal user that has applied to the traffic and the corresponding target traffic that is applied for;
  • the issuance module is further configured to instruct the core network to allocate the target traffic to the target end user to which the corresponding application is to the target traffic, where the terminal user includes the target terminal user.
  • a computer storage medium is further provided, and the computer storage medium may store an execution instruction for executing the group online control method in the foregoing embodiment.
  • the group process control system receives the online request information forwarded by the core network, where the online request information is the online request information of the terminal user received by the core network, and the group flow control system according to the online request information and the The group process control system generates the Internet access control information of the terminal user for the terminal user's pre-set Internet traffic permission, and sends the Internet access control information to the core network, wherein the Internet access control information is used by the core network for the terminal.
  • the user conducts online traffic control, which solves the problem that the group users' Internet service monitoring and flow control are imperfect, and improves the online service control of the group users.
  • FIG. 1 is a flow chart of a method for controlling group internet access according to an embodiment of the present invention
  • FIG. 2 is another flow chart of a method for controlling group Internet access according to an embodiment of the present invention.
  • FIG. 3 is a structural block diagram of a group network control device according to an embodiment of the present invention.
  • FIG. 4 is a block diagram showing another structure of a group network control device according to an embodiment of the present invention.
  • FIG. 5 is a block diagram showing still another structure of a group network control device according to an embodiment of the present invention.
  • FIG. 6 is a schematic structural diagram of a system for controlling a group's Internet access according to a preferred embodiment of the present invention.
  • FIG. 7 is a block diagram of an internal module of a group internet control system in accordance with a preferred embodiment of the present invention.
  • FIG. 8 is a schematic flowchart of a user online process according to a preferred embodiment of the present invention.
  • FIG. 9 is a flow chart showing the operation of a traffic monitoring module according to a preferred embodiment of the present invention.
  • FIG. 10 is a flow chart showing the operation of a network acceleration module according to a preferred embodiment of the present invention.
  • FIG. 11 is a flow chart showing the operation of a directional flow module in accordance with a preferred embodiment of the present invention.
  • FIG. 12 is a schematic flow chart of a user going offline according to a preferred embodiment of the present invention.
  • FIG. 1 is a flowchart of a method for controlling group Internet access according to an embodiment of the present invention. As shown in FIG. 1, the process includes the following steps:
  • Step S102 The group process control system receives the online request information forwarded by the core network, where the online request information is the online request information of the terminal user received by the core network;
  • Step S104 The group process control system generates the access control information of the terminal user according to the online request information and the pre-set Internet traffic permission of the terminal user of the group process control system, and sends the online control information to the core.
  • the network wherein the Internet access control information is used by the core network to perform online traffic control on the terminal user.
  • the group process control system receives the online request information forwarded by the core network, wherein the online request information is the online request information of the terminal user received by the core network, and the group process control system according to the online request information and the group process
  • the control system generates the Internet access control information of the terminal user by using the pre-set Internet traffic permission of the terminal user, and sends the Internet access control information to the core network, where the Internet access control information is used by the core network to perform the terminal user Internet traffic control solves the problem of group users' online service monitoring and imperfect flow control, and improves the online service control of group users.
  • the core network in the embodiment of the present invention may be a core network of a 4G network, or may be other network elements that implement the foregoing functions and functions of the core network in this embodiment, and the network element may be located in the core network. It can also be located in base stations and other application platforms.
  • FIG. 2 is another flow chart of a method for controlling group Internet access according to an embodiment of the present invention. As shown in FIG. 2, the process includes the following steps:
  • Step S202 the online request information includes the group to which the terminal user belongs and the online information of the terminal user.
  • the group process control system identifies the group to which the terminal user belongs according to the group information, and performs identity authentication on the terminal user;
  • Step S204 If the identity authentication is passed, the group process control system generates the Internet access control information of the terminal user according to the online information and the pre-set Internet traffic permission of the group to the terminal user;
  • the group flow control system generates the internet access control information of the terminal user according to the online request information and the pre-set Internet traffic permission of the terminal user of the group process control system, including: if the identity authentication is passed
  • the group process control system generates the internet access control information of the terminal user according to the online information and the pre-set Internet traffic permission of the group to the terminal user.
  • the group process control system generates the Internet access control information of the terminal user according to the online request information and the pre-set Internet traffic permission of the terminal user of the group process control system, including:
  • the Internet access request information includes the Internet content or the Internet access location information
  • the group process control system generates the Internet access control information of the terminal user according to the online request information and the pre-set Internet traffic permission of the terminal user of the group process control system, including:
  • the Internet access control information that does not count the Internet traffic of the terminal user on the Internet access URL is generated.
  • the group process control system generates the Internet access control information of the terminal user according to the online request information and the pre-set Internet traffic permission of the terminal user of the group process control system, including:
  • the method includes:
  • the group process control system sends a traffic query request to the core network
  • the group process control system receives the query result of the core network for the traffic query request
  • the group flow control system instructs the core network to terminate the terminal user accessing the Internet;
  • the group flow control system instructs the core network to reduce the Internet speed of the terminal user, where The preset first threshold is greater than the preset second threshold.
  • the group flow control system sends traffic distribution request information to one or more target end users of the core network, wherein the traffic distribution information is used to indicate that the group process control system is ready to allocate to the one or more The total number of traffic for target end users;
  • the group flow control system receives the traffic distribution response information sent by the core network, where the traffic distribution response information is used to indicate the target end user that has applied for the traffic and the corresponding target traffic that is requested;
  • the group process control system instructs the core network to allocate the target traffic to the corresponding target end user applying to the target traffic, wherein the terminal user includes the target terminal user.
  • a control device for the Internet access of the group is provided, which is used to implement the above-mentioned embodiments and preferred embodiments, and has not been described again.
  • the term "module” may implement a combination of software and/or hardware of a predetermined function.
  • the apparatus described in the following embodiments is preferably implemented in software, hardware, or a combination of software and hardware, is also possible and contemplated.
  • FIG. 3 is a structural block diagram of a group network control device according to an embodiment of the present invention. As shown in FIG. 3, the device includes:
  • the receiving module 32 is configured to receive the online request information forwarded by the core network, where the online request information is the online request information of the terminal user received by the core network;
  • the sending module 34 is connected to the receiving module 32, and is configured to generate the Internet access control information of the terminal user according to the Internet access request information and the pre-set Internet traffic permission of the group user, and the online control information is generated.
  • the network control information is sent to the core network for controlling the Internet traffic of the terminal user.
  • the receiving module 22 is configured to receive the Internet access request information forwarded by the core network, where the Internet access request information is the Internet access request information of the terminal user received by the core network
  • the sending module 24 is configured to use the Internet access request information and the group.
  • the process control system generates the access control information of the terminal user by using the pre-set Internet traffic permission of the terminal user, and sends the online control information to the core network, where the Internet access control information is used by the core network to the terminal user.
  • the online traffic control was implemented to solve the problem of the monitoring of the Internet access of the group users and the imperfect flow control, and improved the online service control of the group users.
  • FIG. 4 is another structural block diagram of a group network control device according to an embodiment of the present invention. As shown in FIG. 4, the device includes:
  • the authentication module 42 is connected to the sending module 34, and is configured to include the online request information according to the Internet access request information and the Internet access control information of the terminal user for the terminal user.
  • the group process control system identifies the group to which the terminal user belongs according to the group information, and performs identity authentication on the terminal user;
  • the Internet access control information of the terminal user is generated according to the online information and the pre-set Internet traffic permission of the group to the terminal user.
  • FIG. 5 is a block diagram of still another structural control device of a group Internet access according to an embodiment of the present invention. As shown in FIG. 5, in addition to the module shown in FIG. 3, the device further includes:
  • the monitoring module 51 is configured to determine whether the Internet content or the Internet access location information is legal if the Internet access request information includes the Internet content or the Internet access location information, and if so, generate the Internet access control information for instructing the terminal user to access the Internet. It is illegal to generate online control information for instructing to terminate the Internet access of the terminal user.
  • the acceleration module 52 is configured to generate the Internet access control information when the Internet access address included in the Internet access request information is in the preset accelerated URL list, where the Internet access control information is used to indicate that the terminal user accesses the Internet at the Internet address Speed is accelerated to a predetermined threshold;
  • the traffic free module 53 is configured to generate, when the Internet access information included in the Internet access information is in the preset traffic free URL list, the Internet access control information that does not collect the Internet traffic of the terminal user on the Internet address.
  • the time module 54 is configured to determine whether the online time included in the online request information is in a preset online time period, and if the online time is in the preset online time period, generate an online control information for indicating that the terminal user is allowed to access the Internet.
  • the Internet access control information for instructing to terminate the Internet access of the terminal user is generated in the preset online time period.
  • the query module 55 is configured to send a traffic query request to the core network.
  • the query module 55 is further configured to receive a query result of the core network for the traffic query request;
  • the query module 55 instructs the core network to terminate the terminal user accessing the Internet;
  • the query module 55 instructs the core network to reduce the Internet speed of the terminal user, where The preset first threshold is greater than the preset second threshold.
  • the method further includes an issue module 56, configured to send traffic distribution request information to one or more target end users of the core network, where the traffic distribution information is used to indicate that the group process control system is ready to be allocated to the The total number of traffic for one or more target end users;
  • the issuing module 56 is further configured to receive the traffic distribution response information sent by the core network, where the traffic distribution response information is used to indicate the target end user that has applied for the traffic and the corresponding target traffic that is requested;
  • the issuing module 56 is further configured to instruct the core network to allocate the target traffic to the corresponding target end user to the target traffic, where the terminal user includes the target terminal user.
  • the embodiment of the invention provides a group internet control scheme, which provides a universal internet access scheme suitable for group users according to the current group personality characteristics, and the solution includes the following contents:
  • a group of users are provided with exclusive online solutions for group users, including targeted red packets, exclusive Internet settings, targeted website acceleration functions, and a series of group-specific functions;
  • all members of the group use the different users assigned by the group administrator to log on to the Internet and share group traffic.
  • the group administrator can monitor and set the user traffic within the group at any time, and the administrator can conduct internal users.
  • the group user access control system includes:
  • Data communication interface the communication interface between the system and the core network, the online request of the group user and the data fed back by the core network can be processed by the system;
  • Main business logic area handles various online logic and other business logic, including the administrator's operational logic.
  • Data storage area used to store system information and all data such as group household information, and save group account information and group sub-user related information.
  • Group Internet access function For the entire group, the operator assigns a group account to the group administrator, and the group administrator has the right to create a group member account to access the Internet. Each group member does not need to apply for an account separately, purchase traffic, and directly apply the internal account allocated within the group to access the Internet.
  • the generated traffic is calculated in the group account; the core network requests the internal users of the group to access the Internet, according to the user within the group.
  • the account's permissions, current location, and current time are authenticated. Only users are allowed to use the allocated traffic at the allowed time and location. After the time and traffic are exceeded, the group administrator can apply, then allocate traffic or wait for the next one. Month is online.
  • the external communication interface flow is as follows:
  • Step 1 The group member sends an online request to the core network, the request includes the group number of the user and the unique identification group of the user, and the user's online information, including the Internet URL and the location of the Internet;
  • Step 2 The Internet request is converted into an internal protocol by the core network and sent to the group process control system through an external communication interface.
  • Step 3 The group process control system identifies the group to which the user belongs according to the unique identifier of the terminal, obtains the system information of the terminal, and compares the actual information of the user with the obtained system information to determine whether the actual information of the user is legal. And whether the user has access to the Internet;
  • Step 4 If the user information does not match the actual information, the authentication fails.
  • the system sends a message to notify the core network that the online request is not allowed.
  • Step 5 If the user passes the online request, the user enters the group traffic monitoring system. According to the traffic that the terminal can belong to and the usage policy of the group, the user starts the online process (the detailed online process will be described in detail below). ;
  • Step 6 When the user's Internet access information includes the URL, the Internet access location and other related Internet access information changes, the core network notifies the group flow control system of the new information of the user, and the group will authenticate the user again to determine whether the user's online information is legal. If the Internet is not allowed, the core network is notified to terminate the Internet connection; if the user can access the Internet, the user can continue to access the Internet in the new location.
  • Step 7 When the system finds that the user triggers the condition for terminating the Internet access, the core network is notified through the data communication interface to terminate the user's Internet connection.
  • FIG. 7 is a block diagram of an internal module of a group access control system according to a preferred embodiment of the present invention. As shown in FIG. 7, the main logic area of the group traffic system mainly has the following modules:
  • the network monitoring module is configured to monitor the user's online process, such as whether the URL is legal, whether the Internet location is legal, and the like.
  • the traffic monitoring module is set to monitor the overall traffic of the group and the internal user traffic of the group, and adopts a speed-down Internet treatment for users who are about to reach the traffic threshold to prevent the traffic from exceeding the additional cost.
  • the Internet Acceleration Module is set up to provide a certain number of website acceleration Internet access functions for group users for the commercialization characteristics of the group. At the same time, data mining is performed for the internal website access of the group, and a top10 Internet list is provided once a month.
  • the Group's directional network access module is set to be tailor-made for the group.
  • the group can set up several websites. The traffic of group users accessing this website is not counted in the total traffic, and it is convenient for group users to use.
  • the group red envelope issuance module is set as a group tailor-made function.
  • the group can send a certain number of red envelopes.
  • users who grab red envelopes can use red envelope traffic during the online process without spending any expenses.
  • Data storage module set to store all group information of the system.
  • Administrator function In order to achieve data security, a unified administrator interface is provided, which is used by users to manage without touching data storage devices and logic.
  • the group can set up one or more administrators. After the administrator password is used for authentication, you can modify the members of the group, the time and traffic of each member's Internet access, the group's accelerated Internet address setting, the group network black and white list setting, etc. through the management interface.
  • Group Internet properties
  • the concept of group sharing is used. Multiple members of a group can share the use of a sub-account under a group account to access the Internet; the administrator can separately assign the rights of the Internet to each member, and control the duration of the member's Internet access.
  • Traffic, Internet access location, and the present invention proposes a network acceleration concept, a directional traffic concept, a group online data mining concept, and a series of new concepts for group attributes, and successfully applied to the application, the response is obvious;
  • FIG. 8 is a schematic flowchart of a user online process according to a preferred embodiment of the present invention.
  • the core network is first required to send an online request to an external communication interface of the group flow control system.
  • the triggering example used in this embodiment is that the user sets the APN as a group flow control system, and after receiving the online request of the APN, the core network sends the online request to the external communication interface of the group flow control.
  • the online request includes the unique identifier of the group to which the user belongs, the location information, and the content of the Internet.
  • the unique identifier may be the IMSI, the mobile phone number of the terminal, or other information, as long as the communication interface can identify the unique user.
  • the external communication interface converts the online information requested by the user into an internal protocol of the system and sends it to the group's online control system.
  • the group's online control system identifies the group to which the user belongs according to the unique identifier of the user, and obtains the system information of the terminal. Then, according to the actual information of the user and the obtained system information, it is determined whether the actual information of the user is legal and whether the user has the right to access the Internet.
  • the content of the Internet content of the core network is matched with the content of the Internet that is configured in the system.
  • the content of the Internet may be a URL;
  • the location information of the user may be the IP address of the user, the location information of the SGSN, and the location information of the base station. Wait.
  • the authenticated group user enters the group system main logic system
  • FIG. 9 is a schematic flowchart of the operation of a traffic monitoring module according to a preferred embodiment of the present invention, as shown in FIG.
  • the network monitoring module system starts monitoring logic.
  • the module mainly monitors whether the UniformResoure Locator (URL) of the user's Internet access is legal, whether the Internet access location is legal, and the judgment is based on the group Internet set by the group administrator of the user.
  • Blacklist and whitelist The whitelist is the address that allows Internet access.
  • the blacklist is the network address that is forbidden to access the Internet. Generally, the administrator only needs to configure the blacklist.
  • the Internet access location is also configured by the group administrator if the core network returns users. If the information of the base station is no longer available in the Internet address, the user is not allowed to access the Internet at the location.
  • the system sends a message to the core network through the communication interface. The request for the Internet access does not pass, and the information is sent to the user at the same time. The Internet fails; if the Internet request is legal, the next process is entered;
  • the traffic monitoring module traffic monitoring module is mainly responsible for traffic monitoring.
  • the system first starts the traffic monitoring session (session) for the users under the group.
  • the session will periodically synchronize the related Internet traffic data of the users in the core network.
  • the core network does not.
  • the data needs to be reported actively, so that the method of active synchronization reduces the pressure on the core network side and increases the robustness of the core network side than the core online report.
  • the system will query whether the monitoring session of the group corresponding to this user has been established. If it has been established, it does not need to start a new session. If it is not started, a new session is started to complete the monitoring of the group to which the user belongs. During the user's online process, the session will always monitor the user's traffic.
  • the session When the user's traffic is less than the threshold set by the system, the session will notify the core network, change the user's Internet access system, and process the network slowdown. At the same time, the user will be reminded that the usage has reached the point.
  • the set threshold the system has done a deceleration process, ask whether to submit a new flow request to the system, if the application is submitted, the group administrator will receive an application to determine whether to add traffic to the user; when the user traffic is exhausted
  • the monitoring module will send a message to the core network, notify the core network, disconnect the user from the Internet link, send a message to the user, and then release the monitoring session; when the group traffic reaches the threshold, the session will also send a message to the group administrator.
  • FIG. 10 is a schematic flowchart of the operation of a network acceleration module according to a preferred embodiment of the present invention, as shown in FIG.
  • Group Internet Acceleration Module This module provides a number of websites that can speed up the Internet access to group users according to the characteristics of the group users.
  • the website address is configured by the group administrator, and the network address is configured.
  • the system will cache the website content by means of cache mirroring. Going locally, this will speed up the user's online experience and give the user a smooth feeling of the network. After testing, the effect is very obvious.
  • the system provides a simple data mining function, which is set on a regular basis, such as one week and one month. Set the URL visits for data statistics, select top10 for the group administrator, and facilitate the group administrator to maintain the network address of the network acceleration module.
  • FIG. 11 is a flow chart showing the operation of a directional flow module according to a preferred embodiment of the present invention, as shown in FIG.
  • Group-oriented traffic module According to the characteristics of the group's Internet access, members of a group may frequently visit several specific websites frequently, which causes the group users to have a very large targeted traffic to a certain website.
  • the directional traffic package is opened. After the group customizes the package, several URLs can be set. The traffic of the group members accessing these URLs is not included in the total package flow of the group.
  • the system logic When accessing the configuration URL, the system logic notifies the core network through the communication interface. Not included in the total flow. At the same time, group administrators can also configure targeted URLs for greater flexibility.
  • the Group's directional traffic module sends traffic red packets through Weibo, WeChat and other public relations media at the appropriate time according to the Group's own plans.
  • the red packets can be ordinary red packets or directional traffic red packets.
  • the directed traffic red envelope is a traffic package for a specific URL. After the user who grabs the red envelope passes the core network authentication, it will become a temporary user of the group. During the online process, the user will go to the group directed traffic module to charge, when the traffic is consumed. Whenever possible, the system will go offline; the ordinary traffic red envelope is a package for all Internet addresses. Users who grab the red envelope can enjoy all the treatment of the group users after the core network authentication, until the traffic is exhausted, the system will be the user. line.
  • the core network sends an Internet request to the data communication interface.
  • only the location information or the traffic information or the Internet content may be included, or both of the cores may be included.
  • the network sends an Internet request to the data communication interface.
  • the location information or the Internet content may be included, or both of them may be included.
  • the main business logic needs to judge according to the online request. If only the location information is included, only the location information needs to be authenticated. If only the content of the Internet is included, only the content of the Internet needs to be authenticated.
  • the system When the user requests the threshold set by the system, the system will detect the traffic status of the user at this time.
  • the system will communicate with the core network through the communication interface.
  • the user first adopts the speed reduction measure, that is, the 4G network is lowered. To 3G or lower, this interface is the latest interface between the system and the core network.
  • the core network does not actively take the speed reduction function for the user, only the user can speed down the unilaterally on the mobile phone side; at the same time, the administrator and the user separately send messages.
  • the user traffic has reached the threshold, send a message to the user, the traffic reaches the threshold, in order to reduce unnecessary waste, the system has already actively slowed down for you.
  • System administrators can increase traffic to users for different situations.
  • the system When the user traffic is exhausted, the system reports the message to the core network through the communication interface, and the core network disconnects the user and sends a message to prompt. The system will release the session monitored by this user. If the entire group user traffic reaches the upper limit, the system will send a message to the core network, disconnect the links of all users under the group, release all monitoring sessions, and send a message to the system administrator, prompting the traffic status of the group users at this time to facilitate management. The next step is taken.
  • FIG. 12 is a schematic flowchart of a user going offline according to a preferred embodiment of the present invention, as shown in FIG.
  • the system actively reports the user's usage status to the user's active offline.
  • the group data flow control system processes the user's usage results, accumulates the traffic used by the user, and releases the held session.
  • the user performs management operations including: the group flow control system provides a series of management operation interfaces, which can adopt an XML protocol or other protocols, and the system can be converted into an internal protocol.
  • Administrator operations including adding/deleting/modifying members, managing member permissions, configuring acceleration URLs, configuring group blacklists, configuring system traffic thresholds, user traffic thresholds, configuring directed network addresses, etc., saving results after execution Go to the data storage device, and then send the result of the request to the data communication interface; or query the user information, the Internet access situation, and send the query result to the data communication interface;
  • the method according to the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course, by hardware, but in many cases, the former is A better implementation.
  • the technical solution of the present invention in essence or the contribution to the related art can be embodied in the form of a software product stored in a storage medium (such as ROM/RAM, disk, CD-ROM).
  • the instructions include a number of instructions for causing a terminal device (which may be a cell phone, computer, server, or network device, etc.) to perform the methods described in various embodiments of the present invention.
  • each of the above modules may be implemented by software or hardware.
  • the foregoing may be implemented by, but not limited to, the foregoing modules are all located in the same processor; or, the modules are located in multiple In the processor.
  • Embodiments of the present invention also provide a storage medium.
  • the storage medium may be configured to store program code for performing the method steps of the above embodiment:
  • the group process control system receives the online request information forwarded by the core network, where the online request information is the online request information of the terminal user received by the core network;
  • the group process control system generates the internet access control information of the terminal user according to the online request information and the group flow control system for the preset user's online traffic permission of the terminal user, and sends the online control information to the core network, wherein the internet control information is used.
  • the Internet traffic control of the end user on the core network is used.
  • the storage medium is further arranged to store program code for performing the method steps of the above-described embodiments:
  • the online request information includes the group to which the terminal user belongs and the online information of the terminal user.
  • the group process control system identifies the group to which the terminal user belongs according to the group information, and authenticates the identity of the terminal user;
  • the group process control system if the identity authentication is passed, the group process control system generates the terminal user's Internet access control information according to the online information and the group's pre-set Internet traffic rights to the terminal user.
  • the foregoing storage medium may include, but is not limited to, a U disk, a read only memory (ROM, Read-Only Memory), Random Access Memory (RAM), removable hard disk, disk or optical disk, etc., which can store program code.
  • ROM read only memory
  • RAM Random Access Memory
  • removable hard disk disk or optical disk, etc., which can store program code.
  • the processor performs the method steps of the foregoing embodiments according to the stored program code in the storage medium.
  • modules or steps of the present invention described above can be implemented by a general-purpose computing device that can be centralized on a single computing device or distributed across a network of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein.
  • the steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps thereof are fabricated as a single integrated circuit module.
  • the invention is not limited to any specific combination of hardware and software.
  • the group process control system receives the online request information forwarded by the core network, where the online request information is the online request information of the terminal user received by the core network, and the group process control system is based on the online request information, and The group process control system generates the Internet access control information of the terminal user for the terminal user's pre-set Internet traffic permission, and sends the Internet access control information to the core network, wherein the Internet access control information is used by the core network
  • the end user conducts online traffic control, which solves the problem that the group users' Internet service monitoring and flow control are imperfect, and improves the online service control of the group users.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

L'invention porte, dans des modes de réalisation, sur un procédé et sur un dispositif de commande permettant un accès au réseau de groupe. Le procédé consiste à recevoir, au moyen d'un système de régulation de flux de groupe, des informations de demande d'accès au réseau transmises à partir d'un réseau central, les informations de demande d'accès au réseau étant reçues par le réseau central en provenance d'un utilisateur final; et générer, au moyen du système de régulation de flux de groupe, des informations de contrôle d'accès au réseau pour l'utilisateur final en fonction des informations de demande d'accès au réseau et d'une autorisation prédéfinie de trafic d'accès au réseau du système de régulation de flux de groupe par rapport à l'utilisateur final, et envoyer les informations de contrôle d'accès au réseau au réseau central, les informations de contrôle d'accès au réseau étant utilisées pour effectuer une commande de trafic d'accès au réseau par rapport à l'utilisateur final au moyen du réseau central, ce qui permet de résoudre les problèmes de surveillance imparfaite de service d'accès au réseau et de contrôle de trafic pour un utilisateur de groupe, ce qui permet d'améliorer la commande de service d'accès au réseau pour un utilisateur de groupe. FIG. 1: S102%%%Recevoir, au moyen d'un système de régulation de flux de groupe, des informations de demande d'accès au réseau transmises à partir d'un réseau central, les informations de demande d'accès au réseau étant reçues par le réseau central en provenance d'un utilisateur final S104%%%Générer, au moyen du système de régulation de flux de groupe, des informations de contrôle d'accès au réseau pour l'utilisateur final en fonction des informations de demande d'accès au réseau et d'une autorisation prédéfinie de trafic d'accès au réseau du système de régulation de flux de groupe par rapport à l'utilisateur final, et envoyer les informations de contrôle d'accès au réseau au réseau central, les informations de contrôle d'accès au réseau étant utilisées pour effectuer une commande de trafic d'accès au réseau par rapport à l'utilisateur final au moyen du réseau central
PCT/CN2016/095515 2015-12-01 2016-08-16 Procédé et dispositif de commande permettant un accès au réseau de groupe WO2017092403A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510875889.2 2015-12-01
CN201510875889.2A CN106817361A (zh) 2015-12-01 2015-12-01 集团上网的控制方法及装置

Publications (1)

Publication Number Publication Date
WO2017092403A1 true WO2017092403A1 (fr) 2017-06-08

Family

ID=58796183

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/095515 WO2017092403A1 (fr) 2015-12-01 2016-08-16 Procédé et dispositif de commande permettant un accès au réseau de groupe

Country Status (2)

Country Link
CN (1) CN106817361A (fr)
WO (1) WO2017092403A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113179536A (zh) * 2021-03-12 2021-07-27 中国雄安集团数字城市科技有限公司 基于NB-IoT窄带通信技术的流量控制方法及系统

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107454580B (zh) * 2017-07-31 2020-02-18 网宿科技股份有限公司 一种实现应用程序流量定向引导的方法和系统及移动终端

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102958029A (zh) * 2011-08-29 2013-03-06 中国移动通信集团上海有限公司 一种计费和服务质量策略管控方法与装置
CN103916364A (zh) * 2012-12-28 2014-07-09 中国移动通信集团北京有限公司 针对ims业务集团客户的sla等级实现方法及系统
WO2014167333A1 (fr) * 2013-04-09 2014-10-16 Mobbra Limited Améliorations apportées à ou concernant les communications avec des dispositifs électroniques

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100477609C (zh) * 2003-07-11 2009-04-08 华为技术有限公司 实现网络专线接入的方法
CN1288924C (zh) * 2003-11-27 2006-12-06 远传电信股份有限公司 使用于移动网络的内容计费与存取控制系统
CN100479369C (zh) * 2004-05-12 2009-04-15 华为技术有限公司 一种针对用户选择计费规则的方法
CN101159630B (zh) * 2007-11-09 2011-05-18 华为技术有限公司 流量监管方法、系统和宽带接入服务器
CN103179556B (zh) * 2011-12-20 2016-06-08 深圳业拓讯通信科技有限公司 一种基于移动网络策略和计费架构的绿色上网系统和方法
CN103874134A (zh) * 2012-12-15 2014-06-18 华为终端有限公司 一种流量控制方法及装置
CN104780623A (zh) * 2015-04-16 2015-07-15 中兴通讯股份有限公司 连接控制方法及装置

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102958029A (zh) * 2011-08-29 2013-03-06 中国移动通信集团上海有限公司 一种计费和服务质量策略管控方法与装置
CN103916364A (zh) * 2012-12-28 2014-07-09 中国移动通信集团北京有限公司 针对ims业务集团客户的sla等级实现方法及系统
WO2014167333A1 (fr) * 2013-04-09 2014-10-16 Mobbra Limited Améliorations apportées à ou concernant les communications avec des dispositifs électroniques

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113179536A (zh) * 2021-03-12 2021-07-27 中国雄安集团数字城市科技有限公司 基于NB-IoT窄带通信技术的流量控制方法及系统

Also Published As

Publication number Publication date
CN106817361A (zh) 2017-06-09

Similar Documents

Publication Publication Date Title
EP2870723B1 (fr) Procédés de commande de règles et de tarif pour gérer des abonnements multi-utilisateurs d'un réseau de télécommunication
WO2015154350A1 (fr) Terminal, dispositif et procédé de partage de trafic d'accès à internet
WO2016165505A1 (fr) Procédé et appareil de commande de connexion
CN110831243B (zh) 一种用户面安全策略实现方法、装置及系统
WO2013163944A1 (fr) Procédé de partage de comptes d'informatique en nuage pour services iaas, plateforme de partage et dispositif de réseau
CN103516681A (zh) 网络访问控制方法以及装置
CN106330813A (zh) 一种处理授权的方法、设备和系统
WO2015180364A1 (fr) Procédé et système d'hébergement de point d'accès à un réseau
EP3206422A1 (fr) Procédé et dispositif de création de ressource d'abonnement
WO2011098660A9 (fr) Procédé et appareil de redirection de trafic de données
CN101895587A (zh) 防止用户私自修改ip地址的方法、装置和系统
CN105493533A (zh) 在线计费方法、网关设备及在线计费设备
CN106258015B (zh) 业务分配方法及装置
WO2017092403A1 (fr) Procédé et dispositif de commande permettant un accès au réseau de groupe
WO2011134154A1 (fr) Procédé et dispositif permettant une commande de ressources de réseau de liaison multiutilisateur
CN107710673A (zh) 用户身份认证的方法及设备
CN102404114A (zh) Web服务监控方法和系统
CN102263797B (zh) 一种会话控制的方法及装置
CN115296866B (zh) 一种边缘节点的访问方法及装置
US9232078B1 (en) Method and system for data usage accounting across multiple communication networks
US10187866B2 (en) Registering, deregistering and standby processing methods and systems for terminal peripheral
CN106488449A (zh) 一种无线通信设备的管理方法及无线通信设备
EP2955945B1 (fr) Procédé et système de mise en oeuvre d'authentification, d'autorisation et de comptabilisation en interaction entre un réseau local sans fil et un réseau fixe
CN104539446A (zh) 实现共享wlan管理的方法、系统及wlan共享注册服务器
CN105282270B (zh) 一种防止ip地址冒用的方法、装置及系统

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16869714

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16869714

Country of ref document: EP

Kind code of ref document: A1