WO2011157137A2 - Policy control method, apparatus and communication system - Google Patents

Policy control method, apparatus and communication system Download PDF

Info

Publication number
WO2011157137A2
WO2011157137A2 PCT/CN2011/075030 CN2011075030W WO2011157137A2 WO 2011157137 A2 WO2011157137 A2 WO 2011157137A2 CN 2011075030 W CN2011075030 W CN 2011075030W WO 2011157137 A2 WO2011157137 A2 WO 2011157137A2
Authority
WO
WIPO (PCT)
Prior art keywords
policy
charging
specific data
data application
application service
Prior art date
Application number
PCT/CN2011/075030
Other languages
French (fr)
Chinese (zh)
Other versions
WO2011157137A3 (en
Inventor
夏旭
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to CN201180001015.4A priority Critical patent/CN102918804B/en
Priority to PCT/CN2011/075030 priority patent/WO2011157137A2/en
Publication of WO2011157137A2 publication Critical patent/WO2011157137A2/en
Publication of WO2011157137A3 publication Critical patent/WO2011157137A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/14Charging, metering or billing arrangements for data wireline or wireless communications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/14Charging, metering or billing arrangements for data wireline or wireless communications
    • H04L12/1403Architecture for metering, charging or billing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/02Capturing of monitoring data
    • H04L43/028Capturing of monitoring data by filtering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M15/00Arrangements for metering, time-control or time indication ; Metering, charging or billing arrangements for voice wireline or wireless communications, e.g. VoIP
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M15/00Arrangements for metering, time-control or time indication ; Metering, charging or billing arrangements for voice wireline or wireless communications, e.g. VoIP
    • H04M15/66Policy and charging system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/24Accounting or billing

Definitions

  • the embodiments of the present invention relate to the field of communications technologies, and in particular, to a policy control method, apparatus, and communication system. Background technique
  • QoS Quality of Service
  • SLAs service-level agreements
  • IP-CAN IP Connectivity Accsess Netwrok
  • the message carries the QoS parameter information
  • the network side receives the IP-CAN bearer setup message.
  • the QoS that can be used is determined according to the user subscription information and the device capability, and the negotiated QoS is sent to the user terminal. If the user terminal does not have QoS parameter information in the IP-CAN bearer setup message, the network side uses the default QoS parameter or the user subscribed QoS parameter.
  • PCEF billing execution function
  • GGSN Gateway GPRS Support Node
  • PDN-GW Packet Data Network Gateway
  • the PCEF triggers the process of QoS reduction or session termination.
  • P2P Point to Point
  • Skype and BT downloads may be at the billing/flow threshold when performing policy control If this is achieved, the user is also allowed to continue to access or use these services, which may be referred to as a specific data application service.
  • P2P Point to Point
  • Skype and BT downloads may be at the billing/flow threshold when performing policy control If this is achieved, the user is also allowed to continue to access or use these services, which may be referred to as a specific data application service.
  • the embodiments of the present invention provide a policy control method, device, and communication system, which are used to implement policy control of a specific data application service of a user to a user without affecting the performance of the PCEF.
  • the embodiment of the invention provides a policy control method, including:
  • the independently deployed deep packet detecting device receives a query request message sent by the policy and charging rule function device to perform specific data application service detection;
  • the independently deployed deep packet detecting device performs service detection for the specific data application of the user; the independently deployed deep packet detecting device performs policy control on the detected specific data application service according to the obtained service control policy.
  • An embodiment of the present invention provides another policy control method, including:
  • An embodiment of the present invention provides another policy control method, including:
  • At least one of the billing information, the gate information, and the quality of service control information is forwarded to the independently deployed deep packet detecting device.
  • An embodiment of the present invention provides another policy control method, including:
  • the quintuple information including the specific data application service and the notification message of the charging and policy rule for the specific data application service; the quintuple information of the service according to the specific data application Performing specific data application service detection to perform traffic release on the specific data application service, and transmitting charging information generated by the charging and policy rules for the specific data application service to the policy and charging rule function device, and gating At least one of information and quality of service control information.
  • An embodiment of the present invention provides another policy control method, including:
  • a detection response message including a flow granularity-based charging identifier, where the flow granularity-based charging identifier is for the detected specific The billing information of the data application service, where the flow granularity-based charging identifier is generated by the independently deployed deep packet detecting device according to the charging and policy rules;
  • the traffic granularity-based charging identifier is converted into a charging granularity-based charging identifier, and then sent to the bearer binding and event reporting function entity for charging billing check when roaming.
  • the embodiment of the present invention further provides an independently deployed deep packet detecting apparatus, including: a first receiving module, configured to receive a query request message sent by a policy and charging rule function device to perform specific data application service detection;
  • the policy control module is configured to perform policy control on the detected specific data application service according to the obtained service control policy.
  • the embodiment of the present invention further provides a policy and charging rule function device, including: a second receiving module, configured to receive a user arrears event sent by the policy and charging execution function device;
  • a first query request sending module configured to send a query request message indicating that the specific data application service is detected to the independently deployed deep packet detecting device after determining that the arrears user applies the service subscription user for the specific data;
  • the indication message sending module is configured to, after receiving the detection response message returned by the independently deployed deep packet detecting device, send an indication to the policy and charging execution function device that the user who is in arrears is allowed to use the specific data application service a message, where the detection response message includes an indication that the arrears user is using a specific data application service.
  • the embodiment of the present invention further provides another policy and charging rule function device, including: a notification message sending module, configured to: after receiving the independently deployed deep packet detecting device, indicating that the user is performing detection of a specific data application service After the response message, sending, to the policy and charging execution function device, the quintuple information including the specific data application service and the notification message of the charging and policy rules of the specific data application service;
  • a notification message sending module configured to: after receiving the independently deployed deep packet detecting device, indicating that the user is performing detection of a specific data application service After the response message, sending, to the policy and charging execution function device, the quintuple information including the specific data application service and the notification message of the charging and policy rules of the specific data application service;
  • a third receiving module configured to receive at least one of charging information, gating information, and quality of service control information generated by the policy and charging execution function device for the specific data application service Item
  • a forwarding module configured to forward at least one of the charging information, the gating information, and the service quality control information to the independently deployed deep packet detecting device.
  • the embodiment of the present invention further provides a policy and charging execution function device, including: a fourth receiving module, configured to receive quintuple information including a specific data application service sent by a policy and charging rule function device, and the specific a notification message of the charging and policy rules of the data application service; a policy processing module, configured to perform specific data application service detection according to the quintuple information of the specific data application service, to perform traffic release on the specific data application service, and And transmitting, to the policy and charging rule function device, at least one of charging information, gating information, and quality of service control information generated according to the charging and policy rules for the specific data application service.
  • a policy and charging execution function device including: a fourth receiving module, configured to receive quintuple information including a specific data application service sent by a policy and charging rule function device, and the specific a notification message of the charging and policy rules of the data application service; a policy processing module, configured to perform specific data application service detection according to the quintuple information of the specific data application service, to
  • the embodiment of the present invention further provides another policy and charging rule function device, including: a second query request sending module, configured to send, to the independently deployed deep packet detecting device, a query request message indicating that the specific data application service is detected.
  • the query request message carries a charging and policy rule for the specific data application service;
  • the detection response receiving module is configured to receive the detection response message that is included in the depth-of-description detection device that is independently deployed, and includes a flow granularity-based charging identifier, where the flow granularity-based charging identifier is used for the detected specific data application.
  • the billing information of the service is generated by the independently deployed deep packet detecting device according to the charging and policy rules;
  • the charging identifier conversion module is configured to convert the flow granularity-based charging identifier into a charging identifier based on the load granularity and then send the charging binding to the bearer binding and event reporting function entity for performing charging bill checking.
  • the embodiment of the invention further provides a communication system, comprising the above-mentioned policy and charging rule function device, policy and charging execution function device, and independently deployed deep message detecting device.
  • the policy control method, the device, and the communication system provided by the foregoing embodiments of the present invention, wherein the deep packet detection device is independently deployed in the communication system, and the independently deployed deep packet detection device detects the specific data application service, and can Without prejudice to the performance of PCEF, The detection of the specific data application service is performed, and then the corresponding control strategy is formulated according to the detection result, so that the operator controls the policy of the specific data application service of the user.
  • the above-mentioned deep packet detecting device can be set by an operator to strengthen the operator's control over the services performed by the user.
  • Embodiment 1 is a schematic flowchart of Embodiment 1 of a policy control method according to the present invention
  • Embodiment 2 is a schematic flowchart of Embodiment 2 of a policy control method according to the present invention
  • Embodiment 3 is a schematic flowchart of Embodiment 3 of a policy control method according to the present invention.
  • Embodiment 4 is a schematic flowchart of Embodiment 4 of a policy control method according to the present invention.
  • FIG. 5 is a schematic structural diagram of Embodiment 1 of an apparatus for detecting a deep packet, which is an independent deployment of the present invention
  • FIG. 6 is a schematic structural diagram of Embodiment 1 of a policy and charging rule function apparatus according to the present invention
  • FIG. 8 is a schematic structural diagram of Embodiment 1 of a policy and charging execution function device according to the present invention
  • FIG. 9 is a schematic structural diagram of Embodiment 3 of a policy and charging rule function device according to the present invention.
  • the embodiment of the present invention provides a technical solution for performing policy control on a specific data application service by using a Deep Packet Inference (DP I ) device that is independently deployed, and the present invention implements
  • the example also provides an implementation scheme for a specific data application service of the entire system based on the independently deployed deep message detecting device.
  • the deep packet detection and the normal packet detection only analyze the IP source address, the destination address, the source port, the destination port, and the protocol type of the IP packet, and the DPI also adds application layer analysis to identify various applications and contents thereof. That is, the detection of the protocol type of the protocol is HTTP, WAP 2.0, RSTP or FTP, and the detection of the Uniform Resource Loca tor (URL) information, and further detection Policy control for specific businesses to.
  • DP I Deep Packet Inference
  • FIG. 1 is a schematic flowchart of Embodiment 1 of a policy control method according to the present invention. As shown in FIG. 1, the method includes:
  • Step 101 The independently deployed deep packet detecting device receives the query request message sent by the PCRF to perform specific data application service detection, that is, whether a certain user is using a specific data application service;
  • Step 102 The independently deployed deep packet detecting device performs service detection for the specific data of the user.
  • the deep packet detecting device is independently deployed in the communication system, and the service used by the user is deeply detected, and the user is used.
  • Type of business that is, whether a specific data application service is being used;
  • Step 103 The independently deployed deep packet detecting device performs policy control on the detected specific data application service according to the obtained service control policy.
  • the service control policy is performed according to the obtained service control policy.
  • the foregoing service control policy may be directly sent by the PCRF, or may be performed by the independently deployed deep packet detection device according to the PCRF.
  • PCC Policy and charging rules
  • the deep packet detecting apparatus independently deployed in this embodiment can perform policy control on a specific data application service, mainly performing charging control, and can also perform gating and quality of service control.
  • the deep packet detecting device in the solution may be a traffic detection function entity (hereinafter referred to as TDF) specified in the 3GPP protocol.
  • the policy control method for the specific data application service provided by the foregoing embodiment of the present invention, wherein the deep packet detection device is independently deployed in the communication system, and the independently deployed deep packet detection device detects the specific data application service, and can Under the premise of not affecting the performance of the PCEF, the detection of the specific data application service is performed, and then the corresponding control strategy is formulated according to the detection result, so that the operator's policy control of the specific data application service of the user is realized.
  • the above-mentioned deep packet detecting device can be set by the operator to strengthen the operator's control over the services performed by the user.
  • the deep packet detecting device may perform detection according to a certain detection rule when performing special data application detection, and the foregoing detection rule may be preset in the deep packet detecting device.
  • the in-depth deep packet detecting device performs the specific data application service detection according to the preset detection rule of the system; or carries the detection rule in the query request message, and then the independently deployed deep packet detecting device according to the query request message Carrying detection rules for specific data application service detection.
  • the deep packet detecting apparatus may perform policy control on the detected specific data application service according to the obtained service control policy, which may specifically include:
  • Charging, gating or quality of service management is performed on the detected specific data application service according to at least one of the received charging information, the gate information and the quality of service control information.
  • At least one of billing information, gating information, and quality of service control information performs billing, gating, or quality of service management for the detected specific data application service.
  • the PCEF receives the online The out-of-credit event triggered by the Online Charging System (hereinafter referred to as OCS) is reported to the PCRF, and then the PCRF determines the arrears of the user to sign the service for the specific data application.
  • OCS Online Charging System
  • the PCRF can be determined according to the user subscription information or the operator local policy. Whether the user applies a service subscription user for a specific data.
  • FIG. 2 is a schematic flowchart of a specific embodiment of the present invention. As shown in FIG. 2, the following steps may be included:
  • Step 201 The online charging system (hereinafter referred to as OCS) finds that the user has arrears, triggers the user session termination request to terminate the service that the user is using, that is, sends the user arrears event to the PCEF (out-of-credit) Event);
  • OCS online charging system
  • Step 202 After receiving the out-of-credit event delivered by the 0CS, the PCEF reports the user's arrears event to the PCRF, and the specific information may be sent through a Credit Control Request (CCR) message;
  • CCR Credit Control Request
  • Step 203 The PCRF queries the user subscription information or the operator local policy, and determines whether the user subscribes to use the specific data application service.
  • the specific data application service may be: the user can also use the service in arrears, or the user is in the class. The traffic usage of the service is not counted in the monthly traffic);
  • Step 204 If the user has a subscription, the PCRF queries the TDF by using a query request message for the customized service, where the query request message may be an existing Reauthorization Request (RAR) message, and the message is in the message.
  • RAR Reauthorization Request
  • Step 205 The TDF receives the query request message from the PCRF, and the TDF may perform deep packet inspection on the current service flow of the user according to the detection rule that is scheduled by the operator or the detection rule carried in the request message, and determine whether the user is currently Use specific data to apply business, the same Obtain gating information for other services, such as forbidden access or redirection;
  • Step 206 The PCRF receives a detection response message from the TDF, where the detection response message may be an existing re-authentication response (RAA), and the message may include indicating whether the user is Use of specific data to apply business information, as well as gating information for other services;
  • RAA re-authentication response
  • Step 207 The PCRF controls the PCEF to perform corresponding processing according to the content carried in the detection response message returned by the TDF. For example, if the detection response message indicates that the user is performing a specific data application service, the PCEF controls the PCEF to ignore the user arrears event reported by the 0CS. Passing the quintuple information (5 - tup le ) of the specific data application service to the PCEF, so that the PCEF allows the specific data application service that meets the above quintuple information to pass;
  • Step 208 The PCEF returns a response message to the 0CS, and determines that the user arrears event has been processed;
  • Step 209 The PCEF ensures that the specific data application service flow of the user continues to be used; or the specific data application service initiated by the user in the case of arrears is not affected.
  • FIG. 3 is a schematic flowchart of another embodiment of the present invention. In this embodiment,
  • the PCRF sends a quintuple information including a specific data application service to the PCEF and a notification message of the charging and policy rules of the specific data application service. After receiving the notification message, the PCEF applies the five-yuan of the specific data according to the specific data.
  • the group information detects a specific data application service to perform traffic release, and when detecting that the user uses the specific data application service, generates and sends to the PCRF the charging information generated according to the charging and policy rule for the specific data application service.
  • the PCRF sends the TDF to the independently deployed TDF, the independently deployed TDF Perform business processing based on at least one of the above information. Specifically, the steps shown in Figure 3 are included:
  • Step 301 The PCRF detects the user subscription information, and determines whether the user activates the specific data application service or subscribes to use the specific data application service.
  • Step 302 The PCRF subscribes to the TDF with the DP I function to query whether the user is using the specific data application service.
  • the TDF can report the usage information to the PCRF.
  • the PCRF can be based on the current Some RAR messages send a query request message for a specific data application service to the TDF, and receive a detection response message from the TDF through the RAA message;
  • Step 303 The PCRF notifies the PCEF of the quintuple information of the specific data application service, where the PCEF may be set in the packet data network gateway (PDN-GW), and simultaneously delivers a PCC rule for the quintuple information, the PCC rule.
  • PDN-GW packet data network gateway
  • the service can be used normally in the case of arrears, or the usage traffic is not counted in the monthly traffic; in this embodiment, the specific data application service can be represented by the quintuple information, and the PCEF can be based on five The tuple information detects and identifies the specific data application service, and the PCEF implements the release of the service flow for the specific data application, and the TDF performs the policy control on the specific data application service, and the PCEF implements the policy control for the non-specific data application service; There is also a case where when a specific data application service cannot be represented by the quintuple information, since the PCEF cannot identify the specific data application service, the TDF may need to perform the service for the non-specific data application service and the specific data application service. Policy control
  • the PCEF detects the specific data application service that the user is using according to the quintuple information sent by the PCRF, excluding the specific data application service, and executing the PCC rule for the non-specific data application service, and the PCC rule in the embodiment of the present invention.
  • the information includes the charging rule and the policy information, where the policy information includes the gating information and the QoS information for each service.
  • Step 305 The PCEF generates a control policy for the specific data application service, which is specifically included in the PCC rule. Charging rules and policy information, etc.
  • Step 306 The PCRF receives a detection response message from the PCEF, where the message includes whether the user uses a specific data application service, and at least one of the foregoing charging information, gating information, or QoS control information;
  • Step 307 The PCRF sends at least one of the corresponding charging information, the gate information, or the QoS control information to the TDF according to the content carried in the detection response message sent by the PCEF, and the TDF charges the service according to the charging information. And performing QoS control on the service according to the QoS control information, and performing gating processing on the service according to the gating information, for example, prohibiting access or redirection of other services, and releasing the service to the specific data application service;
  • Step 308 The PCRF sends a response message to the PCEF, and notifies that the charging information, the gate information, or the QoS control information is sent to the TDF.
  • the response message may be a credit control response (CCA). Message.
  • FIG. 4 is a schematic flowchart of still another embodiment of the present invention.
  • the PCRF sends a query request message indicating that the specific data application service is detected to the TDF, and the message carries the PCC rule for the service. And performing service detection by the independently deployed TDF, and after detecting that the user uses the specific data application service, acquiring charging information, gating information, and QoS control information according to the PCC rule.
  • the foregoing charging information may be Based on the flow granularity-based charging ID, the TDF may further notify the PCRF based on the flow granularity-based charging ID, and the PCRF converts the flow granularity-based charging ID into a charging granularity-based charging ID, which may be sent by the PCRF.
  • the charging bill check is performed when roaming, as shown in FIG. 4, including the following steps. :
  • Step 401 The PCRF detects the user subscription information, and determines whether the user opens a specific data application service or signs a specific data application service.
  • Step 402 If the user can use the specific data application service, query the specific data application service to the independently deployed TDF, and perform specific data application service detection by the TDF. Once the user is detected to use the specific data application service, the TDF needs to use the user. Specific data application industry The information is sent to the PCRF.
  • the PCRF sends the Application Detection and Control (ADC) rule to the independently deployed TDF.
  • ADC rule is a type of PCC rule.
  • Step 403 After the TDF detects that the user is performing a specific data application service, the PCRF notifies the PCEF of the quintuple information of the specific data application service that can be used by the user, and simultaneously sends a PCC rule for the quintuple information (also It is the PCC rule for the specific data application service.
  • the service corresponding to the quintuple information can be used normally in the case of arrears, or the usage traffic is not counted in the monthly traffic;
  • Step 404 The TDF detects that the user generates a control policy after using the specific data application service, and specifically includes generating charging information according to an ADC rule sent by the PCRF (for example, a flow granularity-based charging ID), gating information, and QoS control information; performing charging processing according to the charging ID, performing gating on the specific data application service according to the gating information, or performing Q 0 S control on the specific data application service according to the QoS control information;
  • an ADC rule sent by the PCRF for example, a flow granularity-based charging ID
  • gating information for example, a flow granularity-based charging ID
  • QoS control information for example, a flow granularity-based charging ID
  • performing charging processing according to the charging ID for example, performing gating on the specific data application service according to the gating information, or performing Q 0 S control on the specific data application service according to the QoS control information
  • Step 405 the TDF carries the flow granularity-based charging ID generated in step 404 in the response message and sends it to the PCRF;
  • Step 406 After receiving the response message, the PCRF matches the traffic granularity-based charging ID reported by the TDF to the charging ID based on the bearer granularity, and generates a specific, PCEF-executed for the specific data application service.
  • the PCC rules of the specific data application service including the PCEF canceling the charging of the specific data application service used by the user, not calculating the service traffic, and the like;
  • Step 407 The PCRF sends the PCC rule for the specific data application service generated in the step 406 to the PCEF, so that the PCEF does not perform policy control on the specific data application service, but is executed by the independently deployed TDF.
  • Step 408 The PCRF sends the charging ID based on the bearer granularity of the specific data application service to the BBERF (the function may be set in the serving gateway serving-GW) to perform the bill check in the roaming situation.
  • FIG. 5 is a schematic structural diagram of Embodiment 1 of an apparatus for detecting a deep packet that is independently deployed according to the present invention.
  • the apparatus includes a first receiving module 11, a first detecting module 12, and a policy control module 13.
  • the first receiving module 11 is configured to receive a query request message sent by the policy and charging rule function device to perform specific data application service detection;
  • the first detecting module 12 is configured to perform specific data application service detection on the user;
  • the module 13 is configured to perform policy control on the detected specific data application service according to the obtained service control policy.
  • the deep packet detecting device provided in the foregoing embodiment of the present invention is independently deployed, and the independently deployed deep packet detecting device detects the specific data application service, and can execute the specific data application without affecting the performance of the PCEF.
  • the detection of the service, and then the corresponding control strategy is formulated according to the detection result, so as to implement the policy control of the operator's specific data application service to the user.
  • the above-mentioned deep packet detecting device can be set by an operator to strengthen the operator's control over the services performed by the user.
  • the detecting, by the first detecting module 12, the detecting of the specific data application service may include two cases, that is, performing specific data application service detection according to the detection rule carried in the query request message;
  • the preset detection rules perform specific data application service detection.
  • the foregoing deep packet detecting apparatus may further include a first sending module 14 configured to: when the first detecting module detects that the user is performing a specific data application service, to the policy and charging rule.
  • the functional device returns a detection response message indicating that the user is performing a particular data application service.
  • the first sending module in the independently deployed deep packet detecting device is further used for the policy and charging rule function.
  • the device returns a detection response message including a flow granularity-based charging identifier, to be matched by the policy and charging rule function device to the charging identifier based on the bearer granularity, and then sent to the serving gateway.
  • the strategy The control module 13 may specifically perform policy control according to at least one of the charging information, the gate control information, and the service quality control information generated by the policy and the charging execution function device, that is, first, the policy and the charging rule function device forwarded by the policy. And at least one of charging information, gating information and quality of service control information generated by the charging execution function device; and then detecting the at least one of the received charging information, the gating information and the quality of service control information The specific data application service to the billing, gating or quality of service management.
  • the independently deployed deep packet detecting device generates policy information
  • the policy control module 13 first receives the policy and charging rules sent by the policy and charging rule function device, and according to The policy and charging rule generates at least one of charging information, gating information, and quality of service control information; and then performing at least one of the generated charging information, the gating information, and the quality of service control information.
  • the specific data detected service is used for billing, gating or quality of service management.
  • the embodiment of the present invention further provides a policy and charging rule function device, corresponding to the embodiment shown in FIG. 2, as shown in FIG. 6, the policy and charging rule function device includes a second receiving module 21, The first query request sending module 22 and the indication message sending module 23, wherein the second receiving module 21 is configured to receive a user arrears event sent by the policy and charging execution function device; the first query request sending module 22 is configured to determine the arrears After the user subscribes to the user for the specific data, the user sends a query request message indicating the specific data application service detection to the independently deployed deep packet detecting device.
  • the indication message sending module 23 is configured to receive the independently deployed deep report.
  • the policy and charging execution function device After the detection response message returned by the text detecting device, the policy and charging execution function device sends an indication message for allowing the user of the arrears to use the specific data application service, where the detection response message includes the user who is in arrears An indication of the application of a particular data application.
  • the device includes a notification message sending module 31, a third receiving module 32, and forwarding.
  • the module 33 wherein the notification message sending module 31 is configured to: after receiving the detection response message returned by the independently deployed deep packet detecting device, indicating that the user is performing a specific data application service, Sending, to the policy and charging execution function device, the quintuple information including the specific data application service and the notification message of the charging and policy rules of the specific data application service; the third receiving module 32 is configured to receive the policy and the charging execution function.
  • the forwarding module 33 is configured to forward the charging information to the independently deployed deep packet detecting device, At least one of the gate information and the quality of service control information.
  • the embodiment of the present invention further provides another policy and charging execution function device.
  • the device includes a fourth receiving module 41 and a policy processing module 42, wherein the fourth receiving module 41 is configured to receive, by the policy and charging rule function device, a quintuple information including a specific data application service and a notification message of a charging and policy rule of the specific data application service;
  • the policy processing module 42 is configured to perform specific data application service detection according to the quintuple information of the specific data application service to perform traffic release on the specific data application service, and send the policy and charging rule function device according to the target At least one of charging information, gate information, and quality of service control information generated by the charging and policy rules of the specific data application service.
  • the embodiment of the present invention further provides a policy and charging rule function device, which is specifically applicable to the technical solution of the method embodiment shown in FIG. 4 .
  • the device includes a second query request sending module.
  • the detection response receiving module 52 and the charging identifier conversion module 53 are configured to send, to the independently deployed deep packet detecting device, a query request message indicating that the specific data application service is detected, the query.
  • the request message carries a charging and policy rule for the specific data application service.
  • the detection response receiving module 52 is configured to receive the detection response message that includes the flow granularity-based charging identifier returned by the independently deployed deep packet detecting device.
  • the flow granularity-based charging identifier is charging information for applying the detected specific data, and the flow granularity-based charging identifier is independently deployed by the deep packet detecting device according to the charging and policy rule.
  • the charging identifier conversion module 53 is configured to convert the flow granularity-based charging identifier into a bearer granularity. After charging identifier sent to the bearer binding and event reporting function entity for billing when roaming, then a single check. It should be noted that: the device embodiments corresponding to the foregoing FIG. 5-9, unless otherwise specified, the modules included in each device are hardware.
  • the embodiment of the present invention further provides a communication system, which includes a PCRF, a PCEF, and an independently deployed deep packet detecting device, wherein the deep packet detecting device may be the deep packet detecting in the embodiment shown in FIG.
  • the device wherein the PCRF may be any of the PCRFs in the embodiment shown in Fig. 6, Fig. 7, or Fig. 9, and wherein the PCEF may be the PCEF in the embodiment shown in Fig. 8.
  • the policy control method, the device, and the communication system provided by the foregoing embodiments of the present invention, wherein the deep packet detecting device is independently deployed in the communication system, and the deep data detecting device can perform specific data application service detection, or is applied to a specific data.
  • Business conducts policy control.
  • the technical solution provided by the foregoing embodiment of the present invention can solve the dynamic policy control requirement of the data application that the operator participates in, and implement data participating in the application-free functional entity (hereinafter referred to as AF).
  • Application policy control such as QoS, billing, and gating.

Abstract

Embodiments of the present invention provide a policy control method, apparatus and communication system, and an independently deployed deep packet inspection apparatus, wherein the method includes: the independently deployed deep packet inspection apparatus receives a query request message transmitted by a policy and charging rules function apparatus for instructing inspection for specific data application services, executes inspection for the specific data application services of users and performs a policy control for the inspected specific data application services according to the obtained service control policy. The communication system provided by the embodiments of the present invention includes the independently deployed deep packet inspection apparatus. In the technical solution of the present invention, an independently deployed deep packet inspection apparatus performs an inspection for specific data application services, the deep packet inspection apparatus can be set by an operator, and thus the service control for users performed by the operator can be enhanced.

Description

策略控制方法、 装置以及通信系统  Policy control method, device and communication system
技术领域 Technical field
本发明实施例涉及通信技术领域, 尤其涉及一种策略控制方法、 装置 以及通信系统。 背景技术  The embodiments of the present invention relate to the field of communications technologies, and in particular, to a policy control method, apparatus, and communication system. Background technique
随着无线数据业务的快速发展, 包括语音在内的各种业务都运行在 IP 网络上, 业务提供将面临着服务质量 (Quality of Service, 以下简 称: QoS) 的问题。 不同用户对同一业务的 QoS需求也会有所不同, 用户 可以根据自己的实际需求签订不同的服务水平协议 ( service-level agreement, 以下简称: SLA)等级, 选择合适的计费方式, 因此 QoS成了 各个计费层面都涉及到的必要元素。  With the rapid development of wireless data services, various services including voice are running on IP networks, and service provision will face the issue of Quality of Service (QoS). Different users have different QoS requirements for the same service. Users can sign different service-level agreements (SLAs) according to their actual needs, and choose the appropriate charging method. Therefore, QoS becomes The necessary elements involved in each billing level.
当 QoS发生变化的时候, 需要及时地选择相应的计费方式, 实现真正 的动态、精确计费。对于运营商而言,其希望保持在价值链中的主导地位, 避免被管道化, 迫切需要能够感知网络中的各种业务, 通过内容感知和深 入的包检测技术, 可实现对业务流和内容的识别。  When the QoS changes, you need to select the corresponding charging method in time to achieve true dynamic and accurate charging. For operators, they want to maintain their dominant position in the value chain, avoid being piped, and urgently need to be able to perceive various services in the network. Through content awareness and in-depth packet inspection technology, business flow and content can be realized. Identification.
在 3GPP协议标准中,用户终端在 IP连通接入网络( IP Connectivity Accsess Netwrok , 以下简称: IP-CAN )承载建立时, 消息中会携带 QoS 参数信息, 网络侧在收到 IP-CAN承载建立消息时, 会根据用户签约信息 和设备能力决定可以使用的 QoS, 并将协商的 QoS发送给用户终端。 如果 用户终端在 IP-CAN承载建立消息中没有带 QoS参数信息, 则网络侧会使 用缺省 QoS参数或用户签约 QoS参数。  In the 3GPP protocol standard, when the user terminal establishes the bearer of the IP Connectivity Accsess Netwrok (hereinafter referred to as IP-CAN), the message carries the QoS parameter information, and the network side receives the IP-CAN bearer setup message. The QoS that can be used is determined according to the user subscription information and the device capability, and the negotiated QoS is sent to the user terminal. If the user terminal does not have QoS parameter information in the IP-CAN bearer setup message, the network side uses the default QoS parameter or the user subscribed QoS parameter.
对于通信过程中的流量统计和控制功能,现有技术中都是在物理设备 上酉己置策格和计费执行功能 ( Policy and Charging Enforcement Function, 以下简称: PCEF) 实现的, 例如可以在网关 GPRS 支持节点 ( Gateway GPRS Support Node, 以下简称: GGSN ) 或分组数据网网关 ( PDN-GW) 上配置 PCEF, 而通常的 PCEF不能进行深度检测, 无法感知业 务, 当在用户的计费 /流量的门限值达到的时候, PCEF会触发 QoS降低或 者会话终结的流程, 而对于一些特定业务, 尤其是数据应用业务, 例如使 用点对点 (Point to Point, 以下简称: P2P )技术的 Skype和 BT下载, 网络视频点播 VoD、 网络游戏、 FTP文件下载、 MSN和 QQ类即时通信工具, 运营商在进行策略控制时, 有可能在计费 /流量门限达到的情况下, 还允 许用户继续访问或者使用这些业务, 上述业务可称为特定数据应用业务。 发明内容 For the traffic statistics and control functions in the communication process, the prior art is on the physical device and the billing execution function (Policy and Charging Enforcement) Function, hereinafter referred to as: PCEF), for example, PCEF can be configured on the Gateway GPRS Support Node (GGSN) or Packet Data Network Gateway (PDN-GW), but the normal PCEF cannot perform depth detection. The service cannot be perceived. When the user's charging/traffic threshold is reached, the PCEF triggers the process of QoS reduction or session termination. For some specific services, especially data application services, for example, point to point (Point to Point, hereinafter referred to as: P2P) Skype and BT downloads, network video on demand VoD, online games, FTP file download, MSN and QQ instant messaging tools, operators may be at the billing/flow threshold when performing policy control If this is achieved, the user is also allowed to continue to access or use these services, which may be referred to as a specific data application service. Summary of the invention
本发明实施例提供一种策略控制方法、 装置以及通信系统, 用以在不 影响 PCEF性能的前提下, 实现运营商对用户的特定数据应用业务的策略 控制。  The embodiments of the present invention provide a policy control method, device, and communication system, which are used to implement policy control of a specific data application service of a user to a user without affecting the performance of the PCEF.
本发明实施例提供了一种策略控制方法, 包括:  The embodiment of the invention provides a policy control method, including:
独立部署的深度报文检测装置接收策略和计费规则功能装置发送的 指示进行特定数据应用业务检测的查询请求消息;  The independently deployed deep packet detecting device receives a query request message sent by the policy and charging rule function device to perform specific data application service detection;
独立部署的深度报文检测装置执行对用户的特定数据应用业务检测; 独立部署的深度报文检测装置根据获取的业务控制策略对检测到的 特定数据应用业务进行策略控制。 本发明实施例提供了另一种策略控制方法, 包括:  The independently deployed deep packet detecting device performs service detection for the specific data application of the user; the independently deployed deep packet detecting device performs policy control on the detected specific data application service according to the obtained service control policy. An embodiment of the present invention provides another policy control method, including:
接收策略和计费执行功能装置发送的用户欠费事件;  Receiving a user arrears event sent by the policy and charging execution function device;
在确定欠费的用户为特定数据应用业务签约用户后, 向独立部署的深 度报文检测装置发送指示进行特定数据应用业务检测的查询请求消息; 在接收到所述独立部署的深度报文检测装置返回的检测应答消息后, 向策略和计费执行功能装置发送允许所述欠费的用户使用特定数据应用 业务的指示消息, 其中, 所述检测应答消息包括所述欠费的用户正在使用 特定数据应用业务的指示。 本发明实施例提供了另一种策略控制方法, 包括: After determining that the arrears user applies the service subscription user for the specific data, sending a query request message indicating the specific data application service detection to the independently deployed deep packet detecting device; receiving the independently deployed deep packet detecting device After the detected response message is returned, And transmitting, to the policy and charging execution function device, an indication message that allows the user of the arrears to use the specific data application service, wherein the detection response message includes an indication that the arrears user is using a specific data application service. An embodiment of the present invention provides another policy control method, including:
在接收到独立部署的深度报文检测装置返回的指示用户正在进行特 定数据应用业务的检测应答消息后, 向策略和计费执行功能装置发送包括 特定数据应用业务的五元组信息以及所述特定数据应用业务的计费与策 略规则的通知消息;  After receiving the detection response message returned by the independently deployed deep packet detecting device indicating that the user is performing the specific data application service, transmitting the quintuple information including the specific data application service to the policy and charging execution function device and the specific a notification message for the billing and policy rules of the data application service;
接收策略和计费执行功能装置生成的针对所述特定数据应用业务的 计费信息、 门控信息和服务质量控制信息中的至少一项;  Receiving at least one of charging information, gating information, and quality of service control information for the specific data application service generated by the policy and charging execution function device;
向独立部署的深度报文检测装置转发所述计费信息、 门控信息和服务 质量控制信息中的至少一项。 本发明实施例提供了另一种策略控制方法, 包括:  At least one of the billing information, the gate information, and the quality of service control information is forwarded to the independently deployed deep packet detecting device. An embodiment of the present invention provides another policy control method, including:
接收策略和计费规则功能装置发送的包括特定数据应用业务的五元 组信息以及针对所述特定数据应用业务的计费与策略规则的通知消息; 根据所述特定数据应用业务的五元组信息进行特定数据应用业务检 测以对所述特定数据应用业务执行流量放行, 并向策略和计费规则功能装 置发送根据所述针对特定数据应用业务的计费与策略规则生成的计费信 息、 门控信息和服务质量控制信息中的至少一项。 本发明实施例提供了另一种策略控制方法, 包括:  Receiving, by the policy and charging rule function device, the quintuple information including the specific data application service and the notification message of the charging and policy rule for the specific data application service; the quintuple information of the service according to the specific data application Performing specific data application service detection to perform traffic release on the specific data application service, and transmitting charging information generated by the charging and policy rules for the specific data application service to the policy and charging rule function device, and gating At least one of information and quality of service control information. An embodiment of the present invention provides another policy control method, including:
向独立部署的深度报文检测装置发送指示进行特定数据应用业务检 测的查询请求消息, 所述查询请求消息中携带针对所述特定数据应用业务 的计费与策略规则;  And sending, to the independently deployed deep packet detecting device, a query request message indicating that the specific data application service is detected, where the query request message carries a charging and policy rule for the specific data application service;
接收所述独立部署的深度报文检测装置返回的包括基于流粒度的计 费标识的检测应答消息, 所述基于流粒度的计费标识为针对检测到的特定 数据应用业务的计费信息, 所述基于流粒度的计费标识由独立部署的深度 报文检测装置根据所述计费与策略规则生成; Receiving, by the independently deployed deep packet detecting device, a detection response message including a flow granularity-based charging identifier, where the flow granularity-based charging identifier is for the detected specific The billing information of the data application service, where the flow granularity-based charging identifier is generated by the independently deployed deep packet detecting device according to the charging and policy rules;
将所述基于流粒度的计费标识转换为基于承载粒度的计费标识后发 送给承载绑定及事件报告功能实体以便进行漫游时的计费话单核对。  The traffic granularity-based charging identifier is converted into a charging granularity-based charging identifier, and then sent to the bearer binding and event reporting function entity for charging billing check when roaming.
本发明实施例还提供了一种独立部署的深度报文检测装置, 包括: 第一接收模块, 用于接收策略和计费规则功能装置发送的指示进行特 定数据应用业务检测的查询请求消息;  The embodiment of the present invention further provides an independently deployed deep packet detecting apparatus, including: a first receiving module, configured to receive a query request message sent by a policy and charging rule function device to perform specific data application service detection;
策略控制模块, 用于根据获取的业务控制策略对检测到的特定数据应 用业务进行策略控制。  The policy control module is configured to perform policy control on the detected specific data application service according to the obtained service control policy.
本发明实施例还提供了一种策略和计费规则功能装置, 包括: 第二接收模块, 用于接收策略和计费执行功能装置发送的用户欠费事 件;  The embodiment of the present invention further provides a policy and charging rule function device, including: a second receiving module, configured to receive a user arrears event sent by the policy and charging execution function device;
第一查询请求发送模块, 用于在确定欠费的用户为特定数据应用业务 签约用户后, 向独立部署的深度报文检测装置发送指示进行特定数据应用 业务检测的查询请求消息;  a first query request sending module, configured to send a query request message indicating that the specific data application service is detected to the independently deployed deep packet detecting device after determining that the arrears user applies the service subscription user for the specific data;
指示消息发送模块, 用于在接收到所述独立部署的深度报文检测装置 返回的检测应答消息后, 向策略和计费执行功能装置发送允许所述欠费的 用户使用特定数据应用业务的指示消息, 其中, 所述检测应答消息包括所 述欠费的用户正在使用特定数据应用业务的指示。  The indication message sending module is configured to, after receiving the detection response message returned by the independently deployed deep packet detecting device, send an indication to the policy and charging execution function device that the user who is in arrears is allowed to use the specific data application service a message, where the detection response message includes an indication that the arrears user is using a specific data application service.
本发明实施例还提供了另一种策略和计费规则功能装置, 包括: 通知消息发送模块, 用于在接收到独立部署的深度报文检测装置返回 的指示用户正在进行特定数据应用业务的检测应答消息后, 向策略和计费 执行功能装置发送包括特定数据应用业务的五元组信息以及所述特定数 据应用业务的计费与策略规则的通知消息;  The embodiment of the present invention further provides another policy and charging rule function device, including: a notification message sending module, configured to: after receiving the independently deployed deep packet detecting device, indicating that the user is performing detection of a specific data application service After the response message, sending, to the policy and charging execution function device, the quintuple information including the specific data application service and the notification message of the charging and policy rules of the specific data application service;
第三接收模块, 用于接收策略和计费执行功能装置生成的针对所述特 定数据应用业务的计费信息、 门控信息和服务质量控制信息中的至少一 项; a third receiving module, configured to receive at least one of charging information, gating information, and quality of service control information generated by the policy and charging execution function device for the specific data application service Item
转发模块, 用于向独立部署的深度报文检测装置转发所述计费信息、 门控信息和服务质量控制信息中的至少一项。  And a forwarding module, configured to forward at least one of the charging information, the gating information, and the service quality control information to the independently deployed deep packet detecting device.
本发明实施例还提供了一种策略和计费执行功能装置, 包括: 第四接 收模块, 用于接收策略和计费规则功能装置发送的包括特定数据应用业务 的五元组信息以及所述特定数据应用业务的计费与策略规则的通知消息; 策略处理模块, 用于根据所述特定数据应用业务的五元组信息进行特 定数据应用业务检测以对所述特定数据应用业务执行流量放行, 并向策略 和计费规则功能装置发送根据所述针对特定数据应用业务的计费与策略 规则生成的计费信息、 门控信息和服务质量控制信息中的至少一项。  The embodiment of the present invention further provides a policy and charging execution function device, including: a fourth receiving module, configured to receive quintuple information including a specific data application service sent by a policy and charging rule function device, and the specific a notification message of the charging and policy rules of the data application service; a policy processing module, configured to perform specific data application service detection according to the quintuple information of the specific data application service, to perform traffic release on the specific data application service, and And transmitting, to the policy and charging rule function device, at least one of charging information, gating information, and quality of service control information generated according to the charging and policy rules for the specific data application service.
本发明实施例还提供了另一种策略和计费规则功能装置, 包括: 第二查询请求发送模块, 用于向独立部署的深度报文检测装置发送指 示进行特定数据应用业务检测的查询请求消息, 所述查询请求消息中携带 针对所述特定数据应用业务的计费与策略规则;  The embodiment of the present invention further provides another policy and charging rule function device, including: a second query request sending module, configured to send, to the independently deployed deep packet detecting device, a query request message indicating that the specific data application service is detected. The query request message carries a charging and policy rule for the specific data application service;
检测应答接收模块, 用于接收所述独立部署的深度报文检测装置返回 的包括基于流粒度的计费标识的检测应答消息, 所述基于流粒度的计费标 识为针对检测到的特定数据应用业务的计费信息, 所述基于流粒度的计费 标识由独立部署的深度报文检测装置根据所述计费与策略规则生成;  The detection response receiving module is configured to receive the detection response message that is included in the depth-of-description detection device that is independently deployed, and includes a flow granularity-based charging identifier, where the flow granularity-based charging identifier is used for the detected specific data application. The billing information of the service is generated by the independently deployed deep packet detecting device according to the charging and policy rules;
计费标识转换模块, 用于将所述基于流粒度的计费标识转换为基于承 载粒度的计费标识后发送给承载绑定及事件报告功能实体以便进行漫游 时的计费话单核对。  The charging identifier conversion module is configured to convert the flow granularity-based charging identifier into a charging identifier based on the load granularity and then send the charging binding to the bearer binding and event reporting function entity for performing charging bill checking.
本发明实施例还提供了一种通信系统, 包括上述的策略和计费规则功 能装置、 策略和计费执行功能装置以及独立部署的深度报文检测装置。  The embodiment of the invention further provides a communication system, comprising the above-mentioned policy and charging rule function device, policy and charging execution function device, and independently deployed deep message detecting device.
本发明上述实施例提供的策略控制方法、 装置以及通信系统, 其中在 通信系统中独立部署深度报文检测装置, 并由该独立部署的深度报文检测 装置对特定数据应用业务进行检测, 能够在不影响 PCEF性能的前提下, 执行对特定数据应用业务的检测, 进而根据检测结果制定相应的控制策 略, 实现运营商对用户的特定数据应用业务的策略控制。 上述的深度报文 检测装置可以由运营商设置, 加强运营商对用户进行的业务的控制。 附图说明 The policy control method, the device, and the communication system provided by the foregoing embodiments of the present invention, wherein the deep packet detection device is independently deployed in the communication system, and the independently deployed deep packet detection device detects the specific data application service, and can Without prejudice to the performance of PCEF, The detection of the specific data application service is performed, and then the corresponding control strategy is formulated according to the detection result, so that the operator controls the policy of the specific data application service of the user. The above-mentioned deep packet detecting device can be set by an operator to strengthen the operator's control over the services performed by the user. DRAWINGS
为了更清楚地说明本发明实施例或现有技术中的技术方案, 下面将对实 施例或现有技术描述中所需要使用的附图作一简单地介绍, 显而易见地, 下 面描述中的附图是本发明的一些实施例, 对于本领域普通技术人员来讲, 在 不付出创造性劳动性的前提下, 还可以根据这些附图获得其他的附图。  In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, a brief description of the drawings used in the embodiments or the prior art description will be briefly described below. Obviously, the drawings in the following description It is a certain embodiment of the present invention, and other drawings can be obtained from those skilled in the art without any inventive labor.
图 1为本发明策略控制方法实施例一的流程示意图;  1 is a schematic flowchart of Embodiment 1 of a policy control method according to the present invention;
图 2为本发明策略控制方法实施例二的流程示意图;  2 is a schematic flowchart of Embodiment 2 of a policy control method according to the present invention;
图 3为本发明策略控制方法实施例三的流程示意图;  3 is a schematic flowchart of Embodiment 3 of a policy control method according to the present invention;
图 4为本发明策略控制方法实施例四的流程示意图;  4 is a schematic flowchart of Embodiment 4 of a policy control method according to the present invention;
图 5为本发明独立部署的深度报文检测装置实施例一的结构示意图; 图 6为本发明策略和计费规则功能装置实施例一的结构示意图; 图 7为本发明策略和计费规则功能装置实施例二的结构示意图; 图 8为本发明策略和计费执行功能装置实施例一的结构示意图; 图 9为本发明策略和计费规则功能装置实施例三的结构示意图。 具体实施方式  5 is a schematic structural diagram of Embodiment 1 of an apparatus for detecting a deep packet, which is an independent deployment of the present invention; FIG. 6 is a schematic structural diagram of Embodiment 1 of a policy and charging rule function apparatus according to the present invention; FIG. 8 is a schematic structural diagram of Embodiment 1 of a policy and charging execution function device according to the present invention; FIG. 9 is a schematic structural diagram of Embodiment 3 of a policy and charging rule function device according to the present invention. detailed description
为使本发明实施例的目的、 技术方案和优点更加清楚, 下面将结合本 发明实施例中的附图, 对本发明实施例中的技术方案进行清楚、 完整地描 述, 显然, 所描述的实施例是本发明一部分实施例, 而不是全部的实施例。 基于本发明中的实施例, 本领域普通技术人员在没有作出创造性劳动前提 下所获得的所有其他实施例, 都属于本发明保护的范围。  The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is a partial embodiment of the invention, and not all of the embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
针对现有技术中 PCEF不能进行深度检测, 无法感知特定数据应用业 务, 本发明实施例提供了一种技术方案, 该方案通过独立部署的深度报文 检测 (Deep Packet Inspec t ion, 以下简称: DP I ) 装置对特定数据应用 业务进行策略控制, 且本发明实施例也提供了基于独立部署的深度报文检 测装置的、 整个系统的针对特定数据应用业务的实现方案。 其中, 上述深 度报文检测与普通报文检测仅分析 IP包的 IP源地址、 目的地址、源端口、 目的端口和协议类型不同, DPI还增加了应用层分析, 识别各种应用及其 内容, 即包括 7层协议类型检测, 例如识别出协议类型为 HTTP、 WAP2. 0、 RSTP或 FTP , 以及统一资源定位符 ( Un i form Resource Loca tor,以下简 称: URL )信息的检测, 并进一步根据检测到的特定业务进行策略控制。 In the prior art, PCEF cannot perform depth detection and cannot sense specific data applications. The embodiment of the present invention provides a technical solution for performing policy control on a specific data application service by using a Deep Packet Inference (DP I ) device that is independently deployed, and the present invention implements The example also provides an implementation scheme for a specific data application service of the entire system based on the independently deployed deep message detecting device. The deep packet detection and the normal packet detection only analyze the IP source address, the destination address, the source port, the destination port, and the protocol type of the IP packet, and the DPI also adds application layer analysis to identify various applications and contents thereof. That is, the detection of the protocol type of the protocol is HTTP, WAP 2.0, RSTP or FTP, and the detection of the Uniform Resource Loca tor (URL) information, and further detection Policy control for specific businesses to.
图 1为本发明策略控制方法实施例一的流程示意图, 如图 1所示, 该 方法包括:  FIG. 1 is a schematic flowchart of Embodiment 1 of a policy control method according to the present invention. As shown in FIG. 1, the method includes:
步骤 101、 独立部署的深度报文检测装置接收 PCRF发送的指示进行 特定数据应用业务检测的查询请求消息, 即查询某一用户是否在使用特定 数据应用业务;  Step 101: The independently deployed deep packet detecting device receives the query request message sent by the PCRF to perform specific data application service detection, that is, whether a certain user is using a specific data application service;
步骤 102、 独立部署的深度报文检测装置执行对用户的特定数据应用 业务检测; 本实施例是在通信系统中独立部署深度报文检测装置, 尤其对 用户使用的业务进行深度检测, 获取用户使用的业务类型, 即是否正在使 用特定数据应用业务;  Step 102: The independently deployed deep packet detecting device performs service detection for the specific data of the user. In this embodiment, the deep packet detecting device is independently deployed in the communication system, and the service used by the user is deeply detected, and the user is used. Type of business, that is, whether a specific data application service is being used;
步骤 103、 独立部署的深度报文检测装置根据获取的业务控制策略对 检测到的特定数据应用业务进行策略控制。  Step 103: The independently deployed deep packet detecting device performs policy control on the detected specific data application service according to the obtained service control policy.
本步骤是在上述步骤 102的基础上, 根据获取的业务控制策略对业务 进行策略控制, 上述的业务控制策略可以是由 PCRF直接发送的, 也可是 由该独立部署的深度报文检测装置根据 PCRF 发送的策略与计费规则 ( Po l i cy Charg ing Cont ro l , 以下简称: PCC ) 生成的。 本实施例中独立 部署的深度报文检测装置能够执行对特定数据应用业务的策略控制, 主要 是进行计费控制, 另外还可以进行门控以及服务质量的控制。 本发明技术 方案中的深度报文检测装置具体的可以是 3GPP协议中规定的流量检测功 能实体 ( Traff i c Detec t ion Func t ion, 以下简称: TDF ) 。 In this step, based on the foregoing step 102, the service control policy is performed according to the obtained service control policy. The foregoing service control policy may be directly sent by the PCRF, or may be performed by the independently deployed deep packet detection device according to the PCRF. Generated by the policy and charging rules (Po li cy Charg ing Cont ro l , hereinafter referred to as PCC). The deep packet detecting apparatus independently deployed in this embodiment can perform policy control on a specific data application service, mainly performing charging control, and can also perform gating and quality of service control. Technology of the present invention Specifically, the deep packet detecting device in the solution may be a traffic detection function entity (hereinafter referred to as TDF) specified in the 3GPP protocol.
本发明上述实施例提供的针对特定数据应用业务的策略控制方法, 其 中在通信系统中独立部署深度报文检测装置, 并由该独立部署的深度报文 检测装置对特定数据应用业务进行检测, 能够在不影响 PCEF性能的前提 下, 执行对特定数据应用业务的检测, 进而根据检测结果制定相应的控制 策略, 实现运营商对用户的特定数据应用业务的策略控制。 上述深度报文 检测装置可以由运营商设置, 加强运营商对用户进行的业务的控制。  The policy control method for the specific data application service provided by the foregoing embodiment of the present invention, wherein the deep packet detection device is independently deployed in the communication system, and the independently deployed deep packet detection device detects the specific data application service, and can Under the premise of not affecting the performance of the PCEF, the detection of the specific data application service is performed, and then the corresponding control strategy is formulated according to the detection result, so that the operator's policy control of the specific data application service of the user is realized. The above-mentioned deep packet detecting device can be set by the operator to strengthen the operator's control over the services performed by the user.
进一步的, 本发明实施例中, 其中的深度报文检测装置在进行特殊数 据应用检测时, 可以是根据一定的检测规则进行检测, 上述的检测规则可 以是预先设置在深度报文检测装置中的, 即独立部署的深度报文检测装置 根据系统预设的检测规则进行特定数据应用业务检测; 或者是在查询请求 消息中携带检测规则, 然后由独立部署的深度报文检测装置根据查询请求 消息中携带的检测规则进行特定数据应用业务检测。  Further, in the embodiment of the present invention, the deep packet detecting device may perform detection according to a certain detection rule when performing special data application detection, and the foregoing detection rule may be preset in the deep packet detecting device. The in-depth deep packet detecting device performs the specific data application service detection according to the preset detection rule of the system; or carries the detection rule in the query request message, and then the independently deployed deep packet detecting device according to the query request message Carrying detection rules for specific data application service detection.
另外, 本发明上述实施例中, 深度报文检测装置根据获取的业务控制 策略对检测到的特定数据应用业务进行策略控制可以具体包括:  In addition, in the foregoing embodiment of the present invention, the deep packet detecting apparatus may perform policy control on the detected specific data application service according to the obtained service control policy, which may specifically include:
接收策略和计费规则功能装置转发的由策略和计费执行功能装置生 成的计费信息、 门控信息和服务质量控制信息中的至少一项;  Receiving at least one of charging information, gating information, and quality of service control information generated by the policy and charging execution function device forwarded by the policy and charging rule function device;
根据所述接收到的计费信息、 门控信息和服务质量控制信息中的至少 一项对检测到的特定数据应用业务进行计费、 门控或服务质量管理。  Charging, gating or quality of service management is performed on the detected specific data application service according to at least one of the received charging information, the gate information and the quality of service control information.
或者是接收策略和计费规则功能装置发送的策略与计费规则 , 并根据 所述策略与计费规则生成计费信息、 门控信息和服务质量控制信息中的至 少 ■项; 根据所述生成的计费信息、 门控信息和服务质量控制信息中的至少一 项对检测到的特定数据应用业务进行计费、 门控或服务质量管理。  Or receiving a policy and charging rule sent by the policy and charging rule function device, and generating at least one item of the charging information, the gate information, and the service quality control information according to the policy and the charging rule; At least one of billing information, gating information, and quality of service control information performs billing, gating, or quality of service management for the detected specific data application service.
以下是本发明的一个具体实施例, 该实施例中, 在 PCEF接收到在线 计费系统 (Online Charging System, 以下简称: OCS ) 触发的用户欠费 ( out-of-credit )事件上报, 并将其上报给 PCRF, 然后由 PCRF在确定欠 费的用户为特定数据应用业务签约用户后, PCRF向独立部署的深度报文检 测装置 (本实施例中为 TDF)发送指示进行特定数据应用业务检测的查询 请求消息, 具体的: PCRF可以根据用户签约信息或者是运营商本地策略确 定用户是否为特定数据应用业务签约用户。 另外, PCRF在接收到用户正在 使用特定数据应用业务的检测应答信息后, 向 PCEF发送允许所述欠费的 用户使用特定数据应用业务的指示消息。 图 2为本发明一个具体实施例的 流程示意图, 如图 2所示, 可以包括如下的步骤: The following is a specific embodiment of the present invention, in which the PCEF receives the online The out-of-credit event triggered by the Online Charging System (hereinafter referred to as OCS) is reported to the PCRF, and then the PCRF determines the arrears of the user to sign the service for the specific data application. After the user sends the query request message indicating the specific data application service detection to the independently deployed deep packet detection device (TDF in this embodiment), the PCRF can be determined according to the user subscription information or the operator local policy. Whether the user applies a service subscription user for a specific data. In addition, after receiving the detection response information that the user is using the specific data application service, the PCRF sends an indication message to the PCEF that allows the user who is in arrears to use the specific data application service. FIG. 2 is a schematic flowchart of a specific embodiment of the present invention. As shown in FIG. 2, the following steps may be included:
步骤 201、 在线计费系统( Online Charging System, 以下简称: OCS) 发现用户发生欠费,触发用户会话终止请求去终止用户正在使用的业务, 即向 PCEF发送用户欠费事件 ( out-of-credit事件) ;  Step 201: The online charging system (hereinafter referred to as OCS) finds that the user has arrears, triggers the user session termination request to terminate the service that the user is using, that is, sends the user arrears event to the PCEF (out-of-credit) Event);
步骤 202、 PCEF收到 0CS传递的 out-of-credit事件后,上报该用户 欠费事件给 PCRF, 具体的可以通过信用控制请求 ( Credit Control Request, 以下简称: CCR ) 消息上才艮;  Step 202: After receiving the out-of-credit event delivered by the 0CS, the PCEF reports the user's arrears event to the PCRF, and the specific information may be sent through a Credit Control Request (CCR) message;
步骤 203、 PCRF查询用户签约信息或运营商本地策略,判断用户是否 签约允许使用特定数据应用业务(该类特定数据应用业务可能是: 用户在 欠费情况下也能正常使用,或者用户对该类业务的使用流量不算在包月流 量中);  Step 203: The PCRF queries the user subscription information or the operator local policy, and determines whether the user subscribes to use the specific data application service. The specific data application service may be: the user can also use the service in arrears, or the user is in the class. The traffic usage of the service is not counted in the monthly traffic);
步骤 204、 如果该用户有签约,则 PCRF通过针对定制业务的查询请求 消息查询 TDF , 该查询请求消息可以是现有的重新鉴权请求 (Reauthorization Request, 以下简称: RAR)消息,且该消息中可以包括 针对特定数据应用业务的检测规则;  Step 204: If the user has a subscription, the PCRF queries the TDF by using a query request message for the customized service, where the query request message may be an existing Reauthorization Request (RAR) message, and the message is in the message. May include detection rules for applying traffic to specific data;
步骤 205、 TDF收到来自 PCRF的查询请求消息, TDF可以根据运营商预 定的检测规则,或者查询请求消息中携带的检测规则,对用户当前的业务 流进行深度报文检测,判断用户当前是否正在使用特定数据应用业务,同 时获得对其他业务的门控信息, 比如禁止访问或者重定向; Step 205: The TDF receives the query request message from the PCRF, and the TDF may perform deep packet inspection on the current service flow of the user according to the detection rule that is scheduled by the operator or the detection rule carried in the request message, and determine whether the user is currently Use specific data to apply business, the same Obtain gating information for other services, such as forbidden access or redirection;
步骤 206、 PCRF接收来自于 TDF的检测应答消息,该检测应答消息可 以是现有的重新鉴权响应(Reau thor i za t i on Answer , 以下简称: RAA) , 且该消息可以包括指示用户是否正在使用特定数据应用业务的信息,以及 对其他业务的门控信息;  Step 206: The PCRF receives a detection response message from the TDF, where the detection response message may be an existing re-authentication response (RAA), and the message may include indicating whether the user is Use of specific data to apply business information, as well as gating information for other services;
步骤 207、 PCRF根据 TDF返回的检测应答消息中携带的内容,控制 PCEF 执行相应的处理, 比如检测应答消息中指示用户正在进行特定数据应用业 务,则控制 PCEF忽略 0CS上报的用户欠费事件,同时通过将该特定数据应 用业务的五元组信息 ( 5- tup l e )传递给 PCEF,以使得 PCEF对符合上述五 元组信息的特定数据应用业务允许通过;  Step 207: The PCRF controls the PCEF to perform corresponding processing according to the content carried in the detection response message returned by the TDF. For example, if the detection response message indicates that the user is performing a specific data application service, the PCEF controls the PCEF to ignore the user arrears event reported by the 0CS. Passing the quintuple information (5 - tup le ) of the specific data application service to the PCEF, so that the PCEF allows the specific data application service that meets the above quintuple information to pass;
步骤 208、 PCEF向 0CS回复应答消息, 确定已对用户欠费事件进行了 处理;  Step 208: The PCEF returns a response message to the 0CS, and determines that the user arrears event has been processed;
步骤 209、 PCEF保证用户的特定数据应用业务流继续使用;或者用户 在欠费情况下发起的特定数据应用业务不受影响。  Step 209: The PCEF ensures that the specific data application service flow of the user continues to be used; or the specific data application service initiated by the user in the case of arrears is not affected.
图 3 为本发明另一个具体实施例的流程示意图, 本实施例中, 是由 FIG. 3 is a schematic flowchart of another embodiment of the present invention. In this embodiment,
PCRF向 PCEF发送包括特定数据应用业务的五元组信息以及所述特定数 据应用业务的计费与策略规则的通知消息, PCEF 在接收到上述通知消息 后, 根据所述特定数据应用业务的五元组信息检测特定数据应用业务以对 其进行流量放行, 并在检测到用户使用特定数据应用业务时, 生成并向 PCRF发送根据所述针对特定数据应用业务的计费与策略规则生成的计费 信息、 门控信息和服务质量控制信息中的至少一项, PCRF在接收到上述 计费信息、 门控信息和服务质量控制信息中的至少一项后向独立部署的 TDF发送, 该独立部署的 TDF根据上述信息中的至少一项进行业务处理。 具体的, 包括如图 3所示的步骤: The PCRF sends a quintuple information including a specific data application service to the PCEF and a notification message of the charging and policy rules of the specific data application service. After receiving the notification message, the PCEF applies the five-yuan of the specific data according to the specific data. The group information detects a specific data application service to perform traffic release, and when detecting that the user uses the specific data application service, generates and sends to the PCRF the charging information generated according to the charging and policy rule for the specific data application service. And at least one of the gating information and the quality of service control information, after receiving the at least one of the foregoing charging information, the gating information and the quality of service control information, the PCRF sends the TDF to the independently deployed TDF, the independently deployed TDF Perform business processing based on at least one of the above information. Specifically, the steps shown in Figure 3 are included:
步骤 301、 PCRF对用户签约信息进行检测, 判断用户是否开通特定数 据应用业务或者签约使用特定数据应用业务; 步骤 302、 PCRF向具有 DP I功能的 TDF订阅查询用户是否在使用特定 数据应用业务, TDF一旦检测到用户使用特定数据应用业务,就可以将该使 用信息上报给 PCRF , 具体的, PCRF可以根据现有的 RAR消息向 TDF发送 针对特定数据应用业务的查询请求消息, 而通过 RAA消息接收来自于 TDF 的检测应答消息; Step 301: The PCRF detects the user subscription information, and determines whether the user activates the specific data application service or subscribes to use the specific data application service. Step 302: The PCRF subscribes to the TDF with the DP I function to query whether the user is using the specific data application service. When the TDF detects that the user uses the specific data application service, the TDF can report the usage information to the PCRF. Specifically, the PCRF can be based on the current Some RAR messages send a query request message for a specific data application service to the TDF, and receive a detection response message from the TDF through the RAA message;
步骤 303、 PCRF将特定数据应用业务的五元组信息通知 PCEF,该 PCEF 可以设置在分组数据网网关(PDN-GW ) 中, 同时下发针对该五元组信息的 PCC规则,所述 PCC规则可以是该业务在欠费情况下也能正常使用,或者使 用流量不算在包月流量中;本实施例中是针对特定数据应用业务能够由五 元组信息表示的情形, 这时 PCEF 可以根据五元组信息检测并辨别出特定 数据应用业务, 由 PCEF实现对特定数据应用业务流放行, 并由 TDF执行 对特定数据应用业务的策略控制, 而由 PCEF 实现对非特定数据应用业务 的策略控制; 另外还有一种情形, 即特定数据应用业务不能够使用五元组 信息表示时, 因 PCEF不能够识别出特定数据应用业务, 则可能需要由 TDF 执行对非特定数据应用业务和特定数据应用业务的策略控制;  Step 303: The PCRF notifies the PCEF of the quintuple information of the specific data application service, where the PCEF may be set in the packet data network gateway (PDN-GW), and simultaneously delivers a PCC rule for the quintuple information, the PCC rule. The service can be used normally in the case of arrears, or the usage traffic is not counted in the monthly traffic; in this embodiment, the specific data application service can be represented by the quintuple information, and the PCEF can be based on five The tuple information detects and identifies the specific data application service, and the PCEF implements the release of the service flow for the specific data application, and the TDF performs the policy control on the specific data application service, and the PCEF implements the policy control for the non-specific data application service; There is also a case where when a specific data application service cannot be represented by the quintuple information, since the PCEF cannot identify the specific data application service, the TDF may need to perform the service for the non-specific data application service and the specific data application service. Policy control
步骤 304、 PCEF根据 PCRF下发的五元组信息检测该用户正在使用的 特定数据应用业务,排除该特定数据应用业务, 执行针对非特定数据应用 业务的 PCC规则,本发明实施例中的 PCC规则包括计费规则和策略信息等 信息, 其中策略信息包括对各项业务的门控信息以及 QoS信息等内容; 步骤 305、 PCEF生成针对特定数据应用业务的控制策略, 具体的包括 根据 PCC规则中的计费规则以及策略信息等生成针对上述业务的计费信息 (例如计费 I D ) , 以及获取 PCC规则中的针对特定数据应用业务和其他业 务流的门控信息, 比如对其他业务禁止访问或者重定向, 对特定数据应用 业务放行等, 另外还可以获取 PCC规则中对特定数据应用业务的 QoS控制 信息, 并把获取的上述计费信息、 门控信息或 QoS控制信息携带在向 PCRF 发送的检测应答消息中; 步骤 306、 PCRF接收来自于 PCEF的检测应答消息,消息包括用户是否 使用特定数据应用业务,以及上述的计费信息、 门控信息或者 QoS控制信 息中的至少一项; In step 304, the PCEF detects the specific data application service that the user is using according to the quintuple information sent by the PCRF, excluding the specific data application service, and executing the PCC rule for the non-specific data application service, and the PCC rule in the embodiment of the present invention. The information includes the charging rule and the policy information, where the policy information includes the gating information and the QoS information for each service. Step 305: The PCEF generates a control policy for the specific data application service, which is specifically included in the PCC rule. Charging rules and policy information, etc. generate charging information (for example, charging ID) for the foregoing service, and acquire gating information for specific data application services and other service flows in the PCC rules, for example, prohibiting access to other services or Orientation, application service release for specific data, etc., and also obtaining QoS control information for a specific data application service in the PCC rule, and carrying the obtained charging information, gate control information or QoS control information in the detection sent to the PCRF In the response message; Step 306: The PCRF receives a detection response message from the PCEF, where the message includes whether the user uses a specific data application service, and at least one of the foregoing charging information, gating information, or QoS control information;
步骤 307、 PCRF根据 PCEF发送的检测应答消息中携带的内容,把对应 的计费信息、 门控信息或者 QoS控制信息中的至少一项发送给 TDF , 由 TDF根据计费信息对业务进行计费,根据 QoS控制信息对业务进行 QoS控 制, 以及根据门控信息对业务进行门控处理, 例如对其他业务禁止访问或 者重定向, 对特定数据应用业务放行;  Step 307: The PCRF sends at least one of the corresponding charging information, the gate information, or the QoS control information to the TDF according to the content carried in the detection response message sent by the PCEF, and the TDF charges the service according to the charging information. And performing QoS control on the service according to the QoS control information, and performing gating processing on the service according to the gating information, for example, prohibiting access or redirection of other services, and releasing the service to the specific data application service;
步骤 308、 PCRF向 PCEF 回复应答消息, 通知已经将计费信息、 门控 信息或 QoS控制信息发送给 TDF执行, 具体的, 该应答消息可以是信用控 制应答(Credit Control Answer, 以下简称: CCA ) 消息。  Step 308: The PCRF sends a response message to the PCEF, and notifies that the charging information, the gate information, or the QoS control information is sent to the TDF. Specifically, the response message may be a credit control response (CCA). Message.
图 4为本发明再一个具体实施例的流程示意图, 在该具体实施例中, 由 PCRF向 TDF发送指示进行特定数据应用业务检测的查询请求消息,且 该消息中携带了针对上述业务的 PCC规则, 并由独立部署的 TDF进行业 务检测, 并在检测到用户使用上述特定数据应用业务后, 根据 PCC规则 获取计费信息、 门控信息以及 QoS控制信息, 具体的, 上述的计费信息可 以是基于流粒度的计费 I D , TDF 可以进一步将上述基于流粒度的计费 I D 通知给 PCRF ,并且由 PCRF将基于流粒度的计费 I D转换为基于承载粒度的 计费 I D , PCRF 可以将其发送给承载绑定及事件报告功能实体 (Bear i ng B ind i ng and Event Repor t Func t i on , 以下简称: BBERF ) 进行漫游时的 计费话单核对, 如图 4所示,包括如下步骤:  FIG. 4 is a schematic flowchart of still another embodiment of the present invention. In the specific embodiment, the PCRF sends a query request message indicating that the specific data application service is detected to the TDF, and the message carries the PCC rule for the service. And performing service detection by the independently deployed TDF, and after detecting that the user uses the specific data application service, acquiring charging information, gating information, and QoS control information according to the PCC rule. Specifically, the foregoing charging information may be Based on the flow granularity-based charging ID, the TDF may further notify the PCRF based on the flow granularity-based charging ID, and the PCRF converts the flow granularity-based charging ID into a charging granularity-based charging ID, which may be sent by the PCRF. For the bearer binding and the event reporting function entity (BBERF), the charging bill check is performed when roaming, as shown in FIG. 4, including the following steps. :
步骤 401、 PCRF对用户签约信息进行检测, 判断用户是否开通特定数 据应用业务或者签约使用特定数据应用业务;  Step 401: The PCRF detects the user subscription information, and determines whether the user opens a specific data application service or signs a specific data application service.
步骤 402、 若用户可使用特定数据应用业务, 则向独立部署的 TDF订 阅查询特定数据应用业务, 由 TDF进行特定数据应用业务检测, 一旦检测 到用户使用特定数据应用业务, TDF需要将用户正在使用特定数据应用业 务的信息通知给 PCRF, PCRF将应用检测和控制 (Application Detection and Control, 以下简称: ADC)规则发送给独立部署的 TDF, 该 ADC规则为 PCC规则的一种; Step 402: If the user can use the specific data application service, query the specific data application service to the independently deployed TDF, and perform specific data application service detection by the TDF. Once the user is detected to use the specific data application service, the TDF needs to use the user. Specific data application industry The information is sent to the PCRF. The PCRF sends the Application Detection and Control (ADC) rule to the independently deployed TDF. The ADC rule is a type of PCC rule.
步骤 403、 在 TDF检测到用户正在进行特定数据应用业务后, PCRF将 上述用户可使用的特定数据应用业务的五元组信息通知给 PCEF,同时下发 针对该五元组信息的 PCC规则(也就是针对上述特定数据应用业务的 PCC 规则), 例如: 该五元组信息对应的业务在欠费情况下也能正常使用,或者 使用流量不算在包月流量中;  Step 403: After the TDF detects that the user is performing a specific data application service, the PCRF notifies the PCEF of the quintuple information of the specific data application service that can be used by the user, and simultaneously sends a PCC rule for the quintuple information (also It is the PCC rule for the specific data application service. For example, the service corresponding to the quintuple information can be used normally in the case of arrears, or the usage traffic is not counted in the monthly traffic;
步骤 404、 TDF检测到用户在使用特定数据应用业务后,生成控制策略 , 具体的, 包括根据 PCRF发送的 ADC规则生成计费信息 (例如可以是基于 流粒度的计费 ID) 、 门控信息以及 QoS控制信息; 并根据计费 ID进行计 费处理,根据门控信息执行对上述特定数据应用业务的门控,或者根据 QoS 控制信息对上述的特定数据应用业务进行 Q 0 S控制;  Step 404: The TDF detects that the user generates a control policy after using the specific data application service, and specifically includes generating charging information according to an ADC rule sent by the PCRF (for example, a flow granularity-based charging ID), gating information, and QoS control information; performing charging processing according to the charging ID, performing gating on the specific data application service according to the gating information, or performing Q 0 S control on the specific data application service according to the QoS control information;
步骤 405、 TDF将步骤 404中生成的基于流粒度的计费 ID携带在应答 消息中发送给 PCRF;  Step 405, the TDF carries the flow granularity-based charging ID generated in step 404 in the response message and sends it to the PCRF;
步骤 406、 PCRF在接收到上述应答消息后, 将 TDF上报的基于流粒度 的计费 ID匹配到基于承载粒度的计费 ID, 同时为该特定数据应用业务生 成特定的、由 PCEF执行的针对该特定数据应用业务的 PCC规则,包括 PCEF 取消对用户使用的特定数据应用业务的计费, 不计算业务流量等;  Step 406: After receiving the response message, the PCRF matches the traffic granularity-based charging ID reported by the TDF to the charging ID based on the bearer granularity, and generates a specific, PCEF-executed for the specific data application service. The PCC rules of the specific data application service, including the PCEF canceling the charging of the specific data application service used by the user, not calculating the service traffic, and the like;
步骤 407、PCRF将步骤 406中生成的针对所述特定数据应用业务的 PCC 规则下发到 PCEF上执行, 以使 PCEF不对上述的特定数据应用业务执行策 略控制, 而由独立部署的 TDF执行;  Step 407: The PCRF sends the PCC rule for the specific data application service generated in the step 406 to the PCEF, so that the PCEF does not perform policy control on the specific data application service, but is executed by the independently deployed TDF.
步骤 408、 PCRF将针对所述特定数据应用业务的基于承载粒度的计费 ID下发到 BBERF (该功能可以设置在服务网关 serving-GW) ,以进行漫游情 况下的话单核对。  Step 408: The PCRF sends the charging ID based on the bearer granularity of the specific data application service to the BBERF (the function may be set in the serving gateway serving-GW) to perform the bill check in the roaming situation.
与上述方法实施例对应的, 本发明实施例还提供一种独立部署的深度 报文检测装置, 图 5为本发明独立部署的深度报文检测装置实施例一的结 构示意图, 如图 5所示, 该装置包括第一接收模块 11 , 第一检测模块 12 和策略控制模块 13 , 其中第一接收模块 11用于接收策略和计费规则功能 装置发送的指示进行特定数据应用业务检测的查询请求消息; 第一检测模 块 12用于执行对用户的特定数据应用业务检测; 策略控制模块 13用于根 据获取的业务控制策略对检测到的特定数据应用业务进行策略控制。 Corresponding to the foregoing method embodiments, the embodiment of the present invention further provides a depth of independent deployment. FIG. 5 is a schematic structural diagram of Embodiment 1 of an apparatus for detecting a deep packet that is independently deployed according to the present invention. As shown in FIG. 5, the apparatus includes a first receiving module 11, a first detecting module 12, and a policy control module 13. The first receiving module 11 is configured to receive a query request message sent by the policy and charging rule function device to perform specific data application service detection; the first detecting module 12 is configured to perform specific data application service detection on the user; The module 13 is configured to perform policy control on the detected specific data application service according to the obtained service control policy.
本发明上述实施例中提供的深度报文检测装置独立部署, 并由该独立 部署的深度报文检测装置对特定数据应用业务进行检测, 能够在不影响 PCEF 性能的前提下, 执行对特定数据应用业务的检测, 进而根据检测结 果制定相应的控制策略, 实现运营商对用户的特定数据应用业务的策略控 制。 上述深度报文检测装置可以由运营商设置, 加强运营商对用户进行的 业务的控制。  The deep packet detecting device provided in the foregoing embodiment of the present invention is independently deployed, and the independently deployed deep packet detecting device detects the specific data application service, and can execute the specific data application without affecting the performance of the PCEF. The detection of the service, and then the corresponding control strategy is formulated according to the detection result, so as to implement the policy control of the operator's specific data application service to the user. The above-mentioned deep packet detecting device can be set by an operator to strengthen the operator's control over the services performed by the user.
在上述实施例中, 其中由第一检测模块 12执行对特定数据应用业务 的检测, 可以包括两种情况, 一是根据查询请求消息中携带的检测规则进 行特定数据应用业务检测; 二是根据系统预设的检测规则进行特定数据应 用业务检测。  In the foregoing embodiment, the detecting, by the first detecting module 12, the detecting of the specific data application service may include two cases, that is, performing specific data application service detection according to the detection rule carried in the query request message; The preset detection rules perform specific data application service detection.
另外, 在上述深度报文检测装置中还可以进一步包括第一发送模块 14, 该第一发送模块 14用于在第一检测模块检测到用户在进行特定数据 应用业务时, 向策略和计费规则功能装置返回指示用户正在进行特定数据 应用业务的检测应答消息。  In addition, the foregoing deep packet detecting apparatus may further include a first sending module 14 configured to: when the first detecting module detects that the user is performing a specific data application service, to the policy and charging rule. The functional device returns a detection response message indicating that the user is performing a particular data application service.
另外与上述图 4所示的方法实施例对应的, 为实现在漫游场景下的话 单核对, 该独立部署的深度报文检测装置中的第一发送模块还用于向策略 和计费规则功能装置返回包括基于流粒度的计费标识的检测应答消息, 以 由策略和计费规则功能装置将其匹配为基于承载粒度的计费标识后发送 给服务网关。  In addition, corresponding to the foregoing method embodiment shown in FIG. 4, in order to implement the single-check in the roaming scenario, the first sending module in the independently deployed deep packet detecting device is further used for the policy and charging rule function. The device returns a detection response message including a flow granularity-based charging identifier, to be matched by the policy and charging rule function device to the charging identifier based on the bearer granularity, and then sent to the serving gateway.
与上述图 3所示的方法实施例对应的, 在具体实施例中, 其中的策略 控制模块 13 具体可以根据策略和计费执行功能装置生成的计费信息、 门 控信息和服务质量控制信息中的至少一项进行策略控制, 即首先接收策略 和计费规则功能装置转发的由策略和计费执行功能装置生成的计费信息、 门控信息和服务质量控制信息中的至少一项; 然后根据接收到的计费信 息、 门控信息和服务质量控制信息中的至少一项对检测到的特定数据应用 业务进行计费、 门控或服务质量管理。 Corresponding to the method embodiment shown in FIG. 3 above, in a specific embodiment, the strategy The control module 13 may specifically perform policy control according to at least one of the charging information, the gate control information, and the service quality control information generated by the policy and the charging execution function device, that is, first, the policy and the charging rule function device forwarded by the policy. And at least one of charging information, gating information and quality of service control information generated by the charging execution function device; and then detecting the at least one of the received charging information, the gating information and the quality of service control information The specific data application service to the billing, gating or quality of service management.
或者与上述图 4所示的实施例对应的, 该独立部署的深度报文检测装 置生成策略信息, 该策略控制模块 13 首先接收策略和计费规则功能装置 发送的策略与计费规则, 并根据所述策略与计费规则生成计费信息、 门控 信息和服务质量控制信息中的至少一项; 然后根据所述生成的计费信息、 门控信息和服务质量控制信息中的至少一项对检测到的特定数据应用业 务进行计费、 门控或服务质量管理。  Or corresponding to the foregoing embodiment shown in FIG. 4, the independently deployed deep packet detecting device generates policy information, and the policy control module 13 first receives the policy and charging rules sent by the policy and charging rule function device, and according to The policy and charging rule generates at least one of charging information, gating information, and quality of service control information; and then performing at least one of the generated charging information, the gating information, and the quality of service control information. The specific data detected service is used for billing, gating or quality of service management.
本发明实施例还提供了一种策略和计费规则功能装置, 与上述图 2所 示的实施例对应的, 如图 6所示, 该策略和计费规则功能装置包括第二接 收模块 21、 第一查询请求发送模块 22和指示消息发送模块 23 , 其中第二 接收模块 21 用于接收策略和计费执行功能装置发送的用户欠费事件; 第 一查询请求发送模块 22用于在确定欠费的用户为特定数据应用业务签约 用户后, 向独立部署的深度报文检测装置发送指示进行特定数据应用业务 检测的查询请求消息; 指示消息发送模块 23 用于在接收到所述独立部署 的深度报文检测装置返回的检测应答消息后, 向策略和计费执行功能装置 发送允许所述欠费的用户使用特定数据应用业务的指示消息, 其中, 所述 检测应答消息包括所述欠费的用户正在使用特定数据应用业务的指示。  The embodiment of the present invention further provides a policy and charging rule function device, corresponding to the embodiment shown in FIG. 2, as shown in FIG. 6, the policy and charging rule function device includes a second receiving module 21, The first query request sending module 22 and the indication message sending module 23, wherein the second receiving module 21 is configured to receive a user arrears event sent by the policy and charging execution function device; the first query request sending module 22 is configured to determine the arrears After the user subscribes to the user for the specific data, the user sends a query request message indicating the specific data application service detection to the independently deployed deep packet detecting device. The indication message sending module 23 is configured to receive the independently deployed deep report. After the detection response message returned by the text detecting device, the policy and charging execution function device sends an indication message for allowing the user of the arrears to use the specific data application service, where the detection response message includes the user who is in arrears An indication of the application of a particular data application.
另外与上述图 3所示的方法实施例对应的, 还可以包括另外一种策略和计 费规则功能装置, 如图 7所示, 该装置包括通知消息发送模块 31、 第三接收模 块 32和转发模块 33 , 其中通知消息发送模块 31用于在接收到独立部署的深度 报文检测装置返回的指示用户正在进行特定数据应用业务的检测应答消息后, 向策略和计费执行功能装置发送包括特定数据应用业务的五元组信息以及所述 特定数据应用业务的计费与策略规则的通知消息;第三接收模块 32用于接收策 略和计费执行功能装置生成的针对所述特定数据应用业务的计费信息、 门控信 息和服务质量控制信息中的至少一项;转发模块 33用于向独立部署的深度报文 检测装置转发所述计费信息、 门控信息和服务质量控制信息中的至少一项。 In addition, corresponding to the method embodiment shown in FIG. 3, another method and charging rule function device may be included. As shown in FIG. 7, the device includes a notification message sending module 31, a third receiving module 32, and forwarding. The module 33, wherein the notification message sending module 31 is configured to: after receiving the detection response message returned by the independently deployed deep packet detecting device, indicating that the user is performing a specific data application service, Sending, to the policy and charging execution function device, the quintuple information including the specific data application service and the notification message of the charging and policy rules of the specific data application service; the third receiving module 32 is configured to receive the policy and the charging execution function. At least one of charging information, gating information, and quality of service control information generated by the device for the specific data application service; the forwarding module 33 is configured to forward the charging information to the independently deployed deep packet detecting device, At least one of the gate information and the quality of service control information.
对应图 7所示实施例中的策略和计费规则功能装置, 本发明实施例还 提供了另一种策略和计费执行功能装置, 如图 8所示, 该装置包括第四接 收模块 41和策略处理模块 42 ,其中第四接收模块 41用于接收策略和计费 规则功能装置发送的包括特定数据应用业务的五元组信息以及所述特定 数据应用业务的计费与策略规则的通知消息; 策略处理模块 42用于根据 所述特定数据应用业务的五元组信息进行特定数据应用业务检测以对所 述特定数据应用业务执行流量放行, 并向策略和计费规则功能装置发送根 据所述针对特定数据应用业务的计费与策略规则生成的计费信息、 门控信 息和服务质量控制信息中的至少一项。  Corresponding to the policy and charging rule function device in the embodiment shown in FIG. 7, the embodiment of the present invention further provides another policy and charging execution function device. As shown in FIG. 8, the device includes a fourth receiving module 41 and a policy processing module 42, wherein the fourth receiving module 41 is configured to receive, by the policy and charging rule function device, a quintuple information including a specific data application service and a notification message of a charging and policy rule of the specific data application service; The policy processing module 42 is configured to perform specific data application service detection according to the quintuple information of the specific data application service to perform traffic release on the specific data application service, and send the policy and charging rule function device according to the target At least one of charging information, gate information, and quality of service control information generated by the charging and policy rules of the specific data application service.
本发明实施例还提供了一种策略和计费规则功能装置, 具体适用于如图 4 所示的方法实施例的技术方案, 具体的如图 9所示, 该装置包括第二查询请求 发送模块 51、检测应答接收模块 52和计费标识转换模块 53 , 其中第二查询请 求发送模块 51用于向独立部署的深度报文检测装置发送指示进行特定数据应 用业务检测的查询请求消息,所述查询请求消息中携带针对所述特定数据应用 业务的计费与策略规则; 检测应答接收模块 52用于接收所述独立部署的深度 报文检测装置返回的包括基于流粒度的计费标识的检测应答消息,所述基于流 粒度的计费标识为针对检测到的特定数据应用业务的计费信息,所述基于流粒 度的计费标识由独立部署的深度报文检测装置根据所述计费与策略规则生成; 计费标识转换模块 53用于将所述基于流粒度的计费标识转换为基于承载粒度 的计费标识后发送给承载绑定及事件报告功能实体以便进行漫游时的计费话 单核对。 需要说明的是: 上述图 5-9所对应的装置实施例, 如无特别说明, 各 装置中所包括的模块均为硬件。 The embodiment of the present invention further provides a policy and charging rule function device, which is specifically applicable to the technical solution of the method embodiment shown in FIG. 4 . Specifically, as shown in FIG. 9 , the device includes a second query request sending module. The detection response receiving module 52 and the charging identifier conversion module 53 are configured to send, to the independently deployed deep packet detecting device, a query request message indicating that the specific data application service is detected, the query. The request message carries a charging and policy rule for the specific data application service. The detection response receiving module 52 is configured to receive the detection response message that includes the flow granularity-based charging identifier returned by the independently deployed deep packet detecting device. The flow granularity-based charging identifier is charging information for applying the detected specific data, and the flow granularity-based charging identifier is independently deployed by the deep packet detecting device according to the charging and policy rule. The charging identifier conversion module 53 is configured to convert the flow granularity-based charging identifier into a bearer granularity. After charging identifier sent to the bearer binding and event reporting function entity for billing when roaming, then a single check. It should be noted that: the device embodiments corresponding to the foregoing FIG. 5-9, unless otherwise specified, the modules included in each device are hardware.
本发明实施例还提供了一种通信系统, 该通信系统包括 PCRF、 PCEF 以及独立部署的深度报文检测装置, 其中的深度报文检测装置可以为图 5 所示实施例中的深度报文检测装置, 而其中的 PCRF可以为图 6、 图 7或 图 9所示实施例中的任一 PCRF, 以及其中的 PCEF可以为图 8所示实施 例中的 PCEF。  The embodiment of the present invention further provides a communication system, which includes a PCRF, a PCEF, and an independently deployed deep packet detecting device, wherein the deep packet detecting device may be the deep packet detecting in the embodiment shown in FIG. The device, wherein the PCRF may be any of the PCRFs in the embodiment shown in Fig. 6, Fig. 7, or Fig. 9, and wherein the PCEF may be the PCEF in the embodiment shown in Fig. 8.
本发明上述实施例提供的策略控制方法、 装置以及通信系统, 其中在 通信系统中独立部署深度报文检测装置, 并可由该深度报文检测装置进行 特定数据应用业务检测, 或者是对特定数据应用业务进行策略控制。 本发 明上述实施例提供的技术方案中, 其可以解决运营商参与的数据应用的动 态策略控制需求, 实现对无应用功能实体 ( App l i ca t i on Func t ion,以下 简称: AF ) 参与的数据应用的 QoS、 计费、 门控等策略控制。 并可以实现 对数据应用, 如使用 P2P技术的 Skype和 BT下载、 网络视频点播 VoD、 网 络游戏、 FTP文件下载、 MSN和 QQ即时通信等应用的策略控制, 实现对这 些数据应用的 QoS保证、 计费和有效控制, 保证与 PCEF的功能连动。  The policy control method, the device, and the communication system provided by the foregoing embodiments of the present invention, wherein the deep packet detecting device is independently deployed in the communication system, and the deep data detecting device can perform specific data application service detection, or is applied to a specific data. Business conducts policy control. The technical solution provided by the foregoing embodiment of the present invention can solve the dynamic policy control requirement of the data application that the operator participates in, and implement data participating in the application-free functional entity (hereinafter referred to as AF). Application policy control such as QoS, billing, and gating. It can also implement policy control for applications such as Skype and BT download using P2P technology, network video on demand VoD, online games, FTP file download, MSN and QQ instant communication, and realize QoS guarantee for these data applications. Fees and effective controls ensure linkage with PCEF functionality.
本领域普通技术人员可以理解: 实现上述方法实施例的全部或部分步 骤可以通过程序指令相关的硬件来完成, 前述的程序可以存储于一计算机 可读取存储介质中, 该程序在执行时, 执行包括上述方法实施例的步骤; 而前述的存储介质包括: ROM、 RAM, 磁碟或者光盘等各种可以存储程 序代码的介质。 最后应说明的是: 以上实施例仅用以说明本发明的技术方案, 而非对 其限制; 尽管参照前述实施例对本发明进行了详细的说明, 本领域的普通 技术人员应当理解: 其依然可以对前述各实施例所记载的技术方案进行修 改, 或者对其中部分技术特征进行等同替换; 而这些修改或者替换, 并不 使相应技术方案的本质脱离本发明各实施例技术方案的精神和范围。  A person skilled in the art can understand that all or part of the steps of implementing the above method embodiments may be completed by using hardware related to program instructions, and the foregoing program may be stored in a computer readable storage medium, and the program is executed when executed. The foregoing steps include the steps of the foregoing method embodiments; and the foregoing storage medium includes: a medium that can store program codes, such as a ROM, a RAM, a magnetic disk, or an optical disk. It should be noted that the above embodiments are only for explaining the technical solutions of the present invention, and are not intended to be limiting; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those skilled in the art that: The technical solutions described in the foregoing embodiments are modified, or some of the technical features are equivalently replaced. The modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.

Claims

权 利 要 求 书 Claim
1、 一种策略控制方法, 其特征在于, 包括:  A method for controlling a policy, comprising:
独立部署的深度报文检测装置接收策略和计费规则功能装置发送的 指示进行特定数据应用业务检测的查询请求消息;  The independently deployed deep packet detecting device receives a query request message sent by the policy and charging rule function device to perform specific data application service detection;
所述独立部署的深度报文检测装置执行特定数据应用业务检测; 所述独立部署的深度报文检测装置根据获取的业务控制策略对检测 到的特定数据应用业务进行策略控制。  The independently deployed deep packet detecting device performs specific data application service detection; the independently deployed deep packet detecting device performs policy control on the detected specific data application service according to the obtained service control policy.
2、 根据权利要求 1 所述的策略控制方法, 其特征在于, 所述独立部 署的深度报文检测装置执行特定数据应用业务检测包括:  2. The policy control method according to claim 1, wherein the performing the specific data application service detection by the independently deployed deep packet detecting device comprises:
在所述查询请求消息中携带检测规则时, 所述独立部署的深度报文检 测装置根据所述查询请求消息中携带的检 规则进行特定数据应用业务 检测; 或  When the query request message carries the detection rule, the independently deployed deep packet detecting device performs specific data application service detection according to the check rule carried in the query request message; or
所述独立部署的深度报文检测装置根据预设的检测规则进行特定数 据应用业务检测。  The independently deployed deep packet detecting device performs specific data application service detection according to a preset detection rule.
3、 根据权利要求 1 所述的策略控制方法, 其特征在于, 所述独立部 署的深度报文检测装置根据获取的业务控制策略对检测到的特定数据应 用业务进行策略控制包括:  The policy control method according to claim 1, wherein the independently configured deep packet detecting device performs policy control on the detected specific data application service according to the obtained service control policy, including:
所述独立部署的深度报文检测装置根据获取的业务控制策略对检测 到的特定数据应用业务进行计费控制。  The independently deployed deep packet detecting device performs charging control on the detected specific data application service according to the obtained service control policy.
4、 根据权利要求 2或 3所述的策略控制方法, 其特征在于, 还包括: 所述独立部署的深度报文检测装置在检测到用户正在进行特定数据 应用业务时, 向所述策略和计费规则功能装置返回指示用户正在进行特定 数据应用业务的检测应答消息。  The policy control method according to claim 2 or 3, further comprising: the independently deployed deep packet detecting device, when detecting that the user is performing a specific data application service, to the policy and meter The fee rule function device returns a detection response message indicating that the user is performing a specific data application service.
5、 根据权利要求 4所述的策略控制方法, 其特征在于, 所述独立部 署的深度报文检测装置根据获取的业务控制策略对检测到的特定数据应 用业务进行策略控制包括: 所述独立部署的深度报文检测装置接收所述策略和计费规则功能装 置转发的由策略和计费执行功能装置生成的计费信息、 门控信息和服务质 量控制信息中的至少一项; The policy control method according to claim 4, wherein the independently deployed deep packet detecting device performs policy control on the detected specific data application service according to the obtained service control policy, including: The independently deployed deep packet detecting device receives at least one of charging information, gating information, and quality of service control information generated by the policy and charging execution function device forwarded by the policy and charging rule function device;
所述独立部署的深度报文检测装置根据所述接收到的计费信息、 门控 信息和服务质量控制信息中的至少一项对检测到的特定数据应用业务进 行相应的策略控制。  The independently deployed deep packet detecting device performs corresponding policy control on the detected specific data application service according to at least one of the received charging information, the gate information, and the quality of service control information.
6、 根据权利要求 4所述的策略控制方法, 其特征在于, 所述独立部 署的深度报文检测装置根据获取的业务控制策略对检测到的特定数据应 用业务进行策略控制包括:  The policy control method according to claim 4, wherein the independently configured deep packet detecting device performs policy control on the detected specific data application service according to the obtained service control policy, including:
所述独立部署的深度报文检测装置接收所述策略和计费规则功能装 置发送的策略与计费规则, 并根据所述策略与计费规则生成计费信息、 门 控信息和服务质量控制信息中的至少一项;  The independently deployed deep packet detecting device receives the policy and charging rules sent by the policy and charging rule function device, and generates charging information, gating information, and service quality control information according to the policy and charging rules. At least one of them;
所述独立部署的深度报文检测装置根据所述生成的计费信息、 门控信 息和服务质量控制信息中的至少一项对检测到的特定数据应用业务进行 相应的策略控制。  The independently deployed deep packet detecting device performs corresponding policy control on the detected specific data application service according to at least one of the generated charging information, the gating information, and the quality of service control information.
7、 根据权利要求 6所述的策略控制方法, 其特征在于, 所述计费信 息为基于流粒度的计费标识, 所述方法还包括:  The policy control method according to claim 6, wherein the charging information is a flow granularity-based charging identifier, and the method further includes:
向所述策略和计费规则功能装置返回包括所述基于流粒度的计费标 识的检测应答消息, 所述策略和计费规则功能装置将所述基于流粒度的计 费标识转换为基于承载粒度的计费标识后发送给承载绑定及事件报告功 能实体以便进行漫游时的计费话单核对。  Returning, to the policy and charging rule function device, a detection response message including the flow granularity-based charging identifier, where the policy and charging rule function device converts the flow granularity-based charging identifier into a bearer granularity The charging identifier is sent to the bearer binding and event reporting function entity for checking the charging bill when roaming.
8、 一种策略控制方法, 其特征在于, 包括:  8. A policy control method, characterized in that:
接收策略和计费执行功能装置发送的用户欠费事件;  Receiving a user arrears event sent by the policy and charging execution function device;
在确定欠费的用户为特定数据应用业务签约用户后, 向独立部署的深 度报文检测装置发送指示进行特定数据应用业务检测的查询请求消息; 在接收到所述独立部署的深度报文检测装置返回的检测应答消息后, 向策略和计费执行功能装置发送允许所述欠费的用户使用所述特定数据 应用业务的指示消息, 其中, 所述检测应答消息包括所述欠费的用户正在 使用特定数据应用业务的指示。 After determining that the arrears user applies the service subscription user for the specific data, sending a query request message indicating the specific data application service detection to the independently deployed deep packet detecting device; receiving the independently deployed deep packet detecting device After the detected response message is returned, And transmitting, to the policy and charging execution function device, an indication message that allows the user of the arrears to use the specific data application service, wherein the detection response message includes an indication that the arrears user is using a specific data application service.
9、 一种策略控制方法, 其特征在于, 包括:  9. A policy control method, characterized in that:
在接收到独立部署的深度报文检测装置返回的指示用户正在进行特 定数据应用业务的检测应答消息后, 向策略和计费执行功能装置发送包括 所述特定数据应用业务的五元组信息以及所述特定数据应用业务的计费 与策略规则的通知消息;  After receiving the detection response message returned by the independently deployed deep packet detecting device indicating that the user is performing the specific data application service, transmitting the quintuple information including the specific data application service to the policy and charging execution function device. a notification message for charging and policy rules of a specific data application service;
接收所述策略和计费执行功能装置生成的针对所述特定数据应用业 务的计费信息、 门控信息和服务质量控制信息中的至少一项;  Receiving at least one of charging information, gating information, and quality of service control information for the specific data application service generated by the policy and charging execution function device;
向独立部署的深度报文检测装置转发所述计费信息、 门控信息和服务 质量控制信息中的至少一项。  At least one of the billing information, the gate information, and the quality of service control information is forwarded to the independently deployed deep packet detecting device.
10、 一种策略控制方法, 其特征在于, 包括: 接收策略和计费规则功能装置发送的包括特定数据应用业务的五元 组信息以及针对所述特定数据应用业务的计费与策略规则的通知消息; 根据所述特定数据应用业务的五元组信息进行特定数据应用业务检 测以对所述特定数据应用业务执行流量放行, 并向所述策略和计费规则功 能装置发送根据所述针对特定数据应用业务的计费与策略规则生成的计 费信息、 门控信息和服务质量控制信息中的至少一项。  A policy control method, comprising: receiving, by a policy and charging rule function device, quintuple information including a specific data application service, and notification of charging and policy rules for the specific data application service Transmitting a specific data application service detection according to the quintuple information of the specific data application service to perform traffic release on the specific data application service, and sending the specific data according to the policy and charging rule function device according to the specific data At least one of charging information, gating information, and quality of service control information generated by the charging and policy rules of the application service.
1 1、 一种策略控制方法, 其特征在于, 包括:  1 1. A policy control method, which is characterized in that:
向独立部署的深度报文检测装置发送指示进行特定数据应用业务检 测的查询请求消息, 所述查询请求消息中携带针对所述特定数据应用业务 的计费与策略规则;  And sending, to the independently deployed deep packet detecting device, a query request message indicating that the specific data application service is detected, where the query request message carries a charging and policy rule for the specific data application service;
接收所述独立部署的深度报文检测装置返回的包括基于流粒度的计 费标识的检测应答消息, 所述基于流粒度的计费标识为针对检测到的特定 数据应用业务的计费信息, 所述基于流粒度的计费标识由所述独立部署的 深度报文检测装置根据所述计费与策略规则生成; And receiving, by the independently deployed deep packet detecting device, a detection response message that includes a flow granularity-based charging identifier, where the flow granularity-based charging identifier is charging information for the detected specific data application service, where The flow granularity based charging identifier is independently deployed by the The deep packet detecting device generates according to the charging and policy rules;
将所述基于流粒度的计费标识转换为基于承载粒度的计费标识后发 送给承载绑定及事件报告功能实体以便进行漫游时的计费话单核对。  The traffic granularity-based charging identifier is converted into a charging granularity-based charging identifier, and then sent to the bearer binding and event reporting function entity for charging billing check when roaming.
12、 一种独立部署的深度报文检测装置, 其特征在于, 包括: 第一接收模块, 用于接收策略和计费规则功能装置发送的指示进行特 定数据应用业务检测的查询请求消息;  An apparatus for detecting an in-depth packet that is independently deployed, comprising: a first receiving module, configured to receive a query request message sent by a policy and a charging rule function device to perform a specific data application service detection;
第一检测模块, 用于执行对用户的特定数据应用业务检测; 策略控制模块, 用于根据获取的业务控制策略对检测到的特定数据应 用业务进行策略控制。  The first detecting module is configured to perform service detection for a specific data application to the user, and the policy control module is configured to perform policy control on the detected specific data application service according to the obtained service control policy.
13、 根据权利要求 12所述的独立部署的深度报文检测装置, 其特征 在于, 所述装置还包括:  The device of claim 12, wherein the device further comprises:
第一发送模块, 用于在所述第一检测模块检测到用户在进行特定数据 应用业务时, 向所述策略和计费规则功能装置返回指示用户正在进行特定 数据应用业务的检测应答消息。  And a first sending module, configured to: when the first detecting module detects that the user is performing a specific data application service, return a detection response message indicating that the user is performing a specific data application service to the policy and charging rule function device.
14、 根据权利要求 13 所述的独立部署的深度报文检测装置, 其特征 在于, 所述第一发送模块还用于向所述策略和计费规则功能装置返回包括 基于流粒度的计费标识的检测应答消息。  The apparatus of claim 13, wherein the first sending module is further configured to return, to the policy and charging rule function device, a charging identifier including a flow granularity. Detection response message.
15、 一种策略和计费规则功能装置, 其特征在于, 包括:  15. A policy and charging rule function device, comprising:
第二接收模块, 用于接收策略和计费执行功能装置发送的用户欠费事 件;  a second receiving module, configured to receive a user arrears event sent by the policy and charging execution function device;
第一查询请求发送模块, 用于在确定欠费的用户为特定数据应用业务 签约用户后, 向独立部署的深度报文检测装置发送指示进行特定数据应用 业务检测的查询请求消息;  a first query request sending module, configured to send a query request message indicating that the specific data application service is detected to the independently deployed deep packet detecting device after determining that the arrears user applies the service subscription user for the specific data;
指示消息发送模块, 用于在接收到所述独立部署的深度报文检测装置 返回的检测应答消息后, 向所述策略和计费执行功能装置发送允许所述欠 费的用户使用特定数据应用业务的指示消息, 其中, 所述检测应答消息包 括所述欠费的用户正在使用特定数据应用业务的指示。 And an indication message sending module, configured to send, to the policy and charging execution function device, the user who allows the arrears to use the specific data application service after receiving the detection response message returned by the independently deployed deep packet detecting device Indicating message, wherein the detection response message packet The user who includes the arrears is using an indication of a particular data application service.
16、 一种策略和计费规则功能装置, 其特征在于, 包括:  16. A policy and charging rule function device, comprising:
通知消息发送模块, 用于在接收到独立部署的深度报文检测装置返回 的指示用户正在进行特定数据应用业务的检测应答消息后, 向策略和计费 执行功能装置发送包括特定数据应用业务的五元组信息以及所述特定数 据应用业务的计费与策略规则的通知消息;  The notification message sending module is configured to send, after receiving the detection response message returned by the independently deployed deep packet detecting device that the user is performing the specific data application service, to the policy and charging execution function device, including the specific data application service The tuple information and the notification message of the charging and policy rules of the specific data application service;
第三接收模块, 用于接收所述策略和计费执行功能装置生成的针对所 述特定数据应用业务的计费信息、 门控信息和服务质量控制信息中的至少 一项;  a third receiving module, configured to receive at least one of charging information, gating information, and quality of service control information generated by the policy and charging execution function device for the specific data application service;
转发模块, 用于向独立部署的深度报文检测装置转发所述计费信息、 门控信息和服务质量控制信息中的至少一项。  And a forwarding module, configured to forward at least one of the charging information, the gating information, and the service quality control information to the independently deployed deep packet detecting device.
17、 一种策略和计费执行功能装置, 其特征在于, 包括:  17. A policy and charging execution function device, comprising:
第四接收模块, 用于接收策略和计费规则功能装置发送的包括特定数 据应用业务的五元组信息以及所述特定数据应用业务的计费与策略规则 的通知消息;  a fourth receiving module, configured to receive, by the policy and charging rule function device, a quintuple information including a specific data application service and a notification message of a charging and policy rule of the specific data application service;
策略处理模块, 用于根据所述特定数据应用业务的五元组信息进行特 定数据应用业务检测以对所述特定数据应用业务执行流量放行, 并向所述 策略和计费规则功能装置发送根据所述针对特定数据应用业务的计费与 策略规则生成的计费信息、 门控信息和服务质量控制信息中的至少一项。  a policy processing module, configured to perform specific data application service detection according to the quintuple information of the specific data application service, perform traffic release on the specific data application service, and send the basis to the policy and charging rule function device At least one of charging information, gating information, and quality of service control information generated by charging and policy rules for a specific data application service.
18、 一种策略和计费规则功能装置, 其特征在于, 包括:  18. A policy and charging rule function device, comprising:
第二查询请求发送模块, 用于向独立部署的深度报文检测装置发送指 示进行特定数据应用业务检测的查询请求消息, 所述查询请求消息中携带 针对所述特定数据应用业务的计费与策略规则;  a second query request sending module, configured to send, to the independently deployed deep packet detecting device, a query request message indicating that the specific data application service is detected, where the query request message carries a charging and a policy for the specific data application service Rule
检测应答接收模块, 用于接收所述独立部署的深度报文检测装置返回 的包括基于流粒度的计费标识的检测应答消息, 所述基于流粒度的计费标 识为针对检测到的特定数据应用业务的计费信息, 所述基于流粒度的计费 标识由所述独立部署的深度报文检测装置根据所述计费与策略规则生成; 计费标识转换模块, 用于将所述基于流粒度的计费标识转换为基于承 载粒度的计费标识后发送给承载绑定及事件报告功能实体以便进行漫游 时的计费话单核对。 The detection response receiving module is configured to receive the detection response message that is included in the depth-of-description detection device that is independently deployed, and includes a flow granularity-based charging identifier, where the flow granularity-based charging identifier is used for the detected specific data application. Billing information of the service, the flow granularity based charging The identifier is generated by the independently deployed deep packet detecting device according to the charging and policy rule; the charging identifier conversion module is configured to convert the traffic granularity-based charging identifier into a charging identifier based on the bearer granularity The billing bill check is sent to the bearer binding and event reporting function entity for roaming.
19、 一种通信系统, 其特征在于, 包括权利要求 15、 16或 18所述的 策略和计费规则功能装置、 权利要求 1 7 所述的策略和计费执行功能装置 以及权利要求 1 2、 1 3或 14所述的独立部署的深度报文检测装置。  A communication system, comprising: the policy and charging rule function device of claim 15, 16 or 18, the policy and charging execution function device of claim 17, and claim 1 The independently deployed deep packet detecting device of 1 3 or 14.
PCT/CN2011/075030 2011-05-31 2011-05-31 Policy control method, apparatus and communication system WO2011157137A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201180001015.4A CN102918804B (en) 2011-05-31 2011-05-31 Policy control method, device and communication system
PCT/CN2011/075030 WO2011157137A2 (en) 2011-05-31 2011-05-31 Policy control method, apparatus and communication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2011/075030 WO2011157137A2 (en) 2011-05-31 2011-05-31 Policy control method, apparatus and communication system

Publications (2)

Publication Number Publication Date
WO2011157137A2 true WO2011157137A2 (en) 2011-12-22
WO2011157137A3 WO2011157137A3 (en) 2012-05-03

Family

ID=45348621

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2011/075030 WO2011157137A2 (en) 2011-05-31 2011-05-31 Policy control method, apparatus and communication system

Country Status (2)

Country Link
CN (1) CN102918804B (en)
WO (1) WO2011157137A2 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105516953A (en) * 2014-10-20 2016-04-20 中兴通讯股份有限公司 Method and apparatus for selecting policy and charging rules function
CN107493203A (en) * 2016-06-12 2017-12-19 中兴通讯股份有限公司 DPI rules delivery method and device
CN113949617A (en) * 2020-07-16 2022-01-18 中移(成都)信息通信科技有限公司 Networking system, method, equipment and computer storage medium
CN116095016A (en) * 2021-11-05 2023-05-09 中国移动通信有限公司研究院 Information processing method, device, equipment and readable storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100067400A1 (en) * 2008-09-16 2010-03-18 Alcatel Lucent Application-level processing for default lte bearer in s-gw
CN101720075A (en) * 2009-02-10 2010-06-02 中兴通讯股份有限公司 Method and device for reporting service information
CN101729308A (en) * 2009-06-01 2010-06-09 中兴通讯股份有限公司 Method and device for controlling strategy
CN101909077A (en) * 2010-07-09 2010-12-08 北京邮电大学 Method and device for identifying peer-to-peer services and access network
CN102006216A (en) * 2009-09-02 2011-04-06 中兴通讯股份有限公司 Deep packet inspection system and packet processing method

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101291233B (en) * 2007-04-20 2011-04-20 华为技术有限公司 Method and system realizing event detection
CN102065367B (en) * 2010-12-30 2013-08-07 华为技术有限公司 Service control method and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100067400A1 (en) * 2008-09-16 2010-03-18 Alcatel Lucent Application-level processing for default lte bearer in s-gw
CN101720075A (en) * 2009-02-10 2010-06-02 中兴通讯股份有限公司 Method and device for reporting service information
CN101729308A (en) * 2009-06-01 2010-06-09 中兴通讯股份有限公司 Method and device for controlling strategy
CN102006216A (en) * 2009-09-02 2011-04-06 中兴通讯股份有限公司 Deep packet inspection system and packet processing method
CN101909077A (en) * 2010-07-09 2010-12-08 北京邮电大学 Method and device for identifying peer-to-peer services and access network

Also Published As

Publication number Publication date
CN102918804A (en) 2013-02-06
WO2011157137A3 (en) 2012-05-03
CN102918804B (en) 2016-08-03

Similar Documents

Publication Publication Date Title
US10602000B2 (en) Policy decisions based on offline charging rules when service chaining is implemented
EP2901750B1 (en) Congestion control for radio access networks (ran)
US8640188B2 (en) Methods, systems, and computer readable media for providing group policy configuration in a communications network using a fake user
KR101414921B1 (en) Managing ip -can subscriber sessions in response to changes related to the subscriber
US20100186064A1 (en) Method and device for obtaining capabilities of policy and charging enforcement function
EP3211936B1 (en) Method, apparatus, and system for controlling services
EP2521305B1 (en) Method, device and system for controlling user session policy
RU2513711C2 (en) Service event trigger
WO2009012686A1 (en) Method, equipment and system for implementing policy and charging control
US9331857B2 (en) Application charging method, device, and system
WO2008128470A1 (en) Method,system and entity of realizing event detection
WO2012163284A1 (en) Redirection method and redirection apparatus under policy and charging control
WO2016201999A1 (en) Third-party application charging method and apparatus, and application function device
JP2017514338A (en) Billing session management method and apparatus
WO2011120378A1 (en) Method and device for controlling data flow of subscriber service
US20130036032A1 (en) Service plan negotiations with end users for policy and charging control (pcc)
US9820183B2 (en) User plane congestion control
TW201347576A (en) Methods and nodes for managing network resources as well as a corresponding system and computer program
WO2014146502A1 (en) Radio access network congestion management method and apparatus, and congestion strategy management method and system
US20180309584A1 (en) Data Service Charging Method, Apparutus, and System
WO2011157137A2 (en) Policy control method, apparatus and communication system
US9485105B2 (en) Method and telecommunications network utilizing more than one online charging system for a given user
EP3101926B1 (en) Charging processing method, centralized network control node and function node
EP4064756B1 (en) Bandwidth throttling in a radio access network
US10116490B2 (en) Usage control for subscriber group

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 201180001015.4

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11795103

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11795103

Country of ref document: EP

Kind code of ref document: A2