Embed Size (px)
Citation preview
PROPOSEDSTANDARD PROTOCOLHOST-HOST
By Guruh PurnamaWINpulsa.com
BACKGROUND
Who we are
Winpulsa Not Developer – Not Selling Software to customer Distributor Service Company
We are User, Partnering with Developer
Winpulsa: IT Company: Content Provider, Application Service Provider Partnering: Operator Cellular, Banking All System developed by In-house developer
What we needs
Protocol: Plug & Play Secure Reliable Performance Trustable
What is Standard ?
Acceptable Adoptable Scalable Agreeable Trustable
What to be standardized ?
Process Method Format Field & Parameter Status Security
Requirement
Multi Transports HTTP/S YM – Yahoo Messenger Protocol XMPP/Jabber/G-Talk JMS/AMQP
Any Language PHP .NET Java Python Ruby Delphi / Pascal
TRANSACTION/ORDER PROCESS
Process
Request - Response Synchronous / Active Client
Report – Asynchronous / Passive Client
Inquiry – Result Synchronous / Active Client HTTP - Dynamic IP
Process – Synchronous
Client
Server
Process
Request
Report
Inquiry
Result
Phase 1
Phase 2
Phase 3
Process – Sync/Asynchronous
Client
Server
Process
Request
Response
Report
Inquiry
Result
Phase 1
Phase 2
Phase 3
Phase 4
Confirm
Process – Phase 1
Phase 1 (Internal) Authentication – User id, password, PIN Admin: has enough Balance, etc Validation: Product Code, etc
Process – Phase 2
Phase 2 (External) On Progress Failed Transaction Success Transaction
Process – Phase 2 - External
Client Server
On Progress
Success
Failed
Process – Phase3 - Report
Phase 3 Report result from the Transaction
process Phase 3 – client must confirm
Authentication By Client On Progress Failed Success
Process – Phase 3 - Report
Server Client
On Progress
Success
Failed
Process – Phase 4 - Inquiry Inquiry just like Report but more on
Client side that active Can be used for checking &
validating last transaction Inquiry Process
Authentication By Server On Progress Failed Success
Process – Phase 4 - Inquiry
Client Server
On Progress
Success
Failed
METHOD
Method
Message Passing Asynchronous YM,JMS One - Many Node More Flexible Can be Transformed, Filtered & Controlled etc
RPC – Remote Procedure Call Synchronous XMLRPC,SOAP One – One Node Rigid
FORMAT
Format
Binary/Bitmap based – More Machine language ISO 8583 - Financial transaction card
originated messages Binary XML Faster
Text based – More Human readable JSON,XML,YAML Slower but easy to maintain
PARAMETERS
Request
Reference ID – Integer Transaction Time – Integer User ID – String MD5 Password – String
MD5/SH1 Generated – MD5(Time + Password)
Product ID – String MSISDN – String
Response
Request ID – Integer Reference ID – Integer Response Time – Numeric
14 Digits - YYYYMMDDhhiiss Status – Integer
Report
Report ID - Integer Request ID - Integer Reference ID – Integer Report Time - Numeric Transaction Time – Numeric User ID – String MD5 Password - String Status – Integer Serial Number - Integer Message - String
Confirm
Confirm ID – Integer Report ID – Integer Confirm Time – Numeric Status – Integer Message - String
Inquiry
Reference ID – Integer Inquiry Time – Integer User ID – String MD5 Password – String
MD5/SH1 Generated – MD5(Time + Password)
Result
Result ID - Integer Request ID - Integer Reference ID - Integer Transaction Time – Numeric Status – Integer Serial Number - Integer Message - String
Optional: Price - Float
ADDITIONAL PROCESSES
Additional Process
Accounting Info Product Info Other importance business process
Process – Accounting Info
For checking status client’s accounting information
Result Fields: Transaction Time – DateTime Numeric Last Deposit – Datetime Numeric Amount Last Deposit - Float Last Transaction – Datetime numeric Amount last Transaction - Float Current Balance - Float Status - Integer Message - String
Process – Product Info
For automated product price & quota checking
Result Fields: Transaction Time – DateTime Numeric Product Code - String Price – Float Quota - Integer Status - Integer Message - String
STATUS
Status Type
Status – Must Be Clear and Detail – Cannot be General Success
Cannot be retried Method
Automatic Manual
Failed Caused By Client: Invalid: password, MSISDN etc Caused By Server: Out of Stock, Internal Error Retry able Don’t-Retry able Method
Automatic Manual
Status - Categorical Digit 8 Digit Status Code in Unsigned Integer
MEDIUMINT for MYSQL Field Type 1 Digit – Process Code = 1 Transaction 1 Digit – Phase = 1,3,5,6 1 Digit – By Client=1, By Server=2 1 Digit – Retry=1, Don’t Retry=2 1 Digit – State = On Progress=1,
Failed=2, Success=3 3 Digit – Detail
Status
User/Pass Failed: 1-1-1-2-001 => 11112001 Out of Stock: 3-2-1-2-101 => 13212101 Success Transaction: 3-2-1-3-500 =>
13213500 Inquiry Failed – Internal Error: 6-2-1-2-201
=> 16212201
SECURITY
Security
Data is Valuable ==== Money ! Message Must be Secure Only 2 Machine can be read/write Data must be Encrypted !! Encrypted with Exchanged Trusted
Key
Encrypted Data Flow
A B
Key A
Key B
Encrypt Decrypt
EncryptEncrypt
Key & Encrypted Function
Key generated by trusted organization/forum
Encryption Function: SHA-1 Maintain key for period of time (1
Month)
WHAT NEXT
What next ?
This is just beginning … Version 1.0 Continue improvement There will be Version 2.0, 3.0 etc
