CN106302698B - The method and system of order business - Google Patents

The method and system of order business Download PDF

Info

Publication number
CN106302698B
CN106302698B CN201610657837.2A CN201610657837A CN106302698B CN 106302698 B CN106302698 B CN 106302698B CN 201610657837 A CN201610657837 A CN 201610657837A CN 106302698 B CN106302698 B CN 106302698B
Authority
CN
China
Prior art keywords
service
business
mobile terminal
message
application apparatus
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610657837.2A
Other languages
Chinese (zh)
Other versions
CN106302698A (en
Inventor
尹子栋
张钧宇
韩爽
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yin Zidong
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201610657837.2A priority Critical patent/CN106302698B/en
Publication of CN106302698A publication Critical patent/CN106302698A/en
Application granted granted Critical
Publication of CN106302698B publication Critical patent/CN106302698B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/51Discovery or management thereof, e.g. service location protocol [SLP] or web services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/55Push-based network services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • H04W4/14Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present invention provides a kind of method and system of order business, has many advantages, such as that anti-third party software intercepts, anti-user is assumed another's name to reply.The method of order business of the invention includes: that the business message request that is sent according to service side's operation system of safety service platform device generates business and invites message and then pass through short message channel and is sent to security service application apparatus;The business that the parsing of security service application apparatus receives invites message, then sends proactive command to destination mobile terminal according to parsing result, so that business message request is presented to user in destination mobile terminal;Security service application apparatus receives the service order instruction that destination mobile terminal is sent;Service order instruction encryption is packaged into service order message by security service application apparatus, and service order message is then sent to safety service platform device by short message channel;Safety service platform device decryption parsing service order message, is then sent to service side's operation system for service order packet parsing result.

Description

The method and system of order business
Technical field
The present invention relates to computer and its software technology field, a kind of particularly method and system of order business.
Background technique
It is a kind of the most commonly used value added service ordering scheme that short message service, which is ordered, is mainly used in operator, bank, electricity The IT service field such as quotient.The major programme that short message service is ordered is: service provider's platform (such as telecom operators) will specifically increase Value business message request is sent to the mobile phone of user with short message mode, and user is required to reply specific character combination (such as DG01234) to complete to order confirmation;Once the mobile phone of user has replied confirmation short message according to asking, then service provider's platform will from Corresponding expense is deducted in the communication account (being also possible to traditional bank account, internet financial account etc.) at family.Then should Expense can will be divided into ratio according to signing with service provider SP (Service Provider) by service provider's platform and be divided into.
The key point of " short message service order " scheme is: using user use the confirmation short message of handset replies as deduct fees according to According to.But service provider's platform or SP can not differentiate whether the confirmation short message issued from the user mobile phone number is exactly user Operation.A large amount of with smart phone popularize, this security breaches is utilized by the application of a large amount of malice fee suction mobile phone, to a large amount of Smart phone user causes property loss.Such as: user can be induced to click in the application of some malice fee suction mobile phones Button or picture, such as get new hand's reward, special price purchase gold coin/diamond etc..Once user clicks, which is answered With embedded code of deducting fees can be executed.The code major function is to send value added service ordering to specific service provider's platform to ask It asks.Service provider's platform can issuing service order short message after receiving subscription request in this way.When mobile phone, which receives, orders short message, malice The application of fee suction mobile phone can carry out interception and content recognition to it according to number is sent;Once malice fee suction mobile phone application judges this The service order short message that short message is requested before being really, then automatically reply a confirmation short message.Above-mentioned whole process user almost without Perception, is deducted fees unconsciously.
It can be seen that being needed the problem of being intercepted, can be assumed another's name to reply in existing short message service order scheme To solution.
Summary of the invention
In view of this, the present invention provides a kind of method and system of order business, can solve in the prior art above-mentioned Problem has many advantages, such as that anti-third party software intercepts, and anti-user is assumed another's name to reply.
To achieve the above object, according to an aspect of the invention, there is provided a kind of method of order business.
The method of order business of the invention includes: the industry that safety service platform device is sent according to service side's operation system Message request generation business of being engaged in invites message, and business invitation message is then sent to security service by short message channel and is answered Use device;The business that the security service application apparatus parsing receives invites message, then invites message according to business Parsing result sends proactive command to destination mobile terminal, invites so that the business is presented to user in the destination mobile terminal It please information;The security service application apparatus receives the service order instruction that the destination mobile terminal is sent;The safety clothes Service order instruction encryption is packaged into service order message by business application apparatus, then passes through short message channel for the business It orders message and is sent to the safety service platform device;The safety service platform device decryption parses the service order report Then service order packet parsing result is sent to service side's operation system by text.
Optionally, it is generated in the safety service platform device according to the business message request that service side's operation system is sent Business was invited before the step of message, further includes: the safety service platform device receives service side's operation system and sends Business message request, the business message request include security access code, destination mobile terminal mark and business invite text Content;The safety service platform device confirms that service side's permission is legal according to the security access code, is moved according to the target Dynamic terminal iidentification confirmation target user is effective, and invites content of text confirmation push content legality according to the business.
Optionally, the service order instruction that the destination mobile terminal is sent is received in the security service application apparatus Before step, further includes: the security service application apparatus is mobile with the safety service platform device and the target respectively Terminal establishes communication linkage;The safety service platform device generates the corresponding user's specific key of the destination mobile terminal, And user's specific key is made a copy for and is saved to the security service application apparatus;The security service application apparatus will be described The step of service order instruction encryption is packaged into service order message includes: that the security service application apparatus orders the business Purchase instruction is packaged into service order message using user's specific key encryption;The safety service platform device decryption parsing The step of service order message includes: the safety service platform device using user's specific key decryption parsing institute State service order message.
Optionally, the security service application apparatus is mobile eventually respectively at the safety service platform device and the target It includes: that the security service application apparatus is sent to the destination mobile terminal about acquisition target that communication link step is established at end Then the proactive command of mobile terminal identification receives the destination mobile terminal mark that the destination mobile terminal returns; The security service application apparatus is by destination mobile terminal mark and the security service application identities through described preset close The safety service platform device is gone upward to by short message channel after code encryption;The safety service platform device is through described preset Password is decrypted to obtain the destination mobile terminal mark and the security service application identities, and it is mobile eventually then to save the target The binding relationship of end mark and the security service application identities is to realize that user activates.
According to another aspect of the present invention, a kind of system of order business is provided.
The system of order business of the invention includes: safety service platform device and security service application apparatus, wherein institute It states safety service platform device to be used for: business being generated according to the business message request that service side's operation system is sent and invites message, Then business invitation message is sent to by security service application apparatus by short message channel;Decryption parsing service order report Then service order packet parsing result is sent to service side's operation system by text;The security service application apparatus is used In: it parses the business received and invites message, then invite packet parsing result to send out to destination mobile terminal according to business Proactive command is sent, so that the business message request is presented to user in the destination mobile terminal;It is mobile to receive the target The service order instruction that terminal is sent;Service order instruction encryption is packaged into service order message, is then passed through The service order message is sent to the safety service platform device by short message channel.
Optionally, the safety service platform device is also used to: being received the business that service side's operation system is sent and is invited Please information, the business message request include security access code, destination mobile terminal mark and business invite content of text;According to Security access code confirmation service side's permission is legal, effective according to the destination mobile terminal identity validation target user, with And content of text confirmation push content legality is invited according to the business.
Optionally, the safety service platform device is also used to: it is specific to generate the corresponding user of the destination mobile terminal Key, and saved being made a copy for after user's specific key encryption to the security service application apparatus;It is special using the user Determine key decryption and parses the service order message;The security service application apparatus is also used to: respectively with the security service Stage apparatus and the destination mobile terminal establish communication linkage;The service order is instructed and uses user's specific key Encryption is packaged into service order message.
Optionally, the security service application apparatus is also used to: Xiang Suoshu destination mobile terminal is sent about acquisition target Then the proactive command of mobile terminal identification receives the destination mobile terminal mark that the destination mobile terminal returns; Destination mobile terminal mark and the security service application identities are passed through into short message channel after presetting cipher encryption Go upward to the safety service platform device;The safety service platform device is also used to: decrypting to obtain through the presetting cipher Then destination mobile terminal mark and the security service application identities save the destination mobile terminal mark and described The binding relationship of security service application identities is to realize that user activates.
According to the technique and scheme of the present invention, it at least has the advantages that.
(1) anti-interception: the service order information pushed away due under has used the secure short message technology of international standard, in hand After machine bottom chip receives the short message, the carry out subsequent processing of security service application apparatus will be forwarded directly to.Without to Normal short message equally transfers to mobile phone operating system or third party APP to handle.Business can fundamentally have been prevented in this way to order The possibility that purchase short message is intercepted by malice APP.
(2) anti-tamper: the user's confirmation message due to the service order information that pushes away under and above sent all has carried out safety The information protected (including: data encryption and data redundancy check), therefore transmitted has anti-snooping, anti-tamper characteristic.
(3) anti-counterfeiting: since the transmitting-receiving of information is cooperated by safety service platform device and security service application apparatus Come what is completed, by way of user-defined identification and transferring content key, pair of platform and the application of card end can be easily achieved To certification, therefore this programme has prevented a possibility that counterfeit platform of third party APP or card are using information is sent.
(4) cost of implementation is low: this programme uses the secure short message encapsulation technology of international standard, therefore can be directly existing It is used in some mobile network's short message channels.Without carrying out the network rebuilding, only security service need to be increased for the handset card of user Application apparatus.
Detailed description of the invention
Attached drawing for a better understanding of the present invention, does not constitute an undue limitation on the present invention.Wherein:
Fig. 1 is the schematic diagram of the basic step of the method for the order business of embodiment according to the present invention;
Fig. 2 is the schematic diagram of the main modular of the system of the order business of embodiment according to the present invention;
Fig. 3 is the schematic diagram of the course of work of the system of the order business of embodiment according to the present invention.
Specific embodiment
It explains below in conjunction with attached drawing to exemplary embodiment of the invention, including embodiment of the present invention Various details should think them only exemplary to help understanding.Therefore, those of ordinary skill in the art should recognize Know, various changes and modifications can be made to embodiment described herein, without departing from scope and spirit of the present invention. Equally, for clarity and conciseness, descriptions of well-known functions and structures are omitted from the following description.
Fig. 1 is the schematic diagram of the basic step of the method for the order business of embodiment according to the present invention.As shown in Figure 1, The method of the order business of the embodiment mainly includes the following steps, namely S1 to step S5.
Step S1: the business message request that safety service platform device is sent according to service side's operation system generates business and invites Please message, then by short message channel by business invitation message be sent to security service application apparatus.
Step S2: the business that the parsing of security service application apparatus receives invites message, then invites message according to business Parsing result sends proactive command to destination mobile terminal, so that business message request is presented to user in destination mobile terminal.
Step S3: security service application apparatus receives the service order instruction that destination mobile terminal is sent.
Step S4: service order instruction encryption is packaged into service order message by security service application apparatus, is then passed through Service order message is sent to safety service platform device by short message channel.
Step S5: safety service platform device decryption parsing service order message, then by service order packet parsing knot Fruit is sent to service side's operation system.
It optionally, can also include as follows before step S1 in order to enhance the authentication management to service side's operation system Step S01 and step S02 (not showed that in Fig. 1).Step S01: safety service platform device receives service side's operation system hair The business message request sent, business message request include that security access code, destination mobile terminal mark and business are invited in text Hold.Wherein, security access code is that service side's operation system obtains when completing service signing process with safety service platform device. Destination mobile terminal identifies the unique identifier for referring to the corresponding mobile terminal of audience (i.e. user).Step S02: safety clothes Being engaged in, stage apparatus is legal according to security access code confirmation service side's permission, and according to destination mobile terminal, identity validation target user has Effect, and content of text confirmation push content legality is invited according to business.Wherein, the confirmation effective process of target user refers to: Safety service platform device inquires the activation user list prestored, if including that the destination mobile terminal identifies in activation user list Then confirm that target user is effective, otherwise target user is invalid.
Optionally, in order to improve the confidentiality in transmitting information process, following S04 is include thed steps that before step A It (is not showed that in Fig. 1) with step S05.Step S04: security service application apparatus respectively with safety service platform device and target Mobile terminal establishes communication linkage.Step S04 is actually initialization procedure.Step S05: safety service platform device generates The corresponding user's specific key of destination mobile terminal, and user's specific key is made a copy for and is saved to security service application apparatus.This Sample security service application apparatus respectively with have user's specific key in safety service platform device.User's specific key It can be used in above-mentioned steps S3 and step S4.Specifically, service order is instructed encryption encapsulation by security service application apparatus It include: security service application apparatus by service order instruction using user's specific key encryption envelope at the step of service order message Dress up service order message.And the step of safety service platform device decryption parsing service order message includes: security service Stage apparatus is using user's specific key decryption parsing service order message.
Optionally, above-mentioned steps S04 can specifically include following step S041 to S043 (not showing that in Fig. 1).Step Rapid S041: security service application apparatus is sent to destination mobile terminal about the active life for obtaining destination mobile terminal mark It enables, then receives the destination mobile terminal mark that destination mobile terminal returns.Step S042: security service application apparatus is by target Mobile terminal identification and security service application identities go upward to safety service platform by short message channel after presetting cipher encrypts Device.Step S043: safety service platform device decrypts to obtain destination mobile terminal mark through presetting cipher and security service is answered With mark, the binding relationship of destination mobile terminal mark and security service application identities is saved then to realize that user activates.It is real After current family has activated, it is meant that can establish activation user list in safety service platform device, the activation user name " confirmation target user is effective " that singly can be used for mentioning in step S02.
Fig. 2 is the schematic diagram of the basic module of the system of the order business of embodiment according to the present invention.As shown in Fig. 2, The system 20 of the order business of the embodiment mainly includes safety service platform device 21 and security service application apparatus 22.
Safety service platform device 21 is used for: the business message request sent according to service side's operation system generates business and invites Please message, then by short message channel by business invitation message be sent to security service application apparatus 22;Decryption parsing business is ordered Message is purchased, service order packet parsing result is then sent to service side's operation system.
Security service application apparatus 22 is used for: being parsed the business received and is invited message, then invites message according to business Parsing result sends proactive command to destination mobile terminal, so that business message request is presented to user in destination mobile terminal; Receive the service order instruction that destination mobile terminal is sent;Service order instruction encryption is packaged into service order message, then Service order message is sent to safety service platform device 21 by short message channel.
Optionally, safety service platform device 21 is also used to: the business message request that service side's operation system is sent is received, Business message request includes that security access code, destination mobile terminal mark and business invite content of text;According to security access code Confirm that service side's permission is legal, identity validation target user is effective according to destination mobile terminal, and invites text according to business Content check pushes content legality.
Optionally, safety service platform device 21 is also used to: the corresponding user's specific key of destination mobile terminal is generated, and User's specific key is made a copy for and is saved to security service application apparatus 22;Parsing service order report is decrypted using user's specific key Text.Security service application apparatus 22 is also used to: establishing communication chain with safety service platform device 21 and destination mobile terminal respectively It connects;Service order instruction is packaged into service order message using the encryption of user's specific key.
Optionally, security service application apparatus 22 is also used to: being sent to destination mobile terminal mobile eventually about target is obtained The proactive command of mark is held, the destination mobile terminal mark that destination mobile terminal returns then is received;By destination mobile terminal Mark and security service application identities go upward to safety service platform device 21 by short message channel after presetting cipher encrypts.Peace Full service platform device 21 is also used to: it decrypts to obtain destination mobile terminal mark and security service application identities through presetting cipher, Then the binding relationship of destination mobile terminal mark and security service application identities is saved to realize that user activates.
To more fully understand the public, specific introduction is done below with reference to specific embodiment.
Fig. 3 is the schematic diagram of the course of work of the system of the order business of embodiment according to the present invention.As shown in figure 3, Whole work process can be greatly classified into initial phase, ordering information configuration phase and service order stage, in addition to being related to Safety service platform device 21 and security service application apparatus 22 in the system of the order business of embodiment of the present invention it Outside, service side's operation system, mobile terminal and user have been further related to.
One, initial phase
Firstly, mobile terminal-opening starting is to activate security service application apparatus (with reference to the label 1 in Fig. 3).This mistake Journey is corresponded on hardware and is explained, after referring to that the mobile terminal devices such as mobile phone are opened, to the hand for being mounted on the mobile terminal device Chip card in machine card slot, having loaded security service application apparatus powers on, to deactivate safety according to telecommunications international norm It is served by device, and then chip card completes the booting communication interaction with mobile terminal according to telecommunications international norm, while will open Machine event notifies to give security service application apparatus.The security service application apparatus for receiving event notice, will be according to preset program Registration activation operation is executed, to complete the initial work of program.
Then, security service application apparatus issues proactive command to mobile terminal to obtain mobile terminal identification (reference Label 2 in Fig. 3).Specifically, when each mobile terminal-opening, security service application apparatus can all send to mobile terminal and lead Dynamic formula order (a kind of bottom interactive instruction of machine cartoon letters, referring to telecommunications international standard " ETSI TS 102 223 "), to obtain Mobile terminal identification and current base station location information (optional) are simultaneously stored.Mobile terminal identification includes but is not limited to international moves Dynamic device identification IMEI (International Mobile Equipment Identity).Due to security service application apparatus History terminal identification information is stored, as long as therefore in the terminal identification information and security service application apparatus newly obtained every time Stored history terminal identification information compares, and whether the mobile terminal of plug-in card is identical twice before and after can determining.It needs It is bright, for activated security service application apparatus, it can just be built-in with historical storage terminal identification information.For un-activation Security service application apparatus, built in historical storage terminal identification information be sky.If should be noted safety clothes The mobile terminal of business application apparatus judgement front and back plug-in card twice be it is identical, then mean mobile terminal-security service application dress The binding relationship set does not change, does not need repeated registration activation.In other words, only when security service application apparatus initial activation When, and when mobile terminal corresponding with security service application apparatus changes, just need to be implemented subsequent in initial phase Registration activate step.
Then, mobile terminal responds proactive command, returns to mobile terminal identification (with reference to figure to security service application apparatus Label 3 in 3).The mobile terminal mark that security service application apparatus gets preservation.
Then, in the case where for the security service application apparatus of initial activation, security service application apparatus obtains itself Security service application identities (with reference to the label 4 in Fig. 3).Security service application identities include but is not limited to: integrated circuit card Identification code ICCID (Integrated Circuit Card Identifier), international mobile subscriber identity IMSI (International Mobile Subscriber Identification Number) etc..Obtain card identification Method include but is not limited to: read chip card file, by chip card application programming interface API (Application Programming Interface) obtain etc..
Then, security service application apparatus is with short message mode uplink destination mobile terminal mark and security service application identities To safety service platform device (with reference to the label 5 in Fig. 3).Specifically in two kinds of situation.(a) when security service application apparatus is When initial activation state: then carrying out safe packet encapsulation to the mobile terminal identification of acquisition and security service application identities (can be with Encrypted by preset key), and safety service platform device is gone upward to by short message channel.(b) when security service application When device detects that active user has changed mobile terminal according to the identification information that mobile terminal is fed back;The new shifting that then will acquire Dynamic terminal iidentification carries out safe packet encapsulation (being protected using the security key that the registration activation stage is replaced), and by short Letter channel goes upward to safety service platform device.
It should be noted that actually can also be (such as current by card identification (ICCID, IMSI), location information The location information of serving BS) and dynamic generation key information (such as two keys can be generated, one be responsible for it is subsequent The encryption of downlink data, one is responsible for the redundancy check of subsequent downlink data) it goes upward in safety service platform device.
Then, after the uplink information of safety service platform device reception security service application apparatus, pass through prefabricated key Packet parsing is carried out, and is handled as follows in two kinds of situation (with reference to the label 6 in Fig. 3).(a) when security service application apparatus is When initial activation state, both security service application apparatus and mobile terminal are established in security service application apparatus database Corresponding relationship (optionally, is also bound together with the cell-phone number three in short message message), to set up activation user list. Meanwhile platform is that the mobile terminal distributes unique user's specific key.This user's specific key essence is exactly user Identifier.(b) when security service application apparatus has been activated, then safety service platform device can determine whether that the uplink information is notice Current phone card is inserted into other mobile terminals and powers on (i.e. user has replaced mobile terminal).At this point, safety service platform fills Corresponding mobile user data table can be found by the cell-phone number in uplink short message message by setting, and update the terminal mark wherein bound Know information.
Then, safety service platform device will shift security service application onto using secure short message technology under user's specific key In device, and thus complete the initial work of application (with reference to the label 7 in Fig. 3).
To more fully understand those skilled in the art, key used in secure subscription business is first summarized as follows face Shown in table 1.
Key used in 1 secure subscription business of table
In addition, the special instruction of the activation operation of registration for the first time for security service application apparatus:
(1) uplink data messages: card hardware security Dynamic building algorithm will be utilized comprising security service application apparatus " downlink security key " and " data check key ".Protecting data encryption is carried out using preset " uplink security key ";It uses " the data check key " of dynamic generation carries out the redundancy check protection of clear data;
(2) downlink data message fed back: by " uplink security key " comprising safety service platform dynamic generation.It uses " the downlink security key " got carries out protecting data encryption;Clear data is carried out using " the data check key " got Redundancy check protection.
(3) security service application apparatus receives downlink data message, is solved with generated " downlink security key " It is close, new " uplink security key " is got, and carry out key updating operation.
Two, ordering information configuration phase
Firstly, service side's operation system login account on safety service platform device (with reference to the label 8 in Fig. 3).
Then, after safety service platform device receives registration request, security access code is distributed for service side's operation system (with reference to the label 9 in Fig. 3).The security access code can be used for the identity of service for checking credentials side's operation system, prevent qualification from not conforming to The service side of lattice distributes black advertisement using safety service platform.
In addition, the administrative staff of service side can log in safety service platform device carry out order business content official documents and correspondence with SUBSCRIBE Operation configuration.Official documents and correspondence configuration needs to rely on system and carries out content volume for foundation forms provided by different kinds of business Volume;SUBSCRIBE Operation configuration is for being arranged after user receives and confirm business message request, and performed behaviour is applied in security service Make.The particular subscription instruction encoding that reply can be configured, can also configure the receiving number of answer short message, such as send " DG01234 " to " 1065xxxx " short message Number for access, default ordering information is to be uploaded to safety service platform device.
Three, the service order stage
Firstly, service side's operation system sends business message request to safety service platform device.(with reference to the mark in Fig. 3 10) the business message request includes that security access code, destination mobile terminal mark and business invite content of text to note.Wherein, mesh Mark mobile terminal identification can be the phone number of user.
Then, safety service platform device confirmation business message request is legal and effective (with reference to the label 11 in Fig. 3).Tool Body, safety service platform device is confirmed in terms of three: confirming that service side's permission is legal according to security access code, according to mesh It is effective to mark mobile terminal identification confirmation target user, and content of text confirmation push content legality is invited according to business.Wherein, The confirmation effective process of target user refers to: the activation user list prestored in safety service platform device inquiry database, if It include that destination mobile terminal mark then confirms that target user is effective, otherwise target user is invalid in activation user list.According to Business invites content of text confirmation push this sub-step time-consuming of content legality more, also adjustable to ordering information configuration rank Duan Zhihang.
Then, safety service platform device accepts notice to the sending of service side's operation system (with reference to the label 12 in Fig. 3).
Then, safety service platform device generates business invitation message (with reference to the label in Fig. 3 according to business message request 13) business invitation message then, is sent to by security service application apparatus (with reference to the label 14 in Fig. 3) by short message channel.
Then, the business that the parsing of security service application apparatus receives invites message (with reference to the label 15 in Fig. 3), then Packet parsing result is invited to send proactive command (with reference to the label 16 in Fig. 3) to destination mobile terminal according to business, so that Business message request is presented to user in destination mobile terminal (with reference to the label 17 in Fig. 3).
Then, user carries out the operation of confirmation order on mobile terminals (with reference to the label 18 in Fig. 3).
Then, the service order that security service application apparatus receives that destination mobile terminal is sent instructs (with reference to the mark in Fig. 3 Note is 19).Here order instruction can be that " confirmation order business " or " order cancellation business " are indicated as defined in service provider Meaning specific coding.
Then, service order instruction is packaged into service order using the encryption of user's specific cryptosystem by security service application apparatus Message (with reference to the label 20 in Fig. 3), is then sent to safety service platform device for service order message by short message channel (with reference to the label 21 in Fig. 3).
Then, safety service platform device is using user's specific cryptosystem decryption parsing service order message (with reference in Fig. 3 Label 22), service order packet parsing result is then sent to service side's operation system (with reference to the label 23 in Fig. 3).
Finally, service side's operation system issues the feedback message (ginseng for having responded subscription request to safety service platform device Examine the label 24 in Fig. 3).
From the foregoing, it will be observed that the method and system of order business of the invention at least has the advantages that
(1) anti-interception: since the service order information pushed away under platform has used the secure short message technology of international standard, After mobile phone bottom chip receives the short message, card will be forwarded directly to and carry out subsequent processing.Without to normal short message one Sample transfers to mobile phone operating system or third party APP to handle.This programme has fundamentally prevented service order short message by malice The possibility that APP is intercepted.
(2) anti-tamper: the service order information pushed away under in this programme and the user's confirmation message above sent all carry out Safeguard protection (including: data encryption and data redundancy check), therefore the information transmitted has anti-snooping, anti-tamper characteristic.
(3) anti-counterfeiting: since the transmitting-receiving of information is completed by safety service platform and the application cooperation of card end, pass through The mode of user-defined identification and transferring content key can be easily achieved the two-way authentication of platform and the application of card end, therefore this Scheme has prevented a possibility that counterfeit platform of third party APP or card application transmission information.
(4) cost of implementation is low: this programme uses the secure short message encapsulation technology of international standard, therefore can be directly existing It is used in some mobile network's short message channels.Without carrying out the network rebuilding, only security service need to be increased for the handset card of user Using.
Above-mentioned specific embodiment, does not constitute a limitation on the scope of protection of the present invention.Those skilled in the art should be bright It is white, design requirement and other factors are depended on, various modifications, combination, sub-portfolio and substitution can occur.It is any Made modifications, equivalent substitutions and improvements etc. within the spirit and principles in the present invention, should be included in the scope of the present invention Within.

Claims (8)

1. a kind of method of order business characterized by comprising
Safety service platform device generates business according to the business message request that service side's operation system is sent and invites message, then Business invitation message is sent to security service application apparatus by short message channel;
The business that the security service application apparatus parsing receives invites message, then invites packet parsing according to business As a result proactive command is sent to destination mobile terminal, so that the business invitation letter is presented to user in the destination mobile terminal Breath;
The security service application apparatus receives the service order instruction that the destination mobile terminal is sent;
Service order instruction encryption is packaged into service order message by the security service application apparatus, then passes through short message The service order message is sent to the safety service platform device by channel;
The safety service platform device decryption parses the service order message, then sends out service order packet parsing result Give service side's operation system.
2. the method for order business according to claim 1, which is characterized in that the safety service platform device according to The business message request that service side's operation system is sent generated before the step of business invites message, further includes:
The safety service platform device receives the business message request that service side's operation system is sent, and the business is invited Information includes that security access code, destination mobile terminal mark and business invite content of text;
The safety service platform device confirms that service side's permission is legal according to the security access code, mobile according to the target Terminal iidentification confirms that target user is effective, and invites content of text confirmation push content legality according to the business.
3. the method for order business according to claim 1, which is characterized in that
Before the security service application apparatus receives the step of service order that the destination mobile terminal is sent instructs, also It include: that the security service application apparatus is communicated with the safety service platform device and destination mobile terminal foundation respectively Link;The safety service platform device generates the corresponding user's specific key of the destination mobile terminal, and by the user Specific key is made a copy for be saved to the security service application apparatus;
The step of service order instruction encryption is packaged into service order message by the security service application apparatus includes: institute It states security service application apparatus and service order instruction is packaged into service order report using user's specific key encryption Text;
The step of safety service platform device decryption parses the service order message includes: the safety service platform dress It sets and the service order message is parsed using user's specific key decryption.
4. the method for order business according to claim 3, which is characterized in that the security service application apparatus respectively with The safety service platform device and the destination mobile terminal establish communication link step and include:
The security service application apparatus is sent to the destination mobile terminal about the active for obtaining destination mobile terminal mark Then formula order receives the destination mobile terminal mark that the destination mobile terminal returns;
The security service application apparatus is by destination mobile terminal mark and security service application apparatus mark through preset close The safety service platform device is reported to by short message channel after code encryption;
The safety service platform device is decrypted to obtain the destination mobile terminal mark and the security service through presetting cipher Then application apparatus mark saves the binding relationship of the destination mobile terminal mark and security service application apparatus mark To realize that user activates.
5. a kind of system of order business characterized by comprising safety service platform device and security service application apparatus, Wherein,
The safety service platform device is used for: being generated business according to the business message request that service side's operation system is sent and is invited Then business invitation message is sent to security service application apparatus by short message channel by message;Decryption parsing business is ordered Message is purchased, service order packet parsing result is then sent to service side's operation system;
The security service application apparatus is used for: being parsed the business received and is invited message, is then invited and reported according to business Literary parsing result sends proactive command to destination mobile terminal, so that the business is presented to user in the destination mobile terminal Message request;Receive the service order instruction that the destination mobile terminal is sent;The service order is instructed into encryption envelope Service order message is dressed up, the service order message is then sent to by the safety service platform by short message channel and is filled It sets.
6. the system of order business according to claim 5, which is characterized in that the safety service platform device is also used In: the business message request of service side's operation system transmission is received, the business message request includes security access code, mesh It marks mobile terminal identification and business invites content of text;Confirm that service side's permission is legal according to the security access code, according to institute It is effective to state destination mobile terminal identity validation target user, and invites content of text confirmation push content to close according to the business Method.
7. the system of order business according to claim 5, which is characterized in that
The safety service platform device is also used to: generating the corresponding user's specific key of the destination mobile terminal, and by institute It states to make a copy for after user's specific key encrypts and be saved to the security service application apparatus;It is decrypted and is solved using user's specific key Analyse the service order message;
The security service application apparatus is also used to: being built respectively with the safety service platform device and the destination mobile terminal Vertical communication linkage;The service order is instructed, service order message is packaged into using user's specific key encryption.
8. the system of order business according to claim 7, which is characterized in that
The security service application apparatus is also used to: Xiang Suoshu destination mobile terminal is sent about acquisition destination mobile terminal mark Proactive command, then receive the destination mobile terminal mark that the destination mobile terminal returns;The target is moved Dynamic terminal iidentification and security service application apparatus mark report to the safety clothes by short message channel after presetting cipher encrypts Business stage apparatus;
The safety service platform device is also used to: decrypting to obtain the destination mobile terminal mark and the peace through presetting cipher It is served by device identification entirely, the destination mobile terminal mark is then saved and is tied up with what the security service application apparatus identified Relationship is determined to realize that user activates.
CN201610657837.2A 2016-08-11 2016-08-11 The method and system of order business Active CN106302698B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610657837.2A CN106302698B (en) 2016-08-11 2016-08-11 The method and system of order business

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610657837.2A CN106302698B (en) 2016-08-11 2016-08-11 The method and system of order business

Publications (2)

Publication Number Publication Date
CN106302698A CN106302698A (en) 2017-01-04
CN106302698B true CN106302698B (en) 2019-04-23

Family

ID=57668454

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610657837.2A Active CN106302698B (en) 2016-08-11 2016-08-11 The method and system of order business

Country Status (1)

Country Link
CN (1) CN106302698B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111225402B (en) * 2018-11-26 2022-11-11 卓望数码技术(深圳)有限公司 Charging middleware testing system and method
CN113543049B (en) * 2020-04-15 2022-10-18 中国移动通信集团安徽有限公司 Information processing method and device and business server
CN117010001B (en) * 2023-09-28 2024-03-01 之江实验室 Data security service method and device and cloud storage system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101257519A (en) * 2008-03-27 2008-09-03 中国联合通信有限公司 Method and system for preventing lawless ordering without charging gateway
CN202548912U (en) * 2012-01-12 2012-11-21 中国移动通信集团安徽有限公司 Data business distribution system based on short message credit
CN103139737A (en) * 2011-11-30 2013-06-05 中国移动通信集团公司 Method and device for key negotiation, method, system and device for short message second-time confirmation
WO2014094822A1 (en) * 2012-12-17 2014-06-26 Telefonaktiebolaget L M Ericsson (Publ) Authenticating public land mobile networks to mobile stations

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101257519A (en) * 2008-03-27 2008-09-03 中国联合通信有限公司 Method and system for preventing lawless ordering without charging gateway
CN103139737A (en) * 2011-11-30 2013-06-05 中国移动通信集团公司 Method and device for key negotiation, method, system and device for short message second-time confirmation
CN202548912U (en) * 2012-01-12 2012-11-21 中国移动通信集团安徽有限公司 Data business distribution system based on short message credit
WO2014094822A1 (en) * 2012-12-17 2014-06-26 Telefonaktiebolaget L M Ericsson (Publ) Authenticating public land mobile networks to mobile stations

Also Published As

Publication number Publication date
CN106302698A (en) 2017-01-04

Similar Documents

Publication Publication Date Title
CN106101147B (en) A kind of method and system for realizing smart machine and the communication of remote terminal dynamic encryption
CN101978675B (en) System and method for securely issuing subscription credentials to communication devices
CN106304074B (en) Auth method and system towards mobile subscriber
CN100452700C (en) Secret session establishment based on radi oapplied protocol
AU2002230306B2 (en) Method for enabling PKI functions in a smart card
CN101641976B (en) An authentication method
CN105306211B (en) A kind of identity identifying method of client software
CN102546532B (en) Capacity calling method, request unit, platform and system
US20090228966A1 (en) Authentication Method for Wireless Transactions
CN105337740B (en) A kind of auth method, client, trunking and server
CA2518032A1 (en) Methods and software program product for mutual authentication in a communications network
CN107516196A (en) A kind of mobile-payment system and its method of mobile payment
CN103516713A (en) Facilitating and authenticating transactions
CN103237305B (en) Password protection method for smart card on facing moving terminal
CN104333455A (en) Secrete communication system and method for smart phone
CN102694780A (en) Digital signature authentication method, payment method containing the same and payment system
CN103886661A (en) Entrance guard management method and system
CN111356124B (en) eSIM activation method, system and computer readable storage medium
CN105142139A (en) Method and device for obtaining verification information
CN106302698B (en) The method and system of order business
CN108599944A (en) A kind of identifying code short message transparent encryption method based on handset identities
JP2008535427A (en) Secure communication between data processing device and security module
EP1142194A1 (en) Method and system for implementing a digital signature
WO2005041608A1 (en) Method of user authentication
KR20180000220A (en) Method providing secure message service and apparatus therefor

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20210112

Address after: 100070 room 2006, building 12, courtyard 8, Fengqiao Road, Fengtai District, Beijing

Patentee after: Yin Zidong

Address before: 100039 room 1505, section A1, bailangyuan, No.36, Fuxing Road, Haidian District, Beijing

Patentee before: Yin Zidong

Patentee before: Li Qi

TR01 Transfer of patent right