[go: up one dir, main page]

CN1538778A - A method for monitoring packet services based on mobile phone numbers - Google Patents

A method for monitoring packet services based on mobile phone numbers Download PDF

Info

Publication number
CN1538778A
CN1538778A CNA031097588A CN03109758A CN1538778A CN 1538778 A CN1538778 A CN 1538778A CN A031097588 A CNA031097588 A CN A031097588A CN 03109758 A CN03109758 A CN 03109758A CN 1538778 A CN1538778 A CN 1538778A
Authority
CN
China
Prior art keywords
pdsn
address
monitoring
monitoring system
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CNA031097588A
Other languages
Chinese (zh)
Other versions
CN100359976C (en
Inventor
彭雪云
胡玉胜
刘峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CNB031097588A priority Critical patent/CN100359976C/en
Publication of CN1538778A publication Critical patent/CN1538778A/en
Application granted granted Critical
Publication of CN100359976C publication Critical patent/CN100359976C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明公开了一种根据移动电话号码进行分组业务监听的方法,该方法预先在分组业务中验证、鉴权、计费的设备(AAA)中增加用户接入分组数据服务节点(PDSN)的IP地址(PDSN Address)、监听系统的IP地址(ADMF Address)、本次监听的唯一标识(Tap ID)三个属性,利用这三个属性并根据用户的移动电话号码,监听系统通过代理AAA(BAAA)在HAAA上完成目标用户的设定,在用户接入PDSN的情况下,监听系统根据在HAAA上的目标用户设定,与用户接入的PDSN建立监听连接,传输监听业务流,从而实现监听。

Figure 03109758

The invention discloses a method for monitoring a packet service according to a mobile phone number. The method pre-adds the IP address of the user access packet data service node (PDSN) in the device (AAA) for authentication, authentication, and accounting in the packet service. The address (PDSN Address), the IP address of the monitoring system (ADMF Address), and the unique identification (Tap ID) of this monitoring are three attributes. Using these three attributes and according to the mobile phone number of the user, the monitoring system passes the proxy AAA (BAAA) ) Complete the setting of the target user on HAAA. When the user accesses the PDSN, the monitoring system establishes a monitoring connection with the PDSN that the user accesses according to the target user setting on the HAAA, and transmits the monitoring service flow, thereby realizing monitoring .

Figure 03109758

Description

一种根据移动电话号码进行分组业务监听的方法A method for monitoring packet services based on mobile phone numbers

技术领域technical field

本发明涉及移动通信的安全技术领域,尤其涉及一种根据移动电话号码(Mobile Directory Number,MDN)进行分组业务合法监听的方法。The invention relates to the technical field of mobile communication security, in particular to a method for legally intercepting packet services according to a mobile phone number (Mobile Directory Number, MDN).

背景技术Background technique

当前,世界各国对于国家安全均提出了更高的要求,各国分别提出了对电信设备的合法监听需求。中国在固网和全球数字移动电话系统(GSM)通讯方面均相继制定出了合法的监听接口规范,对于应用日益广泛的分组业务,同样需要制定合法的监听方法。所述分组业务指的是在电信网络系统中的分组数据业务,在码分多址2000(CDMA2000)系统中,通过PDSN与AAA服务器结合其他电信设备实现该种业务。At present, all countries in the world have put forward higher requirements for national security, and each country has put forward the requirements for legal interception of telecommunications equipment. China has successively formulated legal interception interface specifications for fixed network and Global System for Mobile Phones (GSM) communications. For the increasingly widely used packet services, it is also necessary to formulate legal interception methods. The packet service refers to the packet data service in the telecommunication network system. In the code division multiple access 2000 (CDMA2000) system, this kind of service is realized through PDSN and AAA server combined with other telecommunication equipment.

在现有的CDMA2000系统中,目标用户终端(MS)通过基站子系统(BBS)进行通讯,每个BBS与其上的分组数据业务节点(PDSN)相通信,并通过该节点与CDMA2000系统分组业务验证、鉴权、计费的设备(AAA)相通信,对于每个用户来说,其分组业务开户所在的AAA称作本地AAA(Home AAA,HAAA)。在该CDMA2000系统中,HAAA只是一个根据鉴权请求进行鉴权并响应,或根据计费请求记录计费并响应的简单服务器,该HAAA并不具有合法监听需要的信息的功能,同样也不具有触发合法监听的功能。另外,在现有技术中,还提出了关于CDMA2000系统监听的网络结构,但具体的实施方案并未提出。In the existing CDMA2000 system, the target user terminal (MS) communicates through the base station subsystem (BBS), and each BBS communicates with the packet data service node (PDSN) on it, and authenticates the packet service of the CDMA2000 system through the node For each user, the AAA where the packet service account is opened is called the local AAA (Home AAA, HAAA). In this CDMA2000 system, HAAA is just a simple server that authenticates and responds according to the authentication request, or records accounting and responds according to the charging request. The HAAA does not have the function of legally intercepting the required information, nor Functionality that triggers lawful interception. In addition, in the prior art, a network structure for CDMA2000 system monitoring has also been proposed, but no specific implementation scheme has been proposed.

随着数据业务的迅猛增长以及国家安全的需要,需要制定关于对CDMA2000进行合法监听的完成解决方案。With the rapid growth of data services and the needs of national security, it is necessary to formulate a complete solution for legally intercepting CDMA2000.

发明内容Contents of the invention

有鉴于此,本发明的主要目的在于提供一种根据移动电话号码进行分组业务监听的方法。该方法应用于CDMA2000中时,通过对CDMA2000分组网络中HAAA设备增加属性、扩展功能,达到了根据移动电话号码进行合法监听的目的。In view of this, the main purpose of the present invention is to provide a method for monitoring packet services according to mobile phone numbers. When this method is applied to CDMA2000, by adding attributes and extending functions to the HAAA equipment in the CDMA2000 packet network, the purpose of legal interception according to the mobile phone number is achieved.

本发明为一种根据移动电话号码进行分组业务监听的方法,预先在分组业务中验证、鉴权、计费的设备(AAA)中增加用户接入分组数据服务节点(PDSN)的IP地址(PDSN Address)、监听系统的IP地址(ADMF Address)、本次监听的唯一标识(Tap ID)三个属性,该方法包括以下步骤:The present invention is a method for monitoring packet services according to the mobile phone number. The IP address (PDSN Address), the IP address (ADMF Address) of the monitoring system, the unique identification (Tap ID) of this monitoring three attributes, the method comprises the following steps:

A、监听系统向监听范围内的代理AAA(BAAA)发送目标用户设定消息,该消息中带有目标用户的移动电话号码(MDN)、有效的Tap ID和ADMFAddress,BAAA收到该消息,根据MDN分析得到目标用户开户所在的AAA(HAAA,Home AAA)地址,并且将MDN、Tap ID和ADMF Address传送到该HAAA;A, the monitoring system sends the target user setting message to the agent AAA (BAAA) within the monitoring range, which contains the mobile phone number (MDN), valid Tap ID and ADMFAddress of the target user in the message, and BAAA receives the message, according to MDN analyzes and obtains the AAA (HAAA, Home AAA) address where the target user opens an account, and transmits the MDN, Tap ID and ADMF Address to the HAAA;

B、HAAA根据MDN查找到相应的国际移动用户识别码(IMSI),HAAA在自身上将该IMSI对应用户的Tap ID和ADMF Address属性值设置为目标用户设定消息中的Tap ID和ADMF Address属性值,然后向监听系统回复目标用户设定应答消息,该消息中至少包括Tap ID;B. HAAA finds the corresponding International Mobile Subscriber Identity (IMSI) according to the MDN, and HAAA sets the Tap ID and ADMF Address attribute value of the user corresponding to the IMSI as the Tap ID and ADMF Address attribute in the target user setting message on itself value, and then reply the target user setting reply message to the monitoring system, the message at least includes Tap ID;

C、监听系统判断目标用户设定应答消息中是否包括有效PDSN Address,如果是,则执行步骤D,否则,监听系统等待,直至该目标用户接入PDSN,HAAA对该用户鉴权并记录当前接入的PDSN的PDSN Address,HAAA根据AMDF Address,发送包括PDSN Address的消息至监听系统,监听系统得到该消息后触发;C. The monitoring system judges whether the target user setting response message includes a valid PDSN Address, if yes, then execute step D, otherwise, the monitoring system waits until the target user accesses the PDSN, HAAA authenticates the user and records the current connection The PDSN Address of the incoming PDSN, HAAA sends a message including the PDSN Address to the monitoring system according to the AMDF Address, and the monitoring system triggers after receiving the message;

D、监听系统判断收到的Tap ID是否有效,如果不是,则结束本次监听过程,否则,根据目标用户的PDSN Address,监听系统向目标用户当前接入的PDSN发送监听请求,该请求中包括Tap ID、监听需求、监听系统中的传递功能实体2(DF2)的IP地址和端口号、监听系统中的传递功能实体3(DF3)的IP地址和端口号,该PDSN根据DF2和DF3的IP地址和端口号,向监听系统上报业务相关事件、发送连接建立请求;D. The monitoring system judges whether the received Tap ID is valid. If not, the monitoring process ends. Otherwise, according to the PDSN Address of the target user, the monitoring system sends a monitoring request to the PDSN currently accessed by the target user. The request includes Tap ID, monitoring requirements, the IP address and port number of the delivery function entity 2 (DF2) in the monitoring system, the IP address and port number of the delivery function entity 3 (DF3) in the monitoring system, and the PDSN is based on the IP addresses of DF2 and DF3 Address and port number, report business-related events to the monitoring system, and send connection establishment requests;

E、监听系统发送连接建立请求应答消息至该PDSN,该PDSN开始与监听系统间进行监听业务流的传送。E. The monitoring system sends a connection establishment request response message to the PDSN, and the PDSN starts to transmit the monitoring service flow with the monitoring system.

其中,该方法进一步包括如果用户接入网络,则HAAA按照用户标识将该用户当前接入的PDSN有效地址保存在自身;如果用户离开网络,则HAAA根据用户标识将该用户的PDSN地址设置为无效值。Wherein, the method further includes if the user accesses the network, then HAAA saves the valid address of the PDSN currently accessed by the user in itself according to the user ID; if the user leaves the network, then HAAA sets the user's PDSN address as invalid according to the user ID value.

其中,步骤B中,所述监听系统判断是否收到目标用户接入的PDSN有效地址包括:Wherein, in step B, the monitoring system judges whether to receive the effective address of the PDSN accessed by the target user including:

监听系统判断收到的PDSN地址字段是否为0或为空,如果是,则PDSN地址无效;否则,PDSN地址字段有效。The monitoring system judges whether the received PDSN address field is 0 or empty, if yes, the PDSN address is invalid; otherwise, the PDSN address field is valid.

其中,所述监听系统判断收到的Tap ID是否有效为判断Tap ID是否为0或为空,如果是,则Tap ID无效;否则,有效。Wherein, the monitoring system judges whether the Tap ID received is valid for judging whether the Tap ID is 0 or empty, and if so, the Tap ID is invalid; otherwise, it is valid.

其中,步骤D中,该方法进一步包括:PDSN将用户的当前业务状态回应给监听系统。Wherein, in step D, the method further includes: the PDSN responds to the monitoring system with the current service status of the user.

其中,步骤E中所述PDSN开始与监听系统间进行监听业务流的传送包括:监听业务流通过通用路由封装(GRE)的形式传送。Wherein, in step E, the PDSN starts to transmit the interception service flow with the interception system includes: transmitting the interception service flow in the form of Generic Routing Encapsulation (GRE).

其中,该方法进一步包括:Wherein, the method further includes:

如果用户跨PDSN切换,用户接入新的PDSN,顺序执行所述步骤C、D和E,当监听系统与新的PDSN建立监听连接时,监听系统在原PDSN上撤消监听。If the user switches across PDSNs and the user accesses a new PDSN, the steps C, D and E are executed in sequence. When the monitoring system establishes a monitoring connection with the new PDSN, the monitoring system cancels the monitoring on the original PDSN.

其中,如果监听系统取消对目标用户监听,该方法进一步包括:Wherein, if the monitoring system cancels the monitoring of the target user, the method further includes:

监听系统向BAAA发送目标用户取消消息,BAAA收到该消息后生成接入请求消息发送到HAAA,其中,该接入请求消息中包括属性为0的Tap ID,HAAA根据接入请求消息中的MDN查找到绑定的IMSI,在本地设置该IMSI对应用户的Tap ID为0,然后向监听系统返回目标用户取消应答消息。The monitoring system sends a target user cancellation message to BAAA. After receiving the message, BAAA generates an access request message and sends it to HAAA. Find the bound IMSI, set the Tap ID of the user corresponding to the IMSI to 0 locally, and then return the target user cancellation response message to the monitoring system.

其中,所述分组业务为码分多址(CDMA)2000系统、CDMA 1X系统、仅用于数据传输的CDMA2000 1X增强版(CDMA2000 1X EV-DO,HRPD)系统、用于数据和话音传输的CDMA2000 1X增强版(CDMA2000 1XEV-DV)系统、无线本地环路(WLL)系统的分组业务。Wherein, the packet service is code division multiple access (CDMA) 2000 system, CDMA 1X system, CDMA2000 1X enhanced version (CDMA2000 1X EV-DO, HRPD) system used only for data transmission, CDMA2000 system used for data and voice transmission Packet service of 1X enhanced version (CDMA2000 1XEV-DV) system and wireless local loop (WLL) system.

可见,该方法通过增加HAAA的radius属性,实现了对分组网络的监听,并且,该方法具有以下优点:It can be seen that this method realizes the monitoring of the packet network by increasing the radius attribute of HAAA, and this method has the following advantages:

1、很好地解决了监听对象具有流动性所带来的问题;1. It solves the problems caused by the mobility of monitoring objects;

2、实现了监听对象已经开始分组业务时进行中途监听;2. It realizes halfway monitoring when the monitoring object has started group business;

3、实现了根据MDN发现监听对象并对之监听;3. Realized the discovery and monitoring of monitoring objects according to MDN;

4、解决了漫游监听的问题;4. Solved the problem of roaming monitoring;

总之,该方法通过增加HAAA的radius属性,实现了在对设备进行最小改动的前提下,对目标用户进行监听的功能,该方法可实际应用于使用AAA和PDSN的各类网络之中,应用范围广阔,且对于国家安全问题做出了有益贡献。In short, by adding the radius attribute of HAAA, this method realizes the function of monitoring the target user under the premise of making minimal changes to the device. This method can be actually applied to various networks using AAA and PDSN. The scope of application broad and has made useful contributions to national security issues.

附图说明Description of drawings

图1为CDMA2000系统的分组监听组网图。Figure 1 is a group monitoring network diagram of a CDMA2000 system.

图2为实施例1中,监听系统进行用户目标设定时用户已经接入分组网络时,实现监听的时序图。FIG. 2 is a sequence diagram of implementing monitoring when the user has already connected to the packet network when the monitoring system performs user target setting in Embodiment 1. FIG.

图3为实施例1中,监听系统进行用户目标设定时用户尚未接入分组网络时,实现监听的时序图。FIG. 3 is a sequence diagram of implementing monitoring when the user has not yet accessed the packet network when the monitoring system performs user target setting in Embodiment 1. FIG.

图4为实施例1中,监听系统对PDSN进行监听撤消的时序图。Fig. 4 is a sequence diagram of canceling the monitoring of the PDSN by the monitoring system in Embodiment 1.

图5为实施例1中,监听系统进行目标用户取消的时序图。FIG. 5 is a sequence diagram of canceling a target user by the monitoring system in Embodiment 1. FIG.

具体实施方式Detailed ways

本发明为根据移动电话号码进行分组业务监听的方法,该方法通过在HAAA上增加radius属性,扩展HAAA功能,实现了根据MDN对目标用户进行监听的功能。在该方法中,监听系统利用新增的radius属性在HAAA上完成目标用户设定,HAAA利用新增的radius属性通知监听系统目标用户接入的PDSN地址,从而使监听系统与PDSN之间建立连接,传送监听业务流,以实现监听。The invention is a method for monitoring grouping services according to mobile phone numbers. In the method, the function of monitoring target users based on MDN is realized by adding a radius attribute to HAAA and expanding HAAA functions. In this method, the monitoring system uses the newly added radius attribute to complete the target user setting on the HAAA, and the HAAA uses the newly added radius attribute to notify the monitoring system of the PDSN address that the target user accesses, thereby establishing a connection between the monitoring system and the PDSN , to transmit the monitoring service flow, so as to realize the monitoring.

下面参见附图对本发明进行详细描述。The present invention will be described in detail below with reference to the accompanying drawings.

参见图1所示CDMA2000监听系统组网图,该监听系统包括合法监听接入功能实体(LIAF)和监听中心(LEA),其中,LEA为收集、处理监听结果的功能实体,LIAF具体包括管理功能实体(ADMF)、传递功能实体2(DF2)和传递功能实体3(DF3),其中,ADMF完成监听活动的控制和管理功能,DF2完成接收和分发分组业务相关事件的功能,DF3完成接收和分发分组业务内容的功能。LIAF与代理AAA(BAAA)通过接口连接,该BAAA是一个逻辑实体,表示与LIAF相连的一个AAA,在本发明实施例中是监听区域中的任何一个AAA。在其它实施例中,若运营商由于安全等原因不开放AAA接口,BAAA也可以是运营商对外网提供的具有按MDN路由到HAAA的代理RADIUS服务器或代理RADIUS网关,由BAAA与运营商网内的HAAA进行通信Referring to the network diagram of the CDMA2000 interception system shown in Figure 1, the interception system includes a legal interception access functional entity (LIAF) and an interception center (LEA), wherein the LEA is a functional entity that collects and processes the interception results, and the LIAF specifically includes management functions Entity (ADMF), delivery function entity 2 (DF2) and delivery function entity 3 (DF3), among them, ADMF completes the control and management function of monitoring activities, DF2 completes the function of receiving and distributing packet service-related events, and DF3 completes the reception and distribution Function to group business content. The LIAF is connected to a proxy AAA (BAAA) through an interface. The BAAA is a logical entity, representing an AAA connected to the LIAF, and in the embodiment of the present invention, it is any AAA in the monitoring area. In other embodiments, if the operator does not open the AAA interface due to security and other reasons, BAAA can also be a proxy RADIUS server or proxy RADIUS gateway provided by the operator on the external network with routing to HAAA according to the MDN, and the BAAA and the operator's network HAAA to communicate

本发明通过预先增加图1所示HAAA和BAAA上的radius属性,来扩展它们的功能,从而协助监听系统完成监听工作。具体增加以下三个属性,分别是:The present invention expands their functions by pre-adding the radius attributes on the HAAA and BAAA shown in FIG. 1 , thereby assisting the monitoring system to complete the monitoring work. Specifically, the following three attributes are added, namely:

PDSN Address,表示用户正在接入的PDSN的IP地址;PDSN Address, indicating the IP address of the PDSN that the user is accessing;

ADMF Address,表示监听系统的IP地址,其中,ADMF是监听系统中完成监听活动的控制、管理功能的功能实体;ADMF Address, indicating the IP address of the monitoring system, wherein ADMF is a functional entity that completes the control and management functions of monitoring activities in the monitoring system;

Tap ID,本次监听的唯一标识。这三个新增属性满足radius标准,具体内容可根据该标准设定,以下给出本发明实施例中的这三个属性的内容:Tap ID, the unique identifier for this monitoring. These three new attributes meet the radius standard, and the specific content can be set according to the standard. The following provides the content of these three attributes in the embodiment of the present invention:

PDSN Address:用户正在接入的PDSN的IP地址PDSN Address: the IP address of the PDSN that the user is accessing

Type:26Type: 26

Length=12Length=12

Vendor ID:5535Vendor ID: 5535

Vendor-Type=xxxVendor-Type=xxx

Vendor-Length=6Vendor-Length=6

Vendor-Value=4 octet IP addressVendor-Value=4 octet IP address

ADMF Address:监听系统的IP地址ADMF Address: IP address of the listening system

Type:26Type: 26

Length=12Length=12

Vendor ID:5535Vendor ID: 5535

Vendor-Type=xxxVendor-Type=xxx

Vendor-Length=6Vendor-Length=6

Vendor-Value=4 octet IP addressVendor-Value=4 octet IP address

Tap ID:本次监听的唯一标识Tap ID: the unique identification of this monitoring

Type:26Type: 26

Length=16Length=16

Vendor ID:5535Vendor ID: 5535

Vendor-Type=xxxVendor-Type=xxx

Vendor-Length=10Vendor-Length=10

Vendor-Value=Tap IDVendor-Value=Tap ID

这三个新增属性满足radius标准,属性内容根据该标准确定。These three new attributes meet the radius standard, and the attribute content is determined according to the standard.

用户在接入分组网络时,会接入一个PDSN,以下所述中,用户接入分组网络时所连接的PDSN称作服务PDSN。When a user accesses a packet network, he will access a PDSN. In the following description, the PDSN to which a user is connected when accessing a packet network is called a serving PDSN.

当用户接入分组网络时,该用户接入一个服务PDSN,利用该服务PDSN在HAAA上进行鉴权,鉴权通过则HAAA将该用户的当前接入服务PDSN根据该用户标识记录在HAAA上。当该用户终止分组业务时,HAAA根据用户标识将该用户的PDSN地址设置为无效值。When a user accesses a packet network, the user accesses a service PDSN, and uses the service PDSN to perform authentication on the HAAA. If the authentication passes, the HAAA records the user's current access service PDSN on the HAAA according to the user identifier. When the user terminates the packet service, the HAAA sets the user's PDSN address to an invalid value according to the user ID.

考虑到监听目标用户与分组网络的不同关系,下面分情况论述本发明的监听方法。Considering the different relationships between interception target users and packet networks, the interception method of the present invention will be discussed in the following.

1、监听系统进行目标用户设定时,用户已经接入分组网络:1. When the monitoring system sets the target user, the user has already connected to the packet network:

参见图2所示,此时,监听需要以下步骤:See Figure 2. At this point, monitoring requires the following steps:

步骤2.1:监听系统对BAAA发送目标用户设定消息,设定消息中带有Tap ID和ADMF Address属性和移动电话号码(MDN),其中,Tap ID为本次监听的唯一标识,每一次监听Tap ID取不同数值,且Tap ID大于0时表示该目标用户需要监听,本发明实施例中,Tap ID取值为1;Step 2.1: The monitoring system sends a target user setting message to BAAA, with Tap ID and ADMF Address attributes and a mobile phone number (MDN) in the setting message, where the Tap ID is the unique identifier for this monitoring, and each monitoring Tap The ID takes different values, and when the Tap ID is greater than 0, it means that the target user needs to monitor. In the embodiment of the present invention, the Tap ID takes a value of 1;

步骤2.2:该BAAA收到目标用户设定消息,对MDN进行分析,得到该MDN对应的HAAA,生成没有用户密码的接入请求(access request)消息,利用该消息将目标用户设定消息中的Tap ID和ADMF Address传到该HAAA上;Step 2.2: The BAAA receives the target user setting message, analyzes the MDN, obtains the HAAA corresponding to the MDN, generates an access request (access request) message without a user password, and uses this message to set the target user setting message. Tap ID and ADMF Address are passed to the HAAA;

步骤2.3:HAAA收到该接入请求消息,判断得到消息中的Tap ID大于0,表明这是一条目标用户设定消息,不需要对用户进行鉴权,HAAA根据接入请求消息中的MDN查找到与该MDN相绑定的国际移动用户识别码(IMSI),根据该IMSI在本地完成下列操作:Step 2.3: HAAA receives the access request message and judges that the Tap ID in the message is greater than 0, indicating that this is a target user setting message and does not need to authenticate the user. HAAA searches according to the MDN in the access request message To the International Mobile Subscriber Identity (IMSI) bound to the MDN, complete the following operations locally according to the IMSI:

(1)设置目标用户的Tap ID属性值为接入请求消息中的Tap ID属性值;(1) set the Tap ID attribute value of the target user to the Tap ID attribute value in the access request message;

(2)设置目标用户的ADMF Address属性值为接入请求消息中的ADMFAddress属性值;(2) the ADMF Address attribute value of setting target user is the ADMFAddress attribute value in the access request message;

(3)向监听系统发送目标用户设定应答消息,其中,由于该目标用户已经接入分组网络,因此,在该消息中除了包括本次监听的Tap ID外还进一步包括一新增属性PDSN Address,该属性为目标用户接入的服务PDSN地址;(3) Send the target user setting response message to the monitoring system, wherein, because the target user has accessed the packet network, in addition to including the Tap ID of this monitoring, the message further includes a newly added attribute PDSN Address , this attribute is the service PDSN address accessed by the target user;

以上步骤完成监听系统对目标用户的设定;The above steps complete the setting of the monitoring system for the target user;

步骤2.4:监听系统根据目标用户设定应答消息中的服务PDSN Address,对服务PDSN发送监听请求,其中,该监听请求中包括本次监听的Tap ID、包括监听方式和监听内容在内的监听需求、DF2和DF3的IP地址和端口号,其中,DF2是监听系统中实现接收和分发业务相关事件功能的功能实体,DF3是监听系统中完成接收和分发业务内容的功能实体;Step 2.4: The monitoring system sends a monitoring request to the service PDSN according to the service PDSN Address in the response message set by the target user, where the monitoring request includes the monitoring Tap ID of this monitoring, monitoring requirements including the monitoring method and monitoring content , the IP addresses and port numbers of DF2 and DF3, wherein DF2 is a functional entity in the monitoring system that realizes the function of receiving and distributing business-related events, and DF3 is a functional entity in the monitoring system that completes receiving and distributing business content;

步骤2.5:该服务PDSN收到监听请求,向监听系统发送监听请求应答消息,告知监听系统该服务PDSN接受监听请求,其中,在该监听请求应答消息中还可以进一步包括用户数据业务状态信息,以告知监听系统该服务PDSN处于激活或休眠状态;Step 2.5: The serving PDSN receives the monitoring request, sends a monitoring request response message to the monitoring system, and informs the monitoring system that the serving PDSN accepts the monitoring request, wherein the user data service status information may be further included in the monitoring request response message, as Inform the listening system that the serving PDSN is active or dormant;

步骤2.6:服务PDSN根据监听请求中的DF2地址和端口号,向DF2上报业务相关事件;以及服务PDSN根据监听请求中的DF3地址和端口号向监听系统中的DF3发送连接建立请求,开始建立业务连接;Step 2.6: The serving PDSN reports business-related events to DF2 according to the DF2 address and port number in the monitoring request; and the serving PDSN sends a connection establishment request to DF3 in the monitoring system according to the DF3 address and port number in the monitoring request, and starts to establish services connect;

步骤2.7:监听系统收到连接建立请求,向服务PDSN发送连接建立请求应答消息,服务PDSN收到该消息,开始进行与监听系统之间的业务流传送,实现监听系统的监听,其中,本实施例中,监听业务流采用通用路由封装(GRE)的形式,GRE包头的key字段被设置为Tap ID;也可采用其它的封装形式,满足监听业务需求即可。Step 2.7: The monitoring system receives the connection establishment request, sends a connection establishment request response message to the serving PDSN, the serving PDSN receives the message, and starts to transmit the service flow with the monitoring system to realize the monitoring of the monitoring system. In the example, the monitoring service flow adopts the form of Generic Routing Encapsulation (GRE), and the key field of the GRE header is set as Tap ID; other encapsulation forms can also be used to meet the monitoring service requirements.

2、监听系统进行目标用户设定时,目标用户还未接入分组网络:2. When the monitoring system sets the target user, the target user has not yet connected to the packet network:

参见图3所示,此时,监听需要以下步骤:See Figure 3. At this point, monitoring requires the following steps:

步骤3.1:监听系统对BAAA发送目标用户设定消息,在该消息中包括有大于0的本次监听Tap ID和ADMF Address属性以及MDN0;Step 3.1: The monitoring system sends a target user setting message to BAAA, which includes the Tap ID and ADMF Address attributes and MDN0 greater than 0 for this monitoring;

步骤3.2:该BAAA收到目标用户设定消息,对MDN进行分析,得到该MDN对应的HAAA,生成没有用户密码的接入请求(access request)消息,利用该消息将目标用户设定消息中的Tap ID和ADMF Address传到该HAAA上;Step 3.2: The BAAA receives the target user setting message, analyzes the MDN, obtains the HAAA corresponding to the MDN, generates an access request (access request) message without a user password, and uses this message to set the target user setting message. Tap ID and ADMF Address are passed to the HAAA;

步骤3.3:HAAA接收到该用户接入请求消息,根据该消息中的Tap ID大于0的属性判断得到这是一条用户设定消息,无需对用户鉴权,HAAA在本地完成下列内容:Step 3.3: HAAA receives the user access request message, and judges according to the attribute that the Tap ID in the message is greater than 0 that this is a user setting message. There is no need to authenticate the user, and HAAA completes the following locally:

(1)将目标用户的Tap ID属性值设定为用户接入请求消息中的Tap ID属性值;(1) The Tap ID attribute value of the target user is set as the Tap ID attribute value in the user access request message;

(2)设置目标用户的ADMF Address属性值为用户接入请求消息中的ADMF Address属性值;(2) the ADMF Address attribute value of setting target user is the ADMF Address attribute value in the user access request message;

(3)向监听系统回复接入请求应答消息,其中,由于目标用户尚未接入分组网络,因此该接入请求应答消息中没有PDSN地址或者PDSN属性值为0,本发明实施例中,该消息中的PDSN Address值为0;(3) Reply an access request response message to the monitoring system, wherein, since the target user has not yet accessed the packet network, there is no PDSN address or the PDSN attribute value is 0 in the access request response message. In the embodiment of the present invention, this message The value of PDSN Address in is 0;

步骤3.4:监听系统收到目标用户设定应答消息,判断得到该消息中没有PDSN地址字段或该地址字段值为0,监听系统根据该判断结果在监听接口上不做动作,等待用户接入以触发监听;Step 3.4: The monitoring system receives the target user setting response message, and judges that there is no PDSN address field in the message or the value of the address field is 0. The monitoring system does not take any action on the monitoring interface according to the judgment result, and waits for the user to access and then trigger monitoring;

步骤3.5:当用户通过拨号接入网络时,服务PDSN生成接入请求(accessrequest),将该请求发送给HAAA;Step 3.5: When the user accesses the network through dial-up, the serving PDSN generates an access request (accessrequest), and sends the request to HAAA;

步骤3.6:HAAA收到该接入请求消息,判断得到该接入请求消息中没有Tap ID属性,得到该消息为一条普通的接入请求消息,HAAA进行如下内容:Step 3.6: HAAA receives the access request message, judges that there is no Tap ID attribute in the access request message, and obtains that the message is a common access request message, and HAAA proceeds as follows:

(1)首先对用户进行鉴权,鉴权通过则记录请求消息中的PDSN地址;(1) At first, the user is authenticated, and if the authentication is passed, the PDSN address in the request message is recorded;

(2)根据用户的MDN查找得到该用户的IMSI,根据IMSI查找得到该用户在监听列表之中;(2) Obtain the IMSI of the user according to the MDN search of the user, and obtain the user in the listening list according to the IMSI search;

(3)向服务PDSN发送接入请求应答:access accept或access reject,本发明实施例为access accept,由于HAAA监听列表中该用户Tap ID的属性值大于0,该接入请求应答消息中包括Tap ID属性和ADMF Address,它们的属性值为HAAA中该用户的相应属性值;(3) Send an access request response to the serving PDSN: access accept or access reject, the embodiment of the present invention is access accept, since the attribute value of the user Tap ID in the HAAA listening list is greater than 0, the access request response message includes Tap ID attribute and ADMF Address, their attribute values are the corresponding attribute values of the user in HAAA;

步骤3.7:服务PDSN收到该接入请求应答消息,判断得到该消息中包括大于0的Tap ID属性字段,根据该消息中的ADMF Address向监听系统发送包括Tap ID的监听触发消息;Step 3.7: The serving PDSN receives the access request response message, judges that the message includes a Tap ID attribute field greater than 0, and sends a monitoring trigger message including the Tap ID to the monitoring system according to the ADMF Address in the message;

步骤3.8:监听系统收到监听触发消息,判断得到消息中的Tap ID有效,向服务PDSN发送监听触发应答消息,其中,该监听触发应答消息中包括如监听方式、监听内容的监听需求、DF2的IP地址和端口号、DF3的IP地址和端口号、Tap ID;Step 3.8: The monitoring system receives the monitoring trigger message, judges that the Tap ID in the message is valid, and sends a monitoring trigger response message to the serving PDSN, wherein the monitoring trigger response message includes monitoring requirements such as monitoring mode, monitoring content, and DF2 IP address and port number, IP address and port number of DF3, Tap ID;

步骤3.9~3.10:服务PDSN收到监听触发应答消息,根据该消息中的DF2的地址和端口号,向DF2上报业务相关事件;同时,服务PDSN根据该消息中的DF3的地址和端口,向监听系统发送建立连接请求,监听系统收到该请求并回应连接建立请求应答,与服务PDSN之间开始建立业务连接。其中,本实施例中,监听业务流采用通用路由封装(GRE)的形式,其中,GRE包头的key字段被设置为Tap ID;也可采用其它的封装形式,满足监听业务需求即可。Steps 3.9 to 3.10: The serving PDSN receives the monitoring trigger response message, and reports business-related events to DF2 according to the address and port number of DF2 in the message; at the same time, the serving PDSN reports to the monitoring The system sends a connection establishment request, the monitoring system receives the request and responds to the connection establishment request response, and starts to establish a service connection with the serving PDSN. Wherein, in the present embodiment, the monitoring service flow adopts the form of general routing encapsulation (GRE), wherein the key field of the GRE header is set to Tap ID; other encapsulation forms can also be used to meet the monitoring service requirements.

3、用户进行跨PDSN切换时:3. When the user performs cross-PDSN handover:

当用户进行跨PDSN切换时,该用户切换进入新的PDSN,其流程与监听系统进行目标用户设定时,目标用户还未接入分组网络时的步骤相同,同时,该用户还需要在原PDSN进行监听撤消,参见图4所示,具体流程包括:When a user performs cross-PDSN handover, the user switches to a new PDSN. The process is the same as when the monitoring system sets the target user and the target user has not yet accessed the packet network. At the same time, the user also needs to perform Monitor cancellation, as shown in Figure 4, the specific process includes:

监听系统中的ADMF向原服务PDSN发送监听撤消消息,原服务PDSN相应撤消该目标用户的设置,然后向监听系统中的ADMF发送监听撤销应答消息;The ADMF in the monitoring system sends a monitoring cancellation message to the original service PDSN, and the original serving PDSN cancels the setting of the target user accordingly, and then sends a monitoring cancellation response message to the ADMF in the monitoring system;

在本发明实施例中,当监听系统欲取消对目标用户的监听时,参见图5所示,需要以下步骤:In the embodiment of the present invention, when the monitoring system intends to cancel the monitoring of the target user, as shown in Figure 5, the following steps are required:

监听系统中的ADMF向BAAA发送目标用户取消消息,该消息中带有值为0的Tap ID;BAAA收到该消息,生成没有用户密码的用户接入请求(access request)消息,并在该用户接入请求消息上设定Tap ID值为0,BAAA向HAAA发送该用户接入请求消息;HAAA收到该接入请求消息,判断得到该消息中的Tap ID属性值为0,表明该消息为目标用户取消消息,不对用户鉴权,进行如下操作:根据该用户的MDN查找到与之绑定的IMSI,根据该IMSI设置被监听用户的Tap ID属性值为0,向监听系统发送接入请求应答(access accept)消息;监听系统根据接入请求应答消息中的内容判断得到目标用户取消成功,在接口不做动作;The ADMF in the monitoring system sends a target user cancellation message to BAAA, with a Tap ID of 0 in the message; BAAA receives the message, generates a user access request (access request) message without a user password, and Set the Tap ID value in the access request message to 0, and BAAA sends the user access request message to HAAA; HAAA receives the access request message and judges that the Tap ID attribute value in the message is 0, indicating that the message is The target user cancels the message, does not authenticate the user, and performs the following operations: Find the IMSI bound to the user according to the MDN of the user, set the tap ID attribute value of the monitored user to 0 according to the IMSI, and send an access request to the monitoring system Response (access accept) message; the monitoring system judges that the target user has successfully canceled according to the content in the access request response message, and does not take any action on the interface;

通过用户跨PDSN切换时对目标用户的监听可以实现漫游监听的问题,当目标用户从监听范围内的任意一个PDSN接入分组网络时,仍可实现及时、准确的监听。The problem of roaming monitoring can be realized by monitoring the target user when the user switches across PDSNs. When the target user accesses the packet network from any PDSN within the monitoring range, timely and accurate monitoring can still be realized.

在本发明实施例中,当用户终止分组业务时,根据CDMA网络分组协议,PDSN生成计费请求(accounting stop)消息,且将该消息中的sessioncontinue字段置为0,发送到HAAA,HAAA收到该消息,将HAAA上该用户的PDSN Address属性值置为0;并且,对于被监听的用户,监听系统释放与服务PDSN之间关于该用户的监听业务连接。In the embodiment of the present invention, when the user terminates the packet service, according to the CDMA network packet protocol, the PDSN generates a charging request (accounting stop) message, and sets the sessioncontinue field in the message to 0, sends it to HAAA, and HAAA receives it This message sets the PDSN Address attribute value of the user on the HAAA to 0; and, for the monitored user, the monitoring system releases the monitoring service connection with the serving PDSN for the user.

在本发明实施例中,各个PDSN与HAAA之间的消息传送可经过一集中实现上述所述之新增radius属性及监听辅助功能的设备,并通过该设备将PDSN上正常的鉴权请求和计费请求转发给HAAA。由此可实现对HAAA不加改动。In the embodiment of the present invention, the message transmission between each PDSN and HAAA can be through a centralized device that implements the above-mentioned newly added radius attribute and monitoring auxiliary function, and through this device, the normal authentication request and calculation on the PDSN The fee request is forwarded to HAAA. This can be achieved without modification to the HAAA.

本发明还可应用于CDMA2000、CDMA 1x、EV-DO、EV-DV、WLL系统中,其应用方法与以上实施例所述步骤一致,该领域技术人员无需创造性劳动即可实现,因此,应用于以上所述系统的本发明监听方法应在本发明保护范围之内。同样,对于使用AAA结合PDSN的系统,本发明也可应用于其上,具体实施步骤与上述实施例相同。The present invention can also be applied in CDMA2000, CDMA 1x, EV-DO, EV-DV, WLL system, and its application method is consistent with the steps described in the above embodiments, and those skilled in the art can realize without creative work, therefore, be applied to The monitoring method of the present invention of the above-mentioned system should be within the protection scope of the present invention. Likewise, the present invention can also be applied to the system using AAA combined with PDSN, and the specific implementation steps are the same as the above-mentioned embodiment.

可见,本发明通过在HAAA上新增radius属性,使得监听系统可以利用这些属性在HAAA上进行目标用户设定,目标用户一旦接入监听范围内的PDSN,则根据HAAA上的目标用户设定该PDSN与监听系统建立连接,传送监听业务流,实现监听。该方法实现了分组网络的监听,并很好的解决了以下监听问题,分别是:It can be seen that, by adding radius attributes on HAAA, the present invention enables the monitoring system to use these attributes to set target users on HAAA. Once a target user accesses a PDSN within the monitoring range, the target user is set according to the target user on HAAA. The PDSN establishes a connection with the monitoring system, transmits the monitoring service flow, and realizes the monitoring. This method realizes the monitoring of the packet network, and solves the following monitoring problems well, namely:

漫游监听问题,对于监听对象从监听范围内的任意一个PDSN接入分组网络,本发明均能够通过HAAA触发监听系统以实现监听;For the problem of roaming monitoring, for the monitoring object to access the packet network from any PDSN within the monitoring range, the present invention can trigger the monitoring system through HAAA to realize monitoring;

预先监听问题,对于在监听系统发出监听命令之后,被监听对象接入分组网络的情况,本发明可以通过在该用户接入网络时利用HAAA触发监听系统而实现监听;For the problem of pre-monitoring, after the monitoring system issues a monitoring command, the monitored object accesses the packet network, the present invention can realize monitoring by using HAAA to trigger the monitoring system when the user accesses the network;

中途监听问题,对于在监听系统发出监听命令之前,被监听对象已经接入分组网络的情况,本发明可以通过HAAA触发监听系统,实现对该对象的监听;For the problem of halfway monitoring, for the situation that the monitored object has already connected to the packet network before the monitoring system sends a monitoring command, the present invention can trigger the monitoring system through HAAA to realize the monitoring of the object;

本发明仅需对现有设备做小幅改动,实现起来简单、高效,具有良好的应用前景。The invention only needs to make minor changes to the existing equipment, is simple and efficient to implement, and has good application prospects.

Claims (9)

1, a kind of method of carrying out the Packet Service monitoring according to Mobile Directory Number, it is characterized in that, increase the IP address (PDSN Address) of user's accessing group data service node (PDSN), the IP address (ADMF Address) of monitoring system, three attributes of unique identification (Tap ID) of this monitoring in advance in the equipment of checking in Packet Service, authentication, charging (AAA), this method may further comprise the steps:
A, the monitoring system AAA (BAAA) that acts on behalf of in the monitoring scope sends targeted customer's setup message, have targeted customer's Mobile Directory Number (MDN), effective Tap ID and ADMFAddress in this message, BAAA receives this message, analyze according to MDN and to obtain the open an account AAA (HAAA at place of targeted customer, Home AAA) address, and MDN, Tap ID and ADMF Address be sent to this HAAA;
B, HAAA find corresponding international mobile subscriber identity (IMSI) according to MDN, HAAA is at the Tap ID and the ADMF Address property value that are set to from the Tap ID of this IMSI respective user on one's body and ADMF Address property value in targeted customer's setup message, reply the targeted customer to monitoring system then and set response message, comprise Tap ID in this message at least;
C, monitoring system judge the targeted customer sets whether comprise effective PDSN Address in the response message, if, execution in step D then, otherwise monitoring system is waited for, is inserted PDSN until this targeted customer, HAAA is to this subscription authentication and write down the PDSN Address of the PDSN of current access, HAAA is according to AMDF Address, and the message that transmission comprises PDSN Address is to monitoring system, and monitoring system obtains triggering after this message;
D, monitoring system judges whether the Tap ID that receives is effective, if not, then finish this snoop procedure, otherwise, PDSN Address according to the targeted customer, monitoring system sends interception request to the PDSN of the current access of targeted customer, comprise Tap ID in this request, listen requirement, the IP address and the port numbers of the propagation function entity 2 (DF2) in the monitoring system, the IP address and the port numbers of the propagation function entity 3 (DF3) in the monitoring system, this PDSN is according to IP address and the port numbers of DF2 and DF3, to monitoring system reporting service dependent event, send and connect the request of foundation;
E, monitoring system send to connect and set up request-reply message to this PDSN, this PDSN begin and monitoring system between carry out the transmission of monitoring service stream.
2, monitor method according to claim 1 is characterized in that this method further comprises if user access network, and then HAAA is kept at self according to user ID with the PDSN effective address of the current access of this user; If user's deviated from network, then HAAA is invalid value according to user ID with this user's PDSN address setting.
3, monitor method according to claim 1 is characterized in that among the step B, and described monitoring system judges whether to receive that the PDSN effective address that the targeted customer inserts comprises:
Monitoring system judges whether the PDSN address field of receiving is 0 or is empty, if then the PDSN address is invalid; Otherwise the PDSN address field is effective.
4, monitor method according to claim 1 is characterized in that described monitoring system judges whether the Tap ID that receives effectively is to judge whether Tap ID is 0 or is empty, if then Tap ID is invalid; Otherwise, effectively.
5, monitor method according to claim 1, it is characterized in that among the step D, this method further comprises: PDSN responds user's current business state to monitoring system.
6, monitor method according to claim 1, it is characterized in that PDSN described in the step e begins and monitoring system between carry out monitoring service stream transmission comprise: monitoring service stream transmits by the form of generic route encapsulation (GRE).
7, monitor method according to claim 1 is characterized in that this method further comprises:
Switch if the user strides PDSN, the user inserts new PDSN, and order is carried out described step C, D and E, and when monitoring system and new PDSN set up monitoring when being connected, monitoring system is cancelled monitoring on former PDSN.
8, monitor method according to claim 1 is characterized in that this method further comprises if the monitoring system cancellation is monitored the targeted customer:
Monitoring system sends the targeted customer to BAAA and cancels message, generation access request message sent to HAAA after BAAA received this message, wherein, comprise in this access request message that attribute is 0 Tap ID, HAAA finds the IMSI of binding according to the MDN in the access request message, the Tap ID that this IMSI respective user is set in this locality is 0, returns the targeted customer to monitoring system then and cancels response message.
9, monitor method according to claim 1, it is characterized in that described Packet Service is code division multiple access (CDMA) 2000 systems, CDMA 1X system, only is used for CDMA2000 1X enhanced edition (CDMA2000 1X EV-DO the uses PD) system of transfer of data, CDMA20001X enhanced edition (the CDMA2000 1X EV-DV) system that is used for data and speech transmissions, the Packet Service of wireless local loop (WLL) system.
CNB031097588A 2003-04-15 2003-04-15 A method for monitoring packet services based on mobile phone numbers Expired - Fee Related CN100359976C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB031097588A CN100359976C (en) 2003-04-15 2003-04-15 A method for monitoring packet services based on mobile phone numbers

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB031097588A CN100359976C (en) 2003-04-15 2003-04-15 A method for monitoring packet services based on mobile phone numbers

Publications (2)

Publication Number Publication Date
CN1538778A true CN1538778A (en) 2004-10-20
CN100359976C CN100359976C (en) 2008-01-02

Family

ID=34319508

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB031097588A Expired - Fee Related CN100359976C (en) 2003-04-15 2003-04-15 A method for monitoring packet services based on mobile phone numbers

Country Status (1)

Country Link
CN (1) CN100359976C (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100344095C (en) * 2004-11-08 2007-10-17 华为技术有限公司 Charge metering association and charge managing method for concentrated speech business
CN100428700C (en) * 2005-12-30 2008-10-22 华为技术有限公司 Application server, method and system for reporting related monitoring events using it
CN101010934B (en) * 2004-09-10 2010-09-29 微软公司 Methods for Machine Learning
CN1968090B (en) * 2006-06-09 2010-10-27 华为技术有限公司 Method and system for realizing data business service center obtaining user terminal authentication information
WO2012145898A1 (en) * 2011-04-27 2012-11-01 海能达通信股份有限公司 Realization method, apparatus and system for remote monitoring
CN103248533A (en) * 2012-02-08 2013-08-14 宏达国际电子股份有限公司 Monitoring method and device thereof

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FI103456B (en) * 1996-03-29 1999-06-30 Nokia Telecommunications Oy Transmission of speech in a packet network
FI106509B (en) * 1997-09-26 2001-02-15 Nokia Networks Oy Legal interception in a telecommunications network
WO2000056029A1 (en) * 1999-03-12 2000-09-21 Nokia Networks Oy Interception system and method

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101010934B (en) * 2004-09-10 2010-09-29 微软公司 Methods for Machine Learning
CN100344095C (en) * 2004-11-08 2007-10-17 华为技术有限公司 Charge metering association and charge managing method for concentrated speech business
CN100428700C (en) * 2005-12-30 2008-10-22 华为技术有限公司 Application server, method and system for reporting related monitoring events using it
CN1968090B (en) * 2006-06-09 2010-10-27 华为技术有限公司 Method and system for realizing data business service center obtaining user terminal authentication information
WO2012145898A1 (en) * 2011-04-27 2012-11-01 海能达通信股份有限公司 Realization method, apparatus and system for remote monitoring
US9572054B2 (en) 2011-04-27 2017-02-14 Hytera Communications Corp., Ltd. Realization method, apparatus and system for remote monitoring
CN103248533A (en) * 2012-02-08 2013-08-14 宏达国际电子股份有限公司 Monitoring method and device thereof

Also Published As

Publication number Publication date
CN100359976C (en) 2008-01-02

Similar Documents

Publication Publication Date Title
CN1310476C (en) Method for building session connection to wireless local network user
CN1226887C (en) Device, method and system for matching user state in network
CN1274181C (en) Method for managing local terminal equipment accessing network
US20100041372A1 (en) System and method for authorizing access to a uma network based on access point identifier
WO2010099728A1 (en) Routing method, device and communication system
CN1283062C (en) Cut-in identification realizing method for wireless local network
CN101080098A (en) A communication method and system
CN1567894A (en) Method of route inquiry under condition of wireless local area network and mobile network intercommunication
CN1567846A (en) A method for transmitting service data to WLAN user
CN1214555C (en) Method for unified managing resource in packet network of PLMN
CN100346615C (en) Method for receiving external network data by target user equipment
CN1538778A (en) A method for monitoring packet services based on mobile phone numbers
CN1535068A (en) Method for group service monitoring according to user identification
CN101795478A (en) Method for data bypass, network side equipment and access gateway
CN101039213A (en) Method for controlling user access in communication network
CN1213626C (en) A Method of GPRS Supporting Intelligent Service
CN1214578C (en) Group domain communication method
CN100461958C (en) A mobile communication access system and method
CN1269370C (en) Positioning method of mobile communication system
CN1901746A (en) Method for obtaining user cut-in homing GGSN and net element device
CN101400152B (en) Method, system and device for transmitting information related to policy control
CN1894889A (en) Communications system
CN100337458C (en) Method of providing appearing information from radio local network to appearing system
CN1630409A (en) A system and method for providing user with network service in NGN
CN1567860A (en) A method for transmitting service data to WLAN user

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20080102

CF01 Termination of patent right due to non-payment of annual fee