Method and Apparatus for Security Protection of Service Interruption in Switch Network

Description

BRIEF DESCRIPTIONS OF THE DRAWINGS

The figures described herein are used to provide fierier understanding of the present invention and constitute a part of the present application, and the illustrative embodiments and the corresponding descriptions of the present invention are used to explain the present invention rather than constituting any improper limitation to the present invention. In the figures:

FIG. 1 shows a network topological graph of a first-class toll network constituted by soft switches in the prior art;

FIG. 2 shows a network topological graph of another first-class toll network constituted by soft switches in the prior art;

FIG. 3 shows a secure intercommunication solution between soft switches in the prior art;

FIG. 4 shows a flow chart of a security protection method according to an embodiment of the present invention;

FIG. 5 shows a block diagram of a security protection apparatus according to an embodiment of the present invention;

FIG. 6 shows a flow chart of a security protection method for SS service interruption according to an embodiment of the present invention;

FIG. 7 shows a block diagram of a security protection apparatus for SS service interruption according to an embodiment of the present invention;

FIG. 8 shows a topological graph of a networking of destination soft switches according to an embodiment of the present invention;

FIG. 9 shows a message flow chart based on the solution of a first embodiment of the present invention with respect to the situation in FIG. 8;

FIG. 10 shows a message flow chart based on the solution of a second embodiment of the present invention with respect to the situation in FIG. 8;

FIG. 11 shows a topological growth of another networking of destination soft switches according to an embodiment of the present invention;

FIG. 12 is a block diagram of the main constituting structure of a trunk device according to an embodiment of the present invention; and

FIG. 13 is a block diagram of the main constituting structure of a soft switch according to an embodiment of the present invention.

Claims

1. A security protection method for performing security protection during service interruption occurring in a switch network, comprising: selecting, by a transmitting-end device, a sub-route from a plurality of sub-routes and transmitting a call to an opposite-end device by a trunk device;analyzing, by the trunk device, a route condition from the current selected sub-route to the opposite-end device when the call is received;transmitting, by the trunk device, the call to the opposite-end device according to the route condition when the route condition is normal; otherwise, reporting a blocking message to the transmitting-end device; andexcluding, by the transmitting-end device, the current selected sub-route when the transmitting-end device receives the blocking message, selecting a next sub-route to initiate the call when not all sub-routes are excluded; otherwise, ending selecting the sub-routes.
2. The security protection method according to claim 1, wherein the analyzing comprises at least one of number analyzing mid route analyzing.
3. The security protection method according to claim 1, wherein the step of reporting a blocking message comprises transmitting an SIP (Session Initiation Protocol) message carrying a release reason to the transmitting-end device.
4. The security protection method according to claim 1, wherein the step of reporting a blocking message comprises transmitting an ISUP (Intend Service digital network User Part) message carrying a release reason to the transmitting-end device.
5. The security protection method according to claim 3, wherein the release reason comprises at least one of the failure of a trunk media gateway of a receiving-end switch and the full blocking of office-directed trunk circuits of the receiving-end switch.
6. The security protection method according to claim 4, wherein the release reason comprises at least one of the failure of a trunk media gateway of a receiving-end switch and the full blocking of office-directed trunk circuits of the receiving-end switch.
7. The security protection method according to claim 1, wherein the analyzing step is performed by a circuit management module of the trunk device; the step of reporting a blocking message comprises: notifying a call control module of the trunk device to generate a release reason when the route condition is abnormal, and transmitting an SIP message carrying the release reason by an SIP processing module of the trunk device.
8. The security protection method according to claim 1, wherein the analyzing step is performed by a circuit management module of the trunk device; the step of reporting a blocking message comprises: notifying a call control module of the trunk device to generate a release reason when the route condition is abnormal, and transmitting an ISUP message carrying the release reason by an ISUP processing module of the trunk device.
9. The security protection method according to claim 1, wherein the switch network comprises a soft switch network.
10. The security protection method according to claim 9, wherein the transmitting-end device comprises a soft switch.
11. The security protection method according to claim 9, wherein the trunk device comprises a soft switch.
12. The security protection method according to claim 1, wherein the trunk device comprises a trunk media gateway.
13. A security protection apparatus for performing security protection during service interruption occurring in a switch network which comprises a transiting-end device, an opposite-end device and a trunk device, the security protection apparatus comprising: a transmitting module for enabling the transmitting-end device to select each sub-route from a plurality of sub-routes one by one to transmit a call to the opposite-end device;an analyzing module for enabling the trunk device to analyze a route condition from the current selected sub-route to the opposite-end device when receiving the call;a forwarding and reporting module for enabling the trunk device to determine whether to transmit the call to the opposite-end device or report a blocking message to the transmitting-end device according to the route condition; anda processing module for enabling the transmitting-end device to exclude the current selected sub-route, judge whether all the sub-routes are excluded, and determine whether to continue executing the process of the transmitting module or end selecting the sub-routes based on the judgment result, if the trunk device reports the blocking message to the transmitting-end device.
14. The security protection apparatus according to claim 13, wherein the transiting module comprises: a sub-route selection module for enabling the transmitting-end device to attempt to transmit a call via each sub-route by starting from the first sub-route;a transferring module for enabling the transmitting-end device to use the selected sub-route to transfer the call to the trunk device.
15. The security protection apparatus according to claim 14, wherein, the processing module comprises: an all-busy judgment module for enabling the transmitting-end device to judge whether the sub-routes are all busy;a returning module for enabling the transmitting-end device to return an all-busy message and end selecting the sub-routes when the all-busy judgment module judges that the sub-routes are all busy;a next sub-route selection notifying module for notifying the sub-route selection module to select a next sub-route to be polled when the all-busy judgment module judges that the sub-routes are not all busy.
16. The security protection apparatus according to claim 13, wherein the forwarding and reporting module comprises: a reporting module for enabling the trunk device to report the blocking message to the transmitting-end device when the analyzing module determines that the route condition is abnormal; anda forwarding module for enabling the trunk device to directly forward the call to the opposite-end device when the analyzing module judges that the route condition is normal.
17. A trunk device, comprising: a circuit management module for analyzing a route condition from a current sub-route selected by a transmitting-end device to an opposite-end device when a call from the transmitting-end device is received;a call control module for generating a release reason when the route condition is abnormal;a processing module for reporting a blocking message carrying the release reason generated by the call control module to the transmitting-end device.
18. The trunk device according to claim 17, wherein the processing module is an SIP (Session Initiation Protocol) processing module, and the blocking; message is an SIP message.
19. The trunk device according to claim 17, wherein the processing module is an ISUP (Integrated Service digital network User Part) processing module, and the blocking message is an ISUP message.
20. A soft switch, comprising: a circuit management module for selecting a sub-route from a plurality of sub-routes when initiating a call;a processing module for transmitting a release message when receiving a blocking message from a trunk device; anda call control module for reselecting a route for the call when receiving the release message, and ta a current sub-route as the sub-route to transmit a route selection request to the circuit management module.
21. The soft switch according to claim 20, wherein the processing module is an SIP (Session Initiation Protocol) processing module or an ISUP (Integrated Service digital network User Part) processing module.

Priority Claims (1)

Number	Date	Country	Kind
200610065066.4	Mar 2006	CN	national

Method and Apparatus for Security Protection of Service Interruption in Switch Network

Information

Publication Number

Date Filed

Date Published

Inventors

Original Assignees

CPC

US Classifications

International Classifications

Abstract

Description

Claims

Priority Claims (1)