PROPOSEDSTANDARD PROTOCOLHOST-HOST

By Guruh PurnamaWINpulsa.com

BACKGROUND

Who we are

Winpulsa Not Developer – Not Selling Software to customer Distributor Service Company

We are User, Partnering with Developer

Winpulsa: IT Company: Content Provider, Application Service Provider Partnering: Operator Cellular, Banking All System developed by In-house developer

What we needs

Protocol:

Plug & Play

Secure

Reliable

Performance

Trustable

What is Standard ?

Acceptable

Adoptable

Scalable

Agreeable

Trustable

What to be standardized ?

Process

Method

Format

Field & Parameter

Status

Security

Requirement

Multi Transports HTTP/S YM –Yahoo Messenger Protocol XMPP/Jabber/G-Talk JMS/AMQP

Any Language PHP .NET Java Python Ruby Delphi / Pascal

TRANSACTION/ORDER PROCESS

Process

Request - Response

Synchronous / Active Client

Report –

Asynchronous / Passive Client

Inquiry – Result

Synchronous / Active Client

HTTP - Dynamic IP

Process – Synchronous

Client Server

Process

Request

Report

Inquiry

Result

Phase 1

Phase 2

Phase 3

Process – Sync/Asynchronous

Client Server

Process

Request

Response

Report

Inquiry

Result

Phase 1

Phase 2

Phase 3

Phase 4

Confirm

Process – Phase 1

Phase 1 (Internal)

Authentication – User id, password, PIN

Admin: has enough Balance, etc

Validation: Product Code, etc

Process – Phase 2

Phase 2 (External)

On Progress

Failed Transaction

Success Transaction

Process – Phase 2 - External

Client Server

On Progress

Success

Failed

Process – Phase3 - Report

Phase 3

Report result from the Transaction process

Phase 3 – client must confirm

Authentication By Client

On Progress

Failed

Success

Process – Phase 3 - Report

Server Client

On Progress

Success

Failed

Process – Phase 4 - Inquiry

Inquiry just like Report but more on Clientside that active

Can be used for checking &validating last transaction

Inquiry Process

Authentication By Server

On Progress

Failed

Success

Process – Phase 4 - Inquiry

Client Server

On Progress

Success

Failed

METHOD

Method

Message Passing Asynchronous YM,JMS One - Many Node More Flexible Can be Transformed, Filtered & Controlled etc

RPC – Remote Procedure Call Synchronous XMLRPC,SOAP One – One Node Rigid

FORMAT

Format

Binary/Bitmap based – More Machine language ISO 8583 - Financial transaction card originated

messages

Binary XML

Faster

Text based – More Human readable JSON,XML,YAML

Slower but easy to maintain

PARAMETERS

Request

Reference ID – Integer

Transaction Time – Integer

User ID – String

MD5 Password – String

MD5/SH1 Generated – MD5(Time + Password)

Product ID – String

MSISDN – String

Response

Request ID – Integer

Reference ID – Integer

Response Time – Numeric

14 Digits -YYYYMMDDhhiiss

Status – Integer

Report

Report ID - Integer Request ID - Integer Reference ID – Integer Report Time - Numeric Transaction Time – Numeric User ID – String MD5 Password - String Status – Integer Serial Number - Integer Message - String

Confirm

Confirm ID – Integer

Report ID – Integer

Confirm Time – Numeric

Status – Integer

Message - String

Inquiry

Reference ID – Integer

Inquiry Time – Integer

User ID – String

MD5 Password – String

MD5/SH1 Generated – MD5(Time + Password)

Result

Result ID - Integer Request ID - Integer Reference ID - Integer Transaction Time – Numeric Status – Integer Serial Number - Integer Message - String

Optional: Price - Float

ADDITIONAL PROCESSES

Additional Process

Accounting Info

Product Info

Other importance business process

Process – Accounting Info

For checking status client’s accounting information

Result Fields: Transaction Time – DateTime Numeric Last Deposit – Datetime Numeric Amount Last Deposit - Float Last Transaction – Datetime numeric Amount last Transaction - Float Current Balance - Float Status - Integer Message - String

Process – Product Info

For automated product price & quota checking

Result Fields: Transaction Time – DateTime Numeric

Product Code - String

Price – Float

Quota - Integer

Status - Integer

Message - String

STATUS

Status Type

Status – Must Be Clear and Detail – Cannot be General

Success Cannot be retried Method Automatic Manual

Failed Caused By Client: Invalid: password, MSISDN etc Caused By Server: Out of Stock, Internal Error Retry able Don’t-Retry able Method Automatic Manual

Status - Categorical Digit

8 Digit Status Code in Unsigned Integer MEDIUMINT for MYSQL Field Type

1 Digit – Process Code = 1 Transaction

1 Digit – Phase = 1,3,5,6

1 Digit – By Client=1, By Server=2

1 Digit – Retry=1, Don’t Retry=2

1 Digit – State = On Progress=1, Failed=2, Success=3

3 Digit – Detail

Status

User/Pass Failed: 1-1-1-2-001 => 11112001

Out of Stock: 3-2-1-2-101 => 13212101

Success Transaction: 3-2-1-3-500 => 13213500

Inquiry Failed – Internal Error: 6-2-1-2-201 => 16212201

SECURITY

Security

Data is Valuable ==== Money !

Message Must be Secure

Only 2 Machine can be read/write

Data must be Encrypted !!

Encrypted with Exchanged Trusted Key

Encrypted Data Flow

A B

Key A

Key B

Encrypt Decrypt

EncryptEncrypt

Key & Encrypted Function

Key generated by trusted organization/forum

Encryption Function: SHA-1

Maintain key for period of time (1 Month)

WHAT NEXT

What next ?

This is just beginning …

Version 1.0

Continue improvement

There will be Version 2.0, 3.0 etc