CN111314267A

Movatterモバイル変換

Info

Publication number: CN111314267A
Application number: CN201811510827.1A
Authority: CN
Inventors: 梁新; 高建文; 陈朝; 张学庆
Original assignee: Cetc Ocean Co ltd
Current assignee: Cetc Ocean Co ltd
Priority date: 2018-12-11
Filing date: 2018-12-11
Publication date: 2020-06-19
Anticipated expiration: 2038-12-11
Also published as: CN111314267B

Abstract

The application discloses a data communication method and system based on an LTE network. The method comprises the following steps: the LTE private network system in the first area is accessed to a firewall and accesses the Internet through the firewall to realize data communication between the LTE private network system in the first area and the Internet; the LTE public network system of the first area is accessed to the firewall through the LTE private network system of the first area, and accesses the Internet through the firewall to realize data communication between the LTE public network system of the first area and the Internet; the LTE private network system in the first area realizes service intercommunication with the LTE public network system in the first area through the service server. According to the technical scheme of the embodiment of the application, the interconnection and intercommunication of the private network and the public network are realized, and the safety of data transmission is improved by accessing the firewall.

Description

Data communication method and system based on LTE network

Technical Field

The present disclosure relates to the field of communications technologies, and in particular, to a data communication method and system based on an LTE network.

Background

In order to improve the utilization rate of an information system and the use experience of advanced communication resources, it is very important to realize limited information sharing on a high-efficiency and convenient private network. When the existing private network user carries out data communication, the safety requirements of different users cannot be met, and the data communication safety level is low. On the other hand, the capability of service intercommunication between different networks is poor, the intercommunication requirements of multiple services such as network telephone, mail, video, message and the like are difficult to realize, and the user experience degree is reduced.

Disclosure of Invention

In view of the above-mentioned drawbacks and deficiencies in the prior art, it is desirable to provide a data communication method and system based on an LTE network.

In a first aspect, a data communication method based on an LTE network is provided, where the method includes:

the LTE private network system in the first area is accessed to a firewall and accesses the Internet through the firewall to realize data communication between the LTE private network system in the first area and the Internet;

the LTE public network system of the first region accesses the firewall through the LTE private network system of the first region and accesses the Internet through the firewall to realize data communication between the LTE public network system of the first region and the Internet; and

and the LTE private network system in the first area realizes service intercommunication with the LTE public network system in the first area through a service server.

In a second aspect, a data communication system based on an LTE network is provided, the system comprising:

the first area LTE private network module is used for carrying out data communication with a private network user mobile terminal;

the first area LTE public network module is used for carrying out data communication with a public network user mobile terminal, and is in communication connection with the first area LTE private network module;

the network module is used for accessing the first area LTE private network module through a firewall and accessing the Internet through the firewall so as to realize data communication between the first area LTE private network module and the Internet as well as between the first area LTE public network module and the Internet; and

and the service module is used for realizing service intercommunication between the first area LTE private network module and the first area LTE public network module.

According to the technical scheme provided by the embodiment of the application, the LTE private network system in the first area is accessed to the firewall, and the firewall is used for accessing the system, so that the problem of data transmission safety can be solved.

Drawings

Other features, objects and advantages of the present application will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:

fig. 1 is a schematic diagram of data communication in a first region according to an embodiment of the disclosure.

Fig. 2 is a schematic diagram of an LTE private network system in a first area according to an embodiment of the present disclosure.

Fig. 3 is a schematic diagram of data communication between a first region and a second region according to an embodiment of the disclosure.

Fig. 4 is a schematic diagram of data communication between a first region and a second region according to another embodiment of the disclosure.

Fig. 5 is a schematic diagram of data communication between a first region and a second region according to another embodiment of the disclosure.

Fig. 6 is a block diagram of data communication between a first region and a second region according to an embodiment of the disclosure.

Fig. 7 is a block diagram of a system architecture of an embodiment of the present disclosure.

Fig. 8 is a schematic structural diagram of a computer system according to an embodiment of the present disclosure.

Detailed Description

The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the present invention are shown in the drawings.

It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The present application will be described in detail below with reference to the embodiments with reference to the attached drawings.

Referring to fig. 1, the present disclosure provides a data communication method based on an LTE (Long Term Evolution) network, where the method includes:

the LTEprivate network system 1 in the first area accesses thefirewall 2 and accesses theinternet 3 through thefirewall 2, so that data communication between the LTEprivate network system 1 in the first area and theinternet 3 is realized (as shown in fig. 2).

The LTEpublic network system 4 of the first area is accessed to thefirewall 2 through the LTEprivate network system 1 of the first area, and accesses the Internet 3 through thefirewall 2, so that data communication between the LTEpublic network system 4 of the first area and the Internet 3 is realized.

The LTEprivate network system 1 in the first area realizes service interworking with the LTEpublic network system 4 in the first area through theservice server 16.

Since theinternet 3 is accessed through thefirewall 2, data transmission security when accessing theinternet 3 is improved. And because private network data can be transmitted on the public network and public network data can be transmitted on the private network, the data security of interconnection and intercommunication between the private network and the public network is improved.

It should be noted that while the operations of the method of the present invention are depicted in the drawings in a particular order, this does not require or imply that the operations must be performed in this particular order, or that all of the illustrated operations must be performed, to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions.

In one embodiment, the LTEprivate network system 1 of the first region is used for data communication with the private network usermobile terminal 5, and the LTEpublic network system 4 of the first region is used for data communication with the public network usermobile terminal 6. It should be noted that the LTEprivate network system 1 and the LTEpublic network system 4 in this embodiment may adopt an LTE network system in the prior art, as long as the technical solution of the present disclosure can be satisfied.

For example, the LTEprivate Network system 1 and the LTE Public Networksystem 4 in the first region each include an LTE access Network and an EPC (Evolved Packet Core) Core Network, and the EPC Core Network includes Network elements such as an SGW (serving GateWay) and a PGW (Public Data Network GateWay).

In one embodiment, the service server may include multiple communication service servers such as internet phone, mail, video, and message, so as to implement multiple service interworking.

In one embodiment, as shown in fig. 3-5, the method of the present disclosure further comprises:

theLTE network system 7 in the second area realizes service interworking with the LTEprivate network system 1 in the first area through thesatellite communication link 8.

TheLTE network system 7 of the second area is accessed to thefirewall 2 through the LTEprivate network system 1 of the first area, and accesses the Internet 3 through thefirewall 2, so that data communication between theLTE network system 7 of the second area and the Internet 3 is realized.

It should be noted that thesatellite communication link 8 is understood as a satellite communication link, that is, the satellite communication link at least includes a data channel and a satellite communication device. The satellite communication equipment can adopt any satellite communication equipment in the prior art, such as a China Sat (China Sat) communication satellite, a Beidou communication satellite, a maritime communication satellite and the like. Since theLTE network system 7 in the second region performs data communication with the LTE network system (LTEprivate network system 1 and/or LTE public network system 4) in the first region only through the satellite device, the security level for terrestrial communication is higher than that for data communication only through a physical channel.

In a specific embodiment, as shown in fig. 3, the first area is a LTE private land network system. The second area is two and comprises an offshore mooring buoy 9 and anoffshore platform 10. TheLTE network system 7 is respectively arranged on the offshore anchoring floating platform 9 and theoffshore platform 10, and the offshore anchoring floating platform 9 and theoffshore platform 10 are respectively communicated with the LTEprivate network system 1 in the first area through thesatellite communication link 8 and carry out data transmission. While the offshore mooring buoy 9 and theoffshore platform 10 can access theinternet 3 via thesatellite link 8, respectively. When the first region has theisland 11, the LTEpublic network system 4 can be arranged on theisland 11 and connected to the LTEprivate network system 1 in the first region, so that interconnection and intercommunication among the LTEprivate network system 1 in the first region, the LTEpublic network system 4 and theinternet 3 are realized.

TheLTE network system 7 provided on the offshore mooring floating platform 9 and theoffshore platform 10 may be a private network system or a public network system. Or both private network system and public network system. Through the intercommunication and interconnection of the offshore anchoring floating platform 9 and theoffshore platform 10 in the second region and the land LTEprivate network system 1 in the first region, information transmission network access service is provided for theoffshore platform 10 in the second region andmobile terminal users 12 around the offshore anchoring floating platform 9. The data transmission between the private network and the public network between the land and the sea is realized.

In another specific embodiment, as shown in fig. 4, the first area is a land LTEprivate network system 1, and the second area is anoffshore platform 10. AnLTE network system 7 is disposed on theoffshore platform 10, and theLTE network system 7 may be an LTE private network system or an LTE public network system. TheLTE network system 7 of theoffshore platform 10 performs service interworking and data transmission with the LTEprivate network system 1 of the first region through thesatellite link 8, and accesses theinternet 3 through the LTEprivate network system 1 of the first region and thefirewall 2.

In one embodiment, thesatellite communication link 8 is isolated into a private networksatellite communication link 81 and a public networksatellite communication link 82 which are independent of each other, and the private networksatellite communication link 81 and the public networksatellite communication link 82 share asatellite communication device 83, considering the heterogeneity of private network and public network service data and the difference of data security levels. Therefore, different types of data are transmitted through different satellite communication links, and the security level of data transmission between two places is improved.

In a specific embodiment, as shown in fig. 5, when theLTE network system 7 in the second area and the LTEprivate network system 1 in the first area need to perform public network data transmission, and/or when theLTE network system 7 in the second area needs to access theinternet 3, the LTEprivate network system 1 in the first area and theLTE network system 7 in the second area access the public networksatellite communication link 82. TheLTE network system 7 in the second area may be an LTE private network system or an LTE public network system.

When theLTE network system 7 in the second area and the LTEprivate network system 1 in the first area need to perform private network data transmission, the LTEprivate network system 1 in the first area and theLTE network system 7 in the second area access the privatenetwork gateway link 81. TheLTE network system 7 in the second area may be an LTE private network system, and the private network of the LTEprivate network system 1 in the first area and the LTEprivate network system 7 in the second area is closed by the private networksatellite communication link 81, so that the transmission security between private network data is improved. The data transmission between the first regional network and the second regional network adopts different safety protocols, so that the special safety requirements of private network users are ensured, and the function of providing corresponding services according to users of different grades is realized.

In one embodiment, as shown in fig. 4 and fig. 5, theLTE network system 7 in the second area and thelocal mirror server 13 implement mutual communication and service interworking via thesatellite communication link 8. Wherein themirror server 13 may employ aservice server 16 of the first region.

In one embodiment, themirror server 13 may comprise a plurality of communication service servers such as internet phone, mail, video, and message, so as to implement a plurality of service interworking.

In one embodiment, as shown in fig. 1, when the LTEprivate network systems 1 in the first areas are multiple in parallel and form a local area network, the LTEprivate network systems 1 in each first area implement data communication through theswitch 14 and access to theinternet 3 through theswitch 14 and theaccess firewall 2. Theswitch 14 is a three-layer switch, and can configure a Virtual Local Area Network (VLAN) using thefirewall 2.

The LTEprivate network systems 1 in the first areas are connected to anetwork control device 15 for unified management and control and status display, so that the working condition of each private network system group can be monitored by the staff.

In any of the above embodiments, the LTE private network system in the first area is a land private network, and the LTE system in the second area is a land network or a marine network.

In an embodiment, in order to support public network users to enjoy private network services in a private network and support different levels of security requirements, corresponding USIM cards (Universal Subscriber identity module) need to be distributed to different levels of users to support service calls, and core network devices of the LTE private network system adopt different encryption and decryption operations to support the public network users to use data services safely.

In one embodiment, as shown in fig. 6, the LTEprivate network system 1 and the LTEpublic network system 4 in the first region serve terrestrial users, and theLTE network system 7 in the second region serves marine users. The user of the LTEprivate network system 1 in the first area and the user of the LTEpublic network system 4 realize interconnection and intercommunication with theInternet 3 based on the LTE technology. The user of the LTEprivate network system 1 in the first area and the user of theLTE network system 7 in the second area realize interconnection and intercommunication of public network data based on the LTE technology, the satellite communication link 8 (public network satellite communication link 82) and theinternet 3. The user of the LTEprivate network system 1 in the first area and the user of theLTE network system 7 in the second area realize interconnection and intercommunication of private network data based on the LTE technology and the satellite link 8 (private network satellite link 81). The user of the LTEpublic network system 4 in the first area and the user of theLTE network system 7 in the second area are interconnected and intercommunicated based on the LTE technology, thesatellite communication link 8 and theInternet 3. And the users of theLTE network system 7 in the second area realize interconnection and intercommunication among the users in the second area based on the LTE technology, thesatellite communication link 8 and themirror image server 13.

With further reference to fig. 7, an exemplary block diagram of a data communication device based on an LTE network is shown, provided according to an embodiment of the present disclosure. The system comprises:

and the first area LTEprivate network module 100 is used for carrying out data communication with a private network user mobile terminal.

The first area LTEpublic network module 200 is used for carrying out data communication with a mobile terminal of a public network user, and the first area LTEpublic network module 200 is in communication connection with the first area LTEprivate network module 100.

Thenetwork module 300 is configured to access the first area LTEprivate network module 100 through thefirewall 2, and access theinternet 3 through thefirewall 2, so as to implement data communication between the first area LTEprivate network module 100 and the first area LTEpublic network module 200 and theinternet 3.

Theservice module 400 is configured to implement service interworking between the first area LTEprivate network module 100 and the first area LTEpublic network module 200.

In an embodiment, the first regional LTEprivate Network module 100 and the first regional LTEPublic Network module 200 each include an LTE access Network and an EPC (Evolved Packet Core) Core Network, and the EPC Core Network includes Network elements such as an SGW (Serving GateWay) and a PGW (Public Data Network GateWay).

In one embodiment, theservice module 400 may comprise a plurality of communication service servers such as internet phone, mail, video, and message, so as to implement a plurality of service interworking.

In one embodiment, the system further comprises: and a second regionalLTE network module 500, configured to perform data communication with the user mobile terminal.

And thesatellite communication link 8 is used for realizing service intercommunication between the first area LTEprivate network module 100 and the second areaLTE network module 500.

The second areaLTE network module 500 accesses thefirewall 2 through the first area LTEprivate network module 100, and accesses theinternet 3 through thefirewall 2, thereby implementing data communication between the second areaLTE network module 500 and theinternet 3.

In one embodiment, thegatekeeper link 8 includes a privatenetwork gatekeeper link 81 and a public network gatekeeper link 82 in consideration of the heterogeneity of private network and public network traffic data and the difference of data security levels. Therefore, different types of data are transmitted through different satellite communication links, and the security level of data transmission between two places is improved.

The privatenetwork guard link 81 is used for the second regionalLTE network module 500 and the first regional LTEprivate network module 100 to perform private network data transmission.

And the public networksatellite communication link 82 is used for performing public network data transmission between the second regionalLTE network module 500 and the first regional LTEprivate network module 100, and for the second regionalLTE network module 500 to access theinternet 3.

The private networksatellite communication link 81 and the public networksatellite communication link 82 share a satellite communication device.

In one embodiment, one segment of the public network physical access of the publicnetwork satellite link 82 is located in a first region and another segment of the public network physical access of the publicnetwork satellite link 82 is located in a second region. The two segments of public network physical access realize data transmission through a satellite communication device. Each segment of public network physical path is at least provided with a router gateway, a TDMA satellite communication system (time division multiple access) and a satellite communication antenna. The routing gateway is used for accessing the first area LTEprivate network module 100, the satellite communication antenna is used for accessing the satellite communication device, and the TDMA satellite communication system is used for transmitting the data signal received by the satellite communication antenna to the routing gateway.

In one embodiment, the second regionalLTE network module 500 and the local mirror service module communicate with each other and communicate with each other through thesatellite communication link 8. Wherein the mirror service module may employ theservice module 400 of the first region.

In a specific embodiment, the mirror service module may include multiple communication service servers such as internet phone, mail, video, and message, so as to implement multiple service interworking.

In one embodiment, thenetwork module 300 further comprises: and the switch submodule is used for realizing data communication of each first area LTEprivate network module 100 through the switch submodule and realizing access to theInternet 3 by accessing thefirewall 2 through the switch submodule when the first area LTEprivate network modules 100 are a plurality of parallel modules and form a local area network. In a variant embodiment, a router is provided between the switch submodule and thefirewall 2.

The switch is a three-layer switch, and can use thefirewall 2 to configure a VLAN (Virtual local area Network). The LTE private network systems in the first areas are connected with a network control device which passes through the LTE private network systems to carry out unified management and control and state display so that working conditions of all the groups of private network systems can be monitored by workers.

In any of the above embodiments, the first LTEprivate network module 100 is a land private network, the first LTEpublic network module 200 is a land private network, and the secondLTE network module 500 is a land network or a marine network.

It should be noted that the data communication system provided in the embodiment of the present disclosure may implement a data communication method based on LTE based on the data communication method provided in the embodiment of the present disclosure.

It should be understood that the elements or modules recited in the system correspond to individual steps in a method. Thus, the operations and features described above for the method are equally applicable to the apparatus and the units or modules included therein, and are not described in detail here.

Referring now to FIG. 8, shown is a block diagram of acomputer system 700 suitable for use with a terminal device or server implementing embodiments of the present disclosure.

As shown in fig. 8, thecomputer system 700 includes a Central Processing Unit (CPU)701, which can perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)702 or a program loaded from astorage section 708 into a Random Access Memory (RAM) 703. In theRAM 703, various programs and data necessary for the operation of thesystem 700 are also stored. TheCPU 701, theROM 702, and theRAM 703 are connected to each other via abus 704. An input/output (I/O)interface 707 is also connected tobus 704.

The following components are connected to the I/O interface 707: aninput portion 706 including a keyboard, a mouse, and the like; anoutput section 707 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; astorage section 708 including a hard disk and the like; and acommunication section 709 including a network interface card such as a LAN card, a modem, or the like. Thecommunication section 709 performs communication processing via a network such as the internet. Adrive 710 is also connected to the I/O interface 707 as necessary. Aremovable medium 711 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on thedrive 710 as necessary, so that a computer program read out therefrom is mounted into thestorage section 708 as necessary.

In particular, the processes described above with reference to fig. 1-7 may be implemented as computer software programs, according to embodiments of the present disclosure. For example, embodiments of the present disclosure include a computer program product comprising a computer program tangibly embodied on a machine-readable medium, the computer program comprising program code for performing the methods of fig. 1-7. In such an embodiment, the computer program can be downloaded and installed from a network through thecommunication section 709, and/or installed from theremovable medium 711.

The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.

The units or modules described in the embodiments of the present application may be implemented by software or hardware.

As another aspect, the present application also provides a computer-readable storage medium, which may be the computer-readable storage medium included in the apparatus in the above-described embodiment; or it may be a separate computer readable storage medium not incorporated into the device. The computer readable storage medium stores one or more programs for use by one or more processors in performing the formula input methods described herein.

The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention herein disclosed is not limited to the particular combination of features described above, but also encompasses other arrangements formed by any combination of the above features or their equivalents without departing from the inventive concept. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.

Claims

1. A data communication method based on an LTE network, characterized in that the method comprises the following steps:

2. The method of claim 1, further comprising:

the LTE network system of the second area realizes service intercommunication with the LTE private network system of the first area through a satellite communication link; and

the LTE network system of the second region is accessed to the firewall through the LTE private network system of the first region, and accesses the Internet through the firewall, so that data communication between the LTE network system of the second region and the Internet is realized.

3. The method of claim 2, wherein the satellite communication link is isolated as a private network satellite communication link and a public network satellite communication link which are independent of each other, and the private network satellite communication link and the public network satellite communication link share a satellite communication device.

4. The method according to claim 3, wherein the LTE private network system of the first region and the LTE network system of the second region access the public network satellite communication link when the LTE network system of the second region and the LTE private network system of the first region need to perform public network data transmission and/or when the LTE network system of the second region needs to access the Internet.

5. The method according to claim 3, wherein the LTE private network system of the first region and the LTE private network system of the second region access the private network communication link when the LTE network system of the second region and the LTE private network system of the first region need to perform private network data transmission.

6. The method of claim 2, wherein the LTE network system in the second area and the local mirror server communicate with each other and communicate with each other through the satellite communication link.

7. The method of claim 1, wherein when the LTE private network systems in the first area are multiple in parallel and form a local area network, the LTE private network systems in each of the first areas implement data communication through a switch, and access to the firewall through the switch implements access to the internet.

8. The method of claim 2, wherein the LTE private network system of the first region is a land private network, the LTE public network system of the first region is a land public network, and the LTE system of the second region is a land network or a marine network.

9. A data communication system based on an LTE network, the system comprising:

10. The system of claim 9, further comprising:

the second regional LTE network module is used for carrying out data communication with the user mobile terminal;

the satellite communication link is used for realizing service intercommunication between the first area LTE private network module and the second area LTE network module;

the second area LTE network module accesses the firewall through the first area LTE private network module and accesses the Internet through the firewall to realize data communication between the second area LTE network module and the Internet.

11. The system of claim 10, wherein the satellite link comprises a private network satellite link and a public network satellite link;

the private network satellite communication link is used for the second regional LTE network module and the first regional LTE private network module to perform private network data transmission; and

the public network satellite communication link is used for carrying out public network data transmission between the second regional LTE network module and the first regional LTE private network module and for the second regional LTE network module to access the Internet;

and the private network satellite communication link and the public network satellite communication link share satellite communication equipment.

12. The system of claim 9, wherein the network module further comprises:

and the switch submodule is used for enabling each first area LTE private network module to realize data communication through the switch submodule and enabling the switch submodule to access the firewall to realize access to the Internet when the first area LTE private network modules are a plurality of parallel local area networks.