WO2019208943A1 - Allocation method for application dedicated network, method for providing third-party billing service through same, and communication network system and user terminal implementing same - Google Patents

Abstract

Disclosed is a method for providing a third-party billing service by interworking a data policy control device with a core network and a terminal, the method comprising the steps of: storing a data billing policy for a third party for an application and dedicated network information allocated to the core network for transmitting and receiving traffic of the specific application; controlling access to the dedicated network of the application installed on the terminal on the basis of the data billing policy; and billing the third party for the amount of data used to transmit and receive traffic of the application in the dedicated network. Each terminal with the application installed thereon transmits traffic of the application to the dedicated network or to a public network under control of the data policy control device.

Description

Application dedicated network allocation method, third party billing service providing method, and communication network system and user terminal implementing the same

The present invention relates to a wireless communication network system and a data communication service thereof.

The user is given a certain amount of data every month according to the carrier billing plan, and the amount of data is deducted each time data is transmitted and received through the communication network. Since the user runs the application in the terminal and uses the content provided by the remote server, the user bears the communication network fee for using the content. That is, even if a user purchases a paid application or purchases paid content in the application, the user must pay the communication network fee.

On the other hand, some content providers may pay customers' network fees for various purposes such as market expansion. In this case, the telecommunications company registers 5 tuples to specify the charging support target of the content provider in the core network, and changes the charging for all traffic corresponding to the registered 5 tuples to the third party content provider. At this time, since the P-GW needs to recognize the content server address of the packet to separate the user charge and the content provider charge, all destination information of the remote host used by the application must be provided to the carrier. In addition, frequent links between applications make it difficult to determine billing targets based on content server addresses. In addition, as the billing target for the generated traffic is collectively changed to the content provider, it is difficult to determine the amount of data charged by the content provider in advance, it is difficult to control the billing, and it is not possible to apply various billing services that charge for certain data usage. .

Since the user is forced to use the data service depending on the plan, even if the content provider wants to provide a differentiated content service, the user depends on the QoS of the communication network to which the user subscribes. Therefore, the content development of the content provider is forced to rely on the communication network.

As such, even if the content provider distributes the application to the terminal through the application market, the application usage depends on the user's network plan and QoS. Telcos can increase the network usage if the content provider bears the charges for traffic generated by a specific application, but it is not easy to classify the traffic used by users in the core network into personal billing and content provider billing.

Until now, it has been natural for individual users to pay the communication network fee for using an application. However, in an age in which all things are connected through a communication network and consume content, a technology that enables various subjects to bear the cost of distributing content through a communication network is required. do.

The problem to be solved by the present invention is to allocate a dedicated network for a specific application, to provide a method for controlling access to the dedicated network of the application, and to provide a communication network system and a user terminal implementing the same.

The problem to be solved by the present invention is to provide a third party billing service for a specific application, in particular a method of controlling the third party billing by reflecting the third party's data billing burden policy in real time, and a communication network implementing the same It is to provide a system and a user terminal.

An object of the present invention is to provide a routing management method for allocating a dedicated APN or a common APN to an application under a control of a data policy controller in a terminal supporting a plurality of access point names (APNs). To provide.

In addition, the problem to be solved by the present invention is to provide a user interface that allows the user to simply and intuitively control the application-specific access network changes or the use of third-party billing services.

A method for providing a third party billing service by interworking with a core network and a terminal by a data policy controlling device according to an embodiment, the third party's data charge burden policy for a specific application, and for transmitting and receiving traffic of the specific application Managing dedicated network information allocated to a core network, controlling access to a dedicated network of the specific applications installed in terminals based on the data charge burden policy, and data used for transmitting and receiving traffic of the specific application in the dedicated network; Charging the amount to the third party. Each terminal installed with the specific application transmits the traffic of the specific application to the dedicated network or to the public network under the control of the data policy control device.

The controlling of the access to the dedicated network of the specific application may allow access to the private network so that traffic of the specific application is transmitted to the dedicated network when the data charge burden policy is valid. The terminal allowed to access the dedicated network may set a first routing policy for transmitting traffic of the specific application to the dedicated network using the dedicated network access information.

The dedicated network access information may be an access point name (APN) of a dedicated network allocated to the core network.

The data charge burden policy may include the purchase data amount of the third party. The controlling of access to the private network of the specific application may include: terminals that are granted access to the private network for the specific application when the amount of data charged to the third party reaches the purchase data amount of the third party. Authentication may be instructed. Each terminal deauthenticated may change to a second routing policy for transmitting traffic of the specific application to the public network.

The controlling of the specific network access of the specific application may include transmitting dedicated network access information allocated to the specific application to the terminals, and receiving an authentication request for access to the specific network of the specific application from any of the terminals. And authenticating a dedicated network access to the specific application based on the application authentication policy set by the third party and granting the dedicated network access to the arbitrary terminal. Traffic of the specific application executed in the arbitrary terminal may be transmitted to the dedicated network corresponding to the dedicated network access information.

The application authentication policy may include an identifier and integrity information of the specific application.

The specific application may be an enterprise-specific application connected to a corporate internal network or an application connected to a content server through an internet network.

The third party billing service providing method includes monitoring the remaining amount of the purchase data amount of the third party that is changed according to the transmission / reception of traffic in the dedicated network, notifying the remaining amount to the third party, and data from the third party. If the addition is requested, the method may further include updating the data charge burden policy.

In the charging of the third party, when traffic to be charged to a plurality of third parties is transmitted and received together on the dedicated network, the traffic transmitted and received on the dedicated network may be classified by application and charged to a third party corresponding to each application. have.

A method for routing traffic of an application to a designated network by a terminal according to another embodiment, the method comprising: requesting a data policy control device for authentication for a specific network connection to a specific application; Receiving an authorization result to permit, and setting a routing policy for transmitting traffic of the specific application to the dedicated network assigned to the specific application. Traffic of the specific application is delivered to the dedicated network generated in the core network based on the dedicated network access information while the authentication for the dedicated network access is valid.

In the request for authentication for access to the private network, when a user operation of moving the specific application displayed on a user interface screen into a specific area is input, the data policy controller may request authentication for access to the private network of the specific application. When the dedicated network access is allowed from the data policy control device, the specific application is located in the specific area, and if the dedicated network access is not permitted from the data policy control device, the specific application may be located outside the specific area.

In the requesting of the authentication for accessing the dedicated network, when an execution request for the specific application located in the specific area is input, the data policy control device requests authentication for accessing the dedicated network of the specific application, and the data policy control. If a dedicated network connection is not allowed from the device, the specific application may be moved out of the specific area.

The routing method may further include receiving, from the data policy control device, deauthentication for a dedicated network connection to the specific application, and changing to a routing policy for transmitting traffic of the specific application to a public network. .

The setting of the routing policy may set the routing policy of the specific application by mapping the specific application that is allowed to access the dedicated network to the routing container to which the virtual network interface is assigned. The virtual network interface may be connected to a first network interface connecting to the private network. Applications not mapped to the routing container may have a routing policy connected to a second network interface connecting to the public network.

When the specific application is a third party billing application that a third party charges for data, the specific application may indicate that the third party billing application is displayed on the user interface screen while the authentication for accessing the dedicated network is valid.

The setting of the routing policy may include managing first network access information for public network access and at least one second network access information for at least one private network access, and if the private network access of the specific application is allowed, The second network access information corresponding to the dedicated network may be mapped to the specific application, and if the dedicated network access of the specific application is not permitted, the first network access information may be mapped to the specific application.

The specific application may be an enterprise-only application or a third party billing application that a third party charges for data.

As a method of installing a third party billing application by a terminal according to another embodiment, downloading and installing installation information including a third party billing application and billing network information from an application market, and in the billing network information Accessing the instructed data policy controlling device to notify installation of the third party billing application; and setting a routing policy for mapping dedicated network access information received from the data policy controlling device to the third party billing application. Include. Traffic of the third party billing application is delivered to the dedicated network corresponding to the dedicated network access information while authentication for the dedicated network access is valid.

The setting of the routing policy may include requesting an authentication for access to the private network of the third party billing application to the data policy controlling device, and receiving an authentication result including access to the private network from the data policy controlling device. You can set the policy.

The third party billing application installation method may further include receiving an authentication release for a dedicated network access to the third party billing application from the data policy control device, and sharing the private network access information mapped to the third party billing application. The method may further include setting a routing policy for changing the connection information.

According to the embodiment, since the terminal may additionally set the network connection information (for example, dedicated APN) different from the public network for the application connected to the private network, there is no need to change the currently set network connection information according to the application to be executed. . In particular, since network access information of general applications and security applications (eg, enterprise applications) requiring security can be distinguished and set, general applications and security applications can be used at the same time, and the traffic of general applications is internal to the enterprise. It can prevent the inflow into a network (intranet) and the like. In addition, according to the embodiment, since the internal network, etc., may be set as a target PDN (Packet Data Network) when configuring a dedicated network of the application, tunneling (VPN) for network packet security is not required.

According to an embodiment, the third party may be charged for specific application traffic, thereby enabling the use of the content of the application and consequently increasing the traffic. In particular, the third party may change his or her data charging burden policy in real time, and the data policy controller may reflect the third party's data charging burden policy on the terminal in real time. In addition, various subjects can bear the communication network usage fee of a specific application, thereby providing various types of data network convergence applications and distributing contents.

According to an embodiment, by differently assigning network access information for each application, traffic transmission paths of a general application charged to a user and a third party charging application may be separated. Thus, the core network can charge a third party for traffic sent to a designated dedicated network without having to separate user charging and third party charging through the content server address.

According to the embodiment, since the QoS-guaranteed private network can be assigned to a specific application, a user can use content such as a video, AR / VR game, etc. in the QoS-guaranteed private network.

According to an embodiment, the content provider may promote the use of the application (for example, free of data usage fee) or sell the communication network usage fee for the application as a separate product based on the amount of data / QoS purchased from the carrier. .

According to the embodiment, the user can easily and intuitively control the application-specific access network change or the third party billing service use request through the folder / box type container displayed on the terminal screen.

According to an embodiment, by fusing an application installed in a terminal, a content provider that provides content through the application, and a communication network that transmits and receives traffic, various subjects may pay for content distribution through the communication network as desired. As a result, it is possible to increase the user's use of the content and provide a communication service such as QoS optimized for the content without having to rely on the user plan.

1 is a communication network system that provides a third party billing service for each application according to an exemplary embodiment.

2 is a diagram illustrating an example of charging for an application according to an exemplary embodiment.

3 is a view illustrating an interworking structure of a data policy control apparatus according to an embodiment.

4 is a flowchart illustrating a data charging burden service providing method according to an exemplary embodiment.

5 is a flowchart of a method of controlling, by a data policy control apparatus, a real-time data billing burden service according to an embodiment.

6 is a flowchart illustrating a method of controlling, by a data policy control apparatus, a real-time data charging service according to another embodiment.

7 is a diagram conceptually illustrating a routing container based application routing control structure according to an embodiment.

8 is a diagram conceptually illustrating a routing policy management based application routing control structure according to another embodiment.

9 is a diagram illustrating a dedicated network connection in a routing container based terminal structure according to an embodiment.

10 is an example of a terminal interface screen including an application container according to an embodiment.

11 is an example of a terminal interface screen displaying a third party billing application according to an embodiment.

12 is a flowchart of a method of installing a third party billing application, according to an exemplary embodiment.

13 is a diagram illustrating a method for providing a CP center dedicated network service according to an embodiment.

14 is a diagram illustrating a user-selectable dedicated network service providing method according to an embodiment.

DETAILED DESCRIPTION Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings so that those skilled in the art may easily implement the present invention. As those skilled in the art would realize, the described embodiments may be modified in various different ways, all without departing from the spirit or scope of the present invention. In the drawings, parts irrelevant to the description are omitted in order to clearly describe the present invention, and like reference numerals designate like parts throughout the specification.

Throughout the specification, when a part is said to "include" a certain component, it means that it can further include other components, without excluding other components unless specifically stated otherwise. In addition, the terms “… unit”, “… unit”, “module”, etc. described in the specification mean a unit that processes at least one function or operation, which may be implemented by hardware or software or a combination of hardware and software. have.

The devices described in the present invention are composed of hardware including at least one processor, a memory device, a communication device, and the like, and a program executed in combination with the hardware is stored in a designated place. The hardware has the configuration and performance to implement the method of the present invention. The program includes instructions implementing the method of operation of the present invention described with reference to the drawings, and executes the present invention in combination with hardware such as a processor and a memory device.

In the present invention, the terminal may be a mobile station (MS), a mobile terminal (MT), a subscriber station (SS), a portable subscriber station (PSS), or a user equipment (UE). It may also refer to an access terminal (AT) and the like, and may include all or some functions of a mobile station, a mobile terminal, a subscriber station, a portable subscriber station, a user device, an access terminal, and the like.

The terminal may include a base station (BS), an access point (AP), a radio access station (RAS), a node B (Node B), an advanced node B (evolved NodeB, eNodeB), and a transmission / reception base station ( A network device such as a base transceiver station (BTS), a mobile multihop relay (MMR) -BS, a 5G NB (gNB), or the like may be connected to a remote server.

The terminal may be a mobile terminal such as a smartphone, a tablet terminal such as a smart pad and a tablet PC, a computer, a television, and various types of communication terminals, and may include a plurality of communication interfaces. The communication interface may vary. For example, the communication interface may be a short-range wireless network interface such as Wi-Fi / WLAN / Bluetooth, and a mobile terminal such as 3G / Long Term Evolution (LTE) / Long Term Evolution-Advanced (LTE-A) / 5G. The network interface may be included, and the terminal manufacturer may add various communication interfaces.

In the present invention, the LTE EPC (Evolved Packet Core) is mainly described as an example, but may be equally applied to 5G core.

In the present invention, the public network and the private network means separate traffic paths, and are not necessarily physically separated. For example, public and private networks may be different bearers created on the same physical path.

In the present invention, the "third party billing service" is a third party pays for the user's data usage on behalf of the user, and the contract of the telecommunication company and the third party may vary. The description mainly assumes that a third party purchases data from the carrier and pays for individual users within the purchased data limit, but may also be billed for post-payment of data usage without a data limit. In the sense that the amount of data given to the user is not deducted, it can be referred to as an unpaid / zero-rating service or a sponsored service in that a third party supports the user network fee.

In the present invention, the "third party" is sufficient to be a subject that can subscribe to the carrier product providing the third party billing service. For example, a third party may be a company that provides enterprise-specific applications connected to an internal network or a content provider (CP) that provides content applications connected to a specific content server. It does not need to be limited to the company or CP that it distributes. For example, a third party may bear data charging for the application for content (eg, a specific channel) distributed through a specific application (eg, an Oletv mobile application).

In the present invention, a third-party billing application is described as an application to which a private network is assigned as an example. However, the dedicated network is not necessarily assigned only to the third-party billing application, and a specific application (for example, QoS guarantee is required even if user billing is required). Application, etc.) may be assigned a dedicated network.

The application of the present invention can be referred to as a network convergence application, data convergence application because the dedicated network is assigned and charging and QoS are controlled through it.

1 is a communication network system that provides a third party billing service for each application according to an embodiment, and FIG. 2 is a diagram illustrating an application billing according to an embodiment.

Referring to FIG. 1, a communication network system includes a content provider (CP) device 100, a data policy control device 200 of a communication network, and a data policy control device that are responsible for data charging for a third party billing application. And a terminal 300 for setting a routing policy of the third party billing application under the control of 200. The data policy control apparatus 200 allocates a dedicated network (dedicated data network) to a specific application designated by a CP or a user among a plurality of applications installed in the terminal, and thereby separates traffic path separation, QoS differential, and charging separation for each application. can do.

The CP device 100 is operated for each CP and may communicate with the data policy control device 200. The CP device 100 may designate a third party billing application and transmit a data charge burden policy for the third party billing application to the data policy control device 200. The CP device 100 sets and manages a data charging policy, a third party charging application authentication policy, a data charging subscriber list, and the like through an interface provided by the data policy control apparatus 200, and uses the amount of data purchased. Inquiries can be made. The CP device 100 receives a report of the application state of the data charge burden policy including the remaining amount of data from the data policy control device 200. The CP device 100 receives notification of the remaining amount below the standard and the restriction of the third party billing service due to reaching the contract limit. Can be.

On the other hand, the CP does not necessarily transmit a data charge burden policy, etc. to the data policy control device 200 through the CP device 100, and does not need to subscribe to the product through the data policy control device 200. That is, the CP may subscribe to the data charge burden product at the online product subscription page or the offline branch office provided by the telecommunication company, and the data charge burden policy may be transmitted to the data policy control apparatus 200.

The data policy control apparatus 200 may reflect the data charging burden policy of the CP to the terminal 300 in real time in association with various devices of the core network. The companion devices may vary depending on the network. Typically, the companion devices may interwork with the policy and charging control device 10 and the charging device 20. The policy and charging control apparatus 10 may be a Policy and Charging Control Function (PCRF) / Policy and Charging Enforcement Function (PCEF) that performs a Policy and Charging Control (PCC) function for managing policy charging information. In detail, the policy and charging control device 10 configures a dedicated network corresponding to the data charging burden policy of the CP, and distributes dedicated network information such as a dedicated network configuration policy to the data policy control device 200 and the P-GW 33. can do. The billing device 20 is a device for calculating data usage, which may vary depending on the core network. For example, the charging apparatus 20 collects data usage (CDR) from the packet data gateway (P-GW) 33. Charging System) / Online Charging System (OCS). The P-GW 33 delivers a call detailed record (CDR) indicating a data usage amount to a charging device 20. The P-GW 33 may classify an application based on information included in the CDR.

When the data policy control apparatus 200 receives a data charge burden product subscription from the CP apparatus 100, the data policy control apparatus 200 may request a CP dedicated network configuration from the core network and obtain CP dedicated network information from the core network. Alternatively, the CP may subscribe to the data billing product through the sales office of the telecommunication company. In this case, the data policy control apparatus 200 may obtain CP dedicated network information from the core network. The data charging product may be a kind of dedicated network product.

The data policy control apparatus 200 manages dedicated network information of a CP that has registered a data charging burden policy. The CP dedicated network information may include a dedicated network configuration policy, dedicated network access information assigned to a third party billing application of the CP, and may be transmitted from the policy and charging control device 10. When the terminal 300 is not in the exclusive network access state, the data policy control apparatus 200 may transmit the private network access information to the terminal 300 to request preparation for access to the private network. As described above, the third party billing application and the dedicated network access information are mapped in the terminal 300 according to the control of the data policy control apparatus 200, so that the traffic of the third party billing application may be transmitted to the dedicated network. The dedicated network access information may be, for example, an access point name (APN) in an LTE network or a data network name (DNN) in a 5G network. Information for specifying. In the present invention, the APN is described as an example of network access information.

Upon receiving the dedicated APN, the terminal 300 creates a virtual network interface to prepare for access to the private network. The time point when the data policy control apparatus 200 transmits the dedicated APN to the terminal 300 depends on a dedicated APN allocation and delivery rule. can be different. According to an embodiment, the dedicated APN may be transmitted to the terminal 300 after the configuration of the dedicated network for the data charging burden policy of the CP is completed or after the dedicated network access to the third party charging application designated by the CP is authenticated. . According to another embodiment, the dedicated APN may be delivered to a user terminal (eg, a GiGA Cube subscriber terminal, which is a dedicated network product) accessible to the dedicated network in a state in which the dedicated network configuration is completed in the core network. According to another embodiment, the dedicated APN may be stored in advance in the routing profile of the terminal. When the data policy control apparatus 200 receives a third party billing (dedicated network access) for the third party billing application from the terminal 300, the terminal is based on the stored data billing burden policy / third party billing application authentication policy. Authenticate the dedicated network access of the third party billing application installed in 300. The third party billing application may be controlled to always be charged to the CP (third party) according to the data charge burden policy set by the CP, or charged to the CP while authentication by the data policy control apparatus 200 is valid. That is, if the private network connection authentication by the data policy control device 200 or when the authentication has expired, the terminal 300 sets the public network connection information (for example, the public APN) even if the third party billing application, Treat it as a general application that is billed by the user.

The terminal 300 may set the dedicated APN for the third party billing application authenticated by the data policy control apparatus 200 to transmit traffic generated in the third party billing application to the dedicated network designated in the dedicated APN. When the packet is generated in the third party charging application of the terminal 300, the access request message including the dedicated APN is transmitted to the mobility management entity (MME) 31 via the base station 30. The MME 31 checks the dedicated network configuration policy of the dedicated APN included in the access request message, and uses a dedicated network (dedicated bearer for transmitting and receiving traffic of the third-party charging application through the S-GW 32 and the P-GW 33). ). Through this, traffic of the third party charging application is transmitted and received through the P-GW 33 of the dedicated network allocated to the dedicated APN, and the amount of data transmitted and received in the dedicated network is collected by the charging device 20.

The data policy control apparatus 200 charges the CP of the data usage of each third party charging application obtained from the charging apparatus 20. The data policy control apparatus 200 checks the data limit purchased by the CP (contracted), and controls the free data usage of the plurality of terminals in real time according to the remaining amount of data. For example, when the data usage of a specific CP reaches the contract limit, the data policy control apparatus 200 checks the third party billing application contracted by the specific CP, and uses the terminal 300 to check the third party billing application. May inform and indicate that the use of free data is restricted. The data policy control device 200 may notify the CP device 100 of the data remaining amount to induce the purchase of additional data.

The data policy control apparatus 200 determines that the dedicated APN usage authority of the third party billing application is terminated when an end event such as the amount of purchase data of the CP or the contract with the CP is terminated occurs. In addition, the data policy control apparatus 200 transmits, to the terminal 300, authentication release information indicating the release of the dedicated APN connection of the third party billing application. Then, the terminal 300 changes the network access information of the third party billing application from the dedicated APN to the public APN. Since the third party billing application mapped to the public APN is connected to the public network like a general application, data usage is charged to the user.

Referring to FIG. 2, when the terminal 300 may configure a plurality of APNs, a dedicated APN (APN1) and a third party billing application (CP1 application) received from the data policy control apparatus 200 may be used. Map them). When the CP1 applications are executed, the terminal 300 requests a connection to the APN1 from the core network according to a routing rule. In this case, the CP1 may be charged for the traffic transmitted from the dedicated network.

The general application (CP2 APP) is connected to the public network, which is set by default to which the public APN (APN1) is mapped. The user pays for the traffic transmitted on the public network.

As such, the data charge burden policy allows the CP to be subtracted from the amount of data purchased by the CP, instead of the data given to the individual user, even if the individual user uses the communication network. Through this, the customer can use the content free of charge through the third party billing application, within the data billing burden of CP.

The data charge burden policy may be determined as a product to which the CP subscribes to a telecommunication company, and the data policy control apparatus 200 may receive a product subscription including a data charge burden policy from the CP device 100. The CP may subscribe to a dedicated network product and provide a third party billing service to customers using the third party billing application. Meanwhile, the data charging burden policy may be partially paid by the third party CP, but may be partially charged by the third party billing for the amount of data used by the individual user through the third party charging application.

The data charge burden policy may be variously determined according to charges and control conditions, such as a personal plan. For example, the data charge burden policy may include the amount of data purchased by the CP (eg 1 Tbyte / month), the amount of individual data the CP will provide to each customer (eg 200 Mbytes / month per customer), and the CP is charged. List of customers to be charged for, the application identifier to be charged by the CP, the content server information of the application to be charged by the CP, the time zone when the CP is charged, the QoS level, and the term of the contract (eg, one month, one week, etc.) And so on. The data charge burden policy may further include an application authentication policy.

The data policy control apparatus 200 manages dedicated network products, policy contents, and dedicated network setting information for each CP as shown in Table 1, for example. The QoS may include, for example, a guaranteed bit rate (GBR), a maximum bit rate (MBR), a QoS class identifier (QCI), and the like. In the case of a higher QCI applicable to a dedicated bearer, the data policy control apparatus 200 may store a 5-tuple for generating a QoS policy of a product subscribed to a corresponding CP.

CP name	Product ID	Purchase data amount	term	QoS	5 tuples
kt	20000	unlimited	Term	GBR, MBR, QCI	-
cacao	20001	200 TB	When exhausted	GBR, MBR, QCI	-
Naver	20002	200 TB	When exhausted	GBR, MBR, QCI	-

3 is a view illustrating an interworking structure of a data policy control apparatus according to an embodiment. Referring to FIG. 3, the data policy control apparatus 200 may include a CP policy management unit 210 interworking with the CP apparatus 100. And a terminal authentication unit 230 and a profile storage unit 250 interworking with the terminal 300. The CP policy manager 210 and the terminal authenticator 230 may interwork with each other and manage the profile storage 250. Although the CP policy manager 210 is described as communicating with the core network, the connection relationship between the core network and the data policy control apparatus 200 may be variously designed.

The CP policy management unit 210 registers the subscription of the data billing product received from the CP device 100 by interworking with the core network devices of the telecommunications company, configures a dedicated network of the data billing policy, and the third party billing application. The CP may be charged for the associated data usage. Core network devices to which the CP policy management unit 210 interoperates are determined according to the network. For example, the CP policy management unit 210 interworks with a business support system (BSS) for subscription of data billing products. can do. The CP policy management unit 210 may interwork with a PCRF / PCEF that performs a PCC function in order to apply the network configuration policy of the data billing product. The CP policy management unit 210 may link the data usage with the OCS / OFCS. The CP policy management unit 210 may check a user profile by interworking with a home subscriber server (HSS).

The terminal authenticator 230 authenticates access to the private network of the third party billing application installed in the terminals based on the application authentication policy specified by the CP. The application authentication policy may include third party billing application information (application identifier), integrity information (Signiture), and user information to which the private network is allocated. The terminal authentication unit 230 may perform application authentication in association with the application market.

CP data subscription products may not be eligible for immediate payment. The CP may sell the third party billing application to the individual user and generate an application authentication policy based on the user information on which the third party billing application is purchased (installed). The CP device 100 may share an authentication policy by transferring an application authentication policy to the data policy control device 200. On the other hand, the application authentication policy may be generated in the CP device 100.

When the terminal authenticator 230 executes the third party billing application on the terminal 300 or receives a dedicated network access request (third party billing request) for the third party billing application, the terminal authentication unit 230 based on the application authentication policy specified by the CP Authenticate the private network connection to the application.

The authenticated third party billing application is mapped to routing information from the terminal 300 to the dedicated network. Meanwhile, the dedicated network access information (dedicated APN) may be transmitted together with the authentication for the dedicated network access request (third party billing request) or may be stored in the terminal before authentication. For example, the dedicated network access information may be previously stored in the terminal profile when the third party billing application is installed or when the exclusive network information is requested from the terminal. In this case, the terminal 300 may create a virtual network interface in a routing container capable of collectively mapping the authenticated applications, and may prepare a dedicated network connection by connecting the virtual network interface to a network interface configured with a dedicated APN (FIG. 9).

The profile storage unit 250 stores and manages data charging burden policy, application authentication policy, dedicated network information, etc. for each CP, and is referred to by the CP policy management unit 210 and the terminal authentication unit 230.

As such, the CP may directly set and manage a data charging policy, a data charging subscriber list, and the like through the CP device 100 interoperating with the data policy control apparatus 200 and inquire a data usage inquiry. The CP may receive a report on the application state of the data charge burden policy including the data burden / data remaining amount through the CP device 100. Through this, CP can immediately apply the data network policy to the service provider and can grasp the usage status in real time.

4 is a flowchart illustrating a data charging burden service providing method according to an exemplary embodiment.

Referring to FIG. 4, the data policy control apparatus 200 receives a data charging burden product for a specific application from a CP (S110). The subscription may include various data charging policies including purchase data amount, contract period, QoS, and the like.

The data policy control apparatus 200 registers a data charging burden product in the core network and requests a dedicated network allocation according to the data charging burden policy (S120). For example, the PCRF creates a dedicated network configuration policy and distributes the dedicated network configuration policy to the P-GW. If the P-GW is connected to the internal network rather than the public network, physical network interworking may be performed together.

The data policy control apparatus 200 is informed of the completion of the dedicated network configuration for the data charging burden service of the CP from the core network (S122). The dedicated network configuration completion notification message includes information on a dedicated network allocated to the CP, and if the dedicated network is allocated for each CP, it may include a CP dedicated APN. The data policy control apparatus 200 stores a data charging burden policy of the CP and dedicated network information allocated to the CP.

The data policy control apparatus 200 notifies the CP apparatus 100 of the completion of the dedicated network configuration for the data charging burden product subscribed to (S124). In other words, the data policy control apparatus 200 notifies completion of the dedicated network use of the third party billing application.

The data policy control apparatus 200 receives an authentication policy of a charging burden target application from the CP apparatus 100 (S130). The application authentication policy may include third party billing application information (application identifier), integrity information (Signiture), and user information. If the application authentication policy requires user information on installing the corresponding application, it may be updated every time the application is installed. According to the application authentication policy, the application authentication policy may be included in the data charge burden policy and contracted.

The data policy control apparatus 200 receives an authentication request for access to a dedicated network of a specific application from the terminal 300 (S140). The authentication may be requested by an individual application according to a method designated by an individual application or by an operation of moving an application to an application container on a display screen.

The data policy control apparatus 200 authenticates the application identifier included in the authentication request based on the application authentication policy and permits the terminal 300 to access the private network when the data charge burden policy is valid (data remaining amount, etc.). (S142).

The terminal 300 maps a specific application permitted to access the private network and dedicated network access information (dedicated APN) (S150). That is, the terminal 300 changes the routing policy so that a specific application is connected to the private network. The routing policy change may use the routing container described with reference to FIG. 7 or the access network discovery and selection function (ANDSF) described with reference to FIG. 8. When the specific application and the dedicated network access information are mapped, the terminal 300 displays the user to know that the third party is charged.

When the specific application is executed, the terminal 300 accesses the dedicated network according to the routing policy (S160). The terminal 300 accesses a content server of a specific application through a dedicated network and transmits and receives traffic. The dedicated network is allocated according to the data charge burden policy, and a QoS different from that of the public network can be set, and the dedicated network configuration policy is distributed to core network devices such as P-GW.

The data policy control apparatus 200 receives CP charging information from the charging apparatus of the core network in operation S170. When the dedicated network is allocated for each CP, the data usage through the dedicated network is charged to the CP as it is. If a plurality of CPs having different billing subjects are allocated one dedicated network, the amount of data to be charged by each CP may be calculated based on an identifier of a third party billing application designated by each CP.

The data policy control apparatus 200 reports the application state of the data charging burden policy including the remaining amount of data to the CP apparatus 100 (S180).

Meanwhile, the data policy control apparatus 200 may obtain a data charge burden policy including an application authentication policy when receiving the data charge burden product of the CP. In this case, when the data policy control apparatus 200 is informed of the completion of the dedicated network configuration for the data charging product of the CP from the core network, the data policy control apparatus 200 starts authentication for the dedicated network connection (third party charging) for the application designated by the CP.

In FIG. 4, a method of delivering a dedicated APN to a terminal has not been described in detail, but a method of delivering a dedicated APN to a terminal may be variously implemented according to the number of APNs supported by the terminal and the number of dedicated networks to which the terminal may access. Can be.

For example, when the number of APNs supported by the terminal is not limited, a dedicated network may be allocated for each CP and an APN for each dedicated network may be allocated. In this case, whenever there is a CP that subscribes to the data billing product, the CP dedicated network access information (dedicated APN) can be provided to the terminal.

However, when the number of APNs supported by the terminal is limited, the dedicated APN and the public APN may be distinguished according to the number of APNs. If the terminal supports two APNs, the terminal creates network interfaces in the operating system (OS) kernel as a common APN (default APN) for accessing the public network and a dedicated APN for accessing the dedicated network, and accesses the dedicated network. You can prepare. Thereafter, the terminal may map the authenticated third party charging application to the dedicated APN network interface to route traffic of the third party charging application to the dedicated network. In this case, the CPs share the private network.

FIG. 5 is a flowchart illustrating a method of controlling a real-time data billing service by a data policy controlling device according to an embodiment, and FIG. 6 is a flowchart of a method of controlling a real-time data charging service by a data policy controlling device according to another embodiment. to be.

Referring to FIG. 5, the data policy control apparatus 200 monitors a data remaining amount changed according to traffic transmission / reception in a CP dedicated network (S210).

When the data remaining amount of the specific CP reaches the contract limit, the data policy control device 200 notifies the corresponding CP device of the data exhaustion schedule (S220).

The data policy control device 200 receives a request for data addition from the CP device (S230).

The data policy control apparatus 200 updates the data charge burden policy of the CP (S240).

The data policy control device 200 informs the CP device of the data charge burden policy update (S250).

Referring to FIG. 6, the data policy control apparatus 200 monitors the amount of data remaining changed according to traffic transmission / reception in a CP dedicated network (S310).

When the data remaining amount of the specific CP reaches the contract limit, the data policy control device 200 notifies the corresponding CP device of the data exhaustion schedule (S320).

If the data charge burden policy of the CP is not updated (data added) and the data remaining amount is exhausted, the data policy control apparatus 200 deletes the dedicated network information allocated to the third party billing application of the CP from the application authentication policy. (S330).

The data policy control apparatus 200 instructs terminals that are permitted to access the private network to the third party billing application and instructs release of authentication for the dedicated network connection of the corresponding application (S340). The data policy control apparatus 200 determines that the exclusive network use authority of the third party billing application has expired when an event such as a case where the contract data amount is exhausted or the contract with the CP is terminated occurs. In addition, the data policy control apparatus 200 transmits to the terminal 300 authentication release information indicating that the third party billing application does not have a right to use a dedicated network.

The terminal 300 notified of the authentication release changes the routing policy so that the third party charging application accesses the network to the public APN charged to the user (S350). That is, the routing policy of the third party billing application is changed from the dedicated APN to the public APN. The terminal 300 may respond to the authentication release notification to the data policy control apparatus 200.

The terminal 300 indicates that the third party billing application is changed to a general application for which the user is billed (S360). The terminal 300 changes the routing policy from the CP dedicated APN to the common APN charged to the user, and then displays the state change to the general application. For example, the terminal 300 may delete the third party billing display displayed on the application icon or delete the corresponding application from the routing container included in the third party billing applications.

Meanwhile, in order to map an application and a specific APN, an application (PDN Select API) for specifying a network interface of a terminal operating system (OS) is separately included in the application. However, this method requires the application to include the PDN Select API, and it is difficult to change the routing information in real time according to the data charging policy or the authentication policy.

Next, a method of changing the application-specific network access information (dedicated APN, public APN) according to the control of the data policy control apparatus 200 will be described. Through this, the terminal 300 may connect a network interface allocated with a dedicated APN to an application designated by a third party or connect a network interface assigned with a common APN under the control of the data policy control apparatus 200. Through this, specific application traffic may be transmitted to a dedicated network / public network under the control of the data policy control apparatus 200, and may activate a data charging service of a third party (CP).

7 is a diagram conceptually illustrating a routing container based application routing control structure according to an embodiment, and FIG. 8 is a diagram conceptually illustrating a routing policy management based application routing control structure according to another embodiment.

Referring to FIGS. 7 and 8, in order to branch (routing) the traffic of the application authenticated from the data policy control apparatus 200 to the dedicated network, the terminal 300 routes the application authenticated to the dedicated network to the dedicated APN. Function is required The routing function may be implemented according to an application framework and an operating system (OS) of the terminal.

First, referring to FIG. 7, when the application framework of the terminal 300a and the operating system provide the application unit routing function, the terminal 300a communicates with the data policy control apparatus 200 to establish a dedicated network connection for a specific application. Routing Authentication 310 for authenticating or deauthenticating, Routing management unit 330a for integrating routing rules for applications, and Routing container 350 for managing dedicated network access information for specific authenticated applications. ). The routing manager 330a manages not only a routing rule (general routing rule) for the public network connection, but also a routing rule (dedicated routing rule) for the routing container 350. The general routing rule may include a routing rule that connects App1 / App2 to the public APN.

When the routing authentication unit 310 receives a request for a dedicated network access to the app 3 / app 4 from the user, the routing authentication unit 310 requests the data policy control device 200 to authenticate the access to the dedicated network of the app 3 / app 4. The routing authentication unit 310 receives an authentication result for the dedicated network connection from the data policy control apparatus 200.

If the dedicated network connection of the App 3 / App 4 is permitted, the routing manager 330a sets a dedicated routing rule for mapping the App 3 / App 4 to the dedicated APN. That is, the routing manager 330a manages a dedicated routing rule so that App3 / App4 is connected to the dedicated APN through the routing container 350.

The routing container 350 is assigned a virtual network interface for connecting an application group authenticated by the data policy control apparatus 200 to a private network according to a dedicated routing rule.

If two APNs are configured in the terminal, a common APN (default APN) for accessing the public network and a dedicated APN for accessing the dedicated network may be configured. The dedicated APN is an intranet APN assigned to an enterprise dedicated network connected to an intranet of a specific company as shown in FIG. 7A, or a CP dedicated network connected to a content server of a specific CP as shown in FIG. 7B. It may be an assigned sponsor APN.

Referring to (a) of FIG. 7, it is assumed that a plurality of applications are installed in the terminal 300a, and among these, the app 3 and the app 4 are specific company-specific applications connected to a corporate network of a specific company. It is assumed that the amount of data used in a specific company-specific application is borne by the specific company. In this case, the data policy control apparatus 200 configures a corporate dedicated network and configures a dedicated network for delivering traffic generated in the App 3 and the App 4 to an internal network of a specific company.

When the routing authentication unit 310 is authorized to access the dedicated network of the app 3 / app 4 from the data policy control device 200, the app 3 / app 4 is mapped to the routing container 350 connected to the dedicated APN. This makes App3 / App4 accessible to the private network. The routing container 350 may be a container for a specific enterprise-specific application.

When App3 / App4 is running, traffic from App3 / App4 is sent to a dedicated network connected via a dedicated APN.

If the routing authenticator 310 receives the authentication deactivation of the app 3 / app 4 from the data policy control device 200, the routing manager 330a maps the app 3 / app 4 to the general routing rule. Then, the App 3 / App 4 is connected to the public APN according to the general routing rules instead of the routing container 350 connected to the dedicated APN.

Referring to FIG. 7B, it is assumed that a plurality of applications are installed in the terminal 300a, and the app 3 and the app 4 are sponsored applications in which a specific CP provides a third party billing service. It is assumed that the amount of data used in the sponsor application is borne by a specific CP. In this case, the data policy control apparatus 200 configures a CP dedicated network allocation and a dedicated network for delivering traffic generated in App 3 and App 4 to a specific content server.

Dedicated network access authentication and private network access method for the sponsor application is similar to the enterprise-specific application described in Figure 7 (a). Even though the destination PDN of the dedicated APN and the public APN are the same Internet network, the traffic paths are separated according to the APN.

On the other hand, App 3 and App 4 is not necessarily a sponsor application provided by the same CP. That is, when App3 and App4 using the same dedicated network are charged to different CPs, the charging device may classify the applications based on the application identifier or the destination address, thereby charging data usage for each application.

Referring to FIG. 8, when the application framework of the terminal 300b and the operating system (OS) do not provide an application-specific routing function, the terminal 300b may map specific authenticated applications to the routing container 350 to route them. Can not.

To this end, since the terminal 300b does not provide an application-specific routing function, an inter-system mobility policy (ISMP) / inter-system routing (ISRP) of an access network discovery and selection function (ANDSF). Policy) can be used. ISMP may define a connection preference network among LTE / WiFi, and ISRP may define a connection preference network according to the APN of a destination data network (PDN). However, since ISMP / ISRP has only an IP flow routing rule based on a source / destination, an ANDSF management unit 370 for setting an application based routing policy is added.

The ANDSF management unit 370 may further define application-specific APNs according to the extended management object (MO). Here, the extended MO is an extension of the MO defining the APN and the access network to the application and is defined so that the application-APN access network can be routed as a full set. The extended MO may be further implemented in the ANDSF related model implemented in the terminal. In this way, the ANDSF management unit 370 may provide the authentication information of the dedicated network and the application required by the ISRP through the extended MO. The algorithm in which the ANDSF management unit 370 adds / deletes / updates an application-based routing policy may follow a standard of OMA-DM (Device Management).

As shown in FIG. 7, when the routing authentication unit 310 authenticates the dedicated network connection of the app 1 from the data policy control device 200, the routing authentication unit 310 transmits the exclusive network access information (dedicated APN) of the app 1 to the ANDSF management unit 370. Then, the ANDSF management unit 370 reflects the dedicated network access information (dedicated APN) of the App 1 to the routing management unit 330b.

When the app 1 is executed, the routing manager 330b is connected to the dedicated network through the dedicated APN according to the routing rule mapped to the app 1.

If the routing authenticator 310 receives the authentication deactivation of the App 1 from the data policy control device 200, the ANDSF management unit 370 changes the APN of the App 1 to the public APN and reflects it to the routing management unit 330b. .

9 is a diagram illustrating a dedicated network connection in a routing container based terminal structure according to an embodiment.

Referring to FIG. 9, the terminal 300 communicates with the data policy control apparatus 200 to prepare a dedicated network connection, and manages network access information (APN) and network interface through a profile as shown in Table 2. The terminal 300 is a subscriber terminal capable of accessing a dedicated network, and may be a subscriber of a dedicated network product or a third party billing application subscriber.

Service type	APN	Network interface	Virtual interface
General LTE (Wireless Network # 1)	lte.kt.com	rmnet0	-
MMS	lte.kt.com	rmnet0	-
IMS	ims.kt.com	rmnet1	-
Dedicated LTE (Wireless Network # 2)	special.lte.kt.com	rmnet2	vEthernet1

Referring to (a) of FIG. 9, in order to access a dedicated network based on a routing container, the terminal 300 provides a dedicated APN (Special.lte.kt.com) to a dedicated network (wireless network # 2) network interface rmnet2. Assign. The terminal 300 may update the dedicated APN under the control of the data policy control apparatus 200. The terminal 300 connects the virtual network interface vEthernet1 and the network interface rmnet2 of the routing container. The virtual network interface vEthernet1 may be connected to the global network interface of the terminal at the L2 level. If the terminal supports a plurality of APN settings, a plurality of routing containers may be created corresponding to APNs for each dedicated network.

Referring to FIG. 9B, when the data policy control apparatus 200 permits access to a dedicated network of the app 3 / app 4, the terminal 300 accesses the virtual network interface of the routing container with respect to the app 3 / app 4. Set the routing rule that connects to (vEthernet1). Since the virtual network interface vEthernet1 is mapped one-to-one to the dedicated network (wireless network # 2) network interface rmnet2, the traffic of App3 / App4 is routed to the dedicated network (wireless network # 2) network interface rmnet2. App 1 / App 2 has a routing rule for accessing the public network (wireless network # 1) is set, can be authenticated for access to the private network from the data policy control device 200. Then, App 1 / App 2 is also subject to the routing rules connected to the virtual network interface (vEthernet1) of the routing container.

Meanwhile, an application container for applications connected to the virtual network interface vEthernet1 of the routing container may be created in the application layer. In the following, the terminal distinguishes and displays a third party billing application (or a private network access application) and a general application (or a public network access application) charged to an individual user through an application container, and describes a method of authenticating a private network connection. do.

10 is an example of a terminal interface screen including an application container according to an embodiment.

Referring to FIG. 10A, an application container 400 is used as a user interface for distinguishing between an application charged to a third party and an application charged to an individual user. The application container 400 may be in the form of a folder / box, and an authenticated third party billing application may be located in the application container 400. In this case, the user moves an application located outside the application container into the application container by various methods such as drag and drop, and the terminal 300 transmits the third party billing of the corresponding application to the data policy control device 200. May request certification. In addition, the dedicated network may not be used by moving out of the application container. The application container 400 may be managed and protected by a mobile device management (MDM) solution.

The terminal 300 places only applications authenticated by the data policy control apparatus 200 in the application container 400. The terminal 300 changes routing information so that applications located in the application container 400 can access a private network instead of a public network. If the application located in the application container moves out, the terminal 300 changes the routing information so that the application can access the public network instead of the private network.

To this end, the routing authentication unit 310 recognizes the application moved to the application container 400, requests authentication to the data policy control device 200, and manages the application to be included in the application container 400 according to the authentication result. . An application located in the application container 400 may have a dedicated APN mapped by the routing container 350 as shown in FIG. 7, or a dedicated APN mapped by the ANDSF management unit 370 as shown in FIG. 8.

Referring to FIG. 10B, an application authenticated by the data policy control apparatus 200 and granted access to a private network is finally moved out of an application container. If the application is finally located outside the application container, the application cannot connect to the private network.

On the other hand, the data policy control apparatus 200 does not permit access to the private network, if the application requested for authentication is not an application of a CP that provides a third party billing service.

In addition, the data policy control apparatus 200 may not permit access to the private network according to the data charging burden policy even if the application for which authentication is requested is an application of a CP that provides a third party billing service. For example, the data policy control apparatus 200 may not permit access to a private network that the CP charges for an application for which authentication is required when the remaining amount of the total amount of data purchased by the CP is less than or equal to the reference value. Alternatively, when the CP charges only during a specific time period, the data policy control apparatus 200 may not permit access to a dedicated network charged by the CP to an application requesting authentication outside the contract time period.

Referring to FIG. 10C, when a user executes an application located in a container, the terminal 300 may request authentication from the data policy control apparatus 200.

When the terminal 300 receives an authentication release for a specific application located in the container from the data policy control device 200, the terminal 300 moves the released application out of the application container. When the terminal 300 stores the authentication deactivation condition, the application that satisfies the deauthentication condition may be moved out of the application container.

When the total amount of data purchased by the CP has been exhausted, the data policy control apparatus 200 may notify the terminal 300 of the release of authentication for a specific application located in the container. Alternatively, when the CP charges only during a specific time period, the data policy control apparatus 200 may notify the terminal 300 of the release of authentication for a specific application located in the container after the contract time period passes.

As such, the user may intuitively distinguish the third-party billing application and the user billing application through the application container, and may simply request authentication by moving the application to the application container. In addition, the terminal 300 manages routing information of applications included in the application container 400 by connecting the routing container 350 that sets the virtual network interface for the dedicated network connection to the application container 400 of the application layer. can do.

The data policy control apparatus 200 may put an application in the application container or remove the application from the application container by reflecting the data charge burden policy of the CP in real time.

11 is an example of a terminal interface screen displaying a third party billing application according to an embodiment.

Referring to FIG. 11, it may be displayed so that applications charged by third parties are classified for each application. An application icon displayed on the terminal interface screen may distinguish a third party billing application from a general application. In the case of the third-party billing application, the free badge may be attached to the icon or the icon design may be different.

In particular, when the CP provides individual data amount (eg, 200 Mbytes / month per customer) to each customer, the icon of the third party billing application may visually display the consumption / remaining amount of the allocated data amount. For example, the icons 500 and 510 of the third party billing application may include a gradation and additionally display the consumption / remaining amount of the data amount as the gradient concentration.

In the application list 520, an interface screen for checking the consumption amount, remaining amount, and QoS of the data amount of each application may be provided.

Even if the application is the target of the third party billing service, before the authentication, the third party billing may be displayed on the icon. When the user is authorized to access the private network by the data policy control apparatus 200 by performing a designated authentication operation (for example, moving an icon to a long touch or moving to an application container), the terminal 300 removes the authenticated application. It is possible to change the display (for example, to attach a free badge or to display a gradation) by a third party billing application. When the authentication is released by the data policy control apparatus 200, the terminal 300 may change an icon displayed as a third party billed application to a general application icon.

12 is a flowchart of a method of installing a third party billing application, according to an exemplary embodiment.

Referring to FIG. 12, the user downloads and installs a third party billing application from the application market, and then the terminal 300 interworks with the data policy control apparatus 200 to transfer traffic of the application to a dedicated network or to a public network. Change Therefore, the third party billing application may be similar to the installation method of a general application, but a CP or a company that distributes the application may subscribe only to a specific telecommunication company's dedicated network product, or the product promised by the telecommunication company may differ. Therefore, a network registration procedure is added when installing a third party billing application as follows.

The application market 600 registers a third party billing application and billing network information (for example, kt) (S410). The billing network information is the network information that CP subscribes to the product that third party billing, and in some cases, the CP subscribes to only some of the carrier products of a plurality of carriers and provides the third party billing service only to some carrier subscribers. can do.

The terminal 300 downloads installation information including the third party billing application and billing communication network information from the application market 600 (S420). The installation information may further include meta information for confirming the integrity of the installed third party billing application.

The terminal 300 checks the billing network information of the third party billing application, accesses the data policy control device 200 indicated by the billing network information, and notifies the third party billing application installation (S430). If, as a result of checking the charging burden network information, the terminal cannot use the communication network that the CP subscribed to the product paying the third party billing (for example, a third party subscriber), the third party charging application is the same as the general application. The communication step with the data policy control apparatus 200 is omitted.

The data policy control apparatus 200 registers a third party billing application installation of the terminal 300 in operation S440. Meanwhile, the data policy control device 200 may receive terminal information on which the third party billing application is installed from the application market 600 or the CP device 100.

According to an embodiment, the data policy control apparatus 200 authenticates the third party charging application of the terminal 300 according to the third party charging application authentication policy specified by the CP, and authenticates the third party with the terminal 300 that has been authenticated. The dedicated network access information for the billing application may be transferred (S450). Then, the terminal 300 may map the third party billing application that is permitted to access the dedicated network and the dedicated network access information (S460). This may allow the CP to unlimitedly charge the third party billing application, for example, in the case of an enterprise-only application, and permit access to the private network at the same time as the installation registration.

According to another embodiment, the CP may provide an application capable of third party charging, but may not be able to charge the third party according to the data charge burden policy. Therefore, after registering the installation of the third party billing application, the data policy control apparatus 200 may check the CP data charging burden policy and then transmit the dedicated network access information of the CP after receiving the request for access to the dedicated network from the terminal 300. Alternatively, the data policy control apparatus 200 transmits the dedicated network access information of the CP to the terminal 300 after registering the installation of the third party billing application, and when the private network access request is received from the terminal 300, the CP data charging burden policy is confirmed. After that, the CP can be granted access to the private network.

So far, the terminal 300 has linked to the data policy control apparatus 200 to route to a dedicated network on an application basis, and based on this, a service in which a third party bears a charge for traffic generated in the dedicated network has been described. Next, various communication services using the dedicated network allocation method for each application will be further described.

13 is a diagram illustrating a method for providing a CP center dedicated network service according to an embodiment.

Referring to FIG. 13, the CP purchases a large amount of data that can be used by a plurality of applications from a carrier. The data policy control apparatus 200 may configure a dedicated network for a plurality of applications designated by the CP and configure a network, and provide dedicated network access information to the terminal. In this case, the terminal may generate an application container for each CP. The user may download a CP application container including applications designated by a specific CP or add applications designated to the CP application container.

On the other hand, the CP may purchase a large amount of data that can be used by a plurality of applications from the telecommunications company, and sell a product that bears the data charge of the customer. This can be called a B2B2C service. That is, the CP may sell content through an application or an in-app purchase, and may also sell a communication network (dedicated network) product for the application.

For example, the CP subscribes to a carrier-only network product and purchases a large amount of data from a carrier for use by many applications. The CP may design at least one CP product (including a rate, a QoS level, etc.) that can accommodate a plurality of applications, and provide the same to a customer. That is, instead of the individual user subscribing to the telecommunication company's dedicated network product, the CP may subscribe to the telecommunication company's dedicated network product and provide the private network service to the applications of the CP.

The data policy control apparatus 200 controls the authenticated terminals to access the private network according to various data charging burden policies of the CPs, and controls to transmit and receive traffic of applications designated by the corresponding CP in the private network in the purchase data limit of each CP. .

The method of designing the amount of data and quality of service (QoS) contracted with a carrier and providing it to customers can be designed for various purposes such as marketing. For example, CP may sell CP goods to customers for a fee. In addition, the CP may provide a CP product to the customer free of charge, or may be charged for data usage issued by the customer using the application.

For example, CP dedicated network products may include the amount of data and / or QoS levels available for the dedicated network. The user subscribes to a CP-only network product and uses the dedicated network free of charge when using a specified application (CP pays for data usage), or uses a QoS-guaranteed dedicated network (charge for data usage is paid by an individual or CP. )can do. As shown in Table 3, CP-only network products can be variously designed by the CP.

CP name	application	Data amount / QoS	time	Plan
CP1	CP1 Designated Application	5 GB, QoS level	Until data is exhausted	oooowon / month
		3 GB, QoS level		oooowon / month
		1 GB, QoS level		oooowon / month
CP2	CP2 Designated Application	QoS level	Event	free

As a result, when the user uses an application designated in the CP application container, the user pays the network cost directly to the CP, and the CP can be guaranteed the QoS contracted with the carrier. FIG. 14 is a view illustrating a user-selectable dedicated network service according to an embodiment. It is a figure explaining a method.

Referring to FIG. 14, so far, a user subscribes to a single plan and uses a communication network within a data limit contracted by the plan. According to the present invention, a user can subscribe to a private network plan for accessing a private network, in addition to the public network plan for accessing a public network. The user can select the amount of data available on the private network. The data policy control apparatus 200 may provide a user interface for easily selecting a data amount as illustrated in FIG. 14A.

Referring to (b) of FIG. 14, the terminal provides an application container (eg, a GiGA cube) on a display screen, and a user includes an application in which the application container desires to transmit and receive traffic through a dedicated network. Then, as described above, the terminal sets the routing information so that applications contained in the application container can access the private network. To this end, the terminal obtains dedicated network access information (for example, dedicated network APN) from the data policy control apparatus 200 and sets a network interface. Applications located outside the application container connect to the public network.

For example, a user may subscribe to a dedicated network plan for an application requiring QoS and put the application in an application container to use the content. If the dedicated private network data amount is exhausted, the user can increase the data amount in the user interface as shown in FIG. In addition, the data policy control apparatus 200 monitors the dedicated network usage and, when the contracted dedicated network data amount is exhausted, releases the authentication of the applications contained in the application container by the routing authentication unit 310 of the terminal to control the access to the dedicated network. Can be. In this case, routing information is changed so that applications contained in the application container move out of the application container and access to the public network.

The embodiments of the present invention described above are not only implemented through the apparatus and the method, but may be implemented through a program for realizing a function corresponding to the configuration of the embodiments of the present invention or a recording medium on which the program is recorded.

Although the embodiments of the present invention have been described in detail above, the scope of the present invention is not limited thereto, and various modifications and improvements of those skilled in the art using the basic concepts of the present invention defined in the following claims are also provided. It belongs to the scope of rights.

Claims (20)

1. A method of providing a third party billing service by a data policy controlling device interworking with a core network and a terminal,

   Managing a third party data charge burden policy for a specific application, and dedicated network information allocated to the core network for transmitting and receiving traffic of the specific application;

   Controlling access to a dedicated network of the specific application installed in terminals based on the data charge burden policy; and

   Charging the third party with the amount of data used to transmit and receive traffic of the specific application in the dedicated network;

   Each terminal installed with the specific application transmits the traffic of the specific application to the dedicated network or to the public network under the control of the data policy control device.
2. In claim 1,

   Controlling access to the dedicated network of the specific application

   If the data charge burden policy is valid, permit access to a private network so that traffic of the specific application is transmitted to the private network,

   The terminal authorized to access the dedicated network sets a first routing policy for transmitting traffic of the specific application to the dedicated network using the dedicated network access information.
3. In claim 2,

   The dedicated network connection information is

   And an access point name (APN) of the dedicated network assigned to the core network.
4. In claim 1,

   The data charge burden policy includes the amount of purchase data of the third party,

   Controlling access to the dedicated network of the specific application

   When the amount of data charged to the third party reaches the purchase data amount of the third party, the terminal is authorized to access the dedicated network for the specific application, and instructs to release authentication for the dedicated network connection.

   Each deauthenticated terminal changes to a second routing policy for transmitting traffic of the specific application to a public network.
5. In claim 1,

   Controlling access to the dedicated network of the specific application

   Transmitting dedicated network access information allocated to the specific application to the terminals;

   Receiving an authentication request for access to a dedicated network of the specific application from any one of the terminals, and

   Authenticating a dedicated network connection to the specific application based on the application authentication policy set by the third party, and allowing the dedicated terminal to access the private network;

   Traffic of the specific application executed in the arbitrary terminal is transmitted to the private network corresponding to the dedicated network access information, the third party billing service providing method.
6. In claim 5,

   The application authentication policy is

   And an identifier and integrity information of the specific application.
7. In claim 1,

   The specific application is a method for providing a third party billing service, which is an enterprise-only application connected to a corporate internal network or an application connected to a content server through an internet network.
8. In claim 1,

   Monitoring the remaining amount of the purchase data amount of the third party that varies with the transmission and reception of traffic in the dedicated network, and notifying the remaining amount to the third party; and

   Updating the data charge burden policy when requested to add data from the third party;

   The third party billing service providing method further comprising.
9. In claim 1,

   Charging to the third party

   When traffic to be charged to a plurality of third parties is transmitted and received together in the dedicated network, the traffic transmitted and received in the dedicated network is billed to a third party corresponding to each application by classifying each application, the third party billing service providing method.
10. A method for a terminal to route traffic of an application to a designated network,

    Requesting authentication for access to a private network of a specific application to a data policy control device;

    Receiving an authentication result from the data policy control device to permit access to the private network of the specific application; and

    Setting a routing policy for transmitting traffic of the specific application to a dedicated network assigned to the specific application;

    Traffic of the specific application is delivered to the dedicated network generated in the core network based on the dedicated network access information while authentication for the dedicated network connection is valid.
11. In claim 10,

    The requesting authentication for accessing the private network may include

    When a user action of moving the specific application displayed on a user interface screen into a specific area is inputted, the data policy control device requests authentication for access to the private network of the specific application.

    If the private network access is granted from the data policy controlling device, the specific application is located in the specific area; and if the private network access is not permitted from the data policy controlling device, the specific application is located outside the specific area.
12. In claim 11,

    The requesting authentication for accessing the private network may include

    When the execution request for the specific application located in the specific area is input, request the authentication for the dedicated network access of the specific application to the data policy control device, and if the private network access is not permitted from the data policy control device, A routing method for moving an application out of the specific area.
13. In claim 10,

    Receiving an authentication release from the data policy control device for a dedicated network connection to the specific application; and

    Changing to a routing policy for transmitting traffic of the specific application to a public network

    Routing method further comprising.
14. In claim 10,

    Setting the routing policy

    A routing policy of the specific application is set by mapping the specific application that is allowed to access the dedicated network to a routing container to which a virtual network interface is assigned.

    The virtual network interface is connected to the first network interface to connect to the private network,

    Applications that are not mapped to the routing container have a routing policy set to a second network interface that connects to a public network.
15. In claim 10,

    And when the specific application is a third party charging application in which a third party charges data, the specific application indicates that the third party charging application is displayed on a user interface screen while authentication for a dedicated network connection is valid.
16. In claim 10,

    Setting the routing policy

    Managing first network access information for public network access and at least one second network access information for at least one private network access, and if the private network access of the specific application is permitted, a second network connection corresponding to the authorized private network; Mapping information to the specific application, and mapping the first network connection information to the specific application if the private network connection of the specific application is not permitted.
17. In claim 10,

    The specific application is an enterprise-specific application or a third party billing application that the third party charges data charge.
18. As a method for the terminal to install a third party billing application,

    Downloading and installing installation information including third party billing applications and billing network information from the application marketplace;

    Notifying the installation of the third party billing application by accessing a data policy control device indicated by the billing network information; and

    Setting a routing policy for mapping the private network access information received from the data policy control device to the third party billing application;

    And the traffic of the third party billing application is delivered to the private network corresponding to the dedicated network access information while the authentication for the private network access is valid.
19. The method of claim 18,

    Setting the routing policy

    A third party that requests the data policy controlling device for authentication for access to the private network of the third party billing application, and sets the routing policy upon receiving an authentication result including a dedicated network access permission from the data policy controlling device; How to install the billing application.
20. The method of claim 18,

    Receiving, from the data policy control device, an authorization release for a dedicated network connection to the third party billing application; and

    Setting a routing policy for changing the private network access information mapped to the third party billing application to the public network access information;

    Third party billing application installation method further comprising a.

Images