[go: up one dir, main page]

CN108282753A - A kind of short message agency retransmission method - Google Patents

A kind of short message agency retransmission method Download PDF

Info

Publication number
CN108282753A
CN108282753A CN201810056137.7A CN201810056137A CN108282753A CN 108282753 A CN108282753 A CN 108282753A CN 201810056137 A CN201810056137 A CN 201810056137A CN 108282753 A CN108282753 A CN 108282753A
Authority
CN
China
Prior art keywords
short message
message
routing request
message routing
short
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810056137.7A
Other languages
Chinese (zh)
Other versions
CN108282753B (en
Inventor
刘彩霞
季新生
邬江兴
汤红波
朱可云
王继
霍树民
柏溢
王晓雷
赵宇
陈云杰
王领伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
PLA Information Engineering University
Original Assignee
PLA Information Engineering University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by PLA Information Engineering University filed Critical PLA Information Engineering University
Priority to CN201810056137.7A priority Critical patent/CN108282753B/en
Publication of CN108282753A publication Critical patent/CN108282753A/en
Application granted granted Critical
Publication of CN108282753B publication Critical patent/CN108282753B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • H04W4/14Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W40/00Communication routing or communication path finding
    • H04W40/02Communication route or path selection, e.g. power-based or shortest path routing

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a kind of short message agency retransmission methods, including:The ownership short message service center of short message initiator user sends short message route request information to the home location register of recipient user;Short message route test functive judges that short message route requests process leaks security risk with the presence or absence of personal information;Short message route test functive short-message route requests response message;Incidence relation informing message is acted on behalf of delivery functionality by short message route test functive;Short message acts on behalf of delivery functionality and preserves incidence relation;Short message acts on behalf of delivery functionality and receives the signaling message for loading content of short message;Short message acts on behalf of delivery functionality and sends short message route request information to the home location register of recipient user;Short message acts on behalf of the signaling message that delivery functionality forwarding loads content of short message.The present invention realizes the effective protection of customer position information and IMSI marks, prevents individual privacy information from leaking.

Description

一种短消息代理转发方法A Short Message Agent Forwarding Method

技术领域technical field

本发明涉及移动通信网的路由控制方法领域,尤其涉及一种短消息代理转发方法。The invention relates to the field of routing control methods of mobile communication networks, in particular to a short message agent forwarding method.

背景技术Background technique

根据3GPP(Third Generation Partnership Project,第三代合作伙伴工程)TS29.002规范,目前,同一运营商网络中的两个用户或者有漫游协议的不同运营商网络的两个用户互发短消息时,采用如图2所示的路由组织方法。即短消息发起方用户的服务MSC(Mobile Switching Center,移动交换中心)将短消息发送到发起方用户的归属短消息中心SMC(Short Message Center),然后发起方用户的归属SMC通过MAP(Mobile ApplicationPart,移动应用部分)协议流程,访问短消息接收方用户的归属位置寄存器(HLR),获得短消息接收方用户的IMSI和为其服务的MSC的路由标识(MSC号码),确定短消息转发路由,然后发起方用户的归属SMC将短消息转发到短消息接收方用户的服务MSC,接收方用户的服务MSC最后将短消息发送给接收方用户。According to the 3GPP (Third Generation Partnership Project) TS29.002 specification, at present, when two users on the same operator network or two users on different operator networks with roaming agreements send short messages to each other, Use the routing organization method shown in Figure 2. That is, the service MSC (Mobile Switching Center, Mobile Switching Center) of the originator user of the short message sends the short message to the home short message center SMC (Short Message Center) of the originator user, and then the home SMC of the originator user passes the MAP (Mobile ApplicationPart , mobile application part) protocol flow, visit the home location register (HLR) of the short message recipient user, obtain the short message recipient user's IMSI and the routing identifier (MSC number) of the MSC serving it, and determine the short message forwarding route, Then the home SMC of the initiator user forwards the short message to the serving MSC of the short message receiver user, and the serving MSC of the receiver user finally sends the short message to the receiver user.

上述短消息发送的路由组织方式使得非法的网络实体可以利用3GPP提供的标准MAP信令流程获取用户的IMSI(International Mobile Subscriber IdentificationNumber,国际用户识别码)和服务MSC号码。而IMSI是用户的私有标识,其泄露将给用户带来严重的安全问题;服务MSC的号码是用户的一种位置标识,会导致用户位置信息泄露,对需要位置信息保密的个人或者群体而言,位置信息泄漏将可能给用户带来巨大的安全隐患(参见3GPP TR 33.900)。为解决上述问题,本发明以用户位置和IMSI保护为出发点,设计了一种短消息代理转发方法。The routing organization of the above short message transmission enables illegal network entities to use the standard MAP signaling process provided by 3GPP to obtain the user's IMSI (International Mobile Subscriber Identification Number) and service MSC number. The IMSI is the user's private identification, and its leakage will bring serious security problems to the user; the number of the service MSC is a location identification of the user, which will lead to the leakage of the user's location information. For individuals or groups that need to keep the location information confidential , the leakage of location information may bring huge security risks to users (see 3GPP TR 33.900). In order to solve the above problems, the present invention designs a short message agent forwarding method based on user location and IMSI protection.

发明内容Contents of the invention

本发明针对现有技术存在的不足和缺陷,提供一种短消息代理转发方法,该方法通过设置短消息路由控制功能体和短消息代理转发功能体,在保证短消息业务正常使用的前提下,保护用户位置和IMSI安全。Aiming at the deficiencies and defects existing in the prior art, the present invention provides a short message agent forwarding method. By setting the short message routing control function body and the short message agent forwarding function body, under the premise of ensuring the normal use of the short message service, Protect user location and IMSI security.

为实现所述目的,本发明采用的技术方案是:一种短消息代理转发方法,包括以下步骤:For realizing said purpose, the technical scheme that the present invention adopts is: a kind of short message agent forwarding method, comprises the following steps:

步骤1:短消息发起方用户的归属短消息中心向接收方用户的归属位置寄存器发送短消息路由请求消息;Step 1: the home short message center of the short message initiator user sends a short message routing request message to the home location register of the receiver user;

步骤2:短消息路由控制功能体判断短消息路由请求过程是否存在个人信息泄漏的安全隐患;Step 2: The short message routing control function body judges whether there is a potential safety hazard of personal information leakage in the short message routing request process;

步骤3:短消息路由控制功能体转发短消息路由请求应答消息;Step 3: the short message routing control function forwards the short message routing request response message;

步骤4:短消息路由控制功能体将关联关系通知短消息代理转发功能体;Step 4: the short message routing control function body notifies the short message agent forwarding function body of the association relationship;

步骤5:短消息代理转发功能体保存关联关系;Step 5: The short message agent forwarding function body saves the association relationship;

步骤6:短消息代理转发功能体收到装载短消息内容的信令消息;Step 6: The short message agent forwarding function body receives the signaling message loaded with the content of the short message;

步骤7:短消息代理转发功能体向接收方用户的归属位置寄存器发送短消息路由请求消息;Step 7: The short message agent forwarding function body sends a short message routing request message to the home location register of the recipient user;

步骤8:短消息代理转发功能体转发装载短消息内容的信令消息。Step 8: The short message agent forwarding function body forwards the signaling message carrying the content of the short message.

进一步的,所述短消息路由控制功能体,部署在接收方用户的归属位置寄存器的前端或信令的传递路径上,用于拦截归属位置寄存器返回的短消息路由请求应答消息。Further, the short message routing control function body is deployed at the front end of the recipient user's home location register or on the signaling transmission path, and is used to intercept the short message routing request reply message returned by the home location register.

进一步的,所述步骤2,具体包括:Further, said step 2 specifically includes:

步骤2.1:短消息路由控制功能体拦截接收方用户的归属位置寄存器发出的短消息路由请求应答消息;Step 2.1: The short message routing control function body intercepts the short message routing request reply message sent by the home location register of the recipient user;

步骤2.2:根据短消息路由请求应答消息判断短消息路由请求发起方网络域是否可信,进而确认是否存在个人信息泄漏的安全隐患;Step 2.2: According to the short message routing request response message, judge whether the network domain of the short message routing request originator is credible, and then confirm whether there is a potential safety hazard of personal information leakage;

若发起方网络域不可信,则认定存在个人信息泄漏的安全隐患,然后执行步骤3;若发起方网络域可信,则认定不存在个人信息泄漏的安全隐患,然后短消息路由控制功能体直接将短消息路由请求应答消息转发至短消息路由请求消息的发起方,结束短消息代理转发。If the initiator network domain is untrustworthy, it is determined that there is a security risk of personal information leakage, and then step 3 is performed; if the initiator network domain is trusted, it is determined that there is no security risk of personal information leakage, and then the short message routing control function directly The short message routing request reply message is forwarded to the initiator of the short message routing request message, and the forwarding of the short message agent is ended.

进一步的,所述步骤3具体包括:Further, the step 3 specifically includes:

步骤3.1:短消息路由控制功能体选择一个短消息代理转发功能体;Step 3.1: The short message routing control function body selects a short message agent forwarding function body;

步骤3.2:用短消息代理转发功能体的地址作为虚拟MSC号码替换短消息路由请求应答消息中的MSC号码;按预先配置的分配规则,短消息路由控制功能体分配一个虚拟IMSI替换短消息路由请求应答消息中的IMSI;Step 3.2: Replace the MSC number in the short message routing request response message with the address of the short message agent forwarding function body as a virtual MSC number; according to the pre-configured distribution rules, the short message routing control function body allocates a virtual IMSI to replace the short message routing request IMSI in the reply message;

步骤3.3:将替换后的短消息路由请求应答消息转发至短消息路由请求消息的发起方;Step 3.3: forwarding the replaced short message routing request response message to the initiator of the short message routing request message;

步骤3.4:短消息路由请求消息的发起方收到短消息路由请求应答消息后,按照短消息路由请求应答消息中携带的“虚拟MSC号码”标识的地址发送装载短消息内容的信令消息。Step 3.4: After receiving the short message routing request response message, the originator of the short message routing request message sends a signaling message carrying the content of the short message according to the address identified by the "virtual MSC number" carried in the short message routing request response message.

进一步的,所述步骤4,具体包括:Further, said step 4 specifically includes:

步骤4.1:短消息路由控制功能体把分配的虚拟IMSI和短消息接收方的MSISDN号码进行对应关联;Step 4.1: The short message routing control function correlates the allocated virtual IMSI with the MSISDN number of the short message receiver;

步骤4.2:把两者间的关联关系通知虚拟MSC号码对应的短消息代理转发功能体。Step 4.2: Notify the short message agent forwarding function body corresponding to the virtual MSC number of the association relationship between the two.

进一步的,所述步骤7,具体包括:Further, said step 7 specifically includes:

步骤7.1:短消息代理转发功能体通过存储的虚拟IMSI与MSISDN号码的关联关系,解析装载短消息内容的信令消息得到短消息接收方的MSISDN号码;Step 7.1: The short message agent forwarding function body parses the signaling message loaded with the content of the short message to obtain the MSISDN number of the short message receiver through the stored association between the virtual IMSI and the MSISDN number;

步骤7.2:构造一个短消息路由请求消息,用于获取短消息接收方用户的服务MSC号码和IMSI;Step 7.2: Construct a short message routing request message for obtaining the serving MSC number and IMSI of the short message recipient user;

步骤7.3:将该短消息路由请求消息发送给MSISDN号码对应的接收方用户的归属位置寄存器。Step 7.3: Send the short message routing request message to the HLR of the recipient user corresponding to the MSISDN number.

进一步的,所述步骤8,具体包括:Further, said step 8 specifically includes:

步骤8.1:接收方用户的归属位置寄存器处理短消息路由请求消息后,发出短消息路由请求应答消息;Step 8.1: After processing the short message routing request message, the receiver user's home location register sends a short message routing request response message;

步骤8.2:短消息路由控制功能体直接将短消息路由请求应答消息转发给短消息代理转发功能体;Step 8.2: The short message routing control function directly forwards the short message routing request response message to the short message proxy forwarding function;

步骤8.3:短消息代理转发功能体用短消息路由请求应答消息中携带的用户IMSI替换装载短消息内容的信令消息中的虚拟IMSI;Step 8.3: The short message proxy forwarding function replaces the virtual IMSI in the signaling message carrying the content of the short message with the user IMSI carried in the short message routing request response message;

步骤8.4:将替换后的装载短消息内容的信令消息按照短消息路由请求应答消息中携带的“MSC号码”标识的地址转发。Step 8.4: Forward the replaced signaling message carrying the content of the short message according to the address identified by the "MSC number" carried in the short message routing request response message.

本发明的有益效果是:The beneficial effects of the present invention are:

本发明一种短消息代理转发方法,首先短消息路由控制功能体判断路由请求发起方网络域是否可信,进而确认是否存在个人信息泄漏的安全隐患,避免了不必要的短消息代理转发,提高了短消息发送的效率;存在个人信息泄漏的安全隐患时,短消息路由控制功能体替换短消息路由请求应答消息中用户的私有身份标识IMSI和位置标识MSC号码,保证用户的私有身份标识IMSI和位置标识MSC号码不会暴露到不可信的网络域内,有效抵御攻击者利用短消息路由请求消息获取用户位置和IMSI标识的攻击行为;此外,短消息代理转发功能体实现了短消息的正常发送,保证用户之间的正常通信。A short message proxy forwarding method of the present invention, firstly, the short message routing control function body judges whether the network domain of the routing request originator is credible, and then confirms whether there is a potential safety hazard of personal information leakage, avoids unnecessary short message proxy forwarding, and improves improve the efficiency of sending short messages; when there is a potential safety hazard of personal information leakage, the short message routing control function replaces the user's private identity IMSI and location identifier MSC number in the short message routing request response message, ensuring that the user's private identity IMSI and The location identification MSC number will not be exposed to untrustworthy network domains, effectively resisting attacks by attackers using short message routing request messages to obtain user location and IMSI identification; in addition, the short message agent forwarding function realizes the normal sending of short messages, Ensure normal communication between users.

附图说明Description of drawings

图1是本发明所述方法的流程图。Figure 1 is a flow chart of the method of the present invention.

图2是本发明所述方法的现有技术中短消息发送流程示意图。Fig. 2 is a schematic diagram of the short message sending flow in the prior art of the method of the present invention.

图3是本发明所述方法中不存在个人信息泄漏安全隐患的短消息发送流程示意图。FIG. 3 is a schematic diagram of a short message sending process in which there is no potential safety hazard of personal information leakage in the method of the present invention.

图4是本发明所述方法中存在个人信息泄漏安全隐患的短消息发送流程示意图。Fig. 4 is a schematic flow diagram of a short message sending process in which there is a potential safety hazard of personal information leakage in the method of the present invention.

具体实施方式Detailed ways

下面结合附图及具体实施方式对本发明作进一步详细描述:Below in conjunction with accompanying drawing and specific embodiment the present invention is described in further detail:

实施例1:如图1所示,一种短消息代理转发方法,包括以下步骤:Embodiment 1: as shown in Figure 1, a kind of short message agency forwarding method comprises the following steps:

步骤S101:短消息发起方用户的归属短消息中心向接收方用户的归属位置寄存器发送短消息路由请求消息;Step S101: the home short message center of the short message initiator user sends a short message routing request message to the home location register of the receiver user;

步骤S102:短消息路由控制功能体判断短消息路由请求过程是否存在个人信息泄漏的安全隐患;Step S102: the short message routing control function body judges whether there is a potential safety hazard of personal information leakage in the short message routing request process;

步骤S103:短消息路由控制功能体转发短消息路由请求应答消息;Step S103: the short message routing control function body forwards the short message routing request response message;

步骤S104:短消息路由控制功能体将关联关系通知短消息代理转发功能体;Step S104: the short message routing control function notifies the short message proxy forwarding function of the association relationship;

步骤S105:短消息代理转发功能体保存关联关系;Step S105: the short message agent forwarding function body saves the association relationship;

步骤S106:短消息代理转发功能体收到装载短消息内容的信令消息;Step S106: the short message agent forwarding function body receives the signaling message carrying the content of the short message;

步骤S107:短消息代理转发功能体向接收方用户的归属位置寄存器发送短消息路由请求消息;Step S107: the short message proxy forwarding function body sends a short message routing request message to the home location register of the recipient user;

步骤S108:短消息代理转发功能体转发装载短消息内容的信令消息。Step S108: The short message agent forwarding function body forwards the signaling message carrying the content of the short message.

实施例2:一种短消息代理转发方法,包括以下步骤:Embodiment 2: a kind of short message agency forwarding method, comprises the following steps:

步骤S201:短消息发起方用户的归属短消息中心向接收方用户的归属位置寄存器发送短消息路由请求消息,即SRI_FOR_SM信令消息。Step S201: The home short message center of the short message sender user sends a short message routing request message, ie, an SRI_FOR_SM signaling message, to the receiver user's home location register.

步骤S202:短消息路由控制功能体拦截接收方用户的归属位置寄存器发出的短消息路由请求应答消息,即SRI_FOR_SM ACK信令消息。Step S202: The short message routing control function intercepts the short message routing request reply message sent by the HLR of the recipient user, that is, the SRI_FOR_SM ACK signaling message.

步骤S203:短消息路由控制功能体根据短消息路由请求应答消息判断短消息路由请求发起方网络域是否可信,进而确认是否存在个人信息泄漏的安全隐患。Step S203: The short message routing control function judges whether the network domain of the sender of the short message routing request is credible according to the short message routing request response message, and then confirms whether there is a potential safety hazard of personal information leakage.

若发起方网络域不可信,则存在个人信息泄漏的安全隐患,然后如图4所示,执行步骤S204;若发起方网络域可信,则不存在个人信息泄漏的安全隐患,然后如图3所示,短消息路由控制功能体直接将短消息路由请求应答消息转发至短消息路由请求消息的发起方,结束短消息代理转发。If the initiator network domain is untrustworthy, there is a security risk of personal information leakage, and then as shown in Figure 4, step S204 is performed; if the initiator network domain is credible, there is no security risk of personal information leakage, and then as shown in Figure 3 As shown, the short message routing control function directly forwards the short message routing request response message to the originator of the short message routing request message, and ends the forwarding of the short message proxy.

其中,网络域是否可信的界定,由实际网络域确定,如对于一个专用移动通信网而言,公众移动通信网可以认为是不可信的网络域;对于境内移动通信网络而言,境外移动通信网可以认为是一个不可信的网络域;短消息转发代理功能体所在网络为可信网络域。Among them, the definition of whether the network domain is credible is determined by the actual network domain. For example, for a private mobile communication network, the public mobile communication network can be considered as an untrustworthy network domain; The network can be regarded as an untrusted network domain; the network where the short message forwarding agent function body is located is a trusted network domain.

步骤S204:短消息路由控制功能体选择一个短消息代理转发功能体。Step S204: The short message routing control function selects a short message proxy forwarding function.

步骤S205:用短消息代理转发功能体的地址作为虚拟MSC号码替换短消息路由请求应答消息中的MSC号码;按预先配置的分配规则,短消息路由控制功能体分配一个虚拟IMSI替换短消息路由请求应答消息中的IMSI。Step S205: Replace the MSC number in the short message routing request response message with the address of the short message agent forwarding function body as the virtual MSC number; according to the pre-configured distribution rules, the short message routing control function body allocates a virtual IMSI to replace the short message routing request The IMSI in the reply message.

其中,虚拟IMSI 的分配规则可以是固定分配,也可以是随机分配,也可以根据用户真实的IMSI取值进行分配,本发明不限定虚拟IMSI的具体分配方式。Wherein, the allocation rule of the virtual IMSI may be fixed allocation, random allocation, or allocation based on the real IMSI value of the user. The present invention does not limit the specific allocation manner of the virtual IMSI.

步骤S206:将替换后的短消息路由请求应答消息转发至短消息路由请求消息的发起方。Step S206: Forward the replaced short message routing request response message to the originator of the short message routing request message.

步骤S207:短消息路由请求消息的发起方收到短消息路由请求应答消息后,按照短消息路由请求应答消息中携带的“虚拟MSC号码”标识的地址发送装载短消息内容的信令消息,即MT_FORWARD_SM信令消息。Step S207: After receiving the short message routing request response message, the initiator of the short message routing request message sends a signaling message loaded with the content of the short message according to the address identified by the "virtual MSC number" carried in the short message routing request response message, that is MT_FORWARD_SM signaling message.

步骤S208:短消息路由控制功能体把分配的虚拟IMSI和短消息接收方的MSISDN号码进行对应关联。Step S208: The short message routing control function associates the allocated virtual IMSI with the MSISDN number of the short message recipient.

其中,虚拟IMSI和短消息接收方的MSISDN号码的关联关系可以是多种多样的,本发明不限定虚拟IMSI和短消息接收方的MSISDN号码的关联关系。Wherein, the relationship between the virtual IMSI and the MSISDN number of the short message receiver can be various, and the present invention does not limit the relationship between the virtual IMSI and the MSISDN number of the short message receiver.

步骤S209:短消息路由控制功能体把两者间的关联关系通知虚拟MSC号码对应的短消息代理转发功能体。Step S209: The short message routing control function notifies the short message agent forwarding function corresponding to the virtual MSC number of the relationship between the two.

步骤S210:短消息代理转发功能体保存关联关系。Step S210: The short message agent forwarding function saves the association relationship.

步骤S211:短消息代理转发功能体收到装载短消息内容的信令消息。Step S211: The short message agent forwarding function body receives the signaling message carrying the content of the short message.

步骤S212:短消息代理转发功能体通过存储的虚拟IMSI与MSISDN号码的关联关系,解析装载短消息内容的信令消息得到短消息接收方的MSISDN号码。Step S212: The short message agent forwarding function analyzes the signaling message carrying the content of the short message through the stored association between the virtual IMSI and the MSISDN number to obtain the MSISDN number of the short message recipient.

步骤S213:短消息代理转发功能体构造一个短消息路由请求消息,用于获取短消息接收方用户的服务MSC号码和IMSI。Step S213: The short message proxy forwarding function constructs a short message routing request message for obtaining the serving MSC number and IMSI of the short message recipient user.

步骤S214:短消息代理转发功能体将该短消息路由请求消息发送给MSISDN号码对应的接收方用户的归属位置寄存器。Step S214: The short message proxy forwarding function sends the short message routing request message to the HLR of the recipient user corresponding to the MSISDN number.

步骤S215:接收方用户的归属位置寄存器处理短消息路由请求消息后,发出短消息路由请求应答消息。Step S215: After processing the short message routing request message, the home location register of the receiving user sends a short message routing request response message.

步骤S216:短消息路由控制功能体直接将短消息路由请求应答消息转发给短消息代理转发功能体。Step S216: The short message routing control function directly forwards the short message routing request reply message to the short message proxy forwarding function.

步骤S217:短消息代理转发功能体用短消息路由请求应答消息中携带的用户IMSI替换装载短消息内容的信令消息中的虚拟IMSI。Step S217: The short message proxy forwarding function replaces the virtual IMSI in the signaling message carrying the content of the short message with the user IMSI carried in the short message routing request response message.

步骤S218:短消息代理转发功能体将替换后的装载短消息内容的信令消息按照短消息路由请求应答消息中携带的“MSC号码”标识的地址转发,即转发至接收方用户的服务MSC。Step S218: The short message agent forwarding function forwards the replaced signaling message carrying the content of the short message according to the address identified by the "MSC number" carried in the short message routing request response message, that is, to the serving MSC of the recipient user.

本发明提出的一种短消息代理转发方法,用于避免短消息接收过程中个人信息的泄漏;该方法通过短消息路由控制功能体判断路由请求发起方网络域是否可信,进而确认是否存在个人信息泄漏的安全隐患;短消息路由控制功能替换短消息路由请求应答消息中用户的私有身份标识IMSI和位置标识MSC号码,保证用户的私有身份标识IMSI和位置标识MSC号码不会暴露到不可信的网络域内,有效抵御攻击者利用短消息路由请求消息获取用户位置和IMSI标识的攻击行为,短消息代理转发功能体实现了短消息的正常发送,保证用户之间的正常通信;本发明提出的方法有效可靠,可为需要位置信息保密的个人或者群体在短消息接收过程中避免个人信息的泄漏。A short message proxy forwarding method proposed by the present invention is used to avoid the leakage of personal information in the short message receiving process; the method judges whether the network domain of the routing request initiator is credible through the short message routing control function body, and then confirms whether there is an individual Potential security risks of information leakage; the short message routing control function replaces the user's private identity IMSI and location identifier MSC number in the short message routing request response message, ensuring that the user's private identity identifier IMSI and location identifier MSC number will not be exposed to untrustworthy In the network domain, it is effective to resist the attacker's attack behavior of using the short message routing request message to obtain the user's location and IMSI identification, and the short message agent forwarding function realizes the normal sending of the short message and ensures the normal communication between users; the method proposed by the present invention It is effective and reliable, and can avoid the leakage of personal information in the process of receiving short messages for individuals or groups who need location information to be kept secret.

应当说明的是,以上所述之实施例,仅仅用于示例型说明或解释本发明的原理,并不用以限制本发明,因此,在不脱离本发明精神和范围内,还可以做出若干改进和修饰,这些改进和修饰均应视为本发明申请专利范围内。It should be noted that the above-mentioned embodiments are only used to illustrate or explain the principle of the present invention, and are not intended to limit the present invention. Therefore, some improvements can be made without departing from the spirit and scope of the present invention. and modifications, these improvements and modifications should be considered within the patent scope of the present invention.

Claims (7)

1.一种短消息代理转发方法,其特征在于,包括以下步骤:1. A short message agent forwarding method is characterized in that, comprising the following steps: 步骤1:短消息发起方用户的归属短消息中心向接收方用户的归属位置寄存器发送短消息路由请求消息;Step 1: the home short message center of the short message initiator user sends a short message routing request message to the home location register of the receiver user; 步骤2:短消息路由控制功能体判断短消息路由请求过程是否存在个人信息泄漏安全隐患;Step 2: The short message routing control function body judges whether there is a personal information leakage security risk in the short message routing request process; 步骤3:短消息路由控制功能体转发短消息路由请求应答消息;Step 3: the short message routing control function forwards the short message routing request response message; 步骤4:短消息路由控制功能体将关联关系通知短消息代理转发功能体;Step 4: the short message routing control function body notifies the short message agent forwarding function body of the association relationship; 步骤5:短消息代理转发功能体保存关联关系;Step 5: The short message agent forwarding function body saves the association relationship; 步骤6:短消息代理转发功能体收到装载短消息内容的信令消息;Step 6: The short message agent forwarding function body receives the signaling message loaded with the content of the short message; 步骤7:短消息代理转发功能体向接收方用户的归属位置寄存器发送短消息路由请求消息;Step 7: The short message agent forwarding function body sends a short message routing request message to the home location register of the recipient user; 步骤8:短消息代理转发功能体转发装载短消息内容的信令消息。Step 8: The short message agent forwarding function body forwards the signaling message carrying the content of the short message. 2.根据权利要求1所述的一种短消息代理转发方法,其特征在于,所述短消息路由控制功能体,部署在接收方用户的归属位置寄存器的前端或信令的传递路径上,用于拦截归属位置寄存器返回的短消息路由请求应答消息。2. a kind of short message agency forwarding method according to claim 1, it is characterized in that, described short message route control function body is deployed on the front end of the home location register of receiver user or on the transfer path of signaling, uses It is used to intercept the short message routing request response message returned by the home location register. 3.根据权利要求2所述的一种短消息代理转发方法,其特征在于,所述步骤2,具体包括:3. a kind of short message agent forwarding method according to claim 2, is characterized in that, described step 2 specifically comprises: 步骤2.1:短消息路由控制功能体拦截接收方用户的归属位置寄存器发出的短消息路由请求应答消息;Step 2.1: The short message routing control function body intercepts the short message routing request reply message sent by the home location register of the recipient user; 步骤2.2:根据短消息路由请求应答消息判断短消息路由请求发起方网络域是否可信,进而确认是否存在个人信息泄漏的安全隐患;Step 2.2: According to the short message routing request response message, judge whether the network domain of the short message routing request originator is credible, and then confirm whether there is a potential safety hazard of personal information leakage; 若发起方网络域不可信,则认定存在个人信息泄漏的安全隐患,然后执行步骤3;若发起方网络域可信,则认定不存在个人信息泄漏的安全隐患,然后短消息路由控制功能体直接将短消息路由请求应答消息转发至短消息路由请求消息的发起方,结束短消息代理转发。If the initiator network domain is untrustworthy, it is determined that there is a security risk of personal information leakage, and then step 3 is performed; if the initiator network domain is trusted, it is determined that there is no security risk of personal information leakage, and then the short message routing control function directly The short message routing request reply message is forwarded to the initiator of the short message routing request message, and the forwarding of the short message agent is ended. 4.根据权利要求2所述的一种短消息代理转发方法,其特征在于,所述步骤3具体包括:4. a kind of short message agent forwarding method according to claim 2, is characterized in that, described step 3 specifically comprises: 步骤3.1:短消息路由控制功能体选择一个短消息代理转发功能体;Step 3.1: The short message routing control function body selects a short message proxy forwarding function body; 步骤3.2:用短消息代理转发功能体的地址作为虚拟MSC号码替换短消息路由请求应答消息中的MSC号码;按预先配置的分配规则,短消息路由控制功能体分配一个虚拟IMSI替换短消息路由请求应答消息中的IMSI;Step 3.2: Replace the MSC number in the short message routing request response message with the address of the short message agent forwarding function body as a virtual MSC number; according to the pre-configured distribution rules, the short message routing control function body allocates a virtual IMSI to replace the short message routing request IMSI in the reply message; 步骤3.3:将替换后的短消息路由请求应答消息转发至短消息路由请求消息的发起方;Step 3.3: forwarding the replaced short message routing request response message to the initiator of the short message routing request message; 步骤3.4:短消息路由请求消息的发起方收到短消息路由请求应答消息后,按照短消息路由请求应答消息中携带的“虚拟MSC号码”标识的地址发送装载短消息内容的信令消息。Step 3.4: After receiving the short message routing request response message, the originator of the short message routing request message sends a signaling message carrying the content of the short message according to the address identified by the "virtual MSC number" carried in the short message routing request response message. 5.根据权利要求2所述的一种短消息代理转发方法,其特征在于,所述步骤4,具体包括:5. a kind of short message agency forwarding method according to claim 2 is characterized in that, described step 4 specifically comprises: 步骤4.1:短消息路由控制功能体把分配的虚拟IMSI和短消息接收方的MSISDN号码进行对应关联;Step 4.1: The short message routing control function correlates the allocated virtual IMSI with the MSISDN number of the short message receiver; 步骤4.2:把两者间的关联关系通知虚拟MSC号码对应的短消息代理转发功能体。Step 4.2: Notify the short message agent forwarding function body corresponding to the virtual MSC number of the association relationship between the two. 6.根据权利要求1所述的一种短消息代理转发方法,其特征在于,所述步骤7,具体包括:6. A kind of short message agency forwarding method according to claim 1, is characterized in that, described step 7 specifically comprises: 步骤7.1:短消息代理转发功能体通过存储的虚拟IMSI与MSISDN号码的关联关系,解析装载短消息内容的信令消息得到短消息接收方的MSISDN号码;Step 7.1: The short message agent forwarding function body parses the signaling message loaded with the content of the short message to obtain the MSISDN number of the short message receiver through the stored association between the virtual IMSI and the MSISDN number; 步骤7.2:构造一个短消息路由请求消息,用于获取短消息接收方用户的服务MSC号码和IMSI;Step 7.2: Construct a short message routing request message for obtaining the serving MSC number and IMSI of the short message recipient user; 步骤7.3:将该短消息路由请求消息发送给MSISDN号码对应的接收方用户的归属位置寄存器。Step 7.3: Send the short message routing request message to the HLR of the recipient user corresponding to the MSISDN number. 7.根据权利要求1所述的一种短消息代理转发方法,其特征在于,所述步骤8,具体包括:7. A kind of short message agency forwarding method according to claim 1, is characterized in that, described step 8 specifically comprises: 步骤8.1:接收方用户的归属位置寄存器处理短消息路由请求消息后,发出短消息路由请求应答消息;Step 8.1: After processing the short message routing request message, the receiver user's home location register sends a short message routing request response message; 步骤8.2:短消息路由控制功能体直接将短消息路由请求应答消息转发给短消息代理转发功能体;Step 8.2: The short message routing control function directly forwards the short message routing request response message to the short message proxy forwarding function; 步骤8.3:短消息代理转发功能体用短消息路由请求应答消息中携带的用户IMSI替换装载短消息内容的信令消息中的虚拟IMSI;Step 8.3: The short message proxy forwarding function replaces the virtual IMSI in the signaling message carrying the content of the short message with the user IMSI carried in the short message routing request response message; 步骤8.4:将替换后的装载短消息内容的信令消息按照短消息路由请求应答消息中携带的“MSC号码”标识的地址转发。Step 8.4: Forward the replaced signaling message carrying the content of the short message according to the address identified by the "MSC number" carried in the short message routing request response message.
CN201810056137.7A 2018-01-20 2018-01-20 Short message proxy forwarding method Active CN108282753B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810056137.7A CN108282753B (en) 2018-01-20 2018-01-20 Short message proxy forwarding method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810056137.7A CN108282753B (en) 2018-01-20 2018-01-20 Short message proxy forwarding method

Publications (2)

Publication Number Publication Date
CN108282753A true CN108282753A (en) 2018-07-13
CN108282753B CN108282753B (en) 2021-03-12

Family

ID=62804263

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810056137.7A Active CN108282753B (en) 2018-01-20 2018-01-20 Short message proxy forwarding method

Country Status (1)

Country Link
CN (1) CN108282753B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1984369A (en) * 2006-06-09 2007-06-20 华为技术有限公司 Method for filtering SMS, signaling processing system and SMS service center
EP2043392A1 (en) * 2007-09-28 2009-04-01 Nokia Siemens Networks Oy Apparatus, method and identifier request message frame for providing a mobile user identifier
CN101715176A (en) * 2009-11-04 2010-05-26 中兴通讯股份有限公司 Short message router, short message monitoring system and short message monitoring method
CN101742445A (en) * 2008-11-06 2010-06-16 华为技术有限公司 Method, device and system for identifying messages
CN106714121A (en) * 2015-11-17 2017-05-24 中兴通讯股份有限公司 Short message supervision method and apparatus

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1984369A (en) * 2006-06-09 2007-06-20 华为技术有限公司 Method for filtering SMS, signaling processing system and SMS service center
EP2043392A1 (en) * 2007-09-28 2009-04-01 Nokia Siemens Networks Oy Apparatus, method and identifier request message frame for providing a mobile user identifier
CN101742445A (en) * 2008-11-06 2010-06-16 华为技术有限公司 Method, device and system for identifying messages
CN101715176A (en) * 2009-11-04 2010-05-26 中兴通讯股份有限公司 Short message router, short message monitoring system and short message monitoring method
CN106714121A (en) * 2015-11-17 2017-05-24 中兴通讯股份有限公司 Short message supervision method and apparatus

Also Published As

Publication number Publication date
CN108282753B (en) 2021-03-12

Similar Documents

Publication Publication Date Title
JP7198339B2 (en) METHOD, SYSTEM AND COMPUTER-READABLE MEDIUM FOR VERIFYING VLR (VISITOR LOCATION REGISTER) USING STP (SIGNAL TRANSFER POINT) OF SS7 (SIGNALING SYSTEM NO.7)
CN114902714B (en) Methods, systems, and computer-readable media for implementing indirect General Packet Radio Service (GPRS) Tunneling Protocol (GTP) firewall filtering using DIAMETER proxies and signaling transfer points (STP)
CN107800664B (en) Method and device for preventing signaling attack
US7797003B2 (en) Telecommunication services apparatus and methods for addressing the problem of mobile terminated message faking
KR101106809B1 (en) Apparatus and method of controlling unsolicited traffic destined to a wireless communication device
CN108307385B (en) Method and device for preventing signaling attack
JP4758442B2 (en) Providing security in unauthorized mobile access networks
JP5826187B2 (en) Management of SMS spoofing using the SMPP protocol
JP2023548372A (en) Methods, systems, and computer-readable media for enforcing receive message rate limiting utilizing network capability identifiers
US11700510B2 (en) Methods, systems, and computer readable media for short message delivery status report validation
US20100050255A1 (en) Detection and suppression of short message service denial of service attacks
US20100235911A1 (en) Systems, methods, and computer readable media for detecting and mitigating address spoofing in messaging service transactions
WO2010051694A1 (en) Method, apparatus and system for message identification
US20060211406A1 (en) Providing security for network subscribers
CN116686313A (en) Method, system and computer readable medium for preventing subscriber identifier disclosure
CN101631309A (en) Method, device and system for authenticating terminal based on home base station network
US20160174077A1 (en) SMS Fraud Detection
JP2006178997A (en) Spam check for interconnection network message
US9867047B2 (en) Method and appartus for notifying authenticity information of caller identity in wireless access system
US20240137759A1 (en) Validated Sender Mobile Messaging
CN101668009B (en) Method and system for safely processing routing address
CN106470408B (en) A kind of international roaming short message protecting method, device and system
CN108282753A (en) A kind of short message agency retransmission method
WO2009074084A1 (en) Registration information process method, data process device and system
CN101547185A (en) Method and system for preventing mutual attack between mobile terminals in mobile network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant