Proposed Standard Protocol for Host-Host by Guruh Purnama - Winpulsa.com

PROPOSEDSTANDARD PROTOCOLHOST-HOST

By Guruh PurnamaWINpulsa.com

BACKGROUND

Who we are

Winpulsa Not Developer – Not Selling Software to customer Distributor Service Company

We are User, Partnering with Developer

Winpulsa: IT Company: Content Provider, Application Service Provider Partnering: Operator Cellular, Banking All System developed by In-house developer

What we needs

Protocol: Plug & Play Secure Reliable Performance Trustable

What is Standard ?

Acceptable Adoptable Scalable Agreeable Trustable

What to be standardized ?

Process Method Format Field & Parameter Status Security

Requirement

Multi Transports HTTP/S YM – Yahoo Messenger Protocol XMPP/Jabber/G-Talk JMS/AMQP

Any Language PHP .NET Java Python Ruby Delphi / Pascal

TRANSACTION/ORDER PROCESS

Process

Request - Response Synchronous / Active Client

Report – Asynchronous / Passive Client

Inquiry – Result Synchronous / Active Client HTTP - Dynamic IP

Process – Synchronous

Client

Server

Process

Request

Report

Inquiry

Result

Phase 1

Phase 2

Phase 3

Process – Sync/Asynchronous

Client

Server

Process

Request

Response

Report

Inquiry

Result

Phase 1

Phase 2

Phase 3

Phase 4

Confirm

Process – Phase 1

Phase 1 (Internal) Authentication – User id, password, PIN Admin: has enough Balance, etc Validation: Product Code, etc

Process – Phase 2

Phase 2 (External) On Progress Failed Transaction Success Transaction

Process – Phase 2 - External

Client Server

On Progress

Success

Failed

Process – Phase3 - Report

Phase 3 Report result from the Transaction

process Phase 3 – client must confirm

Authentication By Client On Progress Failed Success

Process – Phase 3 - Report

Server Client

On Progress

Success

Failed

Process – Phase 4 - Inquiry Inquiry just like Report but more on

Client side that active Can be used for checking &

validating last transaction Inquiry Process

Authentication By Server On Progress Failed Success

Process – Phase 4 - Inquiry

Client Server

On Progress

Success

Failed

METHOD

Method

Message Passing Asynchronous YM,JMS One - Many Node More Flexible Can be Transformed, Filtered & Controlled etc

RPC – Remote Procedure Call Synchronous XMLRPC,SOAP One – One Node Rigid

FORMAT

Format

Binary/Bitmap based – More Machine language ISO 8583 - Financial transaction card

originated messages Binary XML Faster

Text based – More Human readable JSON,XML,YAML Slower but easy to maintain

PARAMETERS

Request

Reference ID – Integer Transaction Time – Integer User ID – String MD5 Password – String

MD5/SH1 Generated – MD5(Time + Password)

Product ID – String MSISDN – String

Response

Request ID – Integer Reference ID – Integer Response Time – Numeric

14 Digits - YYYYMMDDhhiiss Status – Integer

Report

Report ID - Integer Request ID - Integer Reference ID – Integer Report Time - Numeric Transaction Time – Numeric User ID – String MD5 Password - String Status – Integer Serial Number - Integer Message - String

Confirm

Confirm ID – Integer Report ID – Integer Confirm Time – Numeric Status – Integer Message - String

Inquiry

Reference ID – Integer Inquiry Time – Integer User ID – String MD5 Password – String

MD5/SH1 Generated – MD5(Time + Password)

Result

Result ID - Integer Request ID - Integer Reference ID - Integer Transaction Time – Numeric Status – Integer Serial Number - Integer Message - String

Optional: Price - Float

ADDITIONAL PROCESSES

Additional Process

Accounting Info Product Info Other importance business process

Process – Accounting Info

For checking status client’s accounting information

Result Fields: Transaction Time – DateTime Numeric Last Deposit – Datetime Numeric Amount Last Deposit - Float Last Transaction – Datetime numeric Amount last Transaction - Float Current Balance - Float Status - Integer Message - String

Process – Product Info

For automated product price & quota checking

Result Fields: Transaction Time – DateTime Numeric Product Code - String Price – Float Quota - Integer Status - Integer Message - String

STATUS

Status Type

Status – Must Be Clear and Detail – Cannot be General Success

Cannot be retried Method

Automatic Manual

Failed Caused By Client: Invalid: password, MSISDN etc Caused By Server: Out of Stock, Internal Error Retry able Don’t-Retry able Method

Automatic Manual

Status - Categorical Digit 8 Digit Status Code in Unsigned Integer

MEDIUMINT for MYSQL Field Type 1 Digit – Process Code = 1 Transaction 1 Digit – Phase = 1,3,5,6 1 Digit – By Client=1, By Server=2 1 Digit – Retry=1, Don’t Retry=2 1 Digit – State = On Progress=1,

Failed=2, Success=3 3 Digit – Detail

Status

User/Pass Failed: 1-1-1-2-001 => 11112001 Out of Stock: 3-2-1-2-101 => 13212101 Success Transaction: 3-2-1-3-500 =>

13213500 Inquiry Failed – Internal Error: 6-2-1-2-201

=> 16212201

SECURITY

Security

Data is Valuable ==== Money ! Message Must be Secure Only 2 Machine can be read/write Data must be Encrypted !! Encrypted with Exchanged Trusted

Key

Encrypted Data Flow

A B

Key A

Key B

Encrypt Decrypt

EncryptEncrypt

Key & Encrypted Function

Key generated by trusted organization/forum

Encryption Function: SHA-1 Maintain key for period of time (1

Month)

WHAT NEXT

What next ?

This is just beginning … Version 1.0 Continue improvement There will be Version 2.0, 3.0 etc