[go: up one dir, main page]

CN100370733C - System and method for realizing NSP and ISP simultaneously charging - Google Patents

System and method for realizing NSP and ISP simultaneously charging Download PDF

Info

Publication number
CN100370733C
CN100370733C CNB2006100083828A CN200610008382A CN100370733C CN 100370733 C CN100370733 C CN 100370733C CN B2006100083828 A CNB2006100083828 A CN B2006100083828A CN 200610008382 A CN200610008382 A CN 200610008382A CN 100370733 C CN100370733 C CN 100370733C
Authority
CN
China
Prior art keywords
user
server
isp
nsp
ccg
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB2006100083828A
Other languages
Chinese (zh)
Other versions
CN1859133A (en
Inventor
赵航
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CNB2006100083828A priority Critical patent/CN100370733C/en
Publication of CN1859133A publication Critical patent/CN1859133A/en
Application granted granted Critical
Publication of CN100370733C publication Critical patent/CN100370733C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The present invention discloses a system and a method for realizing simultaneous NSP and ISP charging. An authentication door server, a CCG and a policy server are arranged in the ISP, and the NSP releases a subscriber's authority to access the ISP after the subscriber successfully passes the NSP authentication; after the subscriber passes the authentication of the authentication door server in the ISP once more, the authentication door server requests activation of the subscriber's authority of internet access from the policy server which issues the request to the CCG which executes the policy of the subscriber's internet access; then, an NAS and an AAA servers in the NSP charge the subscriber by the NSP, and simultaneously, the CCG and the policy server charge the subscriber by the ISP. Simultaneously, the present invention also discloses a system for realizing simultaneous NSP and ISP charging. The method and the system which are provided by the present invention realize the simultaneous NSP and ISP charging to the subscribers so that both the NSP and the ISP can equally charge the subscriber without being controlled by the other party.

Description

The system and method that a kind of NSP of realization and ISP charge simultaneously
Technical field
The present invention relates to the system and method that a kind of Internet Service Provider of realization (NSP) and ISP (ISP) charge simultaneously.
Background technology
Along with the progress of society, the division of labor of industry is more and more thinner, with regard to the network insertion service, develops into present NSP and ISP by initial single access service.Wherein, NSP is responsible for the access service that the user provides " last kilometer ", and ISP then is responsible for the construction of backbone network, and the service that inserts Internet is provided for each NSP.
In prior art one, as shown in Figure 1, NSP rents a fixed line to ISP, build and the maintaining network access device by NSP oneself then, authentication, charging, authorization server (AAA) server or remote authentication server (Radius Server), and, grasp all user's data by the own ownership of NSP, the user is charged.And ISP can only charge and settles accounts the charge of NSP according to the mode of constant expense, use traffic or constant expense and use traffic.
As shown in Figure 1, NSP comprises user 11, switch 12, network access server (NAS) 13 and aaa server 14; ISP comprises the backbone network 16 that router one 5 and ISP are responsible for building; In addition, whole system also comprises the Internet 17.
User 11 by switch 12 to NAS13 Sending dialled number request message, NAS13 after receiving the dialing that user 11 sends, the authentication request that sends current dial user 11 to the aaa server 14 of NSP.Aaa server 14 couples of current users that dialling 11 authenticate, and authentication result is returned NAS13.NAS13 returns to user 11 with authentication result by switch 12, if authentication success, user 11 visits external the Internet 17 by the link that NAS13 links to each other with the router one 5 of ISP through backbone network 16; If authentification failure, then NAS13 refusing user's 11 access internet.The user 11 of 14 pairs of access internet of aaa server of NSP charges.Idiographic flow is as shown in Figure 2:
Step 201: the user carries out Point-to-Point Protocol over Ethernet (PPPOE, Point to PointProtocol over Ethernet) dialing to NAS, request visit external the Internet.
After step 202:NAS receives the dialing request that the user sends, send authentication request message to the aaa server of NSP, request authenticates this user.
The aaa server of step 203:NSP carries out authentication processing to this user, and authentication result is returned NAS.
Step 204~205:NAS judges that according to the authentication result of returning whether the user is by authentication, if authentification of user success, then open the authority of user capture the Internet, return success authentication message to the user, the user begins to visit the fixed link access internet of renting to ISP by NSP; If authentification of user is unsuccessful, refusing user's access internet then, process ends behind user's return authentication failed message.
Step 206~207: when opening user capture the Internet authority, send the beginning message of chargeing to NSP, the aaa server of request NSP begins to charge to the user of current beginning access internet, the AAA of NSP handles the beginning message of chargeing, and returns the beginning response message that charges to NAS after finishing dealing with.
Step 208: in the process of user capture the Internet, NAS regularly sends Intermediate Charging ICH message to the aaa server of NSP, and the AAA of NSP handles middle charging message, and returns the Intermediate Charging ICH response message to NAS.
Step 209~211: when user capture finishes the Internet, send the message that rolls off the production line to NAS, after NAS receives the message of user offline, then the aaa server to NSP sends the charging end, the request aaa server finishes the charging to the current user of rolling off the production line, the aaa server of NSP is after receiving the charging end, and the processing of the end that charges is returned the end response message that charges to NAS after finishing dealing with.
So far, the user finishes by the flow process of the authentication access internet of the aaa server of NSP.
In prior art two, as shown in Figure 3, NSP still rents a fixed line to ISP, and NSP oneself builds and maintaining network access device, aaa server or Radius server then.Different with prior art one is, NSP oneself is the ownership not, and by the ISP ownership, the aaa server of NSP side only uses as acting server, and all user data all are placed in the aaa server of ISP side.In the process of user's online, the aaa server of NSP side only produces the call record of user's online and transmits authentication and charging message to the aaa server of ISP, is carried out substantial authentication of user and charging by the aaa server of ISP.In prior art two, NSP can only wait for that ISP finishes the clearing that the user is chargeed, and could ask for expense to ISP according to circuit constant expense, circuit use traffic or circuit constant expense and circuit use traffic mode.
As shown in Figure 3, NSP comprises the aaa server 34 of user 31, switch 32, NAS33 and NSP; ISP comprises the aaa server 36 of router three 5, ISP and the backbone network 37 that ISP is set up; In addition, this system also comprises the Internet 38.
User 31 passes through switch 32 to NAS33 Sending dialled number message, the request access internet, NAS33 is after receiving the dial message that user 31 sends, ask the user of current dialing is authenticated to the aaa server 34 of NSP, the aaa server 34 of NSP is transmitted this authentication message to the aaa server 36 of ISP, 36 couples of users 31 of aaa server by ISP authenticate, and the aaa server 36 of ISP returns authentication result by the aaa server 34 of NSP the NAS33 of NSP.If the user of current dialing 31 is by the authentication of the aaa server 36 of ISP, NAS33 then opens the authority of user capture the Internet, and the user is by backbone network 37 access internet 38 of the router three 5 process ISP of NAS33 and ISP; If the user of current dialing 31 does not pass through the authentication of the aaa server 36 of ISP, NAS33 is the visit of 31 pairs of the Internets of refusing user's then.In the process of user capture the Internet, the charging message that the NAS that the aaa server of the aaa server of ISP by NSP transmitted sends carries out billing operation to the user of current accessed the Internet.Wherein the Radius between the aaa server 36 of the aaa server 34 of NSP and ISP is mutual, is the Radius protocol interaction of setting up by NAS33 and router three 5.
In prior art two, the idiographic flow of user capture the Internet as shown in Figure 4:
Step 401: the user carries out the PPPOE dialing to NAS, request visit external the Internet.
After step 402~403:NAS receives the dialing request that the user sends, send authentication request to the aaa server of NSP to current dial user, the aaa server of NSP is transmitted authentication request message to current dial user to the aaa server of ISP after receiving the authentication request that NAS sends.
The aaa server of step 404~405:ISP authenticates this user, and authentication result is returned to the NAS of NSP by the forwarding of the aaa server of NSP after receiving authentication request message to current dial user.
Step 406~407:NAS is judged the authentication of returning, if the user of current dialing by the authentication of the aaa server of ISP, then opens the authority of this user capture the Internet, user capture the Internet perhaps is to user's return authentication success message; If the user of current dialing does not pass through the authentication of the aaa server of ISP, then refuse this user capture the Internet, process ends behind user's return authentication failed message.
Step 408~409: when NAS opened user capture the Internet authority, to the aaa server transmission charging beginning message of NSP, request began to charge to the user of current beginning access internet; The aaa server of NSP begins message to the charging that receives to be handled, and in this flow process, the aaa server of NSP only produces the record of user capture the Internet, the user of access internet is not carried out the operation of charging.The aaa server of NSP will charge and begin the aaa server that forwards is given ISP.
The aaa server of step 410~411:ISP begins to charge to the user of current beginning access internet, and returns the beginning response message that charges to the aaa server of NSP; The aaa server of NSP is transmitted this message to NAS.
Step 412: in the user capture the Internet, NAS transmits Intermediate Charging ICH message by the aaa server of NSP to the aaa server of ISP; The aaa server of ISP is after handling Intermediate Charging ICH message, and also the aaa server by NSP returns the Intermediate Charging ICH response message to NAS.
Step 413: when the user finishes access internet, send the message that rolls off the production line to NAS.
Step 414~415:NAS is after receiving user's the message that rolls off the production line, to the aaa server transmission charging end of NSP; The aaa server of NSP is handled this charging end, and transmits this charging end to the aaa server of ISP.
The aaa server of step 416~417:ISP is handled the charging end, finishes roll off the production line user's charging of current request, and returns to charge to the aaa server of NSP and finish response message; The aaa server of NSP is transmitted this charging to NAS and is finished response message.
So far, the user finishes by the authentication of the aaa server of ISP and the flow process of charging access internet.
The subject matter of prior art one is that NSP grasps user data, and the user of access internet is charged; And ISP can only collect the rent of circuit, can not charge at each user; Relative NSP, the expense of receiving is subjected to the control of NSP, and equipment investment is elongated return period.The subject matter of prior art two is, because ISP grasps user data, and the user of access internet is charged; And NSP can only wait until after the ISP clearing, could take from ISP to be divided into there, can't user's charge be controlled, and charge is subjected to the control of ISP, has influenced the return period of equipment investment.
Though can be in the aaa server of the aaa server of NSP side and ISP side the data of recording user simultaneously, owing to be subjected to the restriction of the function of aaa server own, after the aaa server of NSP side had been finished authentication to request access internet user, the aaa server that the aaa server of NSP side can be not again send to the ISP side with current request access internet user's authentication request authenticated once more.That is to say that the aaa server of the aaa server of NSP side and ISP side can't be realized the user of request access internet is authenticated simultaneously, also just can't carry out charging the user of request access internet.
In such scheme, all adopt aaa server that the user is chargeed.At present, the charging method of strategic server, CCG occurred adopting, its process sees Fig. 5 for details.
Be illustrated in figure 5 as the flow chart of prior art three of the present invention, the technical scheme of prior art three and technical scheme provided by the present invention are comparatively approaching, and detailed process is as follows:
Step 501~502: the user logins Portal, and Portal authenticates user's identity, if the user is by authenticating, then execution in step 503; Otherwise, process ends.
Step 503~504:Portal sends to the user with the operable business of user and selects according to user's identity; The user selects business, and the result that will select returns to Portal.
Step 505~506:Portal sends service activation request according to the business that the user selects to strategic server; The service activation request that strategic server sends according to Portal issues the user to CCG and uses professional strategy, the strategy that CCG implementation strategy server issues.
Step 507~509:CCG sends strategy to strategic server and implements response; Strategic server is implemented response according to strategy and is sent the activation of service response to Portal; Portal then sends the professional response of using according to the activation of service response to the user again.
Step 510: the business that the user then can select according to self, and strategic server is issued to the strategy of CCG, by the content server of the required visit of CCG visit self.
Step 511~512: in the user capture content server, CCG can be regularly to the use amount of strategic server reporting service, and strategic server then can carry out wholesale price according to the use amount of reporting service.
Step 513~515: when the user wishes to withdraw from content server, then stop service request to the Portal transmission; Portal then can send the service deactivation request to strategic server according to user-selected business; Strategic server then issues the cancellation strategy request according to the service deactivation request that Portal sends to CCG.
Step 516~518:CCG sends strategy cancellation response to strategic server; Strategic server sends the service deactivation response according to strategy cancellation response to Portal; Portal then sends to the user and stops service response.
Step 519~520:CCG gives this customer service last use amount on strategic server, and strategic server carries out wholesale price, clearing according to the use amount that reports at last, and the user is charged.
At prior art three described Portal is one can realize Web server that the user is authenticated; Described strategic server has the equipment of distributing policy, activating service, wholesale price, billing function; Described CCG for can implementation strategy, reporting service use amount and equipment with certain routing function.This charging method as shown in Figure 5, though can finish charging to the user, it is not used in the system of Fig. 1 or Fig. 3.
Summary of the invention
In view of this, the system that provides a kind of NSP of realization and ISP to charge simultaneously is provided main purpose of the present invention, uses this system and can realize that NSP and ISP charge simultaneously to the user of access internet.
The method that provides a kind of NSP of realization and ISP to charge simultaneously is provided another main purpose of the present invention, uses this method and can realize that NSP and ISP charge simultaneously to the user of access internet.
For achieving the above object, technical scheme of the present invention is achieved in that
The system that a kind of Internet Service Provider of realization NSP and the ISP of ISP charge simultaneously, comprise NSP and ISP, NSP comprises network access server NAS and authentication, charging, authorization server aaa server at least, the user is after the authentication by aaa server among the NSP, open the authority of user capture ISP by NAS, and finish charging to the user by aaa server, be provided with verification portal server, content control gateway CCG and strategic server in the described ISP;
Described verification portal server: receive the user's of NAS transmission re-authentication request, the user is authenticated, and return the result of login ISP to the user; By the authority of CCG to strategic server requesting activation user capture the Internet;
Described strategic server: issue the strategy of user capture the Internet to CCG, the authority of excited users access internet, and the user chargeed;
Described CCG: the strategy that the implementation strategy server issues.
Wherein, behind the strategy that described CCG implementation strategy server issues, send the beginning message of chargeing to strategic server; Described strategic server charges to the user after receiving the beginning message of chargeing.
Wherein, described CCG returns policy response message to strategic server; Described strategic server returns activation internet access entitlement messages to the verification portal server.
Wherein, the user is by NAS among the NSP and the CCG access internet among the ISP.
The method that a kind of NSP of realization and ISP charge simultaneously, verification portal server, CCG and strategic server are set in ISP, the user profile of storage registered users in the verification portal server in ISP, after the user successfully passes through the authentication of NSP, NSP decontrols the authority of user capture ISP, carries out following steps:
A, user send the re-authentication request by NSP to the verification portal server, the verification portal server is according to the user profile of the registered users of user's the user profile that provides and self storage, whether the user who judges the current request re-authentication is registered users, if, execution in step B then; Otherwise, process ends;
B, verification portal server be to the authority of strategic server requesting activation user capture the Internet, and strategic server is handed down to CCG and carries out the strategy of user capture the Internet by CCG, and the verification portal server returns success login message to the user;
NAS among C, the NSP and aaa server carry out the charging of NSP to the user, and CCG and strategic server carry out the charging of ISP to the user simultaneously.
Wherein, the strategy names of further recording user institute usage policy in the verification portal server, storage and strategy names corresponding strategy in strategic server;
In the steps A, after the user successfully passed through authentication, the verification portal server took out the pairing strategy names of this user according to user's user name;
Among the step B, described verification portal server to the authority of strategic server requesting activation user capture the Internet is: the pairing strategy names of current request access internet user is sent to strategic server;
Among the step B, described strategic server distributing policy is: strategic server is searched according to strategy names and is obtained corresponding strategy, and gives CCG with policy distribution.
In addition, among the step B, behind the strategy that CCG implementation strategy server issues, further comprise:
CCG returns policy response message to strategic server, and strategic server returns to the verification portal server and activates the internet access entitlement messages; Described verification portal server is successfully logined to user notification according to the response that strategic server returns.
Wherein, among the step C, described CCG and strategic server may further comprise the steps the charging that the user carries out ISP:
Behind the strategy of the user capture the Internet that C1, CCG implementation strategy server issue, send the beginning message of chargeing to strategic server;
C2, strategic server charge to the user after receiving the beginning message of chargeing.
In addition, in the process of user capture the Internet, this method further comprises: CCG regularly sends Intermediate Charging ICH message to strategic server, and strategic server carries out Intermediate Charging ICH to the user.
In addition, this method further comprises:
D, when the user finishes access internet, send to NAS and to roll off the production line message and to stop access internet to the verification portal server requests;
E, NAS send the charging end to aaa server, and aaa server finishes the charging among the active user NSP; CCG sends the charging end to strategic server simultaneously, and strategic server finishes the charging of active user ISP.
In addition, among the step D, when the user after the verification portal server requests stops access internet, this method further comprises:
The verification portal server sends to strategic server and stops Internet service message, and CCG sends the cancellation strategy request to strategic server, the strategy of CCG cancellation user capture the Internet.
In addition, behind the strategy of CCG cancellation user capture the Internet, further comprise:
CCG returns the cancellation policy response message to strategic server, and strategic server returns cancellation Internet service message to the verification portal server, and verification portal server notification user successfully logs off.
Wherein, carried out the strategy of the user capture the Internet that strategic server issues as CCG after, the user is by NAS among the NSP and CCG access internet among the ISP.
The system that a kind of NSP of realization provided by the present invention and ISP charge simultaneously, by Portal, CCG and strategic server are set in the ISP of system, when the user finishes the authentication acquisition visit ISP authority of NSP, finish re-authentication by Portal, realize the function of user capture the Internet the user; And in the process of user capture the Internet, finish charging to the user by cooperatively interacting of CCG and strategic server.This system has realized the function that NSP and ISP charge simultaneously, makes NSP and ISP not be limited by the opposing party in the process that the user is charged, and makes all energy equality the user are charged of NSP and ISP.
The method that a kind of NSP of realization provided by the present invention and ISP charge simultaneously, user name, password and the user who preserves the Internet user at the ISP required strategy of surfing the Net.When the user finishes NSP authentication acquisition visit ISP authority, carry out the re-authentication of ISP again, behind authentication success to the user, tactful access internet according to user's online, and in the process of access internet, the Internet user is chargeed, realized the method that NSP and ISP charge simultaneously.This method has realized NSP and ISP to the method that the Internet user charges simultaneously, makes NSP and ISP not be limited by the opposing party in the process of chargeing, and makes all energy equality the user are charged of NSP and ISP.
Description of drawings
Fig. 1 is the system construction drawing of prior art one;
Fig. 2 is the flow chart of prior art one;
Fig. 3 is the system construction drawing of prior art two;
Fig. 4 is the flow chart of prior art two;
Fig. 5 is the flow chart of prior art three;
Fig. 6 is a system construction drawing of the present invention;
Fig. 7 is a flow chart of the present invention.
Embodiment
Core concept of the present invention is: Portal, CCG and strategic server are set in the ISP of network, and the user realizes authentication and the charging of user in NSP according to the flow process of prior art one, completed successfully the authentication of NSP as the user after; Log on the Portal among the ISP again, finish the authentication of ISP user identity by Portal; Behind user's success identity, issue and, realize the visit of user the Internet by the strategy that CCG carries out the user capture the Internet by strategic server; In the process of user capture the Internet, cooperate the billing operation of finishing the user by CCG and strategic server.
For making purpose of the present invention, technical scheme and advantage clearer, below with reference to accompanying drawing and enumerate embodiment, the present invention is described in more detail.
Be illustrated in figure 6 as the system that realizes that NSP and ISP charge simultaneously, this system comprises: NSP, ISP and the Internet.Wherein, in NSP, comprise user 11, switch 12, NAS13 and aaa server 14; In ISP, comprise Portal 65, CCG68, strategic server 69, backbone network 16.
In NSP, the user finishes from authentication and charging in NSP according to the flow process of prior art one, different is: after the authentication of user by the aaa server 14 among the NSP, the NAS13 of NSP decontrols the authority of Portal 65 among the user capture ISP, after the user successfully passed through the authentication of the Portal 65 among the ISP once more, NSP just began the user of current accessed ISP is carried out the NSP charging.
Comprise Portal 65, CCG68, strategic server 69 and backbone network 16 among the ISP.Present embodiment has been used for reference the charging method of prior art shown in Figure 5, utilizes strategic server and CCG to cooperate and realizes the charging of user in ISP, and the concrete function of Portal 65, CCG68 and strategic server 69 is:
Portal 65 is the server of a realization authentication function, account number, the password of all registered users of storage in this server, and the pairing strategy names of each user; Be used for the user of access internet 17 is authenticated, and authentication result is returned the user.Under the situation of authentication success, by the authority of CCG68 to strategic server 69 these user capture the Internets 17 of request; Under the unsuccessful situation of authentication, the request of refusing user's access internet 17.
CCG68 one has the equipment of route and implementation strategy function, and the user who is used for realizing NSP is by CCG68 visit Portal 65, by CCG68 visit backbone network 16 and realize that Portal 65 is to the connection between the strategic server 69; The strategy that issues of implementation strategy server 69 is simultaneously opened the authority of user capture the Internet 17; And when opening access privilege, send the beginning message of chargeing to strategic server 69; In the process of user capture the Internet 17, send Intermediate Charging ICH message to strategic server 69; And when the user finishes access internet 17, send the charging end to strategic server 69.
Strategic server 69 is used for when receiving the activation internet access authority that Portal 65 sends, to the CCG68 distributing policy; When the user exits network, then send the cancellation policy message to CCG68; And the charging that reports of response CCG68 begins message, Intermediate Charging ICH message and charging end, according to user service flow amount and online duration the user carried out wholesale price and charging.
In the present invention, the user at first must obtain the authority of Portal among the visit ISP by the authentication of the aaa server among the NSP; After the authentication of user by the Portal among the ISP, the user just can pass through the backbone network access internet, detailed process as shown in Figure 7:
Step 701~705: identical with step 201~205 of prior art one, be not described in detail in this.The authority of opening the user capture the Internet described here is the access rights that NAS opens Portal among the user capture ISP.
Step 706: by the user of aaa server authentication among the NSP, the Portal among the visit ISP inputs user name and password in the login page that Portal provides, carry out re-authentication.
Step 707:Portal checks according to the account number of self storage whether the current user who authenticates is registered users, if, the then successfully authentication by Portal of user, execution in step 709; Otherwise Portal refuses this user capture the Internet, execution in step 708.
Step 708:Portal finishes current handling process by the user notification login failed for user of ISP to the current request authentication.
Step 709: under the situation of Portal to active user's authentication success, the authority to this user capture the Internet of strategic server requesting activation, and the strategy names of this user capture the Internet strategy is provided to strategic server.
Step 710: strategic server finds this strategy in self database, and issues this strategy to CCG according to the strategy names of the access internet authority of Portal indication, and request CCG opens the authority of user capture the Internet.
The strategy that step 711~713:CCG implementation strategy server issues is opened the authority of user capture the Internet, and returns policy response message to strategic server; Strategic server is learnt the authority of successfully opening the user capture the Internet after receiving the policy response message of CCG transmission, then returns success the message of excited users access internet authority to Portal; Notify user's success login message when Portal learns that the user successfully lands then to return to the user, the user then can be by the connected reference the Internet of CCG and backbone network.
Step 714~716: when the NAS among the NSP receives after the verification portal server returns to user's login success message, then the aaa server in NSP sends the beginning message of chargeing, concrete subsequent process is identical with step 206 of the prior art~208, is not described in detail in this.
Step 717~718: when strategic server to Portal return activate the internet access entitlement messages after, can begin execution in step 717~718.Be specially: strategic server sends the beginning message of chargeing, and request begins to charge to the user of current accessed the Internet; Strategic server begins the user is chargeed, and returns the beginning response message that charges to CCG.
Step 719: in the process of user capture the Internet, CCG can regularly send Intermediate Charging ICH message to strategic server, and strategic server is handled middle charging message and returned the Intermediate Charging ICH response message to CCG.
Step 720~721: when the user finishes accesses network, send the message that rolls off the production line to NAS, and stop Internet service message to Portal transmission request simultaneously, the Internet is withdrawed from application.
After NAS among step 722~723:NSP receives the message of user offline, then the aaa server to NSP sends the charging end, the request aaa server finishes the charging to the current user of rolling off the production line, the aaa server of NSP is after receiving the charging end, the charge processing of end, return the end response message that charges to NAS after finishing dealing with, so far the aaa server among the NSP has been finished the charging of user in NSP.
Step 724~725: in execution in step 722~723, when Portal receives this message, then send request to strategic server and stop Internet service message, request stops this user capture the Internet; After strategic server receives this request message, then send the cancellation policy message to CCG, indication CCG cancels the strategy of this user capture the Internet.
Step 726~728:CCG is carried out the order of cancellation strategy, the authority of closing the current user capture the Internet that exits network, and return the cancellation policy response message, the result that the notification strategy server is carried out to strategic server; After strategic server is received the response message of CCG, return cancellation Internet service message to Portal, notice Portal stops the result of Internet service; After Portal receives the message of returning, notify the user to login results messages, notify the user successfully to withdraw from and land to user's transmission.
Step 729~730: in CCG cancellation user capture the Internet strategy, send the charging end to strategic server; Strategic server is handled the charging end, and returns to charge to CCG and finish response message, indicates the current user who the exits network end of chargeing, and so far the CCG among the ISP has finished the charging of user in ISP.
So far, present embodiment realizes that the flow process that NSP and ISP charge simultaneously finishes.
In the present invention, the rule of specifically user being chargeed can be carried out according to existing charging regulation in the prior art.
The above is preferred embodiment of the present invention only, is not to be used to limit protection scope of the present invention.

Claims (13)

1. system that realizes that Internet Service Provider NSP and the ISP of ISP charge simultaneously, comprise NSP and ISP, NSP comprises network access server NAS and authentication, charging, authorization server aaa server at least, the user is after the authentication by aaa server among the NSP, open the authority of user capture ISP by NAS, and finish charging to the user by aaa server, it is characterized in that, be provided with verification portal server, content control gateway CCG and strategic server in the described ISP;
Described verification portal server: receive the user's of NAS transmission re-authentication request, the user is authenticated, and return the result of login ISP to the user; By the authority of CCG to strategic server requesting activation user capture the Internet;
Described strategic server: issue the strategy of user capture the Internet to CCG, the authority of excited users access internet, and the user chargeed;
Described CCG: the strategy that the implementation strategy server issues.
2. system according to claim 1 is characterized in that, behind the strategy that described CCG implementation strategy server issues, sends the beginning message of chargeing to strategic server; Described strategic server charges to the user after receiving the beginning message of chargeing.
3. system according to claim 1 is characterized in that described CCG returns policy response message to strategic server; Described strategic server returns activation internet access entitlement messages to the verification portal server.
4. system according to claim 1 is characterized in that, the user is by NAS among the NSP and the CCG access internet among the ISP.
5. method that realizes that Internet Service Provider NSP and the ISP of ISP charge simultaneously, it is characterized in that, verification portal server, content control gateway CCG and strategic server are set in ISP, the user profile of storage registered users in the verification portal server in ISP, after the user successfully passes through the authentication of NSP, NSP decontrols the authority of user capture ISP, carries out following steps:
A, user send the re-authentication request by NSP to the verification portal server, the verification portal server is according to the user profile of the registered users of user's the user profile that provides and self storage, whether the user who judges the current request re-authentication is registered users, if, execution in step B then; Otherwise, process ends;
B, verification portal server be to the authority of strategic server requesting activation user capture the Internet, and strategic server is handed down to CCG and carries out the strategy of user capture the Internet by CCG, and the verification portal server returns success login message to the user;
NAS among C, the NSP and authentication, charging, mandate aaa server carry out the charging of NSP to the user, and CCG and strategic server carry out the charging of ISP to the user simultaneously.
6. method according to claim 5 is characterized in that, the strategy names of further recording user institute usage policy in the verification portal server, storage and strategy names corresponding strategy in strategic server;
In the steps A, after the user successfully passed through authentication, the verification portal server took out the pairing strategy names of this user according to user's user name;
Among the step B, described verification portal server to the authority of strategic server requesting activation user capture the Internet is: the pairing strategy names of current request access internet user is sent to strategic server;
Among the step B, described strategic server distributing policy is: strategic server is searched according to strategy names and is obtained corresponding strategy, and gives CCG with policy distribution.
7. method according to claim 5 is characterized in that, among the step B, behind the strategy that CCG implementation strategy server issues, further comprises:
CCG returns policy response message to strategic server, and strategic server returns to the verification portal server and activates the internet access entitlement messages; Described verification portal server is successfully logined to user notification according to the response that strategic server returns.
8. method according to claim 5 is characterized in that, among the step C, described CCG and strategic server may further comprise the steps the charging that the user carries out ISP:
Behind the strategy of the user capture the Internet that C1, CCG implementation strategy server issue, send the beginning message of chargeing to strategic server;
C2, strategic server charge to the user after receiving the beginning message of chargeing.
9. method according to claim 8 is characterized in that, in the process of user capture the Internet, this method further comprises: CCG regularly sends Intermediate Charging ICH message to strategic server, and strategic server carries out Intermediate Charging ICH to the user.
10. method according to claim 5 is characterized in that, this method further comprises:
D, when the user finishes access internet, send to NAS and to roll off the production line message and to stop access internet to the verification portal server requests;
E, NAS send the charging end to aaa server, and aaa server finishes the charging among the active user NSP; CCG sends the charging end to strategic server simultaneously, and strategic server finishes the charging of active user ISP.
11. method according to claim 10 is characterized in that, among the step D, when the user after the verification portal server requests stops access internet, this method further comprises:
The verification portal server sends to strategic server and stops Internet service message, and CCG sends the cancellation strategy request to strategic server, the strategy of CCG cancellation user capture the Internet.
12. method according to claim 11 is characterized in that, behind the strategy of CCG cancellation user capture the Internet, further comprises:
CCG returns the cancellation policy response message to strategic server, and strategic server returns cancellation Internet service message to the verification portal server, and verification portal server notification user successfully logs off.
13. according to the described method of arbitrary claim in the claim 5 to 12, it is characterized in that, carried out the strategy of the user capture the Internet that strategic server issues as CCG after, the user is by NAS among the NSP and the CCG access internet among the ISP.
CNB2006100083828A 2006-02-21 2006-02-21 System and method for realizing NSP and ISP simultaneously charging Expired - Fee Related CN100370733C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB2006100083828A CN100370733C (en) 2006-02-21 2006-02-21 System and method for realizing NSP and ISP simultaneously charging

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2006100083828A CN100370733C (en) 2006-02-21 2006-02-21 System and method for realizing NSP and ISP simultaneously charging

Publications (2)

Publication Number Publication Date
CN1859133A CN1859133A (en) 2006-11-08
CN100370733C true CN100370733C (en) 2008-02-20

Family

ID=37298000

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2006100083828A Expired - Fee Related CN100370733C (en) 2006-02-21 2006-02-21 System and method for realizing NSP and ISP simultaneously charging

Country Status (1)

Country Link
CN (1) CN100370733C (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101436954B (en) * 2007-11-13 2012-01-25 中国电信股份有限公司 Business policy request verification system, business policy application and revocation method
CN102143136B (en) * 2010-08-20 2013-12-04 华为技术有限公司 Method for accessing service wholesale network, equipment, server and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020065785A1 (en) * 2000-11-28 2002-05-30 Kabushiki Kaisha Toshiba Mobile communication system using mobile IP and AAA protocols for general authentication and accounting
CN1416072A (en) * 2002-07-31 2003-05-07 华为技术有限公司 Method for realizing portal authentication based on protocols of authentication, charging and authorization
CN1430377A (en) * 2001-12-30 2003-07-16 华为技术有限公司 Method of realizing Internet contents paying
JP2004362605A (en) * 2004-06-28 2004-12-24 Fujisankei Living Service Inc Network connection service provision method and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020065785A1 (en) * 2000-11-28 2002-05-30 Kabushiki Kaisha Toshiba Mobile communication system using mobile IP and AAA protocols for general authentication and accounting
CN1430377A (en) * 2001-12-30 2003-07-16 华为技术有限公司 Method of realizing Internet contents paying
CN1416072A (en) * 2002-07-31 2003-05-07 华为技术有限公司 Method for realizing portal authentication based on protocols of authentication, charging and authorization
JP2004362605A (en) * 2004-06-28 2004-12-24 Fujisankei Living Service Inc Network connection service provision method and system

Also Published As

Publication number Publication date
CN1859133A (en) 2006-11-08

Similar Documents

Publication Publication Date Title
CN100563248C (en) Method and system for managing user access authorization within a local administrative area when the user is connected to an IP network
CN104158824B (en) Genuine cyber identification authentication method and system
CN100521608C (en) Pay-per-connection system and method of establishing connection based on pay-per-connection
CN104662873B (en) For reducing the method and apparatus of the core network flow as caused by migration
US7653933B2 (en) System and method of network authentication, authorization and accounting
CN102469078B (en) Method and system for accessing campus network to external network
CN109862565A (en) A kind of WLAN unaware control method, system and readable storage medium storing program for executing
CN106131068B (en) The system and method that user independently selects domain name system DNS parsing route
CN101557406A (en) User terminal authentication method, device and system thereof
JP2005339093A (en) Authentication method, authentication system, authentication proxy server, network access authenticating server, program, and storage medium
CN108092988B (en) Non-perception authentication and authorization network system and method based on dynamic temporary password creation
JP2012060373A (en) Information processing apparatus, communication system and program
CN105516955A (en) Self-help payment method of defaulting subscriber in Telecom 4G (fourth generation) mobile network
CN101247239A (en) Authenticated authorization accounting system and implementing method thereof
CN103825901B (en) A kind of method for network access control and equipment
CN101164276A (en) Method for realizing wireless access of prepaid user to internet
CN102082672A (en) Radius server as well as system and method for controlling broadband on-line service
CN103067407B (en) The authentication method and device of accessing user terminal to network
CN101072113A (en) Method and system for realizing wide band post-paid service
CN100583759C (en) Method for realizing synchronous identification between different identification control equipments
CN100508524C (en) System and method for certification and charge of network
CN108200039B (en) Non-perception authentication and authorization system and method based on dynamic establishment of temporary account password
CN100370733C (en) System and method for realizing NSP and ISP simultaneously charging
CN101155055B (en) User management method and system for next-generation network
CN104394151A (en) Method, device and system for accessing campus network into operator network

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20080220

Termination date: 20130221