CN102238547A - User session control method, session server, authentication, authorization and accounting (AAA) server and system - Google Patents
User session control method, session server, authentication, authorization and accounting (AAA) server and system Download PDFInfo
- Publication number
- CN102238547A CN102238547A CN2011102024967A CN201110202496A CN102238547A CN 102238547 A CN102238547 A CN 102238547A CN 2011102024967 A CN2011102024967 A CN 2011102024967A CN 201110202496 A CN201110202496 A CN 201110202496A CN 102238547 A CN102238547 A CN 102238547A
- Authority
- CN
- China
- Prior art keywords
- session
- server
- message
- conversation
- session information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
The embodiment of the invention provides a method, a session server, an authentication, authorization and accounting (AAA) server and a system for controlling user sessions in a plurality of networks. The method for authenticating the user sessions in the plurality of networks comprises the following steps of: managing session information according to the types of session information notices transmitted by a plurality of AAA servers in different networks; and authenticating the user sessions according to the session information managed on the session server. The embodiment of the invention manages the session information from the plurality of networks in a centralized way on the session server, and authenticates the user sessions based on the session information to control the user sessions of the plurality of networks in a cross-network way, thereby realizing session number control among the plurality of AAA servers.
Description
Technical field
The embodiment of the invention relates to data communication field, and more specifically, relate to a kind of method, conversation server, AAA (Authentication, Authorization and Accounting, authentication) server and system that is used at a plurality of network control user conversations.
Background technology
Along with the data communication service years of development, there is the several data network at present, for example fixed network broadband, CDMA (Code Division Multiple Access, code division multiple access), WCDMA (Wideband Code Division Multiple Access, Wideband Code Division Multiple Access (WCDMA)) and WiMAX (Worldwide Interoperability for Microwave Access, worldwide interoperability for microwave insert) etc.According to normalized definition, every kind of network all needs to build separately a cover aaa server.
Although aaa server under the heterogeneous networks and NAS be (Network Access System, network access equipment) equipment all is by RADIUS (Remote Authentication Dial In User Service, the remote customer dialing authentication system) protocol communication, but the function difference that it is realized, and between the aaa server also without any contact.Current, a cover aaa server can be controlled user conversation number book server under, but exists a lot of operators more or less to have to throw the net network to run licence plate more and all require the situation of many networks unified account number access when reality is runed.In addition, under some operation scene, operator also requires a number of the account can only insert a kind of network by a user simultaneously, promptly has the session number control and management between many cover aaa servers.But, because the aaa server of operator's construction is relatively independent at present, so between many cover aaa servers, be difficult to accomplish session number control.
Summary of the invention
The embodiment of the invention provides a kind of method, conversation server, aaa server and system that is used at a plurality of network control user conversations, can manage the user profile of a plurality of networks concentratedly, thereby makes the session number control between many now cover aaa servers.
An aspect according to the embodiment of the invention, a kind of method that is used in the session of a plurality of network authenticated user is provided, and this method comprises: the type according to the session information notice that sends from a plurality of authentication aaa servers that are arranged in heterogeneous networks is come managing conversation information; And come the authenticated user session according to the session information of on conversation server, managing.
Another aspect according to the embodiment of the invention, a kind of method that is used for being supported in a plurality of network control user conversations is provided, has comprised: the type according to the session information notice that sends from a plurality of authentication aaa servers that are arranged in heterogeneous networks is come managing conversation information; And according to controlling user conversation from the request message of described aaa server transmission.
According to another aspect of the embodiment of the invention, a kind of method that is used for being supported in a plurality of network control user conversations is provided, comprising: the type according to the charging message that receives from network access equipment NAS sends the session information notice to conversation server; When receiving from described NAS when inserting request, send a request message and receive corresponding response message to described conversation server; And send to described NAS according to the response message that described conversation server sends and to insert response, so that authen session.
Another aspect according to the embodiment of the invention, a kind of conversation server that is used for being supported in a plurality of network control user conversations is provided, comprise: session management unit is used for coming managing conversation information according to the type of the session information notice that sends from a plurality of authentication aaa servers that are positioned at heterogeneous networks; And Session Control Unit, be used for controlling user conversation according to the request message that sends from described aaa server.
Another aspect according to the embodiment of the invention, a kind of authentication aaa server that is used for being supported in a plurality of network control user conversations is provided, comprise: the session information notification unit is used for sending the session information notice according to the type of the charging message that receives from network access equipment NAS to conversation server; And first Session Control Unit, be used for when receiving from described NAS when inserting request, send a request message and receive corresponding response message to described conversation server; And second Session Control Unit, the response message that is used for sending according to described conversation server sends to described NAS and inserts response so that authen session.
Another aspect according to the embodiment of the invention provides a kind of communication system, comprises aforesaid conversation server and authentication aaa server.
The embodiment of the invention is managed the session information from a plurality of networks concentratedly on conversation server, and come the authenticated user session based on this session information, make and to control the user conversation of a plurality of networks by across a network, thereby realized controlling more in the session number of overlapping between the aaa servers.
Description of drawings
In order to be illustrated more clearly in the technical scheme of the embodiment of the invention, to do to introduce simply to the accompanying drawing of required use in embodiment or the description of the Prior Art below, apparently, accompanying drawing in describing below only is some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is the schematic diagram that illustrates according to an exemplary cellular systems of the embodiment of the invention.
Fig. 2 is the exemplary flow chart in the method for a plurality of network authenticated user session of being used for that illustrates according to the embodiment of the invention.
Fig. 3 is the exemplary flow chart of method that is used for managing (promptly create, upgrade and delete) session information that illustrates according to the embodiment of the invention.
Fig. 4 is the exemplary flow chart of method that is used for being supported in a plurality of networks control user conversations that illustrates according to the embodiment of the invention.
Fig. 5 is the exemplary flow chart of other method that is used for being supported in a plurality of networks control user conversations that illustrates according to the embodiment of the invention.
Fig. 6 is the exemplary signal flow graph that is used for controlling at a plurality of networks the process of user conversations that illustrates according to first embodiment of the invention.
Fig. 7 is the exemplary signal flow graph that is used for controlling at a plurality of networks the process of user conversations that illustrates according to second embodiment of the invention.
Fig. 8 is the exemplary signal flow graph that external system is come the process of inquiry session information that is used for that illustrates according to the embodiment of the invention.
Fig. 9 is the exemplary signal flow graph that external system is come another process of inquiry session information that is used for that illustrates according to the embodiment of the invention.
Figure 10 is the exemplary block diagram that illustrates according to the structure of the conversation server of the embodiment of the invention.
Figure 11 is the exemplary block diagram that illustrates according to the concrete structure of the session management unit of the embodiment of the invention.
Figure 12 is the exemplary block diagram that illustrates according to the concrete structure of the Session Control Unit of the embodiment of the invention.
Figure 13 is the exemplary block diagram that illustrates according to the structure of the aaa server of the embodiment of the invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the invention, the technical scheme in the embodiment of the invention is clearly and completely described, obviously, described embodiment is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, those of ordinary skills belong to the scope of protection of the invention not making the every other embodiment that is obtained under the creative work prerequisite.
Technical scheme of the present invention can be applied to various communication systems, for example: fixed network broadband, CDMA, WCDMA, WiMAX etc.But, the invention is not restricted to this, those skilled in the art can apply the present invention to any suitable network as required.
Can only be controlled at number of sessions within its scope at a cover aaa server in the correlation technique, when many cover AAA exist and during shared user account simultaneously, because do not have any contact between current each aaa server so that can't realize the problem that the number of sessions between many cover aaa servers is controlled, the embodiment of the invention comprises conversation server in network, be used for the user session information of centralized stores, management and a plurality of aaa servers of control.
Fig. 1 is the schematic diagram that illustrates according to an exemplary cellular systems of the embodiment of the invention.This network system comprises conversation server 10, by this conversation server 10 session information such as a plurality of networks of fixed network broadband, CDMA, WCDMA, WiMAX etc. is carried out centralized stores and management.First interface (Int1) among Fig. 1 is used for each aaa server announcement session server 10 establishment/renewals/deletion user session information, the embodiment of the invention does not limit the interface protocol of first interface, when using, can define flexibly as required, such as RADIUS, SOAP (Simple Object Access Protocol, Simple Object Access Protocol) etc.Second interface (Int2) among Fig. 1 be used for conversation server 10 to each aaa server authen session and each aaa server or external system to conversation server 10 inquiry session information, the embodiment of the invention does not limit the interface protocol of second interface yet, when using, can define flexibly as required, such as HTTP (Hyper Text Transfer Protocol, HTML (Hypertext Markup Language)), SOAP etc.
Below, describe the embodiment of the invention with reference to the accompanying drawings in detail.
Fig. 2 is the exemplary flow chart in the method 20 of a plurality of network authenticated user session of being used for that illustrates according to the embodiment of the invention.
As shown in Figure 2, in 201 of method 20, come managing conversation information according to the type of the session information notice that sends from a plurality of aaa servers that are arranged in heterogeneous networks.202, come the authenticated user session according to the session information of on conversation server, managing.
The embodiment of the invention is managed the session information from a plurality of networks concentratedly on conversation server, and come the authenticated user session based on this session information, make and to control the user conversation of a plurality of networks by across a network, thereby realized controlling more in the session number of overlapping between the aaa servers.
According to the embodiment of the invention, when the user insert a kind of network, during such as one among fixed network broadband, CDMA, WCDMA, the WiMAX, aaa server in this network sends the session information notice to conversation server, notifying managing conversation information by conversation server according to this session information, particularly is to create, upgrade and the deletion session information.
Fig. 3 is the exemplary flow chart of method 30 that is used for managing (promptly create, upgrade and delete) session information that illustrates according to the embodiment of the invention.Can come manner of execution 30 by conversation server.
As shown in Figure 3, method 30 301 in, judge the type of the session information notice that receives from aaa server.
When receiving establishment session information notice from aaa server, in 302, create with this subscriber-related session information and also store.
When receiving renewal session information notice from aaa server, in 303, upgrade this session information.
When receiving deletion session information notice from described aaa server, in 304, delete this session information.
It should be noted that, in some cases, for example under the very short situation of session time of being kept, may not can receive renewal session information notice from aaa server, but after receiving establishment session information notice and having created session, receive deletion session information notice through after a while and directly, thereby do not carry out the renewal of session information, only carry out the establishment and the deletion of session information.Therefore, 303 in the method 30 can be omitted (as shown in phantom in Figure 3).
Below, will different embodiments of the invention be described in more detail in conjunction with object lesson.In the description of following examples, manage session information in (create, upgrade and deletion) a plurality of networks concentratedly by conversation server, conversation server 10 shown in Fig. 1, and sent a request message by aaa server when carrying out the control of session information, conversation server is controlled session information according to this request message then.In one exemplary embodiment of the present invention, the request message that aaa server sends can comprise in session authentication request and the session query requests, and correspondingly, can carry out the session authentication function by conversation server or aaa server.But the embodiment of the invention is not limited thereto.
Fig. 4 is the exemplary flow chart of method 40 that is used for being supported in a plurality of networks control user conversations that illustrates according to the embodiment of the invention.Can come manner of execution 40 by conversation server (such as the conversation server among Fig. 1 10).
As shown in Figure 4, method 40 401 in, type according to the session information notice that sends from a plurality of aaa servers that are arranged in heterogeneous networks is come managing conversation information, particularly, can create, upgrade and delete session information according to method as shown in Figure 3.
In 402, control user conversation according to the request message that sends from described aaa server.
The embodiment of the invention is by managing the session information from a plurality of networks concentratedly on conversation server, can control the interior user conversation of a plurality of networks by across a network, thereby realized when user under multi-network environment uses same login name to come access network the session number control between many cover aaa servers.
Fig. 5 is the exemplary flow chart of other method 50 that is used for being supported in a plurality of networks control user conversations that illustrates according to the embodiment of the invention.Can come implementation method 50 by aaa server (any in fixed network aaa server for example shown in Figure 1, CDMAAAA server, WCDMAAAA server and the WiMAX aaa server).
As shown in Figure 5, method 50 501 in, send the session information notice according to the type of the charging message that receives from network access equipment NAS to conversation server.For example, particularly,, send to conversation server and create the session information notice when the charging message that receives is when beginning to charge request Accounting-Request (Start) message; When described charging message is Intermediate Charging ICH request Accounting-Request (Interim) message, sends and upgrade the session information notice; And when described charging message be when stopping to charge request Accounting-Request (Stop) message, to send deletion session information notice.But, the invention is not restricted to this, can also send corresponding session information notice according to other charging messages.
In 502, when receiving from described NAS when inserting request, send a request message and receive corresponding response message to described conversation server.Those skilled in the art can understand, if what send is the session authentication request, then receive the session authentication response, if and transmission is the session query requests, then receive the session inquiry response with session information, wherein session information is the session information with session of the login name identical with the login name of the corresponding session of session query requests.
In 503, the response message that sends according to described conversation server sends the access response to described NAS, so that authen session.
The embodiment of the invention is by managing the session information from a plurality of networks concentratedly on conversation server, can control the interior user conversation of a plurality of networks by across a network, thereby realized when user under multi-network environment uses same login name to come access network the session number control between many cover aaa servers.
After this, describe with reference to the accompanying drawings according to more detailed one exemplary embodiment of the present invention.
Fig. 6 is the exemplary signal flow graph in the process 60 of a plurality of networks control (particularly, being authentication) user conversation of being used for that illustrates according to first embodiment of the invention.In the first embodiment of the present invention, come the authenticated user session by conversation server (for example conversation server among Fig. 1 10).In Fig. 6, user A, aaa server (A) and NAS (A) belong to network A, and user B, aaa server (B) and NAS (B) belong to network B.Communication standard interface between its corresponding NAS of each aaa server can be RADIUS.
As shown in Figure 6, in 601, the user A that is arranged in network A uses for example login name initiation access network A of zhangshandomain.
In 602, NAS (A) sends access request Access-Request message to aaa server (A) after receiving the request of access.
In 603, aaa server (A) sends a request message to conversation server, is the session authentication request here.
In 604, the conversation server authen session.For example, whether the current sessions quantity that conversation server determines to have the session of login zhangshandomain by name reaches predetermined maximum number of sessions, and wherein current sessions is meant existing, as to have the login name identical with the login name (for example zhangshandomain) of the corresponding session of this session authentication request session.What can define flexibly on conversation server that each session allows should predetermined maximum number of sessions, and for example 1.
In 605, conversation server sends the session authentication response to aaa server (A).When described current sessions quantity during less than described predetermined maximum number of sessions, conversation server sends the session authentication success response to aaa server (A), otherwise, when described current sessions quantity was equal to or greater than described predetermined maximum number of sessions, conversation server sent the session authentication failure response to described aaa server.
In the first embodiment of the present invention, suppose that login name zhangshandomain is that access network and predetermined maximum number of sessions are 1 first, so current sessions quantity is 0, less than predetermined maximum number of sessions, thereby conversation server sends the session authentication success response to aaa server (A).Therefore, 606, aaa server (A) sends to NAS (A) and accepts Access-Accept message.
Afterwards, in 607, NAS (A) sends Accounting-Request (Start) message to aaa server (A).
In 608, aaa server (A) sends to conversation server and creates the session information notice, and in 609, conversation server is created and the relevant session information of this login name zhangshandomain.
In 610, aaa server (A) returns to NAS (A) and begins to charge response Accounting-Response (Start) message.
Here, though described herein be aaa server in 608 (A) to conversation server send create the session information notice and in 610 aaa server (A) return to NAS (A) and begin to charge response Accounting-Response (Start) message, but it will be appreciated by those skilled in the art that, these two processes need not to carry out successively according to described time sequencing in time, but can walk abreast or carry out with any order.
Through a predetermined amount of time (this predetermined amount of time can be gone up configuration at NAS (A)) afterwards, in 611, NAS (A) sends Accounting-Request (Interim) message to aaa server (A).
In 612, aaa server (A) sends to conversation server and upgrades the session information notice, and in 613, conversation server is notified according to this renewal session information and upgraded session information.
In 614, aaa server (A) returns Intermediate Charging ICH response Accounting-Response (Interim) message to NAS (A).
Equally, though described herein be aaa server in 612 (A) to conversation server send upgrade the session information notice and in 614 aaa server (A) return Intermediate Charging ICH response Accounting-Response (Interim) message to NAS (A), but it will be appreciated by those skilled in the art that, these two processes need not to carry out successively according to described time sequencing in time, but can walk abreast or carry out with any order.
Under the situation that user A request is rolled off the production line, in 615, NAS (A) sends Accounting-Request (Stop) message to aaa server (A).
In 616, aaa server (A) sends deletion session information notice to conversation server, and in 617, conversation server deletion and the relevant session information of this login name zhangshandomain.
In 618, aaa server (A) returns to NAS (A) and stops to charge response Accounting-Response (Stop) message.
Similarly, though described herein be aaa server in 616 (A) to conversation server send deletion session information notice and in 618 aaa server (A) return to NAS (A) and stop to charge response Accounting-Response (Stop) message, but it will be appreciated by those skilled in the art that, these two processes need not to carry out successively according to described time sequencing in time, but can walk abreast or carry out with any order.
Those skilled in the art should be noted in the discussion above that the step among the 611-614 can repeat repeatedly.In addition, if the time of this session persistence is shorter, then may when also not passing through described predetermined amount of time, receive Accounting-Request (Stop) message by aaa server (A), thereby conversation server can be deleted session information under the situation of not upgrading session information.Thereby the step among the 611-614 also can be omitted.
In 619, the user B that is arranged in network B uses same login name (zhangshandomain) to initiate to insert the online request from the B network.
In 620, NAS (B) sends Access-Request message to aaa server (B).
Similarly, in 621, aaa server (B) is to conversation server initiation session authentication request.
In 622, the conversation server authen session.Under the situation that user A does not roll off the production line, conversation server finds that the user of login zhangshandomain by name is online, and since predetermined maximum number of sessions be 1 and current sessions quantity be 1, so in 623, conversation server returns the session authentication failure response to aaa server (B).
In 624, aaa server (B) sends admission reject Access-Reject message to NAS (B).
In the first embodiment of the present invention, in order to satisfy the demand that login name of Carrier Requirements can only be inserted a kind of network simultaneously by a user, the predetermined maximum number of sessions that is allowed on conversation server is set to 1, still, the invention is not restricted to this.Those skilled in the art can understand, can define flexibly on conversation server and should be scheduled to maximum number of sessions, can it be set to arbitrary integer or not do any restriction.For example, be set under 2 the situation should being scheduled to maximum number of sessions, the access request of user B also can be accepted.But if exist user C (not shown) also to use same login name zhangshandomain to initiate network insertion, then the access request of user C will be rejected.
In addition, Accounting (Start/Interim/Stop) message is the standard message that the aaa server of heterogeneous networks is supported, the aaa server of heterogeneous networks utilizes these three kinds of standard message to come trigger notice conversation server establishment/renewal/deletion session information.Thereby, need not to use extra trigger notice message.
In the first embodiment of the present invention, aaa server (aaa server (A) and aaa server (B)) sends the session information notice by first interface on the conversation server (Int1 as shown in Figure 6) to conversation server, with establishment/renewal/deletion session information.The interface protocol of this first interface does not limit, and can define flexibly as required during application, for example RADIUS, SOAP etc.In addition, carry out the transmission of the authentication message between aaa server and the conversation server by second interface on the conversation server (Int2 as shown in Figure 6).The interface protocol of this second interface does not limit, and can define flexibly as required during application, for example HTTP, SOAP etc.
Fig. 7 is the exemplary signal flow graph in the process 70 of a plurality of networks control (particularly, being authentication) user conversation of being used for that illustrates according to second embodiment of the invention.In the second embodiment of the present invention, come the authenticated user session by aaa server (any in fixed network aaa server for example shown in Figure 1, CDMA aaa server, WCDMA aaa server and the WiMAX aaa server).With Fig. 6 similarly, in Fig. 7, user A, aaa server (A) and NAS (A) belong to network A, and user B, aaa server (B) and NAS (B) belong to network B.Communication standard interface between its corresponding NAS of each aaa server can be RADIUS.
As shown in Figure 7, in 701, the user A that is arranged in network A uses for example login name initiation access network A of zhangshandomain.
In 702, NAS (A) sends to aaa server (A) and inserts request Access-Request message.
Different with the first embodiment of the present invention is that in 703, aaa server (A) sends session query requests rather than session authentication request to conversation server.
In 704, conversation server inquiry has the session information of the session of the login name identical with the login name (zhangshandomain) of the corresponding session of this session query requests, that is to say the session information of the session that the conversation server inquiry is relevant with the login name that will consult that comprises in the session query requests.
In 705, conversation server sends the session inquiry response to aaa server (A), comprises the session information that is inquired in this session inquiry response.
In 706, aaa server (A) according to the session inquiry response that receives from conversation server, particularly be that the session information that comprises this session inquiry response comes authen session.For example, whether the current sessions quantity that aaa server (A) determines to have the session of login zhangshandomain by name reaches predetermined maximum number of sessions, and wherein current sessions is meant existing, as to have the login name identical with the login name (for example zhangshandomain) of the corresponding session of this session authentication request session.What can define flexibly on each aaa server that each session allowed should predetermined maximum number of sessions, and can it be set to arbitrary integer or not do any restriction, and for example 1.
In 707, aaa server (A) sends to NAS (A) and inserts response message.Wherein, when described current sessions quantity during less than described predetermined maximum number of sessions, this aaa server (A) sends to NAS and accepts message, and when described current sessions quantity is equal to or greater than described predetermined maximum number of sessions, to NAS transmission access-reject message.
With first embodiment similarly, in the second embodiment of the present invention, suppose that login name zhangshandomain is that access network and predetermined maximum number of sessions are 1 first, so current sessions quantity is 0, less than predetermined maximum number of sessions, thereby in 707, aaa server (A) sends to NAS (A) and accepts Access-Accept message.
Afterwards, in 708, NAS (A) sends Accounting-Request (Start) message to aaa server (A).
In 709, aaa server (A) sends to conversation server and creates the session information notice, and in 710, conversation server is created and the relevant session information of this login name zhangshandomain.
In 711, aaa server (A) returns to NAS (A) and begins to charge response Accounting-Response (Start) message.
Through a predetermined amount of time (this predetermined amount of time can be gone up configuration at NAS (A)) afterwards, in 712, NAS (A) sends Accounting-Request (Interim) message to aaa server (A).
In 713, aaa server (A) sends to conversation server and upgrades the session information notice, and in 714, conversation server is notified according to this renewal session information and upgraded session information.
In 715, aaa server (A) returns Intermediate Charging ICH response Accounting-Response (Interim) message to NAS (A).
Under the situation that user A request is rolled off the production line, in 716, NAS (A) sends Accounting-Request (Stop) message to aaa server (A).
In 717, aaa server (A) sends deletion session information notice to conversation server, and in 718, conversation server deletion and the relevant session information of this login name zhangshandomain.
In 719, aaa server (A) returns to NAS (A) and stops to charge response Accounting-Response (Stop) message.
Equally, the step among the 712-715 can repeat repeatedly, perhaps also can be omitted in some cases.And, with process among Fig. 6 similarly, can be not according to described time sequencing, but carry out step in 709 and 711,713 and 715 and 717 and 719 with parallel or other suitable word order.
In 720, the user B that is arranged in network B uses same login name (zhangshandomain) to initiate to insert the online request from the B network.
In 721, NAS (B) sends Access-Request message to aaa server (B).
In 722, aaa server (B) is to conversation server initiation session query requests.
In 723, the conversation server inquiry session, and in 724, send the session inquiry response that comprises session information to NAS (B).
Then, in 725, aaa server (B) comes authen session according to the session inquiry response that receives from conversation server.For example, under the situation that user A does not roll off the production line, conversation server finds that the user of login zhangshandomain by name is online, and since predetermined maximum number of sessions be 1 and current sessions quantity be 1, so in 726, aaa server (B) sends admission reject Access-Reject message to NAS (B).
Can see that the step in 703-706 and 722-725, the corresponding signal stream among the signal flow among Fig. 7 and Fig. 6 is identical.
In the second embodiment of the present invention, aaa server (aaa server (A) and aaa server (B)) sends the session information notice by first interface on the conversation server (Int1 as shown in Figure 7) to conversation server, with establishment/renewal/deletion session information.The interface protocol of this first interface does not limit, and can define flexibly as required during application, for example RADIUS, SOAP etc.In addition, carry out the transmission of the query messages between aaa server and the conversation server by second interface on the conversation server (Int2 as shown in Figure 7).The interface protocol of this second interface does not limit, and can define flexibly as required during application, for example HTTP, SOAP etc.
The difference of the second embodiment of the present invention and first embodiment is, second embodiment is advanced to session control (authentication) function on the aaa server and realizes, thereby can make full use of the aaa server that exists in existing network substantially all supports the characteristics of the function of session number control to realize the conversation control function of many networks, and need not to carry out too big change, thereby structurally be easier to integrated and realization.But if there is the specific demand of revising verification process, then operator need all make amendment on every cover aaa server, workload is bigger, at this moment, the easier realization of the scheme of first embodiment of the invention is because once can finish as long as revise on conversation server.
According to the embodiment of the invention, by on conversation server, concentrating the session information of preserving a plurality of networks, solved when the next user of many network A AA server scene uses same login name to insert online control problem to session number, and the embodiment of the invention can utilize existing charging message (Accounting (Start/Interim/Stop)) to come trigger notice conversation server establishment/renewal/deletion session information, and need not extra triggering signaling, saved Internet resources.
In addition, according to the embodiment of the invention, described second interface can also be used for the session inquiry between conversation server and the external system except can being used for the session authentication function and session query function between conversation server and the aaa server.
Fig. 8 is the exemplary signal flow graph that external system is come the process 80 of inquiry session information that is used for that illustrates according to the embodiment of the invention.
As shown in Figure 8,801, the user uses login name (for example zhangshandomain) to initiate the network insertion request, and by success identity.Here, omitted the concrete steps about the session authentication process, those skilled in the art can adopt the method among the first embodiment of the present invention or second embodiment as required, perhaps can also adopt other suitable methods to come the authenticated user session.
In 802, NAS sends Accounting-Request (Start) message to aaa server.
In 803, aaa server sends to conversation server by the first interface Int1 and creates the session information notice, and in 804, conversation server is created the session information relevant with this user's login name.
In 805, aaa server returns to NAS and begins to charge response Accounting-Response (Start) message.
In 806, external system sends the session query requests by the second interface Int2 to conversation server.
In 807, conversation server inquiry has the session information of the session of the login name identical with the login name of the corresponding session of received session query requests.
In 808, conversation server sends the session inquiry response by the second interface Int2 to described external system, comprises the session information that inquires in this session inquiry response.
Through a predetermined amount of time (this predetermined amount of time can dispose on NAS) afterwards, in 809, NAS sends Accounting-Request (Interim) message to aaa server.
In 810, aaa server sends to conversation server by the first interface Int1 and upgrades the session information notice, and in 811, conversation server upgrades session information.
In 812, aaa server returns Intermediate Charging ICH response Accounting-Response (Interim) message to NAS.
In 813, NAS sends Accounting-Request (Stop) message to aaa server.
In 814, aaa server sends deletion session information notice by the first interface Int1 to conversation server, and in 815, conversation server deletion and the relevant session information of this login name zhangshandomain.
In 816, aaa server returns to NAS and stops to charge response Accounting-Response (Stop) message.And, with process among Fig. 6 and Fig. 7 similarly, can be not according to described time sequencing, but carry out step in 803 and 805,810 and 812 and 814 and 816 with parallel or other suitable word order.
Equally, the step among the 809-812 can repeat repeatedly, perhaps also can be omitted in some cases.
In the process shown in Fig. 8 80, external system sends the session query requests after session information is created and before upgrading, thereby the session information that inquires is the raw information of creating.Those skilled in the art can understand that external system can at any time send query requests, for example after session information is updated.
Fig. 9 is the exemplary signal flow graph that external system is come another process 90 of inquiry session information that is used for that illustrates according to the embodiment of the invention, and wherein, external system sends query requests after session information is updated, thus the session information after obtaining upgrading.In addition, the process 90 among Fig. 9 is similar substantially with the process 80 among Fig. 8, so here other guide is repeated no more.
In addition, external system sends the session query requests before also may or creating session information after the deletion session information, and at this moment conversation server can send the non-existent session inquiry response of indication session information to external system.
According to the embodiment of the invention, additionally provide the query function of the session between conversation server and the external system by second interface, so that the session information of external system inquiring user under some necessary situations, the positional information of, inquiring user whether online, the access way of inquiring user such as inquiring user, according to the counter login name of looking into the user in IP (Internet Protocol, Internet Protocol) address or phone number information, or the like.Thereby external system can simply and easily obtain the session information of the user in a plurality of networks by only sending the session query requests to conversation server.
Figure 10 is the exemplary block diagram that illustrates according to the structure of the conversation server 10 of the embodiment of the invention.
As shown in figure 10, conversation server 10 can comprise session management unit 1001 and Session Control Unit 1002.
Session management unit 1001 is used for coming managing conversation information according to the type of the session information notice that sends from a plurality of authentication aaa servers that are positioned at heterogeneous networks.Session Control Unit 1002 is used for controlling user conversation according to the request message that sends from described aaa server.
The embodiment of the invention is by managing the session information from a plurality of networks concentratedly on conversation server, can control the interior user conversation of a plurality of networks by across a network, thereby realized when user under multi-network environment uses same login name to come access network the session number control between many cover aaa servers.
Figure 11 is the exemplary block diagram that illustrates according to the concrete structure of the session management unit 1001 of the embodiment of the invention.
As shown in figure 11, session management unit 1001 can comprise conversation establishing device 1101, session updates device 1102 and session canceller 1103.
Conversation establishing device 1101 is used for creating session information and also storing when receiving establishment session information notice from described aaa server.Session updates device 1102 is used for upgrading this session information when receiving renewal session information notice from described aaa server.Session canceller 1103 is used for deleting this session information when receiving deletion session information notice from described aaa server.
The each several part of session management unit 1001 can be carried out as the correlation step among Fig. 6-Fig. 9, for for simplicity, repeats no more here.
Figure 12 is the exemplary block diagram that illustrates according to the concrete structure of the Session Control Unit 1002 of the embodiment of the invention.
As shown in figure 12, Session Control Unit 1002 can comprise session authentication module 1201 and session enquiry module 1202.
Session authentication module 1201 is used for: receive the session authentication request from described aaa server; Authen session; And to the response of described aaa server transmission session authentication.Session enquiry module 1202 is used for: receive the session query requests from described aaa server; Inquiry has the session information of the session of the login name identical with the login name of the corresponding session of this session query requests; And the session inquiry response that has session information to described aaa server transmission.In addition, session enquiry module 1202 can also be used for: receive the session query requests from external system; Inquiry has the session information of the session of the login name identical with the login name of the corresponding session of this session query requests; And the session inquiry response that has session information to described external system transmission.
Session authentication module 1201 can be carried out session authentication according to the described authentication method of reference Fig. 6, and session enquiry module 1202 can according to the described querying method of reference Fig. 7-Fig. 8 carry out and aaa server or external system between session inquiry.
Should be noted in the discussion above that when carrying out authentication function Session Control Unit 1002 can only comprise session enquiry module 1202, that is, in this case, can omit session authentication module 1201 by aaa server.
In addition, conversation server 10 can also comprise first interface and the second interface (not shown), wherein, communicating by letter between the session management unit that first interface is used for described conversation server and the described a plurality of aaa servers, and communicating by letter between second interface Session Control Unit that is used for described conversation server and described a plurality of aaa servers or the external system.Described first interface and second interface correspond respectively to Int1 and the Int2 among Fig. 6-Figure 10.
Figure 13 is the exemplary block diagram that illustrates according to the structure of the aaa server 1300 of the embodiment of the invention.The non-limitative example of this aaa server 1300 can be any in the fixed network aaa server shown in Fig. 1, CDMAAAA server, WCDMAAAA server and the WiMAX aaa server.
As shown in figure 13, aaa server 1300 can comprise session information notification unit 1301, first Session Control Unit 1302 and second Session Control Unit 1303.
Session information notification unit 1301 is used for sending the session information notice according to the type of the charging message that receives from network access equipment NAS to conversation server.First Session Control Unit 1302 is used for when receiving from described NAS when inserting request, sends a request message and receives corresponding response message to described conversation server.The response message that second Session Control Unit 1303 is used for sending according to described conversation server sends to described NAS and inserts response so that authen session.
The embodiment of the invention is by managing the session information from a plurality of networks concentratedly on conversation server, can control the interior user conversation of a plurality of networks by across a network, thereby realized when user under multi-network environment uses same login name to come access network the session number control between many cover aaa servers.
The each several part of aaa server 1300 can be carried out as with reference to the described relevant process of Fig. 5, repeats no more here.For example, session information notification unit 1301 sends when the charging message that receives from NAS is Accounting-Request (Start) message creates the session information notice, when charging message is Accounting-Request (Interim) message, send and upgrade the session information notice, and when charging message is Accounting-Request (Stop) message, send deletion session information notice.
In addition, when described aaa server 1300 is not carried out session authentication, receive when inserting request from NAS at aaa server 1300, described first Session Control Unit 1302 sends the session authentication request and receives the session authentication response from described conversation server to conversation server (for example conversation server 10), and, when the session authentication response that receives from described conversation server is the session authentication success response, accept message by described second Session Control Unit 1303 to described NAS transmission, and when the session authentication response that receives from described conversation server was the session authentication failure response, described second Session Control Unit 1303 sent access-reject message to described NAS.
On the other hand, when carrying out session authentication by described aaa server 1300, when receiving the access request from described NAS, described first Session Control Unit 1302 receives the session inquiry response with session information to described conversation server transmission session query requests and from described conversation server, and, come authen session according to the session information that in described session inquiry response, comprises by described second Session Control Unit 1303.Second Session Control Unit 1303 can adopt as carrying out verification process with reference to the described method of Fig. 7.
In addition, the communication system according to the embodiment of the invention can comprise above-mentioned conversation server and aaa server.
Those of ordinary skills can recognize, the unit and the algorithm steps of each example of describing in conjunction with embodiment disclosed herein, can realize with electronic hardware, computer software or the combination of the two, for the interchangeability of hardware and software clearly is described, the composition and the step of each example described prevailingly according to function in the above description.These functions still are that software mode is carried out with hardware actually, depend on the application-specific and the design constraint of technical scheme.The professional and technical personnel can use distinct methods to realize described function to each specific should being used for, but this realization should not thought and exceeds scope of the present invention.
The those skilled in the art can be well understood to, and is the convenience described and succinct, and the concrete course of work of the system of foregoing description, device and unit can not repeat them here with reference to the corresponding process among the preceding method embodiment.
In several embodiment that the application provided, should be understood that disclosed system, apparatus and method can realize in other way.For example, device embodiment described above only is schematic, for example, the division of described unit, only be that a kind of logic function is divided, during actual the realization other dividing mode can be arranged, for example a plurality of unit or assembly can in conjunction with or can be integrated into another system, or some features can ignore, or do not carry out.Another point, the shown or coupling each other discussed or directly to be coupled or to communicate to connect can be by some interfaces, the indirect coupling of device or unit or communicate to connect can be electrically, machinery or other form.
Described unit as separating component explanation can or can not be physically to separate also, and the parts that show as the unit can be or can not be physical locations also, both can be positioned at a place, perhaps also can be distributed on a plurality of network element.Can select wherein some or all of unit to realize the purpose of present embodiment scheme according to the actual needs.
In addition, each functional unit in each embodiment of the present invention can be integrated in the processing unit, also can be that the independent physics in each unit exists, and also can be integrated in the unit two or more unit.Above-mentioned integrated unit both can adopt the form of hardware to realize, also can adopt the form of SFU software functional unit to realize.
If described integrated unit is realized with the form of SFU software functional unit and during as independently production marketing or use, can be stored in the computer read/write memory medium.Based on such understanding, part or all or part of of this technical scheme that technical scheme of the present invention contributes to prior art in essence in other words can embody with the form of software product, this computer software product is stored in the storage medium, comprise that some instructions are with so that a computer equipment (can be a personal computer, server, the perhaps network equipment etc.) carry out all or part of step of the described method of each embodiment of the present invention.And aforesaid storage medium comprises: various media that can be program code stored such as USB flash disk, portable hard drive, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disc or CD.
It is pointed out that also that in apparatus and method of the present invention obviously, each parts or each step can decompose and/or reconfigure.These decomposition and/or reconfigure and to be considered as equivalents of the present invention.And, carry out the step of above-mentioned series of processes and can order following the instructions naturally carry out in chronological order, but do not need necessarily to carry out according to time sequencing.Some step can walk abreast or carry out independently of one another, for example, the session authentication process between conversation server and the aaa server can and conversation server and external system between the session query script sequentially, carry out independently concurrently or with any order.
The above; only be the specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, anyly is familiar with those skilled in the art in the technical scope that the present invention discloses; can expect easily changing or replacing, all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion by described protection range with claim.
Claims (15)
1. a method that is used in the session of a plurality of network authenticated user is characterized in that, this method comprises:
Type according to the session information notice that sends from a plurality of authentication aaa servers that are arranged in heterogeneous networks is come managing conversation information; And
Come the authenticated user session according to the session information of on conversation server, managing.
2. method according to claim 1 is characterized in that, described basis comes managing conversation information to comprise that following operation is at least a from the type of the session information notice that aaa server sends:
When receiving establishment session information notice from described aaa server, create session information and also store;
When receiving renewal session information notice from described aaa server, upgrade this session information; And
When receiving deletion session information notice from described aaa server, delete this session information.
3. method according to claim 1 and 2 is characterized in that, the session information that described basis is managed on conversation server comes the authenticated user session to comprise:
Send the session authentication request to described conversation server;
By described conversation server authen session; And
Send the session authentication response to described aaa server.
4. method according to claim 1 and 2 is characterized in that, the session information that described basis is managed on conversation server comes the authenticated user session to comprise:
Send the session query requests to described conversation server;
The session information that has the session of the login name identical by the inquiry of described conversation server with the login name of the corresponding session of this session query requests;
Send session inquiry response with session information to described aaa server; And
Come authen session according to the session information that in described session inquiry response, comprises.
5. method according to claim 3, it is characterized in that, describedly comprise: determine whether current sessions quantity reaches predetermined maximum number of sessions by described conversation server authen session, wherein current sessions is session existing, that have the login name identical with the login name of the corresponding session of this session authentication request, and
The described response to described aaa server transmission session authentication comprises:
When described current sessions quantity during, send the session authentication success response to described aaa server less than described predetermined maximum number of sessions; And
When described current sessions quantity is equal to or greater than described predetermined maximum number of sessions, send the session authentication failure response to described aaa server.
6. according to each the described method among the claim 1-5, it is characterized in that, also comprise:
Receive the session query requests from external system;
Inquiry has the session information of the session of the login name identical with the login name of the corresponding session of this session query requests; And
Send session inquiry response with session information to described external system.
7. a method that is used for being supported in a plurality of network control user conversations is characterized in that, comprising:
Type according to the session information notice that sends from a plurality of authentication aaa servers that are arranged in heterogeneous networks is come managing conversation information; And
Control user conversation according to the request message that sends from described aaa server.
8. a method that is used for being supported in a plurality of network control user conversations is characterized in that, comprising:
Type according to the charging message that receives from network access equipment NAS sends the session information notice to conversation server;
When receiving from described NAS when inserting request, send a request message and receive corresponding response message to described conversation server; And
The response message that sends according to described conversation server sends the access response to described NAS, so that authen session.
9. method according to claim 8 is characterized in that, described send a request message and receive corresponding response message to described conversation server comprise:
Send the session authentication request to described conversation server; And
Receive the session authentication response from described conversation server,
And the described response message that sends according to described conversation server sends to described NAS and inserts response so that authen session comprises:
When described conversation server receives the session authentication success response, send to described NAS and to accept message, and
When described conversation server receives the session authentication failure response, send access-reject message to described NAS.
10. method according to claim 8 is characterized in that, described send a request message and receive corresponding response message to described conversation server comprise:
Send the session query requests to described conversation server;
The session information that has the session of the login name identical by the inquiry of described conversation server with the login name of the corresponding session of this session query requests; And
Receive session inquiry response from described conversation server with session information,
And the described response message that sends according to described conversation server sends to described NAS and inserts response so that authen session comprises:
Come authen session according to the session information that in described session inquiry response, comprises.
11. method according to claim 10, it is characterized in that, described authen session comprises: determine whether current sessions quantity reaches predetermined maximum number of sessions, wherein current sessions is session existing, that have the login name identical with the login name of the corresponding session of this session authentication request, and
When described current sessions quantity during, send to NAS and to accept message less than described predetermined maximum number of sessions; And
When described current sessions quantity is equal to or greater than described predetermined maximum number of sessions, send access-reject message to NAS.
12. each the described method in 11 is characterized in that according to Claim 8, the type of the charging message that described basis receives from network access equipment NAS sends the session information notice to conversation server and comprises:
When described charging message is when beginning to charge request Accounting-Request (Start) message, to send and create the session information notice;
When described charging message is Intermediate Charging ICH request Accounting-Request (Interim) message, sends and upgrade the session information notice; And
When described charging message is when stopping to charge request Accounting-Request (Stop) message, to send deletion session information notice.
13. a conversation server that is used for being supported in a plurality of network control user conversations is characterized in that, comprising:
Session management unit is used for coming managing conversation information according to the type of the session information notice that sends from a plurality of authentication aaa servers that are positioned at heterogeneous networks; And
Session Control Unit is used for controlling user conversation according to the request message that sends from described aaa server.
14. an authentication aaa server that is used for being supported in a plurality of network control user conversations is characterized in that, comprising:
The session information notification unit is used for sending the session information notice according to the type of the charging message that receives from network access equipment NAS to conversation server; And
First Session Control Unit is used for when receiving from described NAS when inserting request, sends a request message and receives corresponding response message to described conversation server; And
Second Session Control Unit, the response message that is used for sending according to described conversation server sends to described NAS and inserts response so that authen session.
15. a communication system is characterized in that, comprises conversation server as claimed in claim 13 and authentication aaa server as claimed in claim 14.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011102024967A CN102238547B (en) | 2011-07-19 | 2011-07-19 | User session control method, session server, authentication, authorization and accounting (AAA) server and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011102024967A CN102238547B (en) | 2011-07-19 | 2011-07-19 | User session control method, session server, authentication, authorization and accounting (AAA) server and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102238547A true CN102238547A (en) | 2011-11-09 |
| CN102238547B CN102238547B (en) | 2013-12-04 |
Family
ID=44888649
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011102024967A Expired - Fee Related CN102238547B (en) | 2011-07-19 | 2011-07-19 | User session control method, session server, authentication, authorization and accounting (AAA) server and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102238547B (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103490935A (en) * | 2013-09-30 | 2014-01-01 | 华为技术有限公司 | User conversation monitoring method and device |
| CN108347449A (en) * | 2017-01-23 | 2018-07-31 | 阿里巴巴集团控股有限公司 | A kind of method and apparatus of management Telnet |
| CN109769227A (en) * | 2013-07-25 | 2019-05-17 | 康维达无线有限责任公司 | End-to-end M2M services layer conversation |
| CN112653653A (en) * | 2019-10-11 | 2021-04-13 | 中兴通讯股份有限公司 | Communication circuit management method, network device and storage medium |
| US11503314B2 (en) | 2016-07-08 | 2022-11-15 | Interdigital Madison Patent Holdings, Sas | Systems and methods for region-of-interest tone remapping |
| US11765406B2 (en) | 2017-02-17 | 2023-09-19 | Interdigital Madison Patent Holdings, Sas | Systems and methods for selective object-of-interest zooming in streaming video |
| US11770821B2 (en) | 2016-06-15 | 2023-09-26 | Interdigital Patent Holdings, Inc. | Grant-less uplink transmission for new radio |
| US11871451B2 (en) | 2018-09-27 | 2024-01-09 | Interdigital Patent Holdings, Inc. | Sub-band operations in unlicensed spectrums of new radio |
| US11877308B2 (en) | 2016-11-03 | 2024-01-16 | Interdigital Patent Holdings, Inc. | Frame structure in NR |
| CN117692255A (en) * | 2024-02-02 | 2024-03-12 | 北京首信科技股份有限公司 | Method and device for dynamically expanding AAA service and electronic equipment |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1553741A (en) * | 2003-05-30 | 2004-12-08 | ��Ϊ��������˾ | Method and system for providing user network roam |
| CN101069382A (en) * | 2004-09-30 | 2007-11-07 | 株式会社Kt | Apparatus and method for integrated billing management by real-time session management in wire/wireless integrated service network |
| CN101150853A (en) * | 2007-10-29 | 2008-03-26 | 华为技术有限公司 | A network system, policy management control server and policy management control method |
| CN101442473A (en) * | 2007-11-23 | 2009-05-27 | 华为技术有限公司 | Method, equipment and system for managing access session control policy |
| CN101820606A (en) * | 2010-04-21 | 2010-09-01 | 中兴通讯股份有限公司 | Authentication and authorization charging server and message processing method |
| US20110007705A1 (en) * | 2002-10-21 | 2011-01-13 | Buddhikot Milind M | Mobility access gateway |
| CN102036270A (en) * | 2010-12-16 | 2011-04-27 | 中兴通讯股份有限公司 | AAA implementation method and AAA server |
-
2011
- 2011-07-19 CN CN2011102024967A patent/CN102238547B/en not_active Expired - Fee Related
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110007705A1 (en) * | 2002-10-21 | 2011-01-13 | Buddhikot Milind M | Mobility access gateway |
| CN1553741A (en) * | 2003-05-30 | 2004-12-08 | ��Ϊ��������˾ | Method and system for providing user network roam |
| CN101069382A (en) * | 2004-09-30 | 2007-11-07 | 株式会社Kt | Apparatus and method for integrated billing management by real-time session management in wire/wireless integrated service network |
| CN101150853A (en) * | 2007-10-29 | 2008-03-26 | 华为技术有限公司 | A network system, policy management control server and policy management control method |
| CN101442473A (en) * | 2007-11-23 | 2009-05-27 | 华为技术有限公司 | Method, equipment and system for managing access session control policy |
| CN101820606A (en) * | 2010-04-21 | 2010-09-01 | 中兴通讯股份有限公司 | Authentication and authorization charging server and message processing method |
| CN102036270A (en) * | 2010-12-16 | 2011-04-27 | 中兴通讯股份有限公司 | AAA implementation method and AAA server |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109769227B (en) * | 2013-07-25 | 2022-02-22 | 康维达无线有限责任公司 | End-to-end M2M service layer sessions |
| CN109769227A (en) * | 2013-07-25 | 2019-05-17 | 康维达无线有限责任公司 | End-to-end M2M services layer conversation |
| US11765150B2 (en) | 2013-07-25 | 2023-09-19 | Convida Wireless, Llc | End-to-end M2M service layer sessions |
| US11122027B2 (en) | 2013-07-25 | 2021-09-14 | Convida Wireless, Llc | End-to-end M2M service layer sessions |
| CN103490935B (en) * | 2013-09-30 | 2017-04-12 | 华为技术有限公司 | User conversation monitoring method and device |
| CN103490935A (en) * | 2013-09-30 | 2014-01-01 | 华为技术有限公司 | User conversation monitoring method and device |
| US11770821B2 (en) | 2016-06-15 | 2023-09-26 | Interdigital Patent Holdings, Inc. | Grant-less uplink transmission for new radio |
| US11503314B2 (en) | 2016-07-08 | 2022-11-15 | Interdigital Madison Patent Holdings, Sas | Systems and methods for region-of-interest tone remapping |
| US11877308B2 (en) | 2016-11-03 | 2024-01-16 | Interdigital Patent Holdings, Inc. | Frame structure in NR |
| CN108347449B (en) * | 2017-01-23 | 2021-05-07 | 阿里巴巴集团控股有限公司 | Method and equipment for managing remote login |
| CN108347449A (en) * | 2017-01-23 | 2018-07-31 | 阿里巴巴集团控股有限公司 | A kind of method and apparatus of management Telnet |
| US11765406B2 (en) | 2017-02-17 | 2023-09-19 | Interdigital Madison Patent Holdings, Sas | Systems and methods for selective object-of-interest zooming in streaming video |
| US11871451B2 (en) | 2018-09-27 | 2024-01-09 | Interdigital Patent Holdings, Inc. | Sub-band operations in unlicensed spectrums of new radio |
| CN112653653B (en) * | 2019-10-11 | 2023-08-22 | 中兴通讯股份有限公司 | Communication circuit management method, network equipment and storage medium |
| CN112653653A (en) * | 2019-10-11 | 2021-04-13 | 中兴通讯股份有限公司 | Communication circuit management method, network device and storage medium |
| CN117692255A (en) * | 2024-02-02 | 2024-03-12 | 北京首信科技股份有限公司 | Method and device for dynamically expanding AAA service and electronic equipment |
| CN117692255B (en) * | 2024-02-02 | 2024-04-30 | 北京首信科技股份有限公司 | Method and device for dynamically expanding AAA service and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102238547B (en) | 2013-12-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102238547B (en) | User session control method, session server, authentication, authorization and accounting (AAA) server and system | |
| EP3429243B1 (en) | Remote management method and device | |
| CN110516007B (en) | Deployment control method, device, equipment and medium of block chain network | |
| KR102500737B1 (en) | Secure configuration of cloud computing nodes | |
| CN112800411B (en) | Multi-protocol and multi-mode supporting safe and reliable identity authentication method and device | |
| CN110493184B (en) | Method and device for processing login page in client and electronic device | |
| CN102333081B (en) | Authentication method, equipment and system | |
| CN106453576B (en) | A kind of exchange method, system and control centre based on mixing cloud platform | |
| CN102325172A (en) | Method for sharing data among mobile terminals, system and control server | |
| CN103703746A (en) | System and method for prioritizing requests to a SIM | |
| KR20150053927A (en) | Information Processing Method, and Priority Information Sending Method and Device | |
| CN102480501A (en) | Application resource downloading method and associated equipment | |
| CN104580085A (en) | Business data updating method, system, client side and server | |
| CN105227321A (en) | Information processing method, server and client | |
| CN109274777B (en) | A kind of method, apparatus, equipment and readable storage medium storing program for executing exporting configuration file | |
| CN103781054A (en) | Method and device for stopping contract signing of terminal | |
| CN102308565B (en) | Voice-over-internet protocol device load profiling | |
| CN102870379A (en) | Method, apparatus and system for obtaining service quality QoS control information | |
| CN111190664A (en) | Method and system for generating page | |
| CN105763616A (en) | Resource-downloading method and device | |
| CN112954669A (en) | Method, device, network element and storage medium for controlling service of shared terminal | |
| CN106060124A (en) | Application program downloading method and mobile terminal | |
| CN103138961A (en) | Server control method, controlled server and central control server | |
| CN104869571A (en) | Rapid portal authentication method and device | |
| CN103780926A (en) | IPTV value-added service management system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20131204 Termination date: 20170719 |