standard protocol for host-host by guruh purnama - winpulsa.com
DESCRIPTION
Presentation of Proposed Standard Protocol for Host-Host by Guruh Purnama - Winpulsa.com. For Electronic Voucher Industry in IndonesiaTRANSCRIPT
PROPOSEDSTANDARD PROTOCOLHOST-HOST
By Guruh PurnamaWINpulsa.com
BACKGROUND
Who we are
Winpulsa Not Developer – Not Selling Software to customer Distributor Service Company
We are User, Partnering with Developer
Winpulsa: IT Company: Content Provider, Application Service Provider Partnering: Operator Cellular, Banking All System developed by In-house developer
What we needs
Protocol:
Plug & Play
Secure
Reliable
Performance
Trustable
What is Standard ?
Acceptable
Adoptable
Scalable
Agreeable
Trustable
What to be standardized ?
Process
Method
Format
Field & Parameter
Status
Security
Requirement
Multi Transports HTTP/S YM –Yahoo Messenger Protocol XMPP/Jabber/G-Talk JMS/AMQP
Any Language PHP .NET Java Python Ruby Delphi / Pascal
TRANSACTION/ORDER PROCESS
Process
Request - Response
Synchronous / Active Client
Report –
Asynchronous / Passive Client
Inquiry – Result
Synchronous / Active Client
HTTP - Dynamic IP
Process – Synchronous
Client Server
Process
Request
Report
Inquiry
Result
Phase 1
Phase 2
Phase 3
Process – Sync/Asynchronous
Client Server
Process
Request
Response
Report
Inquiry
Result
Phase 1
Phase 2
Phase 3
Phase 4
Confirm
Process – Phase 1
Phase 1 (Internal)
Authentication – User id, password, PIN
Admin: has enough Balance, etc
Validation: Product Code, etc
Process – Phase 2
Phase 2 (External)
On Progress
Failed Transaction
Success Transaction
Process – Phase 2 - External
Client Server
On Progress
Success
Failed
Process – Phase3 - Report
Phase 3
Report result from the Transaction process
Phase 3 – client must confirm
Authentication By Client
On Progress
Failed
Success
Process – Phase 3 - Report
Server Client
On Progress
Success
Failed
Process – Phase 4 - Inquiry
Inquiry just like Report but more on Clientside that active
Can be used for checking &validating last transaction
Inquiry Process
Authentication By Server
On Progress
Failed
Success
Process – Phase 4 - Inquiry
Client Server
On Progress
Success
Failed
METHOD
Method
Message Passing Asynchronous YM,JMS One - Many Node More Flexible Can be Transformed, Filtered & Controlled etc
RPC – Remote Procedure Call Synchronous XMLRPC,SOAP One – One Node Rigid
FORMAT
Format
Binary/Bitmap based – More Machine language ISO 8583 - Financial transaction card originated
messages
Binary XML
Faster
Text based – More Human readable JSON,XML,YAML
Slower but easy to maintain
PARAMETERS
Request
Reference ID – Integer
Transaction Time – Integer
User ID – String
MD5 Password – String
MD5/SH1 Generated – MD5(Time + Password)
Product ID – String
MSISDN – String
Response
Request ID – Integer
Reference ID – Integer
Response Time – Numeric
14 Digits -YYYYMMDDhhiiss
Status – Integer
Report
Report ID - Integer Request ID - Integer Reference ID – Integer Report Time - Numeric Transaction Time – Numeric User ID – String MD5 Password - String Status – Integer Serial Number - Integer Message - String
Confirm
Confirm ID – Integer
Report ID – Integer
Confirm Time – Numeric
Status – Integer
Message - String
Inquiry
Reference ID – Integer
Inquiry Time – Integer
User ID – String
MD5 Password – String
MD5/SH1 Generated – MD5(Time + Password)
Result
Result ID - Integer Request ID - Integer Reference ID - Integer Transaction Time – Numeric Status – Integer Serial Number - Integer Message - String
Optional: Price - Float
ADDITIONAL PROCESSES
Additional Process
Accounting Info
Product Info
Other importance business process
Process – Accounting Info
For checking status client’s accounting information
Result Fields: Transaction Time – DateTime Numeric Last Deposit – Datetime Numeric Amount Last Deposit - Float Last Transaction – Datetime numeric Amount last Transaction - Float Current Balance - Float Status - Integer Message - String
Process – Product Info
For automated product price & quota checking
Result Fields: Transaction Time – DateTime Numeric
Product Code - String
Price – Float
Quota - Integer
Status - Integer
Message - String
STATUS
Status Type
Status – Must Be Clear and Detail – Cannot be General
Success Cannot be retried Method Automatic Manual
Failed Caused By Client: Invalid: password, MSISDN etc Caused By Server: Out of Stock, Internal Error Retry able Don’t-Retry able Method Automatic Manual
Status - Categorical Digit
8 Digit Status Code in Unsigned Integer MEDIUMINT for MYSQL Field Type
1 Digit – Process Code = 1 Transaction
1 Digit – Phase = 1,3,5,6
1 Digit – By Client=1, By Server=2
1 Digit – Retry=1, Don’t Retry=2
1 Digit – State = On Progress=1, Failed=2, Success=3
3 Digit – Detail
Status
User/Pass Failed: 1-1-1-2-001 => 11112001
Out of Stock: 3-2-1-2-101 => 13212101
Success Transaction: 3-2-1-3-500 => 13213500
Inquiry Failed – Internal Error: 6-2-1-2-201 => 16212201
SECURITY
Security
Data is Valuable ==== Money !
Message Must be Secure
Only 2 Machine can be read/write
Data must be Encrypted !!
Encrypted with Exchanged Trusted Key
Encrypted Data Flow
A B
Key A
Key B
Encrypt Decrypt
EncryptEncrypt
Key & Encrypted Function
Key generated by trusted organization/forum
Encryption Function: SHA-1
Maintain key for period of time (1 Month)
WHAT NEXT
What next ?
This is just beginning …
Version 1.0
Continue improvement
There will be Version 2.0, 3.0 etc