CN103650457B - The detection method of a kind of shared access, equipment and terminal unit - Google Patents
The detection method of a kind of shared access, equipment and terminal unit Download PDFInfo
- Publication number
- CN103650457B CN103650457B CN201380000870.2A CN201380000870A CN103650457B CN 103650457 B CN103650457 B CN 103650457B CN 201380000870 A CN201380000870 A CN 201380000870A CN 103650457 B CN103650457 B CN 103650457B
- Authority
- CN
- China
- Prior art keywords
- device identification
- address
- equipment
- shared access
- source
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/062—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying encryption of the keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
- H04L61/2514—Translation of Internet protocol [IP] addresses between local and global IP addresses
Landscapes
- Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention discloses the detection method of a kind of shared access, equipment and terminal unit, relates to moving communicating field, it is possible to accurately determine the quantity of shared access equipment under same IP address.The method includes: receive the data message that first terminal equipment sends, and described data message includes that device identification adds confidential information and server is the source IP address that described first terminal equipment distributes;Decipher described device identification and add confidential information, it is thus achieved that the first device identification of described first terminal equipment or the second device identification of described second terminal unit;If it is determined that the IP address table preset includes described first device identification corresponding with described source IP address or described second device identification, then obtain the quantity of whole device identification corresponding with described source IP address in described IP address table, and then determine the quantity of shared access equipment under described source IP address.
Description
Technical field
The present invention relates to moving communicating field, particularly relate to a kind of shared access detection method,
Equipment and terminal unit.
Background technology
At mobile broadband era, the universal of intelligent terminal makes peer-to-peer network apply increasingly
Generally.Owing to peer-to-peer network application is bigger to the consumption of Internet resources, so that access office
Territory net terminal unit can fair and reasonable use Internet resources, operator will be to shared access
Terminal unit is managed, it is necessary to the information such as quantity knowing the terminal unit of shared access.
So-called shared access refers to multiple terminal unit commonly through a connection to net
Network.It is connected under the scene of network by same circuit at multiple terminal units, terminal unit
Network to be connected to or when network request packet, it usually needs by routing device by the plurality of
Interconnection protocol (Internet Protocol, IP) address conversion between the network of terminal unit
For the IP address that server is the distribution of this routing device.
In prior art, the transmission of the message that gateway device can be sent by detection terminal unit
Control protocol (Transmission Control Protocol, TCP)/IP head feature information
Mode determine the quantity of shared access equipment, such as, life span (Time to Live,
TTL) detection, IP bag label detection, sequence number detection, MTU (Maximum
Transmission Unit, MTU) detection etc..Gateway device can also be set by detection terminal
The mode of the system time of the message that preparation is sent is to determine the quantity of shared access equipment, such as time
Between stamp detection and clock crystal oscillator detect.But, the message that gateway device is sent by terminal unit
TCP/IP head customizing messages and system time the quantity of shared access equipment is detected
Time, terminal unit or routing device are easy to the TCP/IP head to the message sending gateway device to
Portion's feature and system time are modified so that gateway device can not accurately judge same IP address
Under whether there is shared access, and then can not accurately judge the quantity of the terminal unit of shared access.
Summary of the invention
The embodiment of the present invention provides the detection method of a kind of shared access, equipment and terminal unit,
The detection equipment making shared access can accurately determine shared access equipment under same IP address
Quantity.
For reaching above-mentioned purpose, embodiments of the invention adopt the following technical scheme that
First aspect, it is provided that the detection method of a kind of shared access, described method includes:
Receiving the data message that first terminal equipment sends, described data message includes equipment mark
Know the interconnection association adding confidential information and between source network that server is the distribution of described first terminal equipment
View IP address, described device identification adds the device identification that confidential information is described first terminal equipment and adds
Confidential information or the device identification of the second terminal unit by described first terminal equipment access network
Add confidential information;
Decipher described device identification and add confidential information, it is thus achieved that the first equipment of described first terminal equipment
Mark or the second device identification of described second terminal unit;
If it is determined that the IP address table preset includes the institute corresponding with described source IP address
State the first device identification or described second device identification, then obtain in described IP address table with
The quantity of whole device identification that described source IP address is corresponding, and then determine described source IP ground
The quantity of shared access equipment under location.
In the first possible implementation of first aspect, according to first aspect, described
Decipher described device identification and add confidential information, it is thus achieved that the first device identification of described first terminal equipment
Or after the second device identification of described second terminal unit, described method also includes:
If it is determined that the IP address table preset does not includes corresponding with described source IP address
Described first device identification or described second device identification, then store described source IP address with described
First device identification or the corresponding relation of described second device identification, obtain described IP address record
The quantity of whole device identification corresponding with described source IP address in table, and then determine described source
The quantity of shared access equipment under IP address.
In the implementation that the second of first aspect is possible, in conjunction with first aspect or first party
Described, the implementation that the first of face is possible, determines that under described source IP address, shared access sets
After standby quantity, described method also includes:
If under described source IP address, the quantity of shared access equipment is more than 1, it is determined that described source IP
Shared access is there is under address;
If the quantity of shared access equipment is equal to 1 under described source IP address, then further determine that institute
State the device identification of shared access equipment corresponding to source IP address whether with default bearer context
Described in device identification corresponding to source IP address identical;
If it is identical, it is determined that under described source IP address, to there is not shared access;
If differing, it is determined that there is shared access under described source IP address.
In the third possible implementation of first aspect, in conjunction with first aspect or the first
Possible implementation, described method also includes:
By device identification corresponding with described source IP address in default bearer context log,
It is defined as the main equipment of shared access;
By in device identification corresponding with described source IP address in described IP log, except described
Device identification outside the device identification of main equipment, be defined as shared access from equipment.
In the 4th kind of possible implementation of first aspect, in conjunction with first aspect or first party
The possible implementation of the first of face to the third possible implementation of first aspect,
After the data message that described reception first terminal equipment sends, also include:
The described device identification deleted in described data message adds confidential information.
Second aspect, it is provided that the detection method of a kind of shared access, described method includes:
Obtain device identification;
Described device identification is encrypted, obtains device identification and add confidential information;
Generate and include that described device identification adds the data message of confidential information;
Send described data message.
The third aspect, it is provided that the detection equipment of a kind of shared access, described detection equipment includes:
Receive unit, decryption unit and determine unit;
Described reception unit, for receiving the data message that first terminal equipment sends, described number
Include that device identification adds confidential information and server is the distribution of described first terminal equipment according to message
Interconnection protocol IP address between source network, it is described first end that described device identification adds confidential information
The device identification of end equipment add confidential information or by described first terminal equipment access network second
The device identification of terminal unit adds confidential information;
Described decryption unit, is used for deciphering described device identification and adds confidential information, it is thus achieved that described first
First device identification of terminal unit or the second device identification of described second terminal unit;
Described determine unit, for if it is determined that the IP address table preset includes with described
Described first device identification that source IP address is corresponding or described second device identification, then obtain described
The quantity of whole device identification corresponding with described source IP address in IP address table, and then
Determine the quantity of shared access equipment under described source IP address.
In the first possible implementation of the third aspect, according to the third aspect, described really
Cell, be additionally operable to if it is determined that preset IP address table in do not include and described source IP
Described first device identification that address is corresponding or described second device identification, then store described source IP
Address and described first device identification or the corresponding relation of described second device identification, obtain described
The quantity of whole device identification corresponding with described source IP address in IP address table, and then
Determine the quantity of shared access equipment under described source IP address.
In the implementation that the second of the third aspect is possible, in conjunction with the third aspect or third party
The implementation that the first of face is possible, described determines unit, is additionally operable to
If under described source IP address, the quantity of shared access equipment is more than 1, it is determined that described source IP
Shared access is there is under address;
If the quantity of shared access equipment is equal to 1 under described source IP address, then further determine that institute
State the device identification of shared access equipment corresponding to source IP address whether with default bearer context
Described in device identification corresponding to source IP address identical;
If it is identical, it is determined that under described source IP address, to there is not shared access;
If differing, it is determined that there is shared access under described source IP address.
In the third possible implementation of the third aspect, in conjunction with the third aspect or the first
Possible implementation, described determines unit, is additionally operable to
By device identification corresponding with described source IP address in default bearer context log,
It is defined as the main equipment of shared access;
By in device identification corresponding with described source IP address in described IP log, except described
Device identification outside the device identification of main equipment, be defined as shared access from equipment.
In the 4th kind of possible implementation of the third aspect, in conjunction with the third aspect or third party
The possible implementation of the first of face is to the third possible implementation of the third aspect, institute
State detection equipment also to include: delete unit;
Described deletion unit, adds secret letter for the described device identification deleted in described data message
Breath.
Fourth aspect, it is provided that a kind of terminal unit, described terminal unit includes: acquiring unit,
Ciphering unit, signal generating unit and transmitting element;
Described acquiring unit, is used for obtaining device identification;
Described ciphering unit, for being encrypted described device identification, obtains device identification and adds
Confidential information;
For generating, described signal generating unit, includes that described device identification adds the data message of confidential information;
Described transmitting element, is used for sending described data message.
The detection method of a kind of shared access, equipment and the terminal unit that the embodiment of the present invention provides,
Receiving the data message that first terminal equipment sends, described data message includes that device identification adds
Confidential information and server are the source IP address of described first terminal equipment distribution, described device identification
Add the device identification that confidential information is described first terminal equipment and add confidential information or whole by described first
The device identification of the second terminal unit of end equipment access network adds confidential information;Decipher described equipment
Mark adds confidential information, it is thus achieved that the first device identification of described first terminal equipment or described second is eventually
Second device identification of end equipment;If it is determined that the IP address table preset includes with described
Described first device identification that source IP address is corresponding or described second device identification, then obtain described
The quantity of whole device identification corresponding with described source IP address in IP address table, and then
Determine the quantity of shared access equipment under described source IP address.By the program, terminal unit is sent out
The data message of the detection equipment giving shared access includes the device identification of described terminal unit
Adding confidential information, the device identification of shared access equipment can not be modified by terminal unit so that
The detection equipment of shared access can accurately determine the number of shared access equipment under same IP address
Amount.
Accompanying drawing explanation
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, below
The accompanying drawing used required in embodiment or description of the prior art will be briefly described, aobvious and
Easily insight, the accompanying drawing in describing below is only some embodiments of the present invention, for this area
From the point of view of those of ordinary skill, on the premise of not paying creative work, it is also possible to according to these
Accompanying drawing obtains other accompanying drawing.
The flow process signal of the detection method of a kind of shared access that Fig. 1 provides for the embodiment of the present invention
Figure;
The flow process of the detection method of the another kind of shared access that Fig. 2 provides for the embodiment of the present invention is shown
It is intended to;
The mutual signal of the detection method of a kind of shared access that Fig. 3 provides for the embodiment of the present invention
Figure;
Showing alternately of the detection method of the another kind of shared access that Fig. 4 provides for the embodiment of the present invention
It is intended to;
The structural representation of the detection equipment of a kind of shared access that Fig. 5 provides for inventive embodiments;
The structure of the detection equipment of the another kind of shared access that Fig. 6 provides for the embodiment of the present invention is shown
It is intended to;
The structural representation of a kind of terminal unit that Fig. 7 provides for the embodiment of the present invention;
The structure of the detection equipment of another shared access that Fig. 8 provides for the embodiment of the present invention is shown
It is intended to;
The structural representation of the another kind of terminal unit that Fig. 9 provides for the embodiment of the present invention.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present invention, to the technical side in the embodiment of the present invention
Case is clearly and completely described, it is clear that described embodiment is only the present invention one
Divide embodiment rather than whole embodiments.Based on the embodiment in the present invention, this area is general
The every other embodiment that logical technical staff is obtained under not making creative work premise,
Broadly fall into the scope of protection of the invention.
The terms "and/or", a kind of incidence relation describing affiliated partner, table
Show and can there are three kinds of relations, such as, A and/or B, can represent: individualism A, simultaneously
There is A and B, individualism B these three situation.It addition, character "/" herein, typically
Represent the forward-backward correlation relation to liking a kind of "or".
Embodiment one,
The embodiment of the present invention provides the detection method of a kind of shared access, as it is shown in figure 1, the party
Method includes:
101, the detection equipment of shared access receives the data message that first terminal equipment sends, institute
State data message and include that device identification adds confidential information and server is that described first terminal equipment divides
The source IP address joined, described device identification adds the equipment mark that confidential information is described first terminal equipment
Know and add confidential information or the equipment of the second terminal unit by described first terminal equipment access network
Mark adds confidential information.
It should be noted that the second premises equipment requests access network or to network request packet,
Or first terminal equipment is before network request packet, first terminal equipment firstly the need of with network
It is mutual that side (including gateway, server etc.) carries out information, it is thus achieved that server is this first terminal
The source IP address of equipment distribution, completes user's activation.
During when the second premises equipment requests access network or to network request packet, the second terminal sets
For first having to obtain the second Terminal Equipment Identifier of the second terminal unit, to the second terminal unit
Device identification is encrypted, and obtains device identification and adds confidential information, generates and include that this second terminal sets
Standby device identification adds the data message of confidential information, and sends this datagram to first terminal equipment
Literary composition, carries out IP ground in source at first terminal equipment to the data message that described second terminal unit sends
Location conversions etc. operate, it is thus achieved that after the data message after process, and described first terminal equipment is to altogether
Enjoy the data message after the detection equipment described process of transmission of access.When first terminal equipment is to net
During network request data, the device identification of first terminal equipment can be encrypted, obtain equipment mark
Know and add confidential information, generate and include that the device identification of this first terminal equipment adds the datagram of confidential information
Literary composition, and the data message of this generation is sent to the detection equipment of shared access.
102, the detection equipment described device identification of deciphering of described shared access adds confidential information, it is thus achieved that
First device identification of described first terminal equipment or the second equipment mark of described second terminal unit
Know.
When the detection equipment of shared access receive first terminal equipment send data message it
After, described data message can be decrypted.
Those skilled in the present invention is it is understood that to add confidential information to described device identification
It is decrypted, it is necessary first to determine decryption function and decruption key.This decryption function and deciphering are close
Key can be described second terminal unit or first terminal equipment and the detection of described shared access sets
Standby agreement.
103 if it is determined that preset IP address table in include corresponding with described source IP address
Described first device identification or described second device identification, the detection of the most described shared access sets
Whole device identification corresponding with described source IP address in the described IP address table of standby acquisition
Quantity, and then determine the quantity of shared access equipment under described source IP address.
The IP address table preset in the detection equipment of described shared access stores active IP
Address and the first device identification or the corresponding relation of the second device identification.
The embodiment of the present invention provides the detection method of a kind of shared access, receives first terminal equipment
The data message sent, described data message includes that device identification adds confidential information and server is
The source IP address of described first terminal equipment distribution, it is described that described device identification adds confidential information
The device identification of one terminal unit adds confidential information or by described first terminal equipment access network
The device identification of the second terminal unit adds confidential information;Decipher described device identification and add confidential information, obtain
Obtain the first device identification or second equipment of described second terminal unit of described first terminal equipment
Mark;If it is determined that the IP address table preset includes corresponding with described source IP address
Described first device identification or described second device identification, then obtain in described IP address table
The quantity of the whole device identification corresponding with described source IP address, and then determine described source IP
The quantity of shared access equipment under address.By the program, terminal unit is sent to shared access
The data message of detection equipment include that the device identification of described terminal unit adds confidential information, eventually
The device identification of shared access equipment can not be modified by end equipment so that the inspection of shared access
Measurement equipment can accurately determine the quantity of shared access equipment under same IP address.
Embodiment two,
The embodiment of the present invention provides the detection method of a kind of shared access, the executive agent of the method
Being terminal unit, this terminal unit can be the second terminal unit or first terminal equipment, such as Fig. 2
Shown in, described method includes:
201, described terminal unit obtains device identification.
Concrete, described terminal unit can obtain the international mobile subscriber identification of this terminal unit
Code (International Mobile Subscriber Identification Number, IMSI)
Or mobile user comprehensive service digital net (Mobile Subscriber International
Integrated Service Digital Network, MSISDN).
202, described device identification is encrypted by described terminal unit, obtains device identification encryption
Information.
Concrete, described terminal unit can utilize symmetry AES or asymmetry encryption
The device identification of described terminal unit is encrypted by algorithm, obtains device identification and adds confidential information.
It should be noted that symmetry AES refers to that encryption and deciphering use same key,
Encryption function and decryption function are the algorithms of a pair reverse function.Asymmetry AES is
Refer to that encryption uses the algorithm of different keys with deciphering.Asymmetry AES generally has PKI
With two keys of private key, PKI is the decryption device that encryption device or decryption device are sent to correspondence
Or encryption device, private key is encryption device or decryption device self preserves and the most externally announces.
203, described terminal unit generates and includes that described device identification adds the data message of confidential information.
Described terminal unit can generate datagram according to the form of the data message of protocol definition
Literary composition.
Concrete, in generation, described terminal unit includes that described device identification adds the data of confidential information
During message, described device identification can be added confidential information and be added on and the detection of described shared access
The position of equipment agreement.
204, described terminal unit sends described data message.
It should be noted that when described terminal unit is the second terminal unit, be sent to described
Any information of the detection equipment of shared access is required for through described first terminal equipment.I.e. institute
State terminal unit and described data message is sent to first terminal equipment, described first terminal set
After being processed by described data message, it is sent to shared access detection equipment.
When described terminal unit is first terminal equipment, described first terminal equipment generates described
After data message, directly described data message is sent to described shared access detection equipment.
The embodiment of the present invention provides the detection method of a kind of shared access, obtains device identification;Right
Device identification is encrypted, and obtains device identification and adds confidential information;Generation includes described device identification
Add the data message of confidential information;Send described data message.By the program, terminal unit is sent out
The data message of the detection equipment giving shared access includes the device identification of described terminal unit
Adding confidential information, the device identification of shared access equipment can not be modified by terminal unit so that
The detection equipment of shared access can accurately determine the number of shared access equipment under same IP address
Amount.
Embodiment three,
The embodiment of the present invention provides the detection method of a kind of shared access, as it is shown on figure 3, work as institute
Stating terminal unit when being the second terminal unit, described method includes:
301, described second terminal unit obtains device identification.
Described device identification can be IMSI or MSISDN of the second terminal unit.
Concrete, described second terminal unit can read the equipment mark of described second terminal unit
Know.
302, described device identification is encrypted by described second terminal unit, obtains device identification
Add confidential information.
During when the second premises equipment requests access network or to network request packet, can to second eventually
The device identification of end equipment is encrypted, and obtains device identification and adds confidential information.
Concrete, described second terminal unit can utilize symmetry AES or asymmetry
Described device identification is encrypted by AES, obtains device identification and adds confidential information.
It should be noted that symmetry AES refers to that encryption and deciphering use same key,
Encryption function and decryption function are the algorithms of a pair reverse function.Asymmetry AES is
Refer to that encryption uses the algorithm of different keys with deciphering.Asymmetry AES generally has PKI
With two keys of private key, PKI is the decryption device that encryption device or decryption device are sent to correspondence
Or encryption device, private key is encryption device or decryption device self preserves and the most externally announces.
When described second terminal unit utilizes symmetry AES to add described device identification
Time close, described second terminal unit needs according to the key with the detection equipment agreement of shared access
And AES, described device identification is encrypted, obtains device identification and add confidential information.When
Described second terminal unit utilizes asymmetry AES to be encrypted described device identification
Time, first described second terminal unit can determine PKI, then utilizes PKI to generate private key,
Utilize the private key generated that described device identification is encrypted, obtain device identification and add confidential information,
And add secret letter to the detection equipment described PKI of transmission and the described device identification of described shared access
Breath, so that PKI described in the detection equipment utilization of described shared access generates private key, utilizes raw
The private key become adds confidential information to the described device identification received and is decrypted.
303, described second terminal unit generates and includes that described device identification adds the datagram of confidential information
Literary composition.
Described second terminal unit can generate number according to the form of the data message of protocol definition
According to message.
Those skilled in the present invention is it is understood that the second terminal unit or first terminal set
The standby data message generated has certain form, and described second terminal unit includes described in generation
When device identification adds the data message of confidential information, described device identification can be added confidential information and add
Detection equipment agreement in described second terminal unit or first terminal equipment and described shared access
Position, such as, after appointed position is the TCP/IP head of data message.
304, described second terminal unit sends to described first terminal equipment and includes described equipment mark
Know the data message adding confidential information.
Described first terminal equipment is specifically as follows routing device.
305, described data message is processed by described first terminal equipment, it is thus achieved that after process
Data message.
It should be noted that the second premises equipment requests access network or to network request packet,
Or first terminal equipment is before network request packet, first terminal equipment firstly the need of with network
It is mutual that side (including gateway, server etc.) carries out information, it is thus achieved that server is this first terminal
The source IP address of equipment distribution, completes user's activation.
The data message that described second terminal unit is sent by described first terminal equipment carries out source IP
After the operation such as address conversion, it is thus achieved that the data message after process.
306, described first terminal equipment sends described process to the detection equipment of described shared access
After data message, described data message includes that device identification adds confidential information and server is institute
Stating the source IP address of first terminal equipment distribution, described device identification adds confidential information for by described
The device identification of the second terminal unit of first terminal equipment access network adds confidential information.
307, the detection equipment described device identification of deciphering of described shared access adds confidential information, it is thus achieved that
First device identification of described first terminal equipment or the second equipment mark of described second terminal unit
Know.
When the detection equipment of shared access receive first terminal equipment send data message it
After, described data message can be decrypted.
It should be noted that the data message that the detection equipment interconnection of described shared access receives enters
When row processes, the point of addition of confidential information can be added set described according to receiving described device identification
Standby mark adds confidential information and extracts, and then described device identification is added confidential information is decrypted.
The point of addition of described equipment identification information can be described second terminal unit or first terminal sets
The standby detection equipment agreement with described shared access, it is also possible to be the position of acquiescence.Such as,
Time after the position of agreement or TCP or the UDP head that position is data message of acquiescence, described
Information after TCP or the UDP head of data message can be entered by the detection equipment of shared access
Row extracts, it is thus achieved that described device identification adds confidential information.
Those skilled in the present invention is it is understood that to add confidential information to described device identification
It is decrypted, it is necessary first to determine decryption function and decruption key.This decryption function and deciphering are close
Key can be described second terminal unit or first terminal equipment and the detection of described shared access sets
Standby agreement.
Utilize symmetry AES to obtain if described device identification adds confidential information, then described
Shared access detection equipment according to described second terminal unit or first terminal equipment agreement
Decruption key and decryption function add confidential information to described device identification and are decrypted.If described equipment
Mark adds confidential information and utilizes rivest, shamir, adelman to obtain, the detection of the most described shared access
Equipment generates private key according to the PKI received, and utilizes the private key generated to encrypt described device identification
Information is decrypted.
308 if it is determined that preset IP address table in include corresponding with described source IP address
Described first device identification or described second device identification, the detection of the most described shared access sets
Whole device identification corresponding with described source IP address in the described IP address table of standby acquisition
Quantity, and then determine the quantity of shared access equipment under described source IP address.
The IP address table preset in the detection equipment of described shared access stores active IP
Address and the first device identification or the corresponding relation of the second device identification.
309 if it is determined that preset IP address table in do not include and described source IP address pair
Described first device identification answered or described second device identification, the detection of the most described shared access
Equipment stores the right of described source IP address and described first device identification or described second device identification
Should be related to, obtain whole setting corresponding with described source IP address in described IP address table
The quantity of standby mark, and then determine the quantity of shared access equipment under described source IP address.
For example, not including source IP address in described default IP address table is
123.138.26.112, device identification is the corresponding relation of 460030912121001, then described
First this source IP address and device identification are stored in described default by the detection equipment of shared access
In correspondence position in IP address table, then, obtain in described IP address table with institute
State the quantity of whole device identifications corresponding to source IP address, and then determine described source IP address
The quantity of lower shared access equipment.Such as, when source IP address is 123.138.26.112, right
The device identification answered has 460030912121001,460030912121002 and
When 460030912121003, the quantity of shared access equipment is 3.
Concrete, the detection equipment of described shared access can inquire about default IP address table
In the number of the device identification corresponding with described source IP address, obtain described IP address record
The quantity of whole device identification corresponding with described source IP address in table, this quantity is described
The quantity of shared access equipment under source IP address.Certainly, the detection equipment of described shared access is also
Can obtain in described IP address table corresponding with described source IP address otherwise
The number of device identification, this is not especially limited by the embodiment of the present invention.
The embodiment of the present invention provides the detection method of a kind of shared access, as shown in Figure 4, works as institute
Stating terminal unit when being first terminal equipment, described method includes:
401, described first terminal equipment obtains device identification.
Described device identification can be IMSI or MSISDN of first terminal equipment.
Concrete, described first terminal equipment can read the equipment mark of described first terminal equipment
Know.
402, described device identification is encrypted by described first terminal equipment, obtains device identification
Add confidential information.
When first terminal equipment is to network request packet, can be to the equipment mark of first terminal equipment
Knowledge is encrypted, and obtains device identification and adds confidential information.
Concrete, described first terminal equipment can utilize symmetry AES or asymmetry
Described device identification is encrypted by AES, obtains device identification and adds confidential information.
403, described first terminal equipment generates and includes that described device identification adds the datagram of confidential information
Literary composition.
Described first terminal equipment can generate number according to the form of the data message of protocol definition
According to message.
Those skilled in the present invention is it is understood that the second terminal unit or first terminal set
The standby data message generated has certain form, and described first terminal equipment includes described in generation
When device identification adds the data message of confidential information, described device identification can be added confidential information and add
Any position at legacy data message format.
Certainly, in order to reduce the amendment to existing generation data message related protocol, described equipment
After mark adds TCP or the UDP head that confidential information can add data message to.
404, described first terminal equipment sends described data to the detection equipment of described shared access
Message, described data message includes that device identification adds confidential information and server is described first end
The source IP address of end equipment distribution, it is described first terminal equipment that described device identification adds confidential information
Device identification add confidential information.
It should be noted that at described first terminal equipment before network request packet, described
First terminal equipment carries out information friendship firstly the need of with network side (including gateway, server etc.)
Mutually, it is thus achieved that server is the source IP address of this first terminal equipment distribution, completes user's activation.
307, the detection equipment described device identification of deciphering of described shared access adds confidential information, it is thus achieved that
First device identification of described first terminal equipment or the second equipment mark of described second terminal unit
Know.
308 if it is determined that preset IP address table in include corresponding with described source IP address
Described first device identification or described second device identification, the detection of the most described shared access sets
Whole device identification corresponding with described source IP address in the described IP address table of standby acquisition
Quantity, and then determine the quantity of shared access equipment under described source IP address.
309 if it is determined that preset IP address table in do not include and described source IP address pair
Described first device identification answered or described second device identification, the detection of the most described shared access
Equipment stores the right of described source IP address and described first device identification or described second device identification
Should be related to, obtain whole setting corresponding with described source IP address in described IP address table
The quantity of standby mark, and then determine the quantity of shared access equipment under described source IP address.
Further, determine that under described source IP address, shared access sets at described shared access equipment
After standby quantity, can determine under this IP address according to the quantity of described shared access equipment and be
No there is shared access.Concrete, described shared access equipment may determine that described source IP address
Whether the quantity of lower shared access equipment is more than 1;If shared access equipment under described source IP address
Quantity more than 1, it is determined that there is shared access under described source IP address;If described source IP ground
Under location, the quantity of shared access equipment is equal to 1, then further determine that described source IP address is corresponding
The device identification of shared access equipment whether with source IP address pair described in default bearer context
The device identification answered is identical;If it is identical, it is determined that under described source IP address, to there is not shared access;
If differing, it is determined that there is shared access under described source IP address.
Further, the detection equipment in described shared access determines under described source IP address shared
After the quantity of access device, it is also possible to further determine that the main equipment of shared access and from equipment
Quantity.
Concrete, the detection equipment of described shared access is by default bearer context log
The device identification corresponding with described source IP address, is defined as the main equipment of shared access;By described
In device identification corresponding with described source IP address in IP log, except the equipment of described main equipment
Device identification outside mark, be defined as shared access from equipment.
It should be noted that in described first terminal equipment and network side interactive information, complete to use
After family is activated, in the bearer context log preset in the detection equipment of described shared access
Storage has the device identification of this first terminal equipment and the corresponding relation of source IP address.
In order on the basis of not revising existing protocol, it is ensured that the positive normal open between equipment and network
Letter, the detection equipment in described shared access receives the data that described first terminal equipment sends
After message, the described device identification can deleted in described data message adds confidential information.
Concrete, the detection equipment of described shared access can be that gateway device, such as gateway are logical
Support with packet wireless service technology (General Packet Radio Service, GPRS)
Node (Gateway GPRS Support Node, GGSN) etc..
The embodiment of the present invention provides the detection method of a kind of shared access, receives first terminal equipment
The data message sent, described data message includes that device identification adds confidential information and server is
The source IP address of described first terminal equipment distribution, it is described that described device identification adds confidential information
The device identification of one terminal unit adds confidential information or by described first terminal equipment access network
The device identification of the second terminal unit adds confidential information;Decipher described device identification and add confidential information, obtain
Obtain the first device identification or second equipment of described second terminal unit of described first terminal equipment
Mark;If it is determined that the IP address table preset includes corresponding with described source IP address
Described first device identification or described second device identification, then obtain in described IP address table
The quantity of the whole device identification corresponding with described source IP address, and then determine described source IP
The quantity of shared access equipment under address.By the program, terminal unit is sent to shared access
The data message of detection equipment include that the device identification of described terminal unit adds confidential information, eventually
The device identification of shared access equipment can not be modified by end equipment so that the inspection of shared access
Measurement equipment can accurately determine the quantity of shared access equipment under same IP address.
Embodiment four,
The embodiment of the present invention provides the detection equipment of a kind of shared access, as it is shown in figure 5, described
The detection equipment 50 of shared access includes: receives unit 51, decryption unit 52 and determines unit
53。
Described reception unit 51, for receiving the data message that first terminal equipment sends, described
Data message includes that device identification adds confidential information and server is the distribution of described first terminal equipment
Source IP address, described device identification adds the device identification that confidential information is described first terminal equipment
Add confidential information or the equipment mark of the second terminal unit by described first terminal equipment access network
Know and add confidential information.
Described decryption unit 52, is used for deciphering described device identification and adds confidential information, it is thus achieved that described
First device identification of one terminal unit or the second device identification of described second terminal unit.
Described determine unit 53, for if it is determined that the IP address table preset includes and institute
State described first device identification corresponding to source IP address or described second device identification, then obtain institute
State the quantity of whole device identification corresponding with described source IP address in IP address table,
And then determine the quantity of shared access equipment under described source IP address.
Optionally, described determine unit 53, be additionally operable to if it is determined that in the IP address table preset
Do not include described first device identification corresponding with described source IP address or described second equipment mark
Know, then store described source IP address and described first device identification or described second device identification
Corresponding relation, obtains in described IP address table corresponding with described source IP address whole
The quantity of device identification, and then determine the quantity of shared access equipment under described source IP address.
Optionally, described determine unit 53, be additionally operable to
If under described source IP address, the quantity of shared access equipment is more than 1, it is determined that described source IP
Shared access is there is under address;
If the quantity of shared access equipment is equal to 1 under described source IP address, then further determine that institute
State the device identification of shared access equipment corresponding to source IP address whether with default bearer context
Described in device identification corresponding to source IP address identical;
If it is identical, it is determined that under described source IP address, to there is not shared access;
If differing, it is determined that there is shared access under described source IP address.
Optionally, described determine unit 53, be additionally operable to
By device identification corresponding with described source IP address in default bearer context log,
It is defined as the main equipment of shared access;
By in device identification corresponding with described source IP address in described IP log, except described
Device identification outside the device identification of main equipment, be defined as shared access from equipment.
Further, as shown in Figure 6, described detection equipment 50 also includes: delete unit 54.
Described deletion unit 54, for deleting the described device identification encryption in described data message
Information.
The embodiment of the present invention provides the detection equipment of a kind of shared access, and described reception unit receives
The data message that first terminal equipment sends, described data message includes that device identification adds secret letter
Breath and server are the source IP address of described first terminal equipment distribution, and described device identification is encrypted
Information is that the device identification of described first terminal equipment is added confidential information or set by described first terminal
The device identification of the second terminal unit of standby access network adds confidential information;Described decryption unit is deciphered
Described device identification adds confidential information, it is thus achieved that the first device identification of described first terminal equipment or institute
State the second device identification of the second terminal unit;If it is determined that the IP address table preset includes
There are described first device identification corresponding with described source IP address or described second device identification, then
It is described that to determine that unit obtains in described IP address table corresponding with described source IP address whole
The quantity of device identification, and then determine the quantity of shared access equipment under described source IP address.
By the program, the data message of the detection equipment that terminal unit is sent to shared access includes
The device identification of described terminal unit adds confidential information, and terminal unit can not be to shared access equipment
Device identification is modified so that the detection equipment of shared access can accurately determine same IP ground
The quantity of shared access equipment under location.
Embodiment five,
The embodiment of the present invention provides a kind of terminal unit, as it is shown in fig. 7, described terminal unit 70
Including: acquiring unit 71, ciphering unit 72, signal generating unit 73 and transmitting element 74.
Described acquiring unit 71, is used for obtaining device identification.
Described ciphering unit 72, for being encrypted described device identification, obtains device identification
Add confidential information.
For generating, described signal generating unit 73, includes that described device identification adds the datagram of confidential information
Literary composition.
Described transmitting element 74, is used for sending described data message.
The embodiment of the present invention provides a kind of terminal unit, and described acquiring unit obtains device identification;
Device identification is encrypted by described ciphering unit, obtains device identification and adds confidential information;Described life
Become unit to generate and include that described device identification adds the data message of confidential information;Described transmitting element is sent out
Send described data message.By the program, terminal unit is sent to the detection equipment of shared access
Data message include that the device identification of described terminal unit adds confidential information, terminal unit can not
Device identification to shared access equipment is modified so that the detection equipment of shared access can
Accurately determine the quantity of shared access equipment under same IP address.
Embodiment six,
The embodiment of the present invention provides the detection equipment of a kind of shared access, as shown in Figure 8, described
Detection equipment 80 includes: receptor 81 and processor 82.
Described receptor 81, for receiving the data message that first terminal equipment sends, described number
Include that device identification adds confidential information and server is the distribution of described first terminal equipment according to message
Source IP address, described device identification adds the device identification that confidential information is described first terminal equipment and adds
Confidential information or the device identification of the second terminal unit by described first terminal equipment access network
Add confidential information.
Described processor 82, is used for deciphering described device identification and adds confidential information, it is thus achieved that described first
First device identification of terminal unit or the second device identification of described second terminal unit.
Described processor 82, be additionally operable to if it is determined that preset IP address table in include and institute
State described first device identification corresponding to source IP address or described second device identification, then obtain institute
State the quantity of whole device identification corresponding with described source IP address in IP address table,
And then determine the quantity of shared access equipment under described source IP address.
Optionally, described processor 82, be additionally operable to if it is determined that preset IP address table in not
Include described first device identification corresponding with described source IP address or described second equipment mark
Know, then store described source IP address and described first device identification or described second device identification
Corresponding relation, obtains in described IP address table corresponding with described source IP address whole
The quantity of device identification, and then determine the quantity of shared access equipment under described source IP address.
Optionally, described processor 82, it is additionally operable to
If under described source IP address, the quantity of shared access equipment is more than 1, it is determined that described source IP
Shared access is there is under address;
If the quantity of shared access equipment is equal to 1 under described source IP address, then further determine that institute
State the device identification of shared access equipment corresponding to source IP address whether with default bearer context
Described in device identification corresponding to source IP address identical;
If it is identical, it is determined that under described source IP address, to there is not shared access;
If differing, it is determined that there is shared access under described source IP address.
Optionally, described processor 82, it is additionally operable to
By device identification corresponding with described source IP address in default bearer context log,
It is defined as the main equipment of shared access;
By in device identification corresponding with described source IP address in described IP log, except described
Device identification outside the device identification of main equipment, be defined as shared access from equipment.
Further, processor 82, it is additionally operable to the described equipment mark deleting in described data message
Know and add confidential information.
The embodiment of the present invention provides the detection equipment of a kind of shared access, and described receptor receives the
The data message that one terminal unit sends, described data message includes that device identification adds confidential information
And the source IP address that server is the distribution of described first terminal equipment, described device identification adds secret letter
The device identification that breath is described first terminal equipment adds confidential information or by described first terminal equipment
The device identification of the second terminal unit of access network adds confidential information;The deciphering of described processor is described
Device identification adds confidential information, it is thus achieved that the first device identification of described first terminal equipment or described
Second device identification of two terminal units;If it is determined that preset IP address table in include with
Described first device identification that described source IP address is corresponding or described second device identification, then described
Processor obtains whole equipment corresponding with described source IP address in described IP address table
The quantity of mark, and then determine the quantity of shared access equipment under described source IP address.By this
Scheme, the data message of the detection equipment that terminal unit is sent to shared access includes described end
The device identification of end equipment adds confidential information, and terminal unit can not be to the equipment mark of shared access equipment
Knowledge is modified so that the detection equipment of shared access can accurately determine under same IP address common
Enjoy the quantity of access device.
Embodiment seven,
The embodiment of the present invention provides a kind of terminal unit, as it is shown in figure 9, described terminal unit 90
Including: processor 91 and transmitter 92.
Described processor 91, is used for obtaining device identification.
Described processor 91, is additionally operable to be encrypted described device identification, obtains device identification
Add confidential information.
Described processor 91, is additionally operable to generate the datagram including that described device identification adds confidential information
Literary composition.
Described transmitter 92, is used for sending described data message.
The embodiment of the present invention provides a kind of terminal unit, and described processor obtains device identification;Institute
State processor device identification is encrypted, obtain device identification and add confidential information;Described processor
Generate and include that described device identification adds the data message of confidential information;Described transmitter sends described number
According to message.By the program, terminal unit is sent to the datagram of the detection equipment of shared access
Literary composition includes that the device identification of described terminal unit adds confidential information, and terminal unit can not connect sharing
The device identification entering equipment is modified so that the detection equipment of shared access can accurately determine
The quantity of shared access equipment under same IP address.
Those skilled in the art is it can be understood that arrive, for convenience and simplicity of description,
Only it is illustrated with the division of above-mentioned each functional module, in actual application, can be according to need
Want and above-mentioned functions distribution is completed by different functional modules, will the internal structure of device draw
It is divided into different functional modules, to complete all or part of function described above.Above-mentioned retouch
The specific works process of the system stated, device and unit, is referred in preceding method embodiment
Corresponding process, do not repeat them here.
In several embodiments provided herein, it should be understood that disclosed system,
Apparatus and method, can realize by another way.Such as, device described above is real
Executing example is only that schematically such as, described module or the division of unit, the most only one are patrolled
Volume function divides, and actual can have other dividing mode, the most multiple unit or group when realizing
Part can in conjunction with or be desirably integrated into another system, or some features can be ignored, or not
Perform.Another point, shown or discussed coupling each other or direct-coupling or communication link
Connecing can be the INDIRECT COUPLING by some interfaces, device or unit or communication connection, Ke Yishi
Electrically, machinery or other form.
The described unit illustrated as separating component can be or may not be physically separate
, the parts shown as unit can be or may not be physical location, i.e. can position
In a place, or can also be distributed on multiple NE.Can be according to actual need
Select some or all of unit therein to realize the purpose of the present embodiment scheme.
It addition, each functional unit in each embodiment of the present invention can be integrated in a process
In unit, it is also possible to be that unit is individually physically present, it is also possible to two or more are single
Unit is integrated in a unit.Above-mentioned integrated unit both can realize to use the form of hardware,
The form that can also use SFU software functional unit realizes.
If described integrated unit realizes and as independent product using the form of SFU software functional unit
When product are sold or use, can be stored in a computer read/write memory medium.Based on this
The understanding of sample, the portion that prior art is contributed by technical scheme the most in other words
Point or completely or partially can the embodying with the form of software product of this technical scheme, should
Computer software product is stored in a storage medium, including some instructions with so that one
Computer equipment (can be personal computer, server, or the network equipment etc.) or process
Device (processor) performs all or part of step of method described in each embodiment of the present invention.
And aforesaid storage medium includes: USB flash disk, portable hard drive, read only memory (ROM, Read-Only
Memory), random access memory (RAM, Random Access Memory), magnetic disc or
The various media that can store program code such as person's CD.
The above, the only detailed description of the invention of the present invention, but protection scope of the present invention is also
Being not limited to this, any those familiar with the art is at the technology model that the invention discloses
In enclosing, change can be readily occurred in or replace, all should contain within protection scope of the present invention.
Therefore, protection scope of the present invention should be as the criterion with described scope of the claims.
Those skilled in the art is it can be understood that arrive, for convenience and simplicity of description,
Only it is illustrated with the division of above-mentioned each functional module, in actual application, can be according to need
Want and above-mentioned functions distribution is completed by different functional modules, will the internal structure of device draw
It is divided into different functional modules, to complete all or part of function described above.Above-mentioned retouch
The specific works process of the system stated, device and unit, is referred in preceding method embodiment
Corresponding process, do not repeat them here.
In several embodiments provided herein, it should be understood that disclosed system,
Apparatus and method, can realize by another way.Such as, device described above is real
Executing example is only that schematically such as, described module or the division of unit, the most only one are patrolled
Volume function divides, and actual can have other dividing mode, the most multiple unit or group when realizing
Part can in conjunction with or be desirably integrated into another system, or some features can be ignored, or not
Perform.Another point, shown or discussed coupling each other or direct-coupling or communication link
Connecing can be the INDIRECT COUPLING by some interfaces, device or unit or communication connection, Ke Yishi
Electrically, machinery or other form.
The described unit illustrated as separating component can be or may not be physically separate
, the parts shown as unit can be or may not be physical location, i.e. can position
In a place, or can also be distributed on multiple NE.Can be according to actual need
Select some or all of unit therein to realize the purpose of the present embodiment scheme.
It addition, each functional unit in each embodiment of the present invention can be integrated in a process
In unit, it is also possible to be that unit is individually physically present, it is also possible to two or more are single
Unit is integrated in a unit.Above-mentioned integrated unit both can realize to use the form of hardware,
The form that can also use SFU software functional unit realizes.
If described integrated unit realizes and as independent product using the form of SFU software functional unit
When product are sold or use, can be stored in a computer read/write memory medium.Based on this
The understanding of sample, the portion that prior art is contributed by technical scheme the most in other words
Point or completely or partially can the embodying with the form of software product of this technical scheme, should
Computer software product is stored in a storage medium, including some instructions with so that one
Computer equipment (can be personal computer, server, or the network equipment etc.) or process
Device (processor) performs all or part of step of method described in each embodiment of the present invention.
And aforesaid storage medium includes: USB flash disk, portable hard drive, read only memory (ROM, Read-Only
Memory), random access memory (RAM, Random Access Memory), magnetic disc or
The various media that can store program code such as person's CD.
The above, the only detailed description of the invention of the present invention, but protection scope of the present invention is also
Being not limited to this, any those familiar with the art is at the technology model that the invention discloses
In enclosing, change can be readily occurred in or replace, all should contain within protection scope of the present invention.
Therefore, protection scope of the present invention should be as the criterion with described scope of the claims.
Claims (8)
1. the detection method of a shared access, it is characterised in that described method includes:
Receiving the data message that first terminal equipment sends, described data message includes equipment mark
Know the interconnection association adding confidential information and between source network that server is the distribution of described first terminal equipment
View IP address, described device identification adds the device identification that confidential information is described first terminal equipment and adds
Confidential information or the device identification of the second terminal unit by described first terminal equipment access network
Add confidential information;
Decipher described device identification and add confidential information, it is thus achieved that the first equipment of described first terminal equipment
Mark or the second device identification of described second terminal unit;
If it is determined that the IP address table preset includes the institute corresponding with described source IP address
State the first device identification or described second device identification, then obtain in described IP address table with
The quantity of whole device identification that described source IP address is corresponding, and then determine described source IP ground
The quantity of shared access equipment under location;
By device identification corresponding with described source IP address in default bearer context log,
It is defined as the main equipment of shared access;
By in device identification corresponding with described source IP address in IP log, except described master sets
The standby device identification outside device identification, be defined as shared access from equipment.
Method the most according to claim 1, it is characterised in that setting described in described deciphering
Standby mark adds confidential information, it is thus achieved that the first device identification of described first terminal equipment or described second
After second device identification of terminal unit, described method also includes:
If it is determined that the IP address table preset does not includes corresponding with described source IP address
Described first device identification or described second device identification, then store described source IP address with described
First device identification or the corresponding relation of described second device identification, obtain described IP address record
The quantity of whole device identification corresponding with described source IP address in table, and then determine described source
The quantity of shared access equipment under IP address.
Method the most according to claim 1 and 2, it is characterised in that determine institute described
Stating under source IP address after the quantity of shared access equipment, described method also includes:
If under described source IP address, the quantity of shared access equipment is more than 1, it is determined that described source IP
Shared access is there is under address;
If the quantity of shared access equipment is equal to 1 under described source IP address, then further determine that institute
State the device identification of shared access equipment corresponding to source IP address whether with default bearer context
Described in device identification corresponding to source IP address identical;
If it is identical, it is determined that under described source IP address, to there is not shared access;
If differing, it is determined that there is shared access under described source IP address.
Method the most according to claim 1, it is characterised in that in described reception first eventually
After the data message that end equipment sends, also include:
The described device identification deleted in described data message adds confidential information.
5. the detection equipment of a shared access, it is characterised in that described detection equipment includes:
Receive unit, decryption unit and determine unit;
Described reception unit, for receiving the data message that first terminal equipment sends, described number
Include that device identification adds confidential information and server is the distribution of described first terminal equipment according to message
Interconnection protocol IP address between source network, it is described first end that described device identification adds confidential information
The device identification of end equipment add confidential information or by described first terminal equipment access network second
The device identification of terminal unit adds confidential information;
Described decryption unit, is used for deciphering described device identification and adds confidential information, it is thus achieved that described first
First device identification of terminal unit or the second device identification of described second terminal unit;
Described determine unit, for if it is determined that the IP address table preset includes with described
Described first device identification that source IP address is corresponding or described second device identification, then obtain described
The quantity of whole device identification corresponding with described source IP address in IP address table, and then
Determine the quantity of shared access equipment under described source IP address;
Described determine unit, be additionally operable to
By device identification corresponding with described source IP address in default bearer context log,
It is defined as the main equipment of shared access;
By in device identification corresponding with described source IP address in IP log, except described master sets
The standby device identification outside device identification, be defined as shared access from equipment.
Detection equipment the most according to claim 5, it is characterised in that described determine unit,
Be additionally operable to if it is determined that preset IP address table in do not include corresponding with described source IP address
Described first device identification or described second device identification, then store described source IP address and institute
State the first device identification or the corresponding relation of described second device identification, obtain described IP address note
The quantity of whole device identification corresponding with described source IP address in record table, and then determine described
The quantity of shared access equipment under source IP address.
7. according to the detection equipment described in claim 5 or 6, it is characterised in that described determine
Unit, is additionally operable to
If under described source IP address, the quantity of shared access equipment is more than 1, it is determined that described source IP
Shared access is there is under address;
If the quantity of shared access equipment is equal to 1 under described source IP address, then further determine that institute
State the device identification of shared access equipment corresponding to source IP address whether with default bearer context
Described in device identification corresponding to source IP address identical;
If it is identical, it is determined that under described source IP address, to there is not shared access;
If differing, it is determined that there is shared access under described source IP address.
Detection equipment the most according to claim 5, it is characterised in that described detection equipment
Also include: delete unit;
Described deletion unit, adds secret letter for the described device identification deleted in described data message
Breath.
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/CN2013/078078 WO2014205703A1 (en) | 2013-06-26 | 2013-06-26 | Method and device for detecting shared access, and terminal device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103650457A CN103650457A (en) | 2014-03-19 |
| CN103650457B true CN103650457B (en) | 2016-09-28 |
Family
ID=50253430
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201380000870.2A Active CN103650457B (en) | 2013-06-26 | 2013-06-26 | The detection method of a kind of shared access, equipment and terminal unit |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN103650457B (en) |
| WO (1) | WO2014205703A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109639628A (en) * | 2018-10-26 | 2019-04-16 | 锐捷网络股份有限公司 | Private connects behavioral value method, the network equipment, system and storage medium |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105991630B (en) * | 2015-03-26 | 2019-09-06 | 杭州迪普科技股份有限公司 | A kind of shared access detection method and device |
| CN106330582B (en) * | 2015-06-18 | 2020-11-20 | 中兴通讯股份有限公司 | Method and device for detecting number of shared internet access mobile terminals |
| CN108024291B (en) * | 2016-11-01 | 2023-02-24 | 中兴通讯股份有限公司 | Method and device for detecting shared internet access in mobile network |
| CN115801647A (en) * | 2022-10-14 | 2023-03-14 | 中国电信股份有限公司 | Network sharing behavior detection method and device |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100588352B1 (en) * | 2004-12-28 | 2006-06-09 | 주식회사 케이티 | IP Router Surveillance System and Method |
| CN100574237C (en) * | 2007-05-16 | 2009-12-23 | 杭州华三通信技术有限公司 | Act on behalf of cut-in method, control network devices and act on behalf of connecting system |
| US8081567B2 (en) * | 2008-01-30 | 2011-12-20 | Alcatel Lucent | Method and apparatus for detecting wireless data subscribers using natted devices |
| CN101436965B (en) * | 2008-11-29 | 2012-04-04 | 成都市华为赛门铁克科技有限公司 | Method, device and system for detecting number of shared access clients |
| CN101631052B (en) * | 2009-08-25 | 2012-09-05 | 杭州华三通信技术有限公司 | Method and device for detecting number of access terminals |
| CN101808018B (en) * | 2010-03-26 | 2012-10-17 | 杭州华三通信技术有限公司 | Method and device for detecting quantity of access terminals |
-
2013
- 2013-06-26 CN CN201380000870.2A patent/CN103650457B/en active Active
- 2013-06-26 WO PCT/CN2013/078078 patent/WO2014205703A1/en active Application Filing
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109639628A (en) * | 2018-10-26 | 2019-04-16 | 锐捷网络股份有限公司 | Private connects behavioral value method, the network equipment, system and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2014205703A1 (en) | 2014-12-31 |
| CN103650457A (en) | 2014-03-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11316677B2 (en) | Quantum key distribution node apparatus and method for quantum key distribution thereof | |
| WO2017114123A1 (en) | Key configuration method and key management center, and network element | |
| WO2019128753A1 (en) | Quantum key mobile service method with low delay | |
| CN110400164B (en) | Data determining method and device, storage medium and electronic device | |
| CN104660602A (en) | Quantum key transmission control method and system | |
| CN108833101A (en) | Data transmission method, internet of things equipment and the authentication platform of internet of things equipment | |
| CN103650457B (en) | The detection method of a kind of shared access, equipment and terminal unit | |
| US20170126623A1 (en) | Protected Subnet Interconnect | |
| JP2009010470A (en) | Terminal device, group management server, network communication system, and method for generating encryption key | |
| CN108476131A (en) | Data transmission method, device and equipment | |
| US20210281401A1 (en) | Methods, systems, and computer readable media for utilizing predetermined encryption keys in a test simulation environment | |
| CA2829689A1 (en) | An instant communication method and system | |
| CN110300108A (en) | A kind of power distribution automation message encryption transmission method, system, terminal and storage medium | |
| GB2527276A (en) | Providing network credentials | |
| CN104619040A (en) | Method and system for quickly connecting WIFI equipment | |
| Ntareme et al. | Security and performance aspects of bytewalla: A delay tolerant network on smartphones | |
| EP3293933A1 (en) | Communication content protection | |
| CN113434905B (en) | Data transmission method and device, computer equipment and storage medium | |
| CN103067897A (en) | Asymmetrical mobile phone short message encryption method | |
| CN104243153B (en) | The method and user equipment of a kind of user for discovering device | |
| CN113365264B (en) | Block chain wireless network data transmission method, device and system | |
| CN104184652A (en) | Method and system for information interaction between terminals | |
| KR20190120129A (en) | The QUANTUM number smartphone transmitted from CCTV's recorded information | |
| JP2005223773A (en) | Method and apparatus for generating and sharing key in group | |
| CN109714337A (en) | A kind of data encryption and transmission method and equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |