CN106302698B - The method and system of order business - Google Patents
The method and system of order business Download PDFInfo
- Publication number
- CN106302698B CN106302698B CN201610657837.2A CN201610657837A CN106302698B CN 106302698 B CN106302698 B CN 106302698B CN 201610657837 A CN201610657837 A CN 201610657837A CN 106302698 B CN106302698 B CN 106302698B
- Authority
- CN
- China
- Prior art keywords
- service
- business
- mobile terminal
- message
- application apparatus
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/51—Discovery or management thereof, e.g. service location protocol [SLP] or web services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/55—Push-based network services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/12—Messaging; Mailboxes; Announcements
- H04W4/14—Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention provides a kind of method and system of order business, has many advantages, such as that anti-third party software intercepts, anti-user is assumed another's name to reply.The method of order business of the invention includes: that the business message request that is sent according to service side's operation system of safety service platform device generates business and invites message and then pass through short message channel and is sent to security service application apparatus;The business that the parsing of security service application apparatus receives invites message, then sends proactive command to destination mobile terminal according to parsing result, so that business message request is presented to user in destination mobile terminal;Security service application apparatus receives the service order instruction that destination mobile terminal is sent;Service order instruction encryption is packaged into service order message by security service application apparatus, and service order message is then sent to safety service platform device by short message channel;Safety service platform device decryption parsing service order message, is then sent to service side's operation system for service order packet parsing result.
Description
Technical field
The present invention relates to computer and its software technology field, a kind of particularly method and system of order business.
Background technique
It is a kind of the most commonly used value added service ordering scheme that short message service, which is ordered, is mainly used in operator, bank, electricity
The IT service field such as quotient.The major programme that short message service is ordered is: service provider's platform (such as telecom operators) will specifically increase
Value business message request is sent to the mobile phone of user with short message mode, and user is required to reply specific character combination (such as
DG01234) to complete to order confirmation;Once the mobile phone of user has replied confirmation short message according to asking, then service provider's platform will from
Corresponding expense is deducted in the communication account (being also possible to traditional bank account, internet financial account etc.) at family.Then should
Expense can will be divided into ratio according to signing with service provider SP (Service Provider) by service provider's platform and be divided into.
The key point of " short message service order " scheme is: using user use the confirmation short message of handset replies as deduct fees according to
According to.But service provider's platform or SP can not differentiate whether the confirmation short message issued from the user mobile phone number is exactly user
Operation.A large amount of with smart phone popularize, this security breaches is utilized by the application of a large amount of malice fee suction mobile phone, to a large amount of
Smart phone user causes property loss.Such as: user can be induced to click in the application of some malice fee suction mobile phones
Button or picture, such as get new hand's reward, special price purchase gold coin/diamond etc..Once user clicks, which is answered
With embedded code of deducting fees can be executed.The code major function is to send value added service ordering to specific service provider's platform to ask
It asks.Service provider's platform can issuing service order short message after receiving subscription request in this way.When mobile phone, which receives, orders short message, malice
The application of fee suction mobile phone can carry out interception and content recognition to it according to number is sent;Once malice fee suction mobile phone application judges this
The service order short message that short message is requested before being really, then automatically reply a confirmation short message.Above-mentioned whole process user almost without
Perception, is deducted fees unconsciously.
It can be seen that being needed the problem of being intercepted, can be assumed another's name to reply in existing short message service order scheme
To solution.
Summary of the invention
In view of this, the present invention provides a kind of method and system of order business, can solve in the prior art above-mentioned
Problem has many advantages, such as that anti-third party software intercepts, and anti-user is assumed another's name to reply.
To achieve the above object, according to an aspect of the invention, there is provided a kind of method of order business.
The method of order business of the invention includes: the industry that safety service platform device is sent according to service side's operation system
Message request generation business of being engaged in invites message, and business invitation message is then sent to security service by short message channel and is answered
Use device;The business that the security service application apparatus parsing receives invites message, then invites message according to business
Parsing result sends proactive command to destination mobile terminal, invites so that the business is presented to user in the destination mobile terminal
It please information;The security service application apparatus receives the service order instruction that the destination mobile terminal is sent;The safety clothes
Service order instruction encryption is packaged into service order message by business application apparatus, then passes through short message channel for the business
It orders message and is sent to the safety service platform device;The safety service platform device decryption parses the service order report
Then service order packet parsing result is sent to service side's operation system by text.
Optionally, it is generated in the safety service platform device according to the business message request that service side's operation system is sent
Business was invited before the step of message, further includes: the safety service platform device receives service side's operation system and sends
Business message request, the business message request include security access code, destination mobile terminal mark and business invite text
Content;The safety service platform device confirms that service side's permission is legal according to the security access code, is moved according to the target
Dynamic terminal iidentification confirmation target user is effective, and invites content of text confirmation push content legality according to the business.
Optionally, the service order instruction that the destination mobile terminal is sent is received in the security service application apparatus
Before step, further includes: the security service application apparatus is mobile with the safety service platform device and the target respectively
Terminal establishes communication linkage;The safety service platform device generates the corresponding user's specific key of the destination mobile terminal,
And user's specific key is made a copy for and is saved to the security service application apparatus;The security service application apparatus will be described
The step of service order instruction encryption is packaged into service order message includes: that the security service application apparatus orders the business
Purchase instruction is packaged into service order message using user's specific key encryption;The safety service platform device decryption parsing
The step of service order message includes: the safety service platform device using user's specific key decryption parsing institute
State service order message.
Optionally, the security service application apparatus is mobile eventually respectively at the safety service platform device and the target
It includes: that the security service application apparatus is sent to the destination mobile terminal about acquisition target that communication link step is established at end
Then the proactive command of mobile terminal identification receives the destination mobile terminal mark that the destination mobile terminal returns;
The security service application apparatus is by destination mobile terminal mark and the security service application identities through described preset close
The safety service platform device is gone upward to by short message channel after code encryption;The safety service platform device is through described preset
Password is decrypted to obtain the destination mobile terminal mark and the security service application identities, and it is mobile eventually then to save the target
The binding relationship of end mark and the security service application identities is to realize that user activates.
According to another aspect of the present invention, a kind of system of order business is provided.
The system of order business of the invention includes: safety service platform device and security service application apparatus, wherein institute
It states safety service platform device to be used for: business being generated according to the business message request that service side's operation system is sent and invites message,
Then business invitation message is sent to by security service application apparatus by short message channel;Decryption parsing service order report
Then service order packet parsing result is sent to service side's operation system by text;The security service application apparatus is used
In: it parses the business received and invites message, then invite packet parsing result to send out to destination mobile terminal according to business
Proactive command is sent, so that the business message request is presented to user in the destination mobile terminal;It is mobile to receive the target
The service order instruction that terminal is sent;Service order instruction encryption is packaged into service order message, is then passed through
The service order message is sent to the safety service platform device by short message channel.
Optionally, the safety service platform device is also used to: being received the business that service side's operation system is sent and is invited
Please information, the business message request include security access code, destination mobile terminal mark and business invite content of text;According to
Security access code confirmation service side's permission is legal, effective according to the destination mobile terminal identity validation target user, with
And content of text confirmation push content legality is invited according to the business.
Optionally, the safety service platform device is also used to: it is specific to generate the corresponding user of the destination mobile terminal
Key, and saved being made a copy for after user's specific key encryption to the security service application apparatus;It is special using the user
Determine key decryption and parses the service order message;The security service application apparatus is also used to: respectively with the security service
Stage apparatus and the destination mobile terminal establish communication linkage;The service order is instructed and uses user's specific key
Encryption is packaged into service order message.
Optionally, the security service application apparatus is also used to: Xiang Suoshu destination mobile terminal is sent about acquisition target
Then the proactive command of mobile terminal identification receives the destination mobile terminal mark that the destination mobile terminal returns;
Destination mobile terminal mark and the security service application identities are passed through into short message channel after presetting cipher encryption
Go upward to the safety service platform device;The safety service platform device is also used to: decrypting to obtain through the presetting cipher
Then destination mobile terminal mark and the security service application identities save the destination mobile terminal mark and described
The binding relationship of security service application identities is to realize that user activates.
According to the technique and scheme of the present invention, it at least has the advantages that.
(1) anti-interception: the service order information pushed away due under has used the secure short message technology of international standard, in hand
After machine bottom chip receives the short message, the carry out subsequent processing of security service application apparatus will be forwarded directly to.Without to
Normal short message equally transfers to mobile phone operating system or third party APP to handle.Business can fundamentally have been prevented in this way to order
The possibility that purchase short message is intercepted by malice APP.
(2) anti-tamper: the user's confirmation message due to the service order information that pushes away under and above sent all has carried out safety
The information protected (including: data encryption and data redundancy check), therefore transmitted has anti-snooping, anti-tamper characteristic.
(3) anti-counterfeiting: since the transmitting-receiving of information is cooperated by safety service platform device and security service application apparatus
Come what is completed, by way of user-defined identification and transferring content key, pair of platform and the application of card end can be easily achieved
To certification, therefore this programme has prevented a possibility that counterfeit platform of third party APP or card are using information is sent.
(4) cost of implementation is low: this programme uses the secure short message encapsulation technology of international standard, therefore can be directly existing
It is used in some mobile network's short message channels.Without carrying out the network rebuilding, only security service need to be increased for the handset card of user
Application apparatus.
Detailed description of the invention
Attached drawing for a better understanding of the present invention, does not constitute an undue limitation on the present invention.Wherein:
Fig. 1 is the schematic diagram of the basic step of the method for the order business of embodiment according to the present invention;
Fig. 2 is the schematic diagram of the main modular of the system of the order business of embodiment according to the present invention;
Fig. 3 is the schematic diagram of the course of work of the system of the order business of embodiment according to the present invention.
Specific embodiment
It explains below in conjunction with attached drawing to exemplary embodiment of the invention, including embodiment of the present invention
Various details should think them only exemplary to help understanding.Therefore, those of ordinary skill in the art should recognize
Know, various changes and modifications can be made to embodiment described herein, without departing from scope and spirit of the present invention.
Equally, for clarity and conciseness, descriptions of well-known functions and structures are omitted from the following description.
Fig. 1 is the schematic diagram of the basic step of the method for the order business of embodiment according to the present invention.As shown in Figure 1,
The method of the order business of the embodiment mainly includes the following steps, namely S1 to step S5.
Step S1: the business message request that safety service platform device is sent according to service side's operation system generates business and invites
Please message, then by short message channel by business invitation message be sent to security service application apparatus.
Step S2: the business that the parsing of security service application apparatus receives invites message, then invites message according to business
Parsing result sends proactive command to destination mobile terminal, so that business message request is presented to user in destination mobile terminal.
Step S3: security service application apparatus receives the service order instruction that destination mobile terminal is sent.
Step S4: service order instruction encryption is packaged into service order message by security service application apparatus, is then passed through
Service order message is sent to safety service platform device by short message channel.
Step S5: safety service platform device decryption parsing service order message, then by service order packet parsing knot
Fruit is sent to service side's operation system.
It optionally, can also include as follows before step S1 in order to enhance the authentication management to service side's operation system
Step S01 and step S02 (not showed that in Fig. 1).Step S01: safety service platform device receives service side's operation system hair
The business message request sent, business message request include that security access code, destination mobile terminal mark and business are invited in text
Hold.Wherein, security access code is that service side's operation system obtains when completing service signing process with safety service platform device.
Destination mobile terminal identifies the unique identifier for referring to the corresponding mobile terminal of audience (i.e. user).Step S02: safety clothes
Being engaged in, stage apparatus is legal according to security access code confirmation service side's permission, and according to destination mobile terminal, identity validation target user has
Effect, and content of text confirmation push content legality is invited according to business.Wherein, the confirmation effective process of target user refers to:
Safety service platform device inquires the activation user list prestored, if including that the destination mobile terminal identifies in activation user list
Then confirm that target user is effective, otherwise target user is invalid.
Optionally, in order to improve the confidentiality in transmitting information process, following S04 is include thed steps that before step A
It (is not showed that in Fig. 1) with step S05.Step S04: security service application apparatus respectively with safety service platform device and target
Mobile terminal establishes communication linkage.Step S04 is actually initialization procedure.Step S05: safety service platform device generates
The corresponding user's specific key of destination mobile terminal, and user's specific key is made a copy for and is saved to security service application apparatus.This
Sample security service application apparatus respectively with have user's specific key in safety service platform device.User's specific key
It can be used in above-mentioned steps S3 and step S4.Specifically, service order is instructed encryption encapsulation by security service application apparatus
It include: security service application apparatus by service order instruction using user's specific key encryption envelope at the step of service order message
Dress up service order message.And the step of safety service platform device decryption parsing service order message includes: security service
Stage apparatus is using user's specific key decryption parsing service order message.
Optionally, above-mentioned steps S04 can specifically include following step S041 to S043 (not showing that in Fig. 1).Step
Rapid S041: security service application apparatus is sent to destination mobile terminal about the active life for obtaining destination mobile terminal mark
It enables, then receives the destination mobile terminal mark that destination mobile terminal returns.Step S042: security service application apparatus is by target
Mobile terminal identification and security service application identities go upward to safety service platform by short message channel after presetting cipher encrypts
Device.Step S043: safety service platform device decrypts to obtain destination mobile terminal mark through presetting cipher and security service is answered
With mark, the binding relationship of destination mobile terminal mark and security service application identities is saved then to realize that user activates.It is real
After current family has activated, it is meant that can establish activation user list in safety service platform device, the activation user name
" confirmation target user is effective " that singly can be used for mentioning in step S02.
Fig. 2 is the schematic diagram of the basic module of the system of the order business of embodiment according to the present invention.As shown in Fig. 2,
The system 20 of the order business of the embodiment mainly includes safety service platform device 21 and security service application apparatus 22.
Safety service platform device 21 is used for: the business message request sent according to service side's operation system generates business and invites
Please message, then by short message channel by business invitation message be sent to security service application apparatus 22;Decryption parsing business is ordered
Message is purchased, service order packet parsing result is then sent to service side's operation system.
Security service application apparatus 22 is used for: being parsed the business received and is invited message, then invites message according to business
Parsing result sends proactive command to destination mobile terminal, so that business message request is presented to user in destination mobile terminal;
Receive the service order instruction that destination mobile terminal is sent;Service order instruction encryption is packaged into service order message, then
Service order message is sent to safety service platform device 21 by short message channel.
Optionally, safety service platform device 21 is also used to: the business message request that service side's operation system is sent is received,
Business message request includes that security access code, destination mobile terminal mark and business invite content of text;According to security access code
Confirm that service side's permission is legal, identity validation target user is effective according to destination mobile terminal, and invites text according to business
Content check pushes content legality.
Optionally, safety service platform device 21 is also used to: the corresponding user's specific key of destination mobile terminal is generated, and
User's specific key is made a copy for and is saved to security service application apparatus 22;Parsing service order report is decrypted using user's specific key
Text.Security service application apparatus 22 is also used to: establishing communication chain with safety service platform device 21 and destination mobile terminal respectively
It connects;Service order instruction is packaged into service order message using the encryption of user's specific key.
Optionally, security service application apparatus 22 is also used to: being sent to destination mobile terminal mobile eventually about target is obtained
The proactive command of mark is held, the destination mobile terminal mark that destination mobile terminal returns then is received;By destination mobile terminal
Mark and security service application identities go upward to safety service platform device 21 by short message channel after presetting cipher encrypts.Peace
Full service platform device 21 is also used to: it decrypts to obtain destination mobile terminal mark and security service application identities through presetting cipher,
Then the binding relationship of destination mobile terminal mark and security service application identities is saved to realize that user activates.
To more fully understand the public, specific introduction is done below with reference to specific embodiment.
Fig. 3 is the schematic diagram of the course of work of the system of the order business of embodiment according to the present invention.As shown in figure 3,
Whole work process can be greatly classified into initial phase, ordering information configuration phase and service order stage, in addition to being related to
Safety service platform device 21 and security service application apparatus 22 in the system of the order business of embodiment of the present invention it
Outside, service side's operation system, mobile terminal and user have been further related to.
One, initial phase
Firstly, mobile terminal-opening starting is to activate security service application apparatus (with reference to the label 1 in Fig. 3).This mistake
Journey is corresponded on hardware and is explained, after referring to that the mobile terminal devices such as mobile phone are opened, to the hand for being mounted on the mobile terminal device
Chip card in machine card slot, having loaded security service application apparatus powers on, to deactivate safety according to telecommunications international norm
It is served by device, and then chip card completes the booting communication interaction with mobile terminal according to telecommunications international norm, while will open
Machine event notifies to give security service application apparatus.The security service application apparatus for receiving event notice, will be according to preset program
Registration activation operation is executed, to complete the initial work of program.
Then, security service application apparatus issues proactive command to mobile terminal to obtain mobile terminal identification (reference
Label 2 in Fig. 3).Specifically, when each mobile terminal-opening, security service application apparatus can all send to mobile terminal and lead
Dynamic formula order (a kind of bottom interactive instruction of machine cartoon letters, referring to telecommunications international standard " ETSI TS 102 223 "), to obtain
Mobile terminal identification and current base station location information (optional) are simultaneously stored.Mobile terminal identification includes but is not limited to international moves
Dynamic device identification IMEI (International Mobile Equipment Identity).Due to security service application apparatus
History terminal identification information is stored, as long as therefore in the terminal identification information and security service application apparatus newly obtained every time
Stored history terminal identification information compares, and whether the mobile terminal of plug-in card is identical twice before and after can determining.It needs
It is bright, for activated security service application apparatus, it can just be built-in with historical storage terminal identification information.For un-activation
Security service application apparatus, built in historical storage terminal identification information be sky.If should be noted safety clothes
The mobile terminal of business application apparatus judgement front and back plug-in card twice be it is identical, then mean mobile terminal-security service application dress
The binding relationship set does not change, does not need repeated registration activation.In other words, only when security service application apparatus initial activation
When, and when mobile terminal corresponding with security service application apparatus changes, just need to be implemented subsequent in initial phase
Registration activate step.
Then, mobile terminal responds proactive command, returns to mobile terminal identification (with reference to figure to security service application apparatus
Label 3 in 3).The mobile terminal mark that security service application apparatus gets preservation.
Then, in the case where for the security service application apparatus of initial activation, security service application apparatus obtains itself
Security service application identities (with reference to the label 4 in Fig. 3).Security service application identities include but is not limited to: integrated circuit card
Identification code ICCID (Integrated Circuit Card Identifier), international mobile subscriber identity IMSI
(International Mobile Subscriber Identification Number) etc..Obtain card identification
Method include but is not limited to: read chip card file, by chip card application programming interface API (Application
Programming Interface) obtain etc..
Then, security service application apparatus is with short message mode uplink destination mobile terminal mark and security service application identities
To safety service platform device (with reference to the label 5 in Fig. 3).Specifically in two kinds of situation.(a) when security service application apparatus is
When initial activation state: then carrying out safe packet encapsulation to the mobile terminal identification of acquisition and security service application identities (can be with
Encrypted by preset key), and safety service platform device is gone upward to by short message channel.(b) when security service application
When device detects that active user has changed mobile terminal according to the identification information that mobile terminal is fed back;The new shifting that then will acquire
Dynamic terminal iidentification carries out safe packet encapsulation (being protected using the security key that the registration activation stage is replaced), and by short
Letter channel goes upward to safety service platform device.
It should be noted that actually can also be (such as current by card identification (ICCID, IMSI), location information
The location information of serving BS) and dynamic generation key information (such as two keys can be generated, one be responsible for it is subsequent
The encryption of downlink data, one is responsible for the redundancy check of subsequent downlink data) it goes upward in safety service platform device.
Then, after the uplink information of safety service platform device reception security service application apparatus, pass through prefabricated key
Packet parsing is carried out, and is handled as follows in two kinds of situation (with reference to the label 6 in Fig. 3).(a) when security service application apparatus is
When initial activation state, both security service application apparatus and mobile terminal are established in security service application apparatus database
Corresponding relationship (optionally, is also bound together with the cell-phone number three in short message message), to set up activation user list.
Meanwhile platform is that the mobile terminal distributes unique user's specific key.This user's specific key essence is exactly user
Identifier.(b) when security service application apparatus has been activated, then safety service platform device can determine whether that the uplink information is notice
Current phone card is inserted into other mobile terminals and powers on (i.e. user has replaced mobile terminal).At this point, safety service platform fills
Corresponding mobile user data table can be found by the cell-phone number in uplink short message message by setting, and update the terminal mark wherein bound
Know information.
Then, safety service platform device will shift security service application onto using secure short message technology under user's specific key
In device, and thus complete the initial work of application (with reference to the label 7 in Fig. 3).
To more fully understand those skilled in the art, key used in secure subscription business is first summarized as follows face
Shown in table 1.
Key used in 1 secure subscription business of table
In addition, the special instruction of the activation operation of registration for the first time for security service application apparatus:
(1) uplink data messages: card hardware security Dynamic building algorithm will be utilized comprising security service application apparatus
" downlink security key " and " data check key ".Protecting data encryption is carried out using preset " uplink security key ";It uses
" the data check key " of dynamic generation carries out the redundancy check protection of clear data;
(2) downlink data message fed back: by " uplink security key " comprising safety service platform dynamic generation.It uses
" the downlink security key " got carries out protecting data encryption;Clear data is carried out using " the data check key " got
Redundancy check protection.
(3) security service application apparatus receives downlink data message, is solved with generated " downlink security key "
It is close, new " uplink security key " is got, and carry out key updating operation.
Two, ordering information configuration phase
Firstly, service side's operation system login account on safety service platform device (with reference to the label 8 in Fig. 3).
Then, after safety service platform device receives registration request, security access code is distributed for service side's operation system
(with reference to the label 9 in Fig. 3).The security access code can be used for the identity of service for checking credentials side's operation system, prevent qualification from not conforming to
The service side of lattice distributes black advertisement using safety service platform.
In addition, the administrative staff of service side can log in safety service platform device carry out order business content official documents and correspondence with
SUBSCRIBE Operation configuration.Official documents and correspondence configuration needs to rely on system and carries out content volume for foundation forms provided by different kinds of business
Volume;SUBSCRIBE Operation configuration is for being arranged after user receives and confirm business message request, and performed behaviour is applied in security service
Make.The particular subscription instruction encoding that reply can be configured, can also configure the receiving number of answer short message, such as send
" DG01234 " to " 1065xxxx " short message Number for access, default ordering information is to be uploaded to safety service platform device.
Three, the service order stage
Firstly, service side's operation system sends business message request to safety service platform device.(with reference to the mark in Fig. 3
10) the business message request includes that security access code, destination mobile terminal mark and business invite content of text to note.Wherein, mesh
Mark mobile terminal identification can be the phone number of user.
Then, safety service platform device confirmation business message request is legal and effective (with reference to the label 11 in Fig. 3).Tool
Body, safety service platform device is confirmed in terms of three: confirming that service side's permission is legal according to security access code, according to mesh
It is effective to mark mobile terminal identification confirmation target user, and content of text confirmation push content legality is invited according to business.Wherein,
The confirmation effective process of target user refers to: the activation user list prestored in safety service platform device inquiry database, if
It include that destination mobile terminal mark then confirms that target user is effective, otherwise target user is invalid in activation user list.According to
Business invites content of text confirmation push this sub-step time-consuming of content legality more, also adjustable to ordering information configuration rank
Duan Zhihang.
Then, safety service platform device accepts notice to the sending of service side's operation system (with reference to the label 12 in Fig. 3).
Then, safety service platform device generates business invitation message (with reference to the label in Fig. 3 according to business message request
13) business invitation message then, is sent to by security service application apparatus (with reference to the label 14 in Fig. 3) by short message channel.
Then, the business that the parsing of security service application apparatus receives invites message (with reference to the label 15 in Fig. 3), then
Packet parsing result is invited to send proactive command (with reference to the label 16 in Fig. 3) to destination mobile terminal according to business, so that
Business message request is presented to user in destination mobile terminal (with reference to the label 17 in Fig. 3).
Then, user carries out the operation of confirmation order on mobile terminals (with reference to the label 18 in Fig. 3).
Then, the service order that security service application apparatus receives that destination mobile terminal is sent instructs (with reference to the mark in Fig. 3
Note is 19).Here order instruction can be that " confirmation order business " or " order cancellation business " are indicated as defined in service provider
Meaning specific coding.
Then, service order instruction is packaged into service order using the encryption of user's specific cryptosystem by security service application apparatus
Message (with reference to the label 20 in Fig. 3), is then sent to safety service platform device for service order message by short message channel
(with reference to the label 21 in Fig. 3).
Then, safety service platform device is using user's specific cryptosystem decryption parsing service order message (with reference in Fig. 3
Label 22), service order packet parsing result is then sent to service side's operation system (with reference to the label 23 in Fig. 3).
Finally, service side's operation system issues the feedback message (ginseng for having responded subscription request to safety service platform device
Examine the label 24 in Fig. 3).
From the foregoing, it will be observed that the method and system of order business of the invention at least has the advantages that
(1) anti-interception: since the service order information pushed away under platform has used the secure short message technology of international standard,
After mobile phone bottom chip receives the short message, card will be forwarded directly to and carry out subsequent processing.Without to normal short message one
Sample transfers to mobile phone operating system or third party APP to handle.This programme has fundamentally prevented service order short message by malice
The possibility that APP is intercepted.
(2) anti-tamper: the service order information pushed away under in this programme and the user's confirmation message above sent all carry out
Safeguard protection (including: data encryption and data redundancy check), therefore the information transmitted has anti-snooping, anti-tamper characteristic.
(3) anti-counterfeiting: since the transmitting-receiving of information is completed by safety service platform and the application cooperation of card end, pass through
The mode of user-defined identification and transferring content key can be easily achieved the two-way authentication of platform and the application of card end, therefore this
Scheme has prevented a possibility that counterfeit platform of third party APP or card application transmission information.
(4) cost of implementation is low: this programme uses the secure short message encapsulation technology of international standard, therefore can be directly existing
It is used in some mobile network's short message channels.Without carrying out the network rebuilding, only security service need to be increased for the handset card of user
Using.
Above-mentioned specific embodiment, does not constitute a limitation on the scope of protection of the present invention.Those skilled in the art should be bright
It is white, design requirement and other factors are depended on, various modifications, combination, sub-portfolio and substitution can occur.It is any
Made modifications, equivalent substitutions and improvements etc. within the spirit and principles in the present invention, should be included in the scope of the present invention
Within.
Claims (8)
1. a kind of method of order business characterized by comprising
Safety service platform device generates business according to the business message request that service side's operation system is sent and invites message, then
Business invitation message is sent to security service application apparatus by short message channel;
The business that the security service application apparatus parsing receives invites message, then invites packet parsing according to business
As a result proactive command is sent to destination mobile terminal, so that the business invitation letter is presented to user in the destination mobile terminal
Breath;
The security service application apparatus receives the service order instruction that the destination mobile terminal is sent;
Service order instruction encryption is packaged into service order message by the security service application apparatus, then passes through short message
The service order message is sent to the safety service platform device by channel;
The safety service platform device decryption parses the service order message, then sends out service order packet parsing result
Give service side's operation system.
2. the method for order business according to claim 1, which is characterized in that the safety service platform device according to
The business message request that service side's operation system is sent generated before the step of business invites message, further includes:
The safety service platform device receives the business message request that service side's operation system is sent, and the business is invited
Information includes that security access code, destination mobile terminal mark and business invite content of text;
The safety service platform device confirms that service side's permission is legal according to the security access code, mobile according to the target
Terminal iidentification confirms that target user is effective, and invites content of text confirmation push content legality according to the business.
3. the method for order business according to claim 1, which is characterized in that
Before the security service application apparatus receives the step of service order that the destination mobile terminal is sent instructs, also
It include: that the security service application apparatus is communicated with the safety service platform device and destination mobile terminal foundation respectively
Link;The safety service platform device generates the corresponding user's specific key of the destination mobile terminal, and by the user
Specific key is made a copy for be saved to the security service application apparatus;
The step of service order instruction encryption is packaged into service order message by the security service application apparatus includes: institute
It states security service application apparatus and service order instruction is packaged into service order report using user's specific key encryption
Text;
The step of safety service platform device decryption parses the service order message includes: the safety service platform dress
It sets and the service order message is parsed using user's specific key decryption.
4. the method for order business according to claim 3, which is characterized in that the security service application apparatus respectively with
The safety service platform device and the destination mobile terminal establish communication link step and include:
The security service application apparatus is sent to the destination mobile terminal about the active for obtaining destination mobile terminal mark
Then formula order receives the destination mobile terminal mark that the destination mobile terminal returns;
The security service application apparatus is by destination mobile terminal mark and security service application apparatus mark through preset close
The safety service platform device is reported to by short message channel after code encryption;
The safety service platform device is decrypted to obtain the destination mobile terminal mark and the security service through presetting cipher
Then application apparatus mark saves the binding relationship of the destination mobile terminal mark and security service application apparatus mark
To realize that user activates.
5. a kind of system of order business characterized by comprising safety service platform device and security service application apparatus,
Wherein,
The safety service platform device is used for: being generated business according to the business message request that service side's operation system is sent and is invited
Then business invitation message is sent to security service application apparatus by short message channel by message;Decryption parsing business is ordered
Message is purchased, service order packet parsing result is then sent to service side's operation system;
The security service application apparatus is used for: being parsed the business received and is invited message, is then invited and reported according to business
Literary parsing result sends proactive command to destination mobile terminal, so that the business is presented to user in the destination mobile terminal
Message request;Receive the service order instruction that the destination mobile terminal is sent;The service order is instructed into encryption envelope
Service order message is dressed up, the service order message is then sent to by the safety service platform by short message channel and is filled
It sets.
6. the system of order business according to claim 5, which is characterized in that the safety service platform device is also used
In: the business message request of service side's operation system transmission is received, the business message request includes security access code, mesh
It marks mobile terminal identification and business invites content of text;Confirm that service side's permission is legal according to the security access code, according to institute
It is effective to state destination mobile terminal identity validation target user, and invites content of text confirmation push content to close according to the business
Method.
7. the system of order business according to claim 5, which is characterized in that
The safety service platform device is also used to: generating the corresponding user's specific key of the destination mobile terminal, and by institute
It states to make a copy for after user's specific key encrypts and be saved to the security service application apparatus;It is decrypted and is solved using user's specific key
Analyse the service order message;
The security service application apparatus is also used to: being built respectively with the safety service platform device and the destination mobile terminal
Vertical communication linkage;The service order is instructed, service order message is packaged into using user's specific key encryption.
8. the system of order business according to claim 7, which is characterized in that
The security service application apparatus is also used to: Xiang Suoshu destination mobile terminal is sent about acquisition destination mobile terminal mark
Proactive command, then receive the destination mobile terminal mark that the destination mobile terminal returns;The target is moved
Dynamic terminal iidentification and security service application apparatus mark report to the safety clothes by short message channel after presetting cipher encrypts
Business stage apparatus;
The safety service platform device is also used to: decrypting to obtain the destination mobile terminal mark and the peace through presetting cipher
It is served by device identification entirely, the destination mobile terminal mark is then saved and is tied up with what the security service application apparatus identified
Relationship is determined to realize that user activates.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610657837.2A CN106302698B (en) | 2016-08-11 | 2016-08-11 | The method and system of order business |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610657837.2A CN106302698B (en) | 2016-08-11 | 2016-08-11 | The method and system of order business |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106302698A CN106302698A (en) | 2017-01-04 |
CN106302698B true CN106302698B (en) | 2019-04-23 |
Family
ID=57668454
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610657837.2A Active CN106302698B (en) | 2016-08-11 | 2016-08-11 | The method and system of order business |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106302698B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111225402B (en) * | 2018-11-26 | 2022-11-11 | 卓望数码技术(深圳)有限公司 | Charging middleware testing system and method |
CN113543049B (en) * | 2020-04-15 | 2022-10-18 | 中国移动通信集团安徽有限公司 | Information processing method and device and business server |
CN117010001B (en) * | 2023-09-28 | 2024-03-01 | 之江实验室 | Data security service method and device and cloud storage system |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101257519A (en) * | 2008-03-27 | 2008-09-03 | 中国联合通信有限公司 | Method and system for preventing lawless ordering without charging gateway |
CN202548912U (en) * | 2012-01-12 | 2012-11-21 | 中国移动通信集团安徽有限公司 | Data business distribution system based on short message credit |
CN103139737A (en) * | 2011-11-30 | 2013-06-05 | 中国移动通信集团公司 | Method and device for key negotiation, method, system and device for short message second-time confirmation |
WO2014094822A1 (en) * | 2012-12-17 | 2014-06-26 | Telefonaktiebolaget L M Ericsson (Publ) | Authenticating public land mobile networks to mobile stations |
-
2016
- 2016-08-11 CN CN201610657837.2A patent/CN106302698B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101257519A (en) * | 2008-03-27 | 2008-09-03 | 中国联合通信有限公司 | Method and system for preventing lawless ordering without charging gateway |
CN103139737A (en) * | 2011-11-30 | 2013-06-05 | 中国移动通信集团公司 | Method and device for key negotiation, method, system and device for short message second-time confirmation |
CN202548912U (en) * | 2012-01-12 | 2012-11-21 | 中国移动通信集团安徽有限公司 | Data business distribution system based on short message credit |
WO2014094822A1 (en) * | 2012-12-17 | 2014-06-26 | Telefonaktiebolaget L M Ericsson (Publ) | Authenticating public land mobile networks to mobile stations |
Also Published As
Publication number | Publication date |
---|---|
CN106302698A (en) | 2017-01-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106101147B (en) | A kind of method and system for realizing smart machine and the communication of remote terminal dynamic encryption | |
CN101978675B (en) | System and method for securely issuing subscription credentials to communication devices | |
CN106304074B (en) | Auth method and system towards mobile subscriber | |
CN100452700C (en) | Secret session establishment based on radi oapplied protocol | |
AU2002230306B2 (en) | Method for enabling PKI functions in a smart card | |
CN101641976B (en) | An authentication method | |
CN105306211B (en) | A kind of identity identifying method of client software | |
CN102546532B (en) | Capacity calling method, request unit, platform and system | |
CN110062382B (en) | Identity verification method, client, relay equipment and server | |
US20090228966A1 (en) | Authentication Method for Wireless Transactions | |
CA2518032A1 (en) | Methods and software program product for mutual authentication in a communications network | |
CN107534856A (en) | Method and apparatus for the profile of management terminal in a wireless communication system | |
CN107516196A (en) | A kind of mobile-payment system and its method of mobile payment | |
CN103516713A (en) | Facilitating and authenticating transactions | |
CN103237305B (en) | Password protection method for smart card on facing moving terminal | |
CN104333455A (en) | Secrete communication system and method for smart phone | |
CN103546886B (en) | The data configuration method of Universal Integrated Circuit Card, Apparatus and system | |
CN102694780A (en) | Digital signature authentication method, payment method containing the same and payment system | |
CN103886661A (en) | Entrance guard management method and system | |
CN111356124B (en) | eSIM activation method, system and computer readable storage medium | |
JP2008535427A (en) | Secure communication between data processing device and security module | |
CN106302698B (en) | The method and system of order business | |
CN108599944A (en) | A kind of identifying code short message transparent encryption method based on handset identities | |
EP1142194A1 (en) | Method and system for implementing a digital signature | |
EP1680940A1 (en) | Method of user authentication |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20210112 Address after: 100070 room 2006, building 12, courtyard 8, Fengqiao Road, Fengtai District, Beijing Patentee after: Yin Zidong Address before: 100039 room 1505, section A1, bailangyuan, No.36, Fuxing Road, Haidian District, Beijing Patentee before: Yin Zidong Patentee before: Li Qi |
|
TR01 | Transfer of patent right |