CN108124258A - A kind of control method and network monitoring apparatus of terminal communication service - Google Patents
A kind of control method and network monitoring apparatus of terminal communication service Download PDFInfo
- Publication number
- CN108124258A CN108124258A CN201611074999.XA CN201611074999A CN108124258A CN 108124258 A CN108124258 A CN 108124258A CN 201611074999 A CN201611074999 A CN 201611074999A CN 108124258 A CN108124258 A CN 108124258A
- Authority
- CN
- China
- Prior art keywords
- user
- terminal
- communication service
- information
- app
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 238000004891 communication Methods 0.000 title claims abstract description 134
- 238000000034 method Methods 0.000 title claims abstract description 39
- 238000012544 monitoring process Methods 0.000 title claims description 5
- 238000012806 monitoring device Methods 0.000 claims abstract description 16
- 238000010586 diagram Methods 0.000 description 10
- 238000012545 processing Methods 0.000 description 4
- 238000004458 analytical method Methods 0.000 description 2
- 230000006399 behavior Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000003672 processing method Methods 0.000 description 2
- 238000013475 authorization Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
- H04W24/02—Arrangements for optimising operational condition
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Telephonic Communication Services (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
本发明公开了一种终端通信业务的控制方法,包括:接收终端发送的用户鉴权请求信息,所述用户鉴权请求信息中携带有所述终端的用户标识信息;根据所述用户鉴权请求信息进行用户标识鉴权,若用户标识鉴权通过,则在设定数据库中查找与所述用户标识信息对应的用户身份信息,并基于所述用户身份信息中的子信息判断所述终端的用户是否为业务受限用户;确定所述终端的用户为业务受限用户时,为所述用户提供设定的通信业务。本发明同时还公开了一种网络监控装置。
The invention discloses a terminal communication service control method, comprising: receiving user authentication request information sent by a terminal, the user authentication request information carrying the user identification information of the terminal; according to the user authentication request information to perform user identification authentication, if the user identification authentication is passed, then search the user identity information corresponding to the user identification information in the setting database, and judge the user of the terminal based on the sub-information in the user identity information Whether it is a service-restricted user; when it is determined that the user of the terminal is a service-restricted user, provide the user with a set communication service. The invention also discloses a network monitoring device at the same time.
Description
技术领域technical field
本发明涉及通信技术,尤其涉及一种终端通信业务的控制方法及网络监控装置。The invention relates to communication technology, in particular to a terminal communication service control method and a network monitoring device.
背景技术Background technique
随着经济社会和通信网络技术的快速发展,移动终端比如手机、平板电脑等的用户数量越来越多,但是移动终端所带来的问题也引起了人们的重视,而对未成年人带来的影响更是人们关注的重点。许多家长为方便与子女联系和满足子女学习的需要,给未成年的子女购买了手机。虽然手机在一定程度上给这些未成年人提供了便捷服务,但是由于未成年人的安全意识不强、自控能力差,手机也同样容易对未成年人的正常成长和学习产生诸多危害,比如容易使未成年人沉溺于网络,甚至是陷入不良网站而不能自拔。With the rapid development of economy, society and communication network technology, the number of users of mobile terminals such as mobile phones and tablet computers is increasing. The impact is the focus of people's attention. Many parents buy mobile phones for their underage children in order to facilitate contact with their children and meet their learning needs. Although mobile phones provide convenient services to these minors to a certain extent, due to minors' lack of safety awareness and poor self-control ability, mobile phones are also likely to cause many harms to the normal growth and learning of minors, such as easy Make minors addicted to the Internet, or even fall into bad websites and cannot extricate themselves.
针对这些问题,现有的技术方案大多是通过家长控制未成年人的手机上网权限进行解决。但是,现有的基于手机端的家长控制系统,基本上仅是在接入家庭网关或者无线网络中时控制上网权限。然而,未成年人的大部分时间都是在学校进行学习和生活,因此手机接入无线网络比较困难。所以,未成年人在学校基本都是使用运营商的流量进行上网。此时,家长就较难对未成年人的上网行为进行有效的监管;而且,现有技术方案需要家长预先手工配置不同用户名、密码和不同连接的绑定关系,对用户要求较高。For these problems, most of the existing technical solutions are solved by parents controlling the minors' mobile Internet access rights. However, the existing parental control systems based on mobile phones basically only control Internet access rights when accessing a home gateway or a wireless network. However, minors spend most of their time studying and living at school, so it is difficult for mobile phones to access wireless networks. Therefore, minors basically use the traffic of operators to surf the Internet at school. At this time, it is more difficult for parents to effectively supervise the online behavior of minors; moreover, existing technical solutions require parents to manually configure the binding relationship of different user names, passwords and different connections in advance, which has higher requirements for users.
发明内容Contents of the invention
有鉴于此,本发明实施例提供了一种终端通信业务的控制方法及网络监控装置,能够对业务受限用户的终端通信业务进行统一有效的监管。In view of this, the embodiments of the present invention provide a terminal communication service control method and a network monitoring device, which can uniformly and effectively monitor the terminal communication services of service-limited users.
为达到上述目的,本发明的技术方案实现过程如下:In order to achieve the above object, the technical solution of the present invention realizes the process as follows:
本发明实施例提供了一种终端通信业务的控制方法,所述方法包括:An embodiment of the present invention provides a method for controlling terminal communication services, the method comprising:
接收终端发送的用户鉴权请求信息,所述用户鉴权请求信息中携带有所述终端的用户标识信息;receiving user authentication request information sent by the terminal, the user authentication request information carrying the user identification information of the terminal;
根据所述用户鉴权请求信息进行用户标识鉴权,若用户标识鉴权通过,则在设定数据库中查找与所述用户标识信息对应的用户身份信息,并基于所述用户身份信息中的子信息判断所述终端的用户是否为业务受限用户;Perform user identity authentication according to the user authentication request information, and if the user identity authentication passes, search the user identity information corresponding to the user identity information in the setting database, and based on the subfield in the user identity information information to determine whether the user of the terminal is a service-restricted user;
确定所述终端的用户为业务受限用户时,为所述用户提供设定的通信业务。When it is determined that the user of the terminal is a service-restricted user, the set communication service is provided for the user.
上述方案中,所述子信息包括以下信息至少一种:年龄、职业;所述用户标识信息包括国际移动用户识别码IMSI。In the above solution, the sub-information includes at least one of the following information: age and occupation; the user identification information includes an International Mobile Subscriber Identity (IMSI).
上述方案中,所述为所述用户提供设定的通信业务,包括:In the above solution, the provision of the set communication service for the user includes:
判断用户的通信业务请求的时间是否在所述用户标识信息对应的允许使用通信业务时间内,若不在,则禁止所述用户标识信息对应的终端使用通信业务。Judging whether the time of the user's communication service request is within the allowed communication service time corresponding to the user identification information, if not, prohibiting the terminal corresponding to the user identification information from using the communication service.
上述方案中,当所述通信业务为网络数据业务时,所述判断出用户的通信业务请求的时间在所述用户标识信息对应的允许使用通信业务时间内之后,所述方法还包括:In the above solution, when the communication service is a network data service, the time of determining that the user's communication service request is after the time allowed for using the communication service corresponding to the user identification information, the method further includes:
判断所述终端当前已使用的流量是否大于或等于设定流量阈值,若大于或等于,则禁止所述终端使用网络数据业务。Judging whether the traffic currently used by the terminal is greater than or equal to a set traffic threshold, and if it is greater than or equal to, prohibiting the terminal from using network data services.
上述方案中,所述判断出所述终端当前已使用的流量小于设定流量阈值之后,所述方法还包括:In the above solution, after it is determined that the traffic currently used by the terminal is less than the set traffic threshold, the method further includes:
判断所述终端所访问的网址是否在设定网址白名单内,若不在,则禁止所述终端访问所述网址;judging whether the website accessed by the terminal is in the set website whitelist, if not, prohibiting the terminal from accessing the website;
和/或,判断所述终端使用的APP应用是否在设定APP白名单列表内,若不在,则禁止所述终端使用所述APP应用。And/or, determine whether the APP application used by the terminal is in the set APP whitelist list, and if not, prohibit the terminal from using the APP application.
上述方案中,当所述通信业务为下载APP应用时,所述方法还包括:In the above solution, when the communication service is downloading an APP application, the method further includes:
确定所述终端下载未包含在设定APP白名单列表内的新的APP应用时,判断所述新的APP应用是否满足设置的APP应用下载条件,若不满足,则禁止所述终端下载所述新的APP应用。When it is determined that the terminal downloads a new APP application that is not included in the set APP whitelist, it is determined whether the new APP application meets the set APP application download conditions, and if not, the terminal is prohibited from downloading the APP application. New APP application.
上述方案中,所述方法还包括:In the above scheme, the method also includes:
接收针对允许使用通信业务时间、流量阈值、网址白名单、APP白名单列表的至少之一的更新请求;Receive an update request for at least one of allowed communication service time, traffic threshold, URL whitelist, and APP whitelist;
根据所述更新请求对所述允许使用通信业务时间、所述流量阈值、所述网址白名单、所述APP白名单列表的至少之一进行更新。At least one of the allowed communication service time, the traffic threshold, the URL whitelist, and the APP whitelist is updated according to the update request.
本发明实施例提供了一种网络监控装置,所述网络监控装置包括:第一接收模块、鉴权模块、控制模块;其中,An embodiment of the present invention provides a network monitoring device, which includes: a first receiving module, an authentication module, and a control module; wherein,
所述第一接收模块,用于接收终端发送的用户鉴权请求信息,所述用户鉴权请求信息中携带有所述终端的用户标识信息;The first receiving module is configured to receive user authentication request information sent by a terminal, where the user authentication request information carries user identification information of the terminal;
所述鉴权模块,用于根据所述用户鉴权请求信息进行用户标识鉴权,若用户标识鉴权通过,则在设定数据库中查找与所述用户标识信息对应的用户身份信息,并基于所述用户身份信息中的子信息判断所述终端的用户是否为业务受限用户;The authentication module is configured to perform user identity authentication according to the user authentication request information, and if the user identity authentication is passed, search for user identity information corresponding to the user identity information in the setting database, and based on The sub-information in the user identity information judges whether the user of the terminal is a service-restricted user;
所述控制模块,用于确定所述终端的用户为业务受限用户时,为所述用户提供设定的通信业务。The control module is configured to provide a set communication service for the user when it is determined that the user of the terminal is a service-restricted user.
上述方案中,所述子信息包括以下信息至少一种:年龄、职业;所述用户标识信息包括国际移动用户识别码IMSI。In the above solution, the sub-information includes at least one of the following information: age and occupation; the user identification information includes an International Mobile Subscriber Identity (IMSI).
上述方案中,所述控制模块,具体用于:In the above solution, the control module is specifically used for:
判断用户的通信业务请求的时间是否在所述用户标识信息对应的允许使用通信业务时间内,若不在,则禁止所述用户标识信息对应的终端使用通信业务。Judging whether the time of the user's communication service request is within the allowed communication service time corresponding to the user identification information, if not, prohibiting the terminal corresponding to the user identification information from using the communication service.
上述方案中,当所述通信业务为网络数据业务时,所述控制模块,还用于在所述判断出用户的通信业务请求的时间在所述用户标识信息对应的允许使用通信业务时间内之后,判断所述终端当前已使用的流量是否大于或等于设定流量阈值,若大于或等于,则禁止所述终端使用网络数据业务。In the above scheme, when the communication service is a network data service, the control module is further configured to determine that the time of the user's communication service request is after the time allowed to use the communication service corresponding to the user identification information , judging whether the traffic currently used by the terminal is greater than or equal to a set traffic threshold, and if it is greater than or equal to, prohibiting the terminal from using network data services.
上述方案中,所述控制模块,还用于在所述判断出所述终端当前已使用的流量小于设定流量阈值之后,判断所述终端所访问的网址是否在设定网址白名单内,若不在,则禁止所述终端访问所述网址;In the above solution, the control module is further configured to determine whether the website accessed by the terminal is in the set website whitelist after it is determined that the traffic currently used by the terminal is less than the set traffic threshold, if If not, the terminal is prohibited from accessing the website;
和/或,在所述判断出所述终端当前已使用的流量小于设定流量阈值之后,判断所述终端使用的APP应用是否在设定APP白名单列表内,若不在,则禁止所述终端使用所述APP应用。And/or, after it is determined that the traffic currently used by the terminal is less than the set traffic threshold, it is judged whether the APP application used by the terminal is in the set APP whitelist list, and if not, the terminal is prohibited Use the APP application.
上述方案中,当所述通信业务为下载APP应用时,所述控制模块,还用于确定所述终端下载未包含在设定APP白名单列表内的新的APP应用时,判断所述新的APP应用是否满足设置的APP应用下载条件,若不满足,则禁止所述终端下载所述新的APP应用。In the above solution, when the communication service is to download an APP application, the control module is further configured to determine that the terminal downloads a new APP application that is not included in the set APP whitelist, and judges that the new APP application Whether the APP application satisfies the set APP application downloading condition, if not, prohibiting the terminal from downloading the new APP application.
上述方案中,所述控制模块包括第二接收模块、更新模块;其中,In the above solution, the control module includes a second receiving module and an updating module; wherein,
所述第二接收模块,用于接收针对允许使用通信业务时间、流量阈值、网址白名单、APP白名单列表的至少之一的更新请求;The second receiving module is configured to receive an update request for at least one of allowed communication service time, traffic threshold, URL whitelist, and APP whitelist;
所述更新模块,用于根据所述更新请求对所述允许使用通信业务时间、所述流量阈值、所述网址白名单、所述APP白名单列表的至少之一进行更新。The update module is configured to update at least one of the allowed communication service time, the traffic threshold, the URL whitelist, and the APP whitelist according to the update request.
本发明实施例提供的终端通信业务的控制方法及网络监控装置,接收终端发送用户鉴权请求信息,所述用户鉴权请求信息中携带有所述终端的用户标识信息;根据所述用户鉴权请求信息进行用户标识鉴权,若用户标识鉴权通过,则在设定数据库中查找与所述用户标识信息对应的用户身份信息,并基于所述用户身份信息中的子信息判断所述终端的用户是否为业务受限用户;确定所述终端的用户为业务受限用户时,为所述用户提供设定的通信业务。可见,本发明实施例根据终端发送的用户鉴权请求信息对所述终端的用户进行用户标识鉴权,且在用户标识鉴权通过之后,根据所述终端的用户身份信息判断所述终端的用户是否为业务受限用户,若判定所述终端的用户为业务受限用户,则为所述用户提供设定的通信业务,即对与所述用户标识信息对应的终端通信业务进行控制,所设定的通信业务内容可包括:上网时间控制、网络流量用量控制、网络访问对象控制等,从而实现了对业务受限用户的终端通信业务进行统一有效的监管,且操作简单、方便。In the terminal communication service control method and network monitoring device provided in the embodiments of the present invention, the receiving terminal sends user authentication request information, and the user authentication request information carries the user identification information of the terminal; according to the user authentication Requesting information for user identification authentication, if the user identification authentication is passed, then searching the user identity information corresponding to the user identification information in the setting database, and judging the identity of the terminal based on the sub-information in the user identity information Whether the user is a service-restricted user; when it is determined that the user of the terminal is a service-restricted user, provide the user with a set communication service. It can be seen that the embodiment of the present invention performs user ID authentication on the user of the terminal according to the user authentication request information sent by the terminal, and after the user ID authentication passes, judges the user of the terminal according to the user identity information of the terminal Whether it is a service-restricted user, if it is determined that the user of the terminal is a service-restricted user, then provide the user with the set communication service, that is, control the terminal communication service corresponding to the user identification information, the set The specified communication service content may include: Internet time control, network traffic usage control, network access object control, etc., so as to realize unified and effective supervision of terminal communication services of users with limited services, and the operation is simple and convenient.
本发明的有益效果是:本发明实施例提供的终端通信业务的控制方法及网络监控装置能够对业务受限用户的终端通信业务进行统一有效的监管,即只要当业务受限用户使用运营商的网络或流量时,便只会给该业务受限用户提供设定的通信业务;对于未成年用户而言,能够将未成年用户的上网行为限制在设定的允许上网时间段、允许访问的网站和APP应用内,以保护未成年人的正常成长和学习;并且,可在网络侧自动统一管理业务受限用户以及设定的通信业务,比如配置或更新业务受限用户的允许上网时间段、流量阈值等,无需家长一一进行预置,使操作简单、方便。The beneficial effect of the present invention is that: the terminal communication service control method and the network monitoring device provided by the embodiment of the present invention can uniformly and effectively monitor the terminal communication services of service-restricted users, that is, as long as the service-restricted users use the operator's network or traffic, it will only provide the set communication service to the user with limited business; for the underage user, the online behavior of the underage user can be limited to the set time period allowed to surf the Internet and the websites allowed to visit and APP applications to protect the normal growth and learning of minors; and, it can automatically and uniformly manage service-restricted users and set communication services on the network side, such as configuring or updating service-restricted users. Flow thresholds, etc., do not require parents to preset one by one, making the operation simple and convenient.
附图说明Description of drawings
图1为本发明实施例终端通信业务的控制方法的实现流程示意图;FIG. 1 is a schematic diagram of an implementation flow of a method for controlling a terminal communication service according to an embodiment of the present invention;
图2为本发明实施例中所述终端接入网络侧的系统组成示意图;FIG. 2 is a schematic diagram of the system composition of the terminal access network side in the embodiment of the present invention;
图3为本发明实施例终端通信业务的控制方法的具体实现流程示意图;FIG. 3 is a schematic diagram of a specific implementation flow of a method for controlling a terminal communication service according to an embodiment of the present invention;
图4为本发明实施例中所述网络侧对所述手机的用户使用上网业务进行控制的具体处理流程示意图一;FIG. 4 is a schematic diagram of a specific processing flow of the network side controlling the use of the Internet service by the user of the mobile phone in the embodiment of the present invention;
图5为本发明实施例中所述网络侧对所述手机的用户下载APP应用进行控制的具体处理流程示意图二;FIG. 5 is a second schematic diagram of the specific processing flow of the network side controlling the downloading of the APP application by the user of the mobile phone in the embodiment of the present invention;
图6为本发明实施例网络监控装置的组成结构示意图。FIG. 6 is a schematic diagram of the composition and structure of a network monitoring device according to an embodiment of the present invention.
具体实施方式Detailed ways
本发明实施例终端通信业务的控制方法的实现流程如图1所示,该方法包括:The implementation process of the control method of the terminal communication service in the embodiment of the present invention is shown in Figure 1, the method includes:
步骤101:接收终端发送的用户鉴权请求信息,所述用户鉴权请求信息中携带有所述终端的用户标识信息;Step 101: receiving user authentication request information sent by the terminal, the user authentication request information carrying the user identification information of the terminal;
具体地,当终端需要连接和/或使用网络、且所述终端与基站相互之间的鉴权通过之后,所述终端通过所述基站向网络侧发送携带有所述终端的用户标识信息的用户鉴权请求信息,以请求网络侧中的运营商核心网对所述终端的用户进行鉴权,则网络侧接收所述终端发送的用户鉴权请求信息,以根据所述用户鉴权请求信息进行用户标识鉴权。Specifically, when the terminal needs to connect to and/or use the network, and after the mutual authentication between the terminal and the base station passes, the terminal sends the user ID information carrying the user identification information of the terminal to the network side through the base station. Authentication request information, to request the operator core network in the network side to authenticate the user of the terminal, then the network side receives the user authentication request information sent by the terminal, and performs authentication according to the user authentication request information User ID authentication.
所述终端可以是手机、平板电脑等;所述网络可以是移动网络;所述终端的用户标识信息可以是所述终端中用户识别模块(Subscriber Identity Module,SIM)即SIM卡的国际移动用户识别码(International Mobile Subscriber Identification Number,IMSI),也可以是所述终端的国际移动设备标识(International Mobile Equipment Identity,IMEI)。The terminal can be a mobile phone, a tablet computer, etc.; the network can be a mobile network; the subscriber identification information of the terminal can be a Subscriber Identity Module (Subscriber Identity Module, SIM) in the terminal, which is the International Mobile Subscriber Identity of the SIM card The code (International Mobile Subscriber Identification Number, IMSI), may also be the International Mobile Equipment Identity (International Mobile Equipment Identity, IMEI) of the terminal.
在步骤101之前,该方法还可包括:存储终端的用户身份信息和所述终端的用户标识信息至设定数据库,并在所述设定数据库中绑定所述用户身份信息与所述终端的用户标识信息。Before step 101, the method may further include: storing the user identity information of the terminal and the user identity information of the terminal in a setting database, and binding the user identity information and the terminal's identity information in the setting database User identification information.
具体地,预先将所述终端的用户身份信息和所述终端的用户标识信息存储至网络侧的设定数据库中,并在所述设定数据库中将所述用户身份信息与所述终端的用户标识信息绑定,以实现根据所述终端的用户标识信息便可在所述设定数据库中获取所述用户身份信息。Specifically, the user identity information of the terminal and the user identification information of the terminal are stored in a setting database on the network side in advance, and the user identity information and the user of the terminal are stored in the setting database. The identification information is bound, so that the user identity information can be acquired in the setting database according to the user identification information of the terminal.
所述用户身份信息包括但不限于性别、身高、年龄、职业、身份证号码等;所述年龄既可以单独用数字表示,也可以通过身份证号码表示;比如,身份证号码中的第7位至第14位为出生日期,将该出生日期与当前时间日期进行比对则可获知年龄;所述职业包括但不限于学生、工人、公务员等类别,所述学生还可以进一步细分为小学生、中学生、大学生等。The user identity information includes but is not limited to gender, height, age, occupation, ID number, etc.; the age can be represented by numbers alone or by ID number; for example, the seventh digit in the ID number The 14th digit is the date of birth, and the age can be known by comparing the date of birth with the current time and date; the occupations include but are not limited to students, workers, civil servants, etc., and the students can be further subdivided into primary school students, Middle school students, college students, etc.
在现有技术中,网络运营商通常都会预先将手机的终端用户标识信息如IMSI存储在核心网侧,以便实现后续在核心网侧执行的用户鉴权操作;当用户在网络运营商处给手机申请办理SIM卡时,网络运营商会存储分配给用户的SIM卡的IMSI信息至鉴权中心(AUthentication Centre,AUC)中,用以进行用户鉴权时判断用户是否为签约标识用户。In the prior art, network operators usually store the terminal user identification information of mobile phones such as IMSI on the core network side in advance, so as to realize subsequent user authentication operations performed on the core network side; When applying for a SIM card, the network operator will store the IMSI information of the SIM card assigned to the user in the authentication center (AUthentication Centre, AUC), which is used to determine whether the user is a subscription identification user when performing user authentication.
以LTE鉴权为例,所述终端接入网络侧的系统组成示意图,如图2所示;其中,演进分组核心网(Evolved Packet Core,EPC)中的网元包括移动管理单元(MobilityManagement Entity,MME)、归属签约用户服务器(Home Subscriber Server,HSS)、AUC、服务网关(Serving Gateway,S-GW)、分组数据网网关(Packet Data Network Gateway,P-GW)、策略和计费规则功能实体(Policy and Charging Rule Functionality,PCRF)等。Taking LTE authentication as an example, a schematic diagram of the system composition of the terminal access network side is shown in FIG. MME), home subscriber server (Home Subscriber Server, HSS), AUC, serving gateway (Serving Gateway, S-GW), packet data network gateway (Packet Data Network Gateway, P-GW), policy and charging rule functional entity (Policy and Charging Rule Functionality, PCRF) and so on.
当所述终端(User Equipment,UE)发起连接网络请求时,UE会向演进型移动基站eNodeB发送携带有所述UE的用户标识信息的用户鉴权请求信息;然后,eNodeB将接收到的来自所述UE发送的所述用户鉴权请求信息发送给MME;MME接收到所述eNodeB发送的所述用户鉴权请求信息后,向HSS/AUC发送认证信息请求(Authentication InformationRequset,AIR)消息,所述AIR消息中携带有所述用户鉴权请求信息,以使HSS/AUC根据所述用户鉴权请求信息进行用户标识鉴权。其中,网络监控模块为本发明实施例中增设的可控制终端接入网络的模块,用于当HSS/AUC对用户标识鉴权通过后,对用户身份信息进行鉴权,以根据鉴权结果对终端是否接入网络进行控制。When the terminal (User Equipment, UE) initiates a network connection request, the UE will send user authentication request information carrying the user identification information of the UE to the evolved mobile base station eNodeB; then, the eNodeB will receive the The user authentication request information sent by the UE is sent to the MME; after receiving the user authentication request information sent by the eNodeB, the MME sends an authentication information request (Authentication Information Request, AIR) message to the HSS/AUC, the The AIR message carries the user authentication request information, so that the HSS/AUC performs user identification authentication according to the user authentication request information. Among them, the network monitoring module is a module added in the embodiment of the present invention that can control the terminal to access the network, and is used to authenticate the user identity information after the HSS/AUC passes the user identification authentication, so as to Whether the terminal is connected to the network is controlled.
当所述终端为手机时,所述AIR消息中包含有所述手机的IMSI、公共陆地移动网络身份(Public Land Mobile Network Identity,PLMN Identity)等信息。When the terminal is a mobile phone, the AIR message includes information such as an IMSI of the mobile phone, a Public Land Mobile Network Identity (Public Land Mobile Network Identity, PLMN Identity), and the like.
这里,可将所述终端的用户标识信息、以及与所述终端的用户标识信息所绑定的所述终端的用户身份信息存储至归属位置寄存器(Home Location Register,HLR)中。Here, the user identity information of the terminal and the user identity information of the terminal bound to the user identity information of the terminal may be stored in a Home Location Register (Home Location Register, HLR).
步骤102:根据所述用户鉴权请求信息进行用户标识鉴权,若用户标识鉴权通过,则在设定数据库中查找与所述用户标识信息对应的用户身份信息,并基于所述用户身份信息中的子信息判断所述终端的用户是否为业务受限用户;Step 102: Perform user identity authentication according to the user authentication request information, and if the user identity authentication passes, search the user identity information corresponding to the user identity information in the setting database, and based on the user identity information The sub-information in judging whether the user of the terminal is a service-restricted user;
具体地,网络侧根据步骤101中终端发送的所述用户鉴权请求信息进行用户标识鉴权,若对所述终端的用户标识鉴权通过,则在设定数据库中查找与所述用户标识信息对应的用户身份信息,判断所述用户身份信息中的子信息是否符合业务受限用户的设定要求,若符合,则判定所述用户为业务受限用户,否则判定所述用户不是业务受限用户。Specifically, the network side performs user ID authentication according to the user authentication request information sent by the terminal in step 101, and if the user ID authentication of the terminal is passed, the network side searches for information related to the user ID in the setting database. Corresponding user identity information, determine whether the sub-information in the user identity information meets the setting requirements of the service-restricted user, if so, determine that the user is a service-restricted user, otherwise determine that the user is not a service-restricted user user.
无论对所述终端的用户标识鉴权是否通过,网络侧都会将所述用户标识鉴权结果反馈给所述终端,即:HSS/AUC根据所述AIR消息进行用户标识鉴权,若对用户标识鉴权通过,即判定所述UE的用户是签约标识用户时,则通过认证信息反馈(AuthenticationInformation Answer,AIA)消息将包含有用户标识鉴权成功通知的鉴权向量发送至MME,以使MME将所述用户标识鉴权成功通知发送给所述UE;若用户标识鉴权失败,即判定所述UE的用户不是签约标识用户时,则通过AIA消息将包含有用户标识鉴权失败通知的鉴权向量发送至MME,以使MME将所述用户标识鉴权失败通知发送给所述UE。Regardless of whether the user ID authentication of the terminal is passed, the network side will feed back the user ID authentication result to the terminal, that is, the HSS/AUC performs user ID authentication according to the AIR message, if the user ID If the authentication is passed, that is, when it is determined that the user of the UE is a subscriber ID user, the authentication information feedback (AuthenticationInformation Answer, AIA) message will be used to send the authentication vector containing the user identification authentication success notification to the MME, so that the MME will The user identity authentication success notification is sent to the UE; if the user identity authentication fails, that is, when it is determined that the user of the UE is not a subscriber identity user, the AIA message will include the user identity authentication failure notification. The vector is sent to the MME, so that the MME sends a notification of failure of the user identity authentication to the UE.
所述业务受限用户的设定要求可由用户或网络运营商在网络侧中进行设置,并存储在AUC或HLR中;所述设定要求需要根据所述用户身份信息进行设置;例如,当所述用户信息为年龄时,所述设定要求应设为年龄阈值;当用户信息为年龄和职业时,所述设定要求应设为年龄阈值或者职业类别,也可设为年龄阈值和职业类别。The setting requirement of the service-restricted user can be set by the user or network operator on the network side, and stored in the AUC or HLR; the setting requirement needs to be set according to the user identity information; for example, when the When the user information is age, the setting requirement should be set as age threshold; when the user information is age and occupation, the setting requirement should be set as age threshold or occupation category, or age threshold and occupation category .
这里,所述子信息可以是所述用户身份信息中的一种或多种信息,比如当所述用户身份信息包括年龄和职业时,所述子信息既可以是年龄或者职业,也可以是年龄和职业。当所述子信息为年龄时,所述设定要求根据需要被控制的对象即业务受限用户的年龄进行设置;例如,当需要对未成年人进行控制时,可将年龄小于18周岁作为业务受限用户的设定要求,只要与所述用户标识信息所绑定的所述终端的用户年龄小于18周岁,则可判定所述终端的用户为未成年人即业务受限用户。Here, the sub-information can be one or more types of information in the user identity information. For example, when the user identity information includes age and occupation, the sub-information can be either age or occupation, or age and career. When the sub-information is age, the setting requirements should be set according to the age of the object to be controlled, that is, the user with limited services; for example, when minors need to be controlled, the age under 18 can be set The setting requirements of the restricted user, as long as the user of the terminal bound with the user identification information is younger than 18 years old, it can be determined that the user of the terminal is a minor, that is, a service-restricted user.
步骤103:确定所述终端的用户为业务受限用户时,为所述用户提供设定的通信业务。Step 103: When it is determined that the user of the terminal is a service-restricted user, provide the user with a set communication service.
具体地,当根据步骤102中的判断结果而确定所述终端的用户为业务受限用户时,为所述用户提供设定的通信业务,以实现对所述终端通信业务的有效监管。Specifically, when it is determined according to the judgment result in step 102 that the user of the terminal is a service-restricted user, a set communication service is provided for the user, so as to realize effective supervision of the communication service of the terminal.
其中,所述通信业务包括以下至少一种:网络数据业务、语音通话业务、信息业务、APP应用下载业务;所述为所述用户提供设定的通信业务,包括:判断用户的通信业务请求的时间是否在所述用户标识信息对应的允许使用通信业务时间内,若不在,则禁止所述用户标识信息对应的终端使用通信业务,否则允许所述用户标识信息对应的终端使用通信业务。Wherein, the communication service includes at least one of the following: network data service, voice call service, information service, and APP application download service; the provision of the set communication service for the user includes: judging the communication service request of the user Whether the time is within the allowed communication service time corresponding to the user identification information, if not, prohibit the terminal corresponding to the user identification information from using the communication service, otherwise allow the terminal corresponding to the user identification information to use the communication service.
这里,运营商或用户在网络侧可预先设置所述允许使用通信业务时间,并存储所述允许使用通信业务时间至网络侧的数据库中,然后将终端的用户标识信息与对应的允许使用通信业务时间进行绑定,以实现对与所述用户标识信息对应的用户进行监管;当然,也可采用将用户身份信息与所述允许使用通信业务时间进行绑定;对于不同的用户标识信息,可设置不相同的允许使用通信业务时间,也可设置相同的允许使用通信业务时间;在现有技术中,由于同一张SIM卡可在多个手机中进行切换使用,如果将终端与允许该终端使用通信业务时间进行绑定,那么根据该SIM卡当前所在手机对应的允许使用通信业务时间对该手机通信业务进行控制,则可能不能够实现对该SIM卡的拥有者利用该手机进行通信业务的有效监管。Here, the operator or user can pre-set the allowed communication service time on the network side, store the allowed communication service time in the network side database, and then compare the terminal user identification information with the corresponding allowed communication service time. Bind the time to realize the supervision of the user corresponding to the user identification information; of course, it is also possible to bind the user identity information with the time allowed to use the communication service; for different user identification information, you can set Not the same time allowed to use the communication service can also be set to allow the same time to use the communication service; in the prior art, since the same SIM card can be switched and used in multiple mobile phones, if the terminal is allowed to use the communication service If the business time is bound, then the communication service of the mobile phone is controlled according to the allowed communication service time corresponding to the mobile phone where the SIM card is currently located, and it may not be possible to realize the effective supervision of the communication service of the SIM card owner using the mobile phone .
进一步地,当所述通信业务为网络数据业务时,在所述判断出用户的通信业务请求的时间在所述用户标识信息对应的允许使用通信业务时间内,则允许所述用户标识信息对应的终端使用通信业务之前,该方法还包括:Further, when the communication service is a network data service, when it is determined that the user's communication service request is within the allowed communication service time corresponding to the user identification information, the user identification information corresponding to the user is allowed to use the communication service. Before the terminal uses the communication service, the method further includes:
判断所述终端当前已使用的流量是否大于或等于设定流量阈值,若大于或等于,则禁止所述终端使用网络数据业务,否则允许所述终端使用网络数据业务。Judging whether the traffic currently used by the terminal is greater than or equal to a set traffic threshold, if greater than or equal to, prohibiting the terminal from using the network data service, otherwise allowing the terminal to use the network data service.
所述网络数据业务为依赖网络提供数据服务的业务,如访问网站;当网络侧设备判断出所述终端当前已使用的流量大于或等于设定流量阈值时,则禁止所述终端使用网络数据业务,可以达到节约流量及上网费用的目的。The network data service is a service that relies on the network to provide data services, such as accessing a website; when the network side device determines that the current traffic used by the terminal is greater than or equal to the set traffic threshold, the terminal is prohibited from using the network data service , can achieve the purpose of saving traffic and Internet access costs.
进一步地,在所述判断出所述终端当前已使用的流量小于设定流量阈值,则所述允许所述终端正常使用网络数据业务之前,该方法还包括:Further, before it is determined that the traffic currently used by the terminal is less than the set traffic threshold, and before allowing the terminal to use network data services normally, the method further includes:
判断所述终端所访问的网址是否在设定网址白名单内,若不在,则禁止所述终端访问所述网址,否则允许所述终端访问所述网址;Judging whether the website accessed by the terminal is in the set website whitelist, if not, prohibiting the terminal from accessing the website, otherwise allowing the terminal to access the website;
和/或,判断所述终端使用的APP应用是否在设定APP白名单列表内,若不在,则禁止所述终端使用所述APP应用,否则允许所述终端使用所述APP应用。And/or, determine whether the APP application used by the terminal is in the set APP whitelist list, if not, prohibit the terminal from using the APP application, otherwise allow the terminal to use the APP application.
这里,当网络侧判断出所述终端所访问的网址在设定网址黑名单内或不在设定网址白名单内时,禁止所述终端访问所述网址;当网络侧判断出所述终端使用的APP应用在设定APP黑名单列表内或不在设定APP白名单列表内时,禁止所述终端使用所述APP应用;如此,能够实现对所述终端通信业务的有效监管。Here, when the network side judges that the website visited by the terminal is in the set website blacklist or not in the set website whitelist, the terminal is prohibited from accessing the website; When the APP application is in the set APP blacklist list or not in the set APP whitelist list, the terminal is prohibited from using the APP application; in this way, the effective supervision of the terminal communication service can be realized.
另外,当所述通信业务为下载APP应用时,该方法还包括:In addition, when the communication service is to download an APP application, the method also includes:
确定所述终端下载未包含在所述设定APP白名单列表内的新的APP应用时,判断所述新的APP应用是否满足设置的APP应用下载条件,若满足,则允许所述终端下载所述新的APP应用,否则禁止所述终端下载所述新的APP应用。When it is determined that the terminal downloads a new APP application that is not included in the set APP whitelist, it is determined whether the new APP application satisfies the set APP application download condition, and if so, the terminal is allowed to download the APP application. the new APP application, otherwise the terminal is prohibited from downloading the new APP application.
所述APP应用下载条件可根据APP应用的类别、用途、所述设定APP白名单列表中已包含的APP应用等进行设置;例如,对于未成年人即未满18周岁的人,只有当需要下载的新APP应用为学习类时才可进行下载,如可允许下载英语流利说、开心词场等学习类APP应用,禁止下载愤怒的小鸟等游戏类APP应用。The APP application download conditions can be set according to the category and purpose of the APP application, the APP applications included in the set APP white list list, etc.; The downloaded new APP can only be downloaded when it is for learning. For example, the download of learning APPs such as English Liulishuo and Happy Cichang is allowed, and the download of game APPs such as Angry Birds is prohibited.
这里,当所述允许所述终端下载所述新的APP应用之后,还可将所述新的APP应用更新至所述设定APP白名单列表。Here, after the terminal is allowed to download the new APP, the new APP may also be updated to the set APP whitelist.
上述允许使用通信业务时间、流量阈值、网址白名单和黑名单、APP应用白名单列表和黑名单列表以及APP应用下载条件等都可由用户或运营商提前进行设置,并存储在网络侧的数据库中;此外,还可根据实际情况随时对所述数据库中的信息进行更新处理。The above-mentioned allowable communication service time, traffic threshold, URL whitelist and blacklist, APP application whitelist and blacklist, and APP application download conditions can be set in advance by users or operators and stored in the database on the network side ; In addition, the information in the database can also be updated at any time according to the actual situation.
进一步地,该方法还包括:Further, the method also includes:
接收针对允许使用通信业务时间、流量阈值、网址白名单、APP白名单列表的至少之一的更新请求;Receive an update request for at least one of allowed communication service time, traffic threshold, URL whitelist, and APP whitelist;
根据所述更新请求对所述允许使用通信业务时间、所述流量阈值、所述网址白名单、所述APP白名单列表的至少之一进行更新。At least one of the allowed communication service time, the traffic threshold, the URL whitelist, and the APP whitelist is updated according to the update request.
具体地,当接收到针对允许使用通信业务时间、流量阈值、网址白名单、APP白名单列表的至少之一的更新请求时,根据所述更新请求对所述允许使用通信业务时间、所述流量阈值、所述网址白名单、所述APP白名单列表的至少之一进行更新,以更好的对终端通信业务进行控制。Specifically, when an update request for at least one of the allowed communication service time, traffic threshold, URL whitelist, and APP whitelist is received, the allowed communication service time, the traffic At least one of the threshold, the URL whitelist, and the APP whitelist is updated to better control terminal communication services.
下面将通过一个具体示例对本发明实施例作进一步地的说明,图3为本发明实施例终端通信业务的控制方法的具体实现流程示意图,该实施例以对未成年人的通信业务进行控制为例进行说明,该方法包括:The following will further illustrate the embodiment of the present invention through a specific example. FIG. 3 is a schematic diagram of the specific implementation flow of the method for controlling the terminal communication service in the embodiment of the present invention. This embodiment takes the control of the communication service of minors as an example. To illustrate, the method includes:
步骤201:手机向网络侧发起连接网络请求;Step 201: the mobile phone initiates a network connection request to the network side;
具体地,当用户在手机上打开网络数据开关、网页或APP应用,并且手机与基站相互之间的鉴权通过之后,手机通过基站向网络侧发起连接网络请求,所述连接网络请求中携带有所述手机的SIM卡的IMSI号。Specifically, when the user turns on the network data switch, web page or APP application on the mobile phone, and after the mutual authentication between the mobile phone and the base station passes, the mobile phone initiates a network connection request to the network side through the base station, and the network connection request carries The IMSI number of the SIM card of the mobile phone.
在步骤201之前,该方法还包括:将用户的年龄与所述手机的SIM卡的IMSI号绑定,并记录至HLR中。Before step 201, the method further includes: binding the user's age with the IMSI number of the SIM card of the mobile phone, and recording it in the HLR.
步骤202:网络侧根据所述连接网络请求进行的用户标识鉴权是否通过,若通过,则执行步骤203,否则结束分析;Step 202: Whether the user identification authentication performed by the network side according to the network connection request passes, if passed, then perform step 203, otherwise end the analysis;
具体地,网络侧中MME接收到所述连接网络请求后,向HSS、AUC发送AIR消息,所述AIR消息中包含有手机的SIM卡的IMSI号、PLMN Identity等信息;HSS/AUC接收到所述AIR消息后,根据已存储的IMSI号信息和接收到的所述IMSI号,检查所述手机的SIM卡的IMSI号是否为已知的签约用户,即进行用户标识鉴权,若用户标识鉴权通过,则执行步骤203,否则结束分析;并且,通过AIA消息将包含鉴权结果的鉴权向量返回给MME。Specifically, after receiving the network connection request, the MME on the network side sends an AIR message to the HSS and AUC, and the AIR message includes information such as the IMSI number and PLMN Identity of the SIM card of the mobile phone; the HSS/AUC receives the After the AIR message, according to the stored IMSI number information and the received IMSI number, check whether the IMSI number of the SIM card of the mobile phone is a known subscriber, that is, perform user ID authentication. If the authorization passes, execute step 203; otherwise, end the analysis; and return the authentication vector containing the authentication result to the MME through the AIA message.
步骤203:判断手机的用户身份是否为未成年人,若是,则执行步骤204,否则执行步骤205;Step 203: determine whether the user identity of the mobile phone is a minor, if so, execute step 204, otherwise execute step 205;
具体地,网络侧根据接收到的所述手机的SIM卡的IMSI号,从HLR中获取与所述IMSI号绑定的所述手机的用户的年龄,并根据设置的未成年人的年龄阈值判断用户是否为未成年人,即进行用户身份信息鉴权,若是,则执行步骤205,否则执行步骤204。Specifically, the network side obtains the age of the user of the mobile phone bound to the IMSI number from the HLR according to the received IMSI number of the SIM card of the mobile phone, and judges according to the set age threshold of minors Whether the user is a minor, that is, perform user identity information authentication, if so, execute step 205, otherwise execute step 204.
其中,未成年人的年龄阈值可设置为18岁,当用户的年龄小于18岁时,则该用户为未成年人。Wherein, the age threshold of minors may be set to 18 years old, and when the user's age is younger than 18 years old, the user is a minor.
步骤204:网络侧不对所述用户的通信业务进行控制;Step 204: The network side does not control the communication services of the user;
当步骤203中判断出所述用户为成年人时,允许所述用户的手机连接网络,且不对用户的通信业务进行控制。When it is determined in step 203 that the user is an adult, the mobile phone of the user is allowed to connect to the network, and the communication service of the user is not controlled.
步骤205:网络侧对所述用户的通信业务进行控制;Step 205: the network side controls the user's communication services;
具体地,网络侧对所述手机的用户的通信业务进行控制,比如根据监护内容监护用户上网的访问内容和时间,维护手机上网权限。其中,监护内容可包括:有效上网时间段、流量限制、网站列表黑白名单、APP应用列表;所述网络侧既可控制用户的手机是否连接网络,也可对监护内容进行定期更新。Specifically, the network side controls the communication service of the user of the mobile phone, for example, monitors the user's online access content and time according to the monitoring content, and maintains the mobile phone's access to the Internet. Wherein, the guardianship content may include: effective surfing time period, flow limit, website list black and white list, APP application list; the network side can control whether the user's mobile phone is connected to the network, and can also regularly update the guardianship content.
当所述通信业务为上网业务时,所述网络侧对所述手机的用户使用上网业务进行控制的具体处理流程,如图4所示,具体处理方法包括:When the communication service is an Internet access service, the specific processing flow for the network side to control the use of the Internet access service by the user of the mobile phone is shown in Figure 4, and the specific processing methods include:
步骤20501:判断请求上网的时间是否在有效上网时间段,若是,则执行步骤20502,否则执行步骤20506;Step 20501: Determine whether the time for requesting to access the Internet is within the effective Internet access time period, if so, execute step 20502, otherwise execute step 20506;
具体地,当接收到作为未成年人的用户通过手机发送的上网请求后,网络侧首先判断请求上网的时间是否在预置的有效上网时间段内;例如,有效上网时间段预置为日常上课时间、周末和节假日,以用来判断是否允许未成年人接入网络;所述上网请求可以是访问网站或APP应用;当判断出所述请求上网的时间在所述有效上网时间段内时,执行步骤20502,否则执行步骤20506。Specifically, after receiving an Internet access request sent by a user who is a minor through a mobile phone, the network side first determines whether the time for requesting Internet access is within the preset effective Internet access time period; for example, the effective Internet access time period is preset for daily classes Time, weekends and holidays are used to determine whether minors are allowed to access the network; the online request may be to visit a website or an APP application; when it is determined that the time for the online request is within the effective online time period, Go to step 20502, otherwise go to step 20506.
步骤20502:判断已使用流量是否超限,若否,则执行步骤20503,否则执行步骤20506;Step 20502: Determine whether the used traffic exceeds the limit, if not, go to step 20503, otherwise go to step 20506;
具体地,确定所述请求上网的时间在有效上网时间段内时,继续判断所述手机已用的总流量是否超过预置的流量阈值;其中,所述流量阈值可根据运营商业务中每月流量的百分比作为依据,也可动态设置;当判断出所述手机已用的总流量超过预置的流量阈值时,执行步骤20503,否则执行步骤20506。Specifically, when it is determined that the time for requesting Internet access is within the effective Internet access time period, continue to judge whether the total traffic used by the mobile phone exceeds a preset traffic threshold; The percentage of traffic can also be set dynamically as a basis; when it is judged that the total traffic used by the mobile phone exceeds the preset traffic threshold, go to step 20503, otherwise go to step 20506.
步骤20503:判断访问的网站/APP是否在网站列表白名单/APP应用列表内,若是,则执行步骤20505,否则执行步骤20504;Step 20503: Determine whether the visited website/APP is in the website list white list/APP application list, if so, execute step 20505, otherwise execute step 20504;
具体地,当判断出所述当前上网时间和流量都满足预置的条件时,则继续判断用户访问的网站是否在允许的网站列表白名单内,或者判断用户访问的APP应用是否在允许的APP应用列表内,若所述用户访问的网站在允许的网站列表白名单内或所述用户访问的APP应用在允许的APP应用列表内,则执行步骤20505,否则执行步骤20504。Specifically, when it is judged that the current online time and traffic both meet the preset conditions, continue to judge whether the website visited by the user is in the white list of the allowed website list, or judge whether the APP application accessed by the user is in the allowed APP In the application list, if the website accessed by the user is in the allowed website list whitelist or the APP application accessed by the user is in the allowed APP application list, perform step 20505, otherwise perform step 20504.
这里,所述网站列表白名单和APP应用列表均可以由相关领域的权威部门或专家进行合理的设定。Here, both the website list whitelist and the APP application list can be reasonably set by authoritative departments or experts in related fields.
步骤20504:拒绝访问所述网站/APP;Step 20504: Deny access to the website/APP;
步骤20505:允许访问所述网站/APP;Step 20505: Allow access to the website/APP;
步骤20506:拒绝用户的上网请求。Step 20506: Deny the user's Internet access request.
当所述通信业务为下载APP应用时,所述网络侧对所述手机的用户下载APP应用进行控制的具体处理流程示意图二,如图5所示,具体处理方法包括:When the communication service is to download an APP application, the second schematic diagram of the specific processing flow for the network side to control the download of the APP application by the user of the mobile phone, as shown in FIG. 5 , the specific processing method includes:
步骤20501a:判断下载的新的APP应用是否满足设置的APP应用下载条件,若是,则执行步骤20502b,否则执行步骤20503c;Step 20501a: Determine whether the downloaded new APP application meets the set APP application download conditions, if so, execute step 20502b, otherwise execute step 20503c;
具体地,当网络侧接收到作为未成年用户下载新的APP应用请求时,判断请求下载的所述新的APP应用是否满足设置的APP应用下载条件,若满足,则执行步骤20502b;若不满足,则执行步骤20503c。Specifically, when the network side receives a request to download a new APP application as a minor user, it is judged whether the new APP application requested to be downloaded satisfies the set APP application download condition, and if so, then execute step 20502b; if not , then execute step 20503c.
这里,所述APP应用下载条件可根据APP应用的类别、用途、所述设定APP列表中已包含的APP应用等进行设置。Here, the APP application downloading condition may be set according to the APP application category, usage, APP application included in the set APP list, and the like.
步骤20502b:下载所述新的APP应用,并更新至APP应用列表;Step 20502b: Download the new APP, and update to the APP list;
具体地,下载所述新的APP应用,并将所述新的APP应用更新至由允许用户使用的APP应用组成的APP应用列表中。Specifically, the new APP application is downloaded, and the new APP application is updated to the APP application list composed of APP applications allowed to be used by the user.
步骤20503c:拒绝下载所述新的APP应用。Step 20503c: Refuse to download the new APP.
为实现上述方法,本发明实施例还提供了一种网络监控装置,图6为本发明实施例网络监控装置的组成结构示意图,该网络监控装置包括:第一接收模块11、鉴权模块12、控制模块13;In order to implement the above method, the embodiment of the present invention also provides a network monitoring device. FIG. 6 is a schematic diagram of the composition and structure of the network monitoring device according to the embodiment of the present invention. The network monitoring device includes: a first receiving module 11, an authentication module 12, control module 13;
其中,所述第一接收模块11,用于接收终端发送的用户鉴权请求信息,所述用户鉴权请求信息中携带有所述终端的用户标识信息;Wherein, the first receiving module 11 is configured to receive user authentication request information sent by the terminal, the user authentication request information carrying the user identification information of the terminal;
所述鉴权模块12,用于根据所述用户鉴权请求信息进行用户标识鉴权,若用户标识鉴权通过,则在设定数据库中查找与所述用户标识信息对应的用户身份信息,并基于所述用户身份信息中的子信息判断所述终端的用户是否为业务受限用户;The authentication module 12 is configured to perform user identity authentication according to the user authentication request information, and if the user identity authentication passes, then search the user identity information corresponding to the user identity information in the setting database, and judging whether the user of the terminal is a service-restricted user based on the sub-information in the user identity information;
所述控制模块13,用于确定所述终端的用户为业务受限用户时,为所述用户提供设定的通信业务。The control module 13 is configured to provide a set communication service for the user when it is determined that the user of the terminal is a service-restricted user.
所述第一接收模块11,具体用于:当终端需要连接和/或使用网络、且所述终端与基站相互之间的鉴权通过之后,所述终端通过所述基站向第一接收模块11发送携带有所述终端的用户标识信息的用户鉴权请求信息,以请求鉴权模块12对所述终端的用户进行鉴权,则所述第一接收模块11接收所述终端发送的用户鉴权请求信息,以使所述鉴权模块12根据所述用户鉴权请求信息进行用户标识鉴权。The first receiving module 11 is specifically configured to: when the terminal needs to connect and/or use the network, and after the mutual authentication between the terminal and the base station passes, the terminal reports to the first receiving module 11 through the base station Send user authentication request information carrying the user identification information of the terminal to request the authentication module 12 to authenticate the user of the terminal, then the first receiving module 11 receives the user authentication information sent by the terminal Request information, so that the authentication module 12 performs user identification authentication according to the user authentication request information.
所述终端可以是手机、平板电脑等;所述网络可以是移动网络;所述终端的用户标识信息可以是所述终端中SIM卡的IMSI号,也可以是所述终端的IMEI。The terminal may be a mobile phone, a tablet computer, etc.; the network may be a mobile network; the user identification information of the terminal may be the IMSI number of the SIM card in the terminal, or the IMEI of the terminal.
当所述终端为手机时,所述AIR中包含有所述手机的IMSI、PLMN Identity等信息。When the terminal is a mobile phone, the AIR includes information such as IMSI and PLMN Identity of the mobile phone.
进一步地,所述鉴权模块12,还用于在所述第一接收模块11接收终端发送的用户鉴权请求信息之前,存储终端的用户身份信息和所述终端的用户标识信息至设定数据库,并在所述设定数据库中绑定所述用户身份信息与所述终端的用户标识信息。Further, the authentication module 12 is also configured to store the user identity information of the terminal and the user identification information of the terminal in the setting database before the first receiving module 11 receives the user authentication request information sent by the terminal , and bind the user identity information and the user identity information of the terminal in the setting database.
具体地,鉴权模块12预先将所述终端的用户身份信息和所述终端的用户标识信息存储至设定数据库,并在所述设定数据库中将所述用户身份信息与所述终端的用户标识信息绑定,以实现根据所述终端的用户标识信息便可在所述设定数据库中获取所述用户身份信息。Specifically, the authentication module 12 stores the user identity information of the terminal and the user identification information of the terminal in a setting database in advance, and associates the user identity information with the user of the terminal in the setting database. The identification information is bound, so that the user identity information can be acquired in the setting database according to the user identification information of the terminal.
所述数据库既可设置在所述鉴权模块12中,也可设置在所述控制模块13中;所述用户身份信息包括但不限于性别、身高、年龄、职业、身份证号码等;所述年龄既可以单独用数字表示,也可以通过身份证号码表示;比如,身份证号码中的第7位至第14位为出生日期,将该出生日期与当前时间日期进行比对则可获知年龄;所述职业包括但不限于学生、工人、公务员等类别,所述学生还可以进一步细分为小学生、中学生、大学生等。The database can be set in the authentication module 12 or in the control module 13; the user identity information includes but not limited to gender, height, age, occupation, ID number, etc.; Age can be represented by numbers alone or by ID card number; for example, the 7th to 14th digits in the ID card number are the date of birth, and the age can be obtained by comparing the date of birth with the current time and date; The occupations include, but are not limited to, students, workers, and civil servants, and the students can be further subdivided into primary school students, middle school students, and college students.
在现有技术中,网络运营商通常都会预先将手机的用户标识信息如IMSI存储在核心网侧,以便实现后续在核心网侧执行的用户鉴权操作;比如,当用户在网络运营商处给手机申请办理SIM卡时,网络运营商会存储分配给用户的SIM卡的IMSI信息至AUC中,用以进行用户鉴权时判断用户是否为签约标识用户。In the prior art, network operators usually store mobile phone user identification information such as IMSI on the core network side in advance, so as to implement subsequent user authentication operations performed on the core network side; When a mobile phone applies for a SIM card, the network operator will store the IMSI information of the SIM card allocated to the user in the AUC, which will be used to determine whether the user is a signed user during user authentication.
所述鉴权模块12,具体用于:根据终端发送的所述用户鉴权请求信息进行用户标识鉴权,若对所述终端的用户标识鉴权通过,鉴权模块12则在设定数据库中查找与所述用户标识信息对应的用户身份信息,判断所述用户身份信息中的子信息是否符合业务受限用户的设定要求,若符合,则判定所述用户为业务受限用户,否则判定所述用户不是业务受限用户。The authentication module 12 is specifically configured to: perform user identification authentication according to the user authentication request information sent by the terminal, and if the user identification authentication of the terminal is passed, the authentication module 12 is set in the database Find the user identity information corresponding to the user identification information, and determine whether the sub-information in the user identity information meets the setting requirements of the service-restricted user, and if so, determine that the user is a service-restricted user, otherwise determine The user is not a service-restricted user.
所述业务受限用户的设定要求可由用户或网络运营商在网络侧进行设置,并存储在所述鉴权模块12或控制模块13中;所述设定要求需要根据所述用户信息进行设置;例如,当所述用户信息为年龄时,所述设定要求应设为年龄阈值;当用户信息为年龄和职业时,所述设定要求应设为年龄阈值或者职业类别,也可设为年龄阈值和职业类别。The setting requirements of the service-restricted users can be set by the user or the network operator on the network side, and stored in the authentication module 12 or the control module 13; the setting requirements need to be set according to the user information ; For example, when the user information is age, the setting requirement should be set to age threshold; when the user information is age and occupation, the setting requirement should be set to age threshold or occupation category, or set to Age thresholds and occupational categories.
所述子信息可以是所述用户身份信息中的一种或多种信息,比如当所述用户身份信息包括年龄和职业时,所述子信息既可以是年龄或者职业,也可以是年龄和职业。当所述子信息为年龄时,所述设定要求根据需要被控制的对象即业务受限用户的年龄进行设置;例如,当需要对未成年人进行控制时,可将年龄小于18周岁作为业务受限用户的设定要求,只要与所述用户标识信息所绑定的所述终端的用户年龄小于18周岁,则可判定所述终端的用户为未成年人即业务受限用户。The sub-information may be one or more types of information in the user identity information. For example, when the user identity information includes age and occupation, the sub-information may be age or occupation, or age and occupation . When the sub-information is age, the setting requirements should be set according to the age of the object to be controlled, that is, the user with limited services; for example, when minors need to be controlled, the age under 18 can be set The setting requirements of the restricted user, as long as the user of the terminal bound with the user identification information is younger than 18 years old, it can be determined that the user of the terminal is a minor, that is, a service-restricted user.
所述控制模块13,具体用于:当根据所述鉴权模块12中的判断结果而确定所述终端的用户为业务受限用户时,为所述用户提供设定的通信业务,以实现对所述终端通信业务的有效监管。The control module 13 is specifically configured to: when it is determined according to the judgment result in the authentication module 12 that the user of the terminal is a service-restricted user, provide the user with a set communication service, so as to realize Effective supervision of the communication services of the terminal.
所述通信业务包括以下至少一种:网络数据业务、语音通话业务、信息业务、APP应用下载业务等;所述为所述用户提供设定的通信业务,包括:判断用户的通信业务请求的时间是否在所述用户标识信息对应的允许使用通信业务时间内,若不在,则禁止所述用户标识信息对应的终端使用通信业务,否则允许所述用户标识信息对应的终端使用通信业务。The communication service includes at least one of the following: network data service, voice call service, information service, APP application download service, etc.; providing the user with a set communication service includes: judging the time of the user's communication service request Whether it is within the allowed communication service time corresponding to the user identification information, if not, prohibit the terminal corresponding to the user identification information from using the communication service, otherwise allow the terminal corresponding to the user identification information to use the communication service.
这里,所述控制模块13可预先设置所述允许使用通信业务时间,并存储所述允许使用通信业务时间至数据库中,然后将终端的用户标识信息与对应的允许使用通信业务时间进行绑定,以实现对与所述用户标识信息对应的用户进行监管;当然,也可采用将用户身份信息与所述允许使用通信业务时间进行绑定;在现有技术中,由于同一张SIM卡可在多个手机中进行切换使用,如果将终端与允许该终端使用通信业务时间进行绑定,那么根据该SIM卡当前所在手机对应的允许使用通信业务时间对该手机通信业务进行控制,则可能不能够实现对该SIM卡的拥有者利用该手机进行通信业务的有效监管。Here, the control module 13 may preset the allowed communication service time, store the allowed communication service time in the database, and then bind the terminal user identification information with the corresponding allowed communication service time, To realize the supervision of the user corresponding to the user identification information; of course, the user identity information can also be bound with the time allowed to use the communication service; in the prior art, since the same SIM card can be used in multiple Switching and using in a mobile phone, if the terminal is bound with the time allowed to use the communication service of the terminal, then it may not be possible to control the communication service of the mobile phone according to the time allowed to use the communication service corresponding to the mobile phone where the SIM card is currently located. The owner of the SIM card uses the mobile phone to effectively supervise the communication service.
进一步地,所述通信业务为网络数据业务时,所述控制模块13,还用于在所述判断出用户的通信业务请求的时间在所述用户标识信息对应的允许使用通信业务时间内,则允许所述用户标识信息对应的终端使用通信业务之前,判断所述终端当前已使用的流量是否大于或等于设定流量阈值,若大于或等于,则禁止所述终端使用网络数据业务,否则允许所述终端使用网络数据业务。Further, when the communication service is a network data service, the control module 13 is further configured to determine that the time of the user's communication service request is within the allowed communication service time corresponding to the user identification information, then Before allowing the terminal corresponding to the user identification information to use the communication service, determine whether the current traffic used by the terminal is greater than or equal to the set traffic threshold, if greater than or equal to, prohibit the terminal from using the network data service, otherwise allow all The terminal uses network data services.
这里,所述网络数据业务为依赖网络提供数据服务的业务,如访问网站;当所述控制模块13判断出所述终端当前已使用的流量大于或等于设定流量阈值时,则禁止所述终端使用网络数据业务,可以达到节约流量及上网费用的目的。Here, the network data service is a service that relies on the network to provide data services, such as visiting a website; when the control module 13 determines that the current traffic used by the terminal is greater than or equal to the set traffic threshold, the terminal is prohibited The use of network data services can achieve the purpose of saving traffic and Internet access fees.
进一步地,所述控制模块13,还用于在所述判断出所述终端当前已使用的流量小于设定流量阈值,则所述允许所述终端正常使用网络数据业务之前,判断所述终端所访问的网址是否在设定网址白名单内,若不在,则禁止所述终端访问所述网址,否则允许所述终端访问所述网址;Further, the control module 13 is further configured to judge that the current traffic used by the terminal is less than the set traffic threshold, and before the terminal is allowed to use the network data service normally, judge the Whether the visited website is in the set website whitelist, if not, the terminal is prohibited from accessing the website, otherwise the terminal is allowed to access the website;
和/或,在所述判断出所述终端当前已使用的流量小于设定流量阈值,则所述允许所述终端正常使用网络数据业务之前,判断所述终端使用的APP应用是否在设定APP白名单列表内,若不在,则禁止所述终端使用所述APP应用,否则允许所述终端使用所述APP应用。And/or, before it is determined that the traffic currently used by the terminal is less than the set traffic threshold, before allowing the terminal to use the network data service normally, it is judged whether the APP application used by the terminal is in the set APP If it is not in the white list, the terminal is prohibited from using the APP, otherwise, the terminal is allowed to use the APP.
当所述控制模块13判断出所述终端所访问的网址不在设定网址白名单内或在设定网址黑名单内时,禁止所述终端访问所述网址;当所述控制模块13判断出所述终端使用的APP应用不在设定APP白名单列表内或在设定APP黑名单列表内时,禁止所述终端使用所述APP应用;如此,能够实现对所述终端通信业务的有效监管。When the control module 13 judges that the website accessed by the terminal is not in the set website whitelist or in the set website blacklist, the terminal is prohibited from accessing the website; When the APP application used by the terminal is not in the set APP whitelist list or in the set APP blacklist list, the terminal is prohibited from using the APP application; in this way, effective supervision of the terminal communication service can be realized.
另外,当所述通信业务为下载APP应用时,所述控制模块13,还用于确定所述终端下载未包含在所述设定APP白名单列表内的新的APP应用时,判断所述新的APP应用是否满足设置的APP应用下载条件,若满足,则允许所述终端下载所述新的APP应用,否则禁止所述终端下载所述新的APP应用。In addition, when the communication service is to download an APP application, the control module 13 is also used to determine that the terminal downloads a new APP application that is not included in the set APP white list, and judges whether the new APP application is downloaded. Whether the APP application satisfies the set APP application downloading condition, if so, the terminal is allowed to download the new APP application, otherwise, the terminal is prohibited from downloading the new APP application.
其中,所述APP应用下载条件可根据APP应用的类别、用途、所述设定APP白名单列表中已包含的APP应用等进行设置;例如,对于未成年人即未满18周岁的人,只有当需要下载的新APP应用为学习类时才可进行下载,如可允许下载英语流利说、开心词场等学习类APP应用,而禁止下载愤怒的小鸟等游戏类APP应用。上述允许使用通信业务时间、流量阈值、网址白名单和黑名单、APP应用白名单列表和黑名单列表以及APP应用下载条件等都可由所述控制模块13提前进行设置,并存储在控制模块13的数据库中;此外,还可根据实际情况随时对所述数据库中的信息进行更新处理。Wherein, the APP application downloading conditions can be set according to the APP application category, purpose, APP application included in the set APP whitelist list, etc.; The new APPs that need to be downloaded can only be downloaded when they are learning apps. For example, the download of learning apps such as English Liulishuo and Happy Words is allowed, while the download of game apps such as Angry Birds is prohibited. The above-mentioned allowable communication service time, traffic threshold, URL whitelist and blacklist, APP application whitelist and blacklist, and APP application download conditions can all be set in advance by the control module 13 and stored in the control module 13. In addition, the information in the database can be updated at any time according to the actual situation.
这里,所述控制模块13包括第二接收模块131、更新模块132;其中,Here, the control module 13 includes a second receiving module 131 and an updating module 132; wherein,
所述第二接收模块131,用于接收针对允许使用通信业务时间、流量阈值、网址白名单、APP白名单列表的至少之一的更新请求;The second receiving module 131 is configured to receive an update request for at least one of allowed communication service time, traffic threshold, URL whitelist, and APP whitelist;
所述更新模块132,用于根据所述更新请求对所述允许使用通信业务时间、所述流量阈值、所述网址白名单、所述APP白名单列表的至少之一进行更新。The update module 132 is configured to update at least one of the allowed communication service time, the traffic threshold, the URL whitelist, and the APP whitelist according to the update request.
具体地,当所述第二接收模块131接收到针对允许使用通信业务时间、流量阈值、网址白名单、APP白名单列表的至少之一的更新请求时,所述更新模块132根据所述更新请求对所述允许使用通信业务时间、所述流量阈值、所述网址白名单、所述APP白名单列表的至少之一进行更新,以更好的对终端通信业务进行控制。Specifically, when the second receiving module 131 receives an update request for at least one of allowed communication service time, traffic threshold, URL whitelist, and APP whitelist, the update module 132 At least one of the allowed communication service time, the traffic threshold, the website whitelist, and the APP whitelist is updated to better control terminal communication services.
在实际应用中,所述第一接收模块11、第二接收模块131可由接口或端口等实现;所述鉴权模块12、控制模块13、更新模块132可由中央处理器(CPU)、微处理器(MPU)、数字信号处理器(DSP)、或现场可编程门阵列(FPGA)等实现。In practical applications, the first receiving module 11 and the second receiving module 131 can be realized by interfaces or ports; (MPU), Digital Signal Processor (DSP), or Field Programmable Gate Array (FPGA).
以上所述,仅为本发明的较佳实施例而已,并非用于限定本发明的保护范围。凡在本发明的精神和范围之内所作的任何修改、等同替换和改进等,均包含在本发明的保护范围之内。The above descriptions are only preferred embodiments of the present invention, and are not intended to limit the protection scope of the present invention. Any modifications, equivalent replacements and improvements made within the spirit and scope of the present invention are included in the protection scope of the present invention.
Claims (14)
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611074999.XA CN108124258A (en) | 2016-11-29 | 2016-11-29 | A kind of control method and network monitoring apparatus of terminal communication service |
| PCT/CN2017/085741 WO2018099016A1 (en) | 2016-11-29 | 2017-05-24 | Method for controlling terminal communication service, network monitoring device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611074999.XA CN108124258A (en) | 2016-11-29 | 2016-11-29 | A kind of control method and network monitoring apparatus of terminal communication service |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108124258A true CN108124258A (en) | 2018-06-05 |
Family
ID=62225880
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611074999.XA Withdrawn CN108124258A (en) | 2016-11-29 | 2016-11-29 | A kind of control method and network monitoring apparatus of terminal communication service |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN108124258A (en) |
| WO (1) | WO2018099016A1 (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108830066A (en) * | 2018-06-20 | 2018-11-16 | 平安科技(深圳)有限公司 | Application control method and apparatus in terminal and computer-readable storage medium |
| CN109525575A (en) * | 2018-11-08 | 2019-03-26 | 北京首信科技股份有限公司 | The method and system of online control |
| CN109981572A (en) * | 2019-02-20 | 2019-07-05 | 博泰雄森(北京)网络科技有限公司 | A kind of online management-control method and system based on operator APN flow lead mode |
| CN111695012A (en) * | 2019-03-15 | 2020-09-22 | 北京奇虎科技有限公司 | Method and device for acquiring internet surfing information, electronic equipment and computer storage medium |
| CN112291709A (en) * | 2019-07-09 | 2021-01-29 | 中国移动通信集团安徽有限公司 | Authentication method, device, device and computer storage medium |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111405541B (en) * | 2019-01-02 | 2023-05-09 | 中国移动通信有限公司研究院 | Method and device for executing supplementary service |
| CN110334499A (en) * | 2019-05-30 | 2019-10-15 | 深圳壹账通智能科技有限公司 | Interface authority management and control method, device, computer equipment and storage medium |
| CN111770026B (en) * | 2020-06-19 | 2022-12-09 | 中国建设银行股份有限公司 | Network flow control method and device |
| CN115695322B (en) * | 2022-10-28 | 2025-05-16 | 重庆长安汽车股份有限公司 | Terminal node traffic management method, system, device and medium |
| CN116318911A (en) * | 2023-03-01 | 2023-06-23 | 中国联合网络通信集团有限公司 | Domain name access method, device, electronic equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090064302A1 (en) * | 2006-12-27 | 2009-03-05 | Colella Brian A | System for secure internet access for children |
| CN102088468A (en) * | 2009-12-08 | 2011-06-08 | 徐克林 | Method for limiting Internet surfing with mobile phone |
| CN105024982A (en) * | 2014-04-29 | 2015-11-04 | 中国移动通信集团设计院有限公司 | A network access method, device and server |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20060063348A (en) * | 2004-12-07 | 2006-06-12 | 한국전자통신연구원 | How to control access time using authentication authentication in the Internet |
| CN101399718A (en) * | 2007-09-29 | 2009-04-01 | 上海贝尔阿尔卡特股份有限公司 | Method and device for controlling multicast service access by customer device in access network |
| CN102377585A (en) * | 2010-08-10 | 2012-03-14 | 深圳市傲天通信有限公司 | System and method for preventing teenagers from addicting to network |
| CN104158766A (en) * | 2014-08-15 | 2014-11-19 | 卢婷 | Network surfing control method |
-
2016
- 2016-11-29 CN CN201611074999.XA patent/CN108124258A/en not_active Withdrawn
-
2017
- 2017-05-24 WO PCT/CN2017/085741 patent/WO2018099016A1/en active Application Filing
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090064302A1 (en) * | 2006-12-27 | 2009-03-05 | Colella Brian A | System for secure internet access for children |
| CN102088468A (en) * | 2009-12-08 | 2011-06-08 | 徐克林 | Method for limiting Internet surfing with mobile phone |
| CN105024982A (en) * | 2014-04-29 | 2015-11-04 | 中国移动通信集团设计院有限公司 | A network access method, device and server |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108830066A (en) * | 2018-06-20 | 2018-11-16 | 平安科技(深圳)有限公司 | Application control method and apparatus in terminal and computer-readable storage medium |
| CN109525575A (en) * | 2018-11-08 | 2019-03-26 | 北京首信科技股份有限公司 | The method and system of online control |
| CN109981572A (en) * | 2019-02-20 | 2019-07-05 | 博泰雄森(北京)网络科技有限公司 | A kind of online management-control method and system based on operator APN flow lead mode |
| CN111695012A (en) * | 2019-03-15 | 2020-09-22 | 北京奇虎科技有限公司 | Method and device for acquiring internet surfing information, electronic equipment and computer storage medium |
| CN112291709A (en) * | 2019-07-09 | 2021-01-29 | 中国移动通信集团安徽有限公司 | Authentication method, device, device and computer storage medium |
| CN112291709B (en) * | 2019-07-09 | 2023-07-04 | 中国移动通信集团安徽有限公司 | Authentication method, device, equipment and computer storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2018099016A1 (en) | 2018-06-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108124258A (en) | A kind of control method and network monitoring apparatus of terminal communication service | |
| JP6911263B2 (en) | Service management method and its equipment | |
| US10021560B2 (en) | Method and system for selective and secure interaction of BYOD (bring your own device) with enterprise network through mobile wireless networks | |
| CN101938705B (en) | Group management method, network equipment and network system | |
| US8532125B2 (en) | Method, system and apparatus for session association | |
| US9608830B2 (en) | Policy and charging control methods for handling multiple-user subscriptions of a telecommunication network | |
| CN101977239B (en) | Method for making strategy, strategy server and gateway | |
| CN101583113B (en) | Charging method and system for distinguishing user charging rules | |
| US10292088B2 (en) | Blocked device checking in roaming scenarios | |
| US9043928B1 (en) | Enabling web page tracking | |
| US10070302B2 (en) | Internet of things (IoT) delay tolerant wireless network service | |
| CN105637940B (en) | The method of wireless telecom equipment and initiation and the session of radio network node | |
| CN102056169A (en) | Method and system for preventing illegal terminal from accessing as well as terminal | |
| CN109257322A (en) | VOLTE method for processing business, device, electronic equipment and storage medium | |
| CN106657154B (en) | Wireless access method, system, WiFi platform and operator number taking platform | |
| WO2012116640A1 (en) | Cell access processing method and device, and communication system | |
| CN102244857B (en) | Wireless local area network roaming subscriber control method, device and network system | |
| US9942794B2 (en) | Prevention of bandwidth abuse of a communications system | |
| CN106604278B (en) | Multi-authority mobile network sharing method | |
| CN112752231A (en) | Roaming service access control method, intelligent card, terminal and gateway equipment | |
| CN106790425A (en) | The method and system of information pushing | |
| CN102264070B (en) | Method and equipment for providing service data and executing access service | |
| CN109246058B (en) | False caller identification method and device, electronic equipment and storage medium | |
| US11611666B2 (en) | Method and network node for implementing user defined policies based on device subscription identifiers in a telecommunication network | |
| CN106899543B (en) | A content access control method and related equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20180605 |