A telecommunication management network (TMN) architecture is a reference model for a telecommunication management method, and the purpose thereof is to distribute various functions to different layers, for example, a network management layer (NML), an element management layer (EML) and a network element layer (NEL). In the TMN architecture, the management responsibilities are separated according to these layers. In every layer, an interface interacting with an adjacent layer is provided, and communication between applications is supported by the interface. Generally, a device related to the NML layer belongs to a network management system (NMS), whereas a device related to the EML layer belongs to an element management system (EMS), and the functions of the NEL layer are embedded in a network element. The network element is further divided into a front administrator module (FAM) and a back administrator module (BAM). The FAM and the BAM are internally connected, and provide management functions, such as configuration, maintenance, traffic measurement and failure reporting for each function module in the network element.
With rapid development of telecommunication technologies, telecommunication convergence (such as service convergence, network convergence, transmission convergence, charging convergence, network management convergence and terminal device convergence) has emerged for future telecommunication development. In the future, telecommunication convergence will not merely be applied among network elements (such as network devices) of a single operator but also among networks elements of a plurality of operators. Through sharing and the convergence of the network elements among the plurality of operators, a total cost of ownership (TCO) of network construction of each operator may be greatly reduced. With further deployment of network convergence, how to ensure a secure management on the shared network elements becomes an important issue.
In accordance with the foregoing TMN architecture, a method for managing a network element as provided by the prior art includes authority-based management and domain-based management. Authority-based management assigns management users into different categories according to different operation authorities. Domain-based management divides, according to different domains, an entire network into sub-networks of the different domains, and then assigns the management users into different categories according to the different management domains.
Although the authority-based management and the domain-based management described above improve security of current network management to a limited extent, such network configurations were developed for network management by only a single operator. Managements of users from different operators are physically separated by different telecommunication management network devices on the network management layer. In addition, in the prior art, when a plurality of operators share a certain network element, every operator has access to operate all resources on the network element, resulting in a security risk to the operators.