CN1148662C - Trade system with intensified safety control function - Google Patents

Trade system with intensified safety control function Download PDF

Info

Publication number
CN1148662C
CN1148662C CNB011012250A CN01101225A CN1148662C CN 1148662 C CN1148662 C CN 1148662C CN B011012250 A CNB011012250 A CN B011012250A CN 01101225 A CN01101225 A CN 01101225A CN 1148662 C CN1148662 C CN 1148662C
Authority
CN
China
Prior art keywords
operator
terminal processes
processes device
servomechanism installation
transaction
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB011012250A
Other languages
Chinese (zh)
Other versions
CN1365055A (en
Inventor
徐楫远
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jingcheng Information Co., Ltd.
Original Assignee
JINGYE CO Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by JINGYE CO Ltd filed Critical JINGYE CO Ltd
Priority to CNB011012250A priority Critical patent/CN1148662C/en
Publication of CN1365055A publication Critical patent/CN1365055A/en
Application granted granted Critical
Publication of CN1148662C publication Critical patent/CN1148662C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The present invention provides a trade system with an intensified safety control function. The trade system is connected with a host machine of a head office; the trade system comprises a plurality of host machines/ servo devices and a plurality of terminal processing devices for directors or clerks. Each of the trade servo devices comprises a communication servo device, a trade processing servo device, a database servo device, a message broadcasting servo device, a program updating servo device, etc., wherein the trade processing servo device is matched with modules in the terminal processing devices for providing different safety control operation, director authorization operation and off-line processing operation; the message broadcasting servo device and the program updating servo device are used for providing the operation of broadcasting messages and updating programs.

Description

Transaction system with intensified safety control function
Technical field
The present invention relates to a kind of transaction system, particularly relate to the transaction system that is fit to be applied to have the hierarchy type banking structure of a plurality of branches and agency.
Background technology
The financial transaction that present financial institution is carried out is handled, majority is to adopt computerize that various transaction are handled, loans and deposits or the like business for example, and pass through network structure, a plurality of branch officeses are connected with the system of head office, by line operation and then reach advantages such as data integration, transaction simplification.
Yet known bank computer system still has many shortcomings at present.At first, currently used bank computer system mostly is the dedicated system of closure design greatly, when system need expand or carry out renewal process, often is the beginning of a disaster.For instance; when this closure system during at extension facility, often must cooperate original system to make amendment, therefore when selecting hardware, software, be subjected to the restriction of original system through regular meeting; not only be difficult for extension facility, and when revising original system, often be easy to occur incompatible problem.On the other hand, common this closure system is at program updates or when revising, must send or transfer to the program of upgrading usefulness to original system, again with artificial mode store, install, setting etc., not only expend sizable manpower, financial resources and time, simultaneously also be easy to manually carrying out producing setup error in the renewal process, or because between each transaction the update contruction time inconsistent and cause inconsistent or the like the fortuitous event of program in each system of branch at one time to take place.
Secondly, though mostly there is the mechanism of design safety keyholed back plate in known financial institution computer system, generally speaking still not quite complete.For example known bank computer system mostly be the requirement user when logining this system, must input user's title and password, login to prevent illegal user, this is general so-called password probatio inspectionem pecuoarem mechanism.Yet the password that general user sets is not too simple (for example being successional numeral or identical letter etc.), is exactly never can change the password that has configured.The mode of this password setting and management does not reach so-called safety control in fact at all, is easy to be cracked by illegal user.On the other hand, in actual financial transaction processing procedure, close the transaction of some essential condition, must examine or carry out mandate by being responsible for through regular meeting's set symbol.In known bank computer system; if it is to need just can carry out after being responsible for mandate that a certain transaction is carried out; usually can allow being responsible for swipes the card before the computing machine of carrying out this transaction checks and approves mandate; therefore in fact be responsible for and before a plurality of transaction computing machines, walk up and down, not only expend time in but also quite inconvenient.What is more, and this situation tends to allow be responsible for seeks for the moment conveniently, directly will authorize card to give general sales counter personnel and finish authoring program voluntarily, has therefore lost and has been responsible for the purpose that examination is authorized.
Moreover; because transaction system mostly adopts the network connectivity operation; when shutdown or broken string or the like situation takes place in system unavoidablely; known bank computer system just can't carry out the financial transaction operation in the case fully; even behind the system recovery line, also can't upgrade or recognize the processing of data automatically.
In addition, though known bank computer system can connect various main frames or terminal processes device by network, but in fact but can't directly obtain instant messaging by this computerize interface, for example various bulletins, important message and lastest news or the like, benefit that therefore can't the acquired information networking.
Summary of the invention
In order to solve described variety of issue, the purpose of this invention is to provide a kind of financial transaction system that is applicable to banking system, can with password limit principle, password force change, force sign-out, suspend and use control and be responsible for and authorize or the like function, the tighten security mechanism of keyholed back plate makes the security of system improve more.In addition, the person in charge can check and approve mandate to finish person in charge's authoring program via carrying out on the computing machine at place, so just can increase its audit mandate speed.
In addition; another object of the present invention is to provide a kind of financial transaction system that is applicable to banking system; can provide executable off-line operation program at system-down, broken string or the like special circumstances, use the problem of shutting down in the known system or being produced during broken string that solves.
In addition, another object of the present invention is to provide a kind of financial transaction system that is applicable to banking system, the process that can allow system program upgrade is automatically used the generation that reduces manual operation and avoid postponing mistake.
In addition, another object of the present invention is to provide a kind of financial transaction system that is applicable to banking system, can carry out the instant broadcast capability of message, in the quickest and direct mode important bulletin and message are presented on this intrasystem terminal processes device by this.
Therefore, the invention provides a kind of transaction system with intensified safety control function, it comprise a link network, in order to the line external host and be connected in the link network the communication servomechanism, can be by communication servomechanism and external host line servomechanism installation and pass through to chain the terminal processes device of network and servomechanism installation line.On safety control, when an operator logined the terminal processes device, the terminal processes device can receive the data of logining that this operator imports, and generally has the password of logining (login password).The safety control module of servomechanism installation then with in being stored in servomechanism installation is compared corresponding to legal operator's password of legal operator, check the terminal processes device the operator inputed whether login password legal, use judging whether to allow it to login.Under the safety control module controls, the password that all legal operator's passwords all must compliance with system set limits principle, this principle can be that the legal operator's password of qualification must not be identical with its corresponding legal operator's used password, for example must not be identical with the first five password, also can be that to limit all letter or numbers in legal operator's password must not be identical, continuously or the relation of equal difference, in addition can also be must not limit identical with personal data such as operator's use title, birthdates.This kind mode can increase the difficulty of decryption.In addition, after the life period of legal operator's password surpassed a prescribed timelimit, the safety control module also can start a process automatically, was used for forcing this legal operator's password of change.
In addition, the safety control module person that also has the imperative operation is sign-out and terminal device suspended the function of using control from the terminal processing module.
In addition, servomechanism installation can also be handled person in charge's Authorized operation except above function, in order to receive the teller with the transaction data that needs on the terminal processes device to authorize, be sent to the person in charge and use the terminal processes device, and after finishing mandate, pass original teller back and use the terminal processes device; Also can handle the operation of network servicer and external host off-line and line; Also can carry out message broadcasting; Also can carry out program updates, solve every shortcoming of transaction system in the known technology.
Description of drawings
For described purpose of the present invention, feature and advantage can be become apparent, a preferred embodiment cited below particularly, and conjunction with figs. are described in detail below:
Fig. 1 represents the system architecture calcspar of the financial institution of the embodiment of the invention.
Fig. 2 represents the system hardware calcspar in transaction system in the embodiment of the invention.
Fig. 3 represents the structural representation of (comprising program module and database) of the system software in transaction system in the embodiment of the invention.
Fig. 4 represents the process flow diagram of safety control operation in the embodiment of the invention.
Fig. 5 represents the process flow diagram that forces sign-out function of safety control operation in the embodiment of the invention.
Fig. 6 represents that the time-out of safety control operation in the embodiment of the invention uses the process flow diagram of control function.
Fig. 7 represents to be responsible in the embodiment of the invention process flow diagram of Authorized operation.
Fig. 8 represents the process flow diagram of the off-line operation of the embodiment of the invention.
Fig. 9 represents the process flow diagram of the operation that resumes connections of the embodiment of the invention.
Figure 10 represents the process flow diagram of the message broadcast operation of the embodiment of the invention.
Figure 11 represents the process flow diagram of transaction host computer system program updates operation in the embodiment of the invention.
The process flow diagram of the program updates of transaction system terminal processes device operation in Figure 12 table embodiment of the invention.
Embodiment
Fig. 1 represents financial institution system structure calcspar in the present embodiment.As shown in Figure 1, this system is a pyramid structure, comprising head office's main frame 10 and a plurality of transaction systems 20,21,22, ATM (Automatic Teller Machine) (the automa tedtellermachine that are connected to head office's main frame 10 by network 15, ATM) 40 or the like other equipment, and the agency 30,31 that is connected to transaction system 20,22 by network 25.In the present embodiment, the network 15 between head office's main frame 10 and transaction system 20,21,22 and other equipment (as ATM (Automatic Teller Machine) 40) can adopt special line or closed network connectivity, so that improve its security.LAN (Local Area Network) (localarea network then can be adopted in inside as for transaction system 20, LAN), for example general common second is net (Ethernet) or token-ring network (token ringnetwork) too, structurally is the internal network (Intranet) of enterprise.As for the transaction main frame (20,22) of part with and the agency (30,31) of lower floor between network 25, in the present embodiment in order to save cost, system adopts the far-end connection mode of the Internet (Internet), but this part remains the mode that can adopt private line arrangement, but that it is provided with cost is higher.
The structure of native system is below described with regard to the hardware and software aspect respectively.
Hardware configuration
Fig. 2 be in the expression present embodiment transaction system 20 with and the hardware configuration calcspar of the agency 30 of lower floor, then have similar structure as for other transaction system.In Fig. 2, transaction system 20 includes communication servomechanism 210, transaction processing servomechanism 220, database servomechanism 230, message broadcasting servomechanism 240, program updates servomechanism 250, terminal processes device 260,270,280 and peripheral equipment 262,272 thereof, and the communication apparatus 290 that uses when taking far-end line mode of operation with agency 30.Each servomechanism/equipment in the described transaction system 20 is to utilize network 200 to be connected, and network 200 can be too net, token-ring network or fiber optic network (for example FDDI) more at a high speed or the like of second.
In addition, 20 of this transaction systems are to carry out communication by communication servomechanism 210 and head office's main frame 10, and by agency 30 communications of communication apparatus 290 with its lower floor.
Below describe the action and the structure thereof of each the servomechanism/equipment in the transaction system 20 in detail.At first that explanation is the main frame group of transaction system, as previously mentioned, mainly comprises communication servomechanism 210, transaction processing servomechanism 220, database servomechanism 230, message broadcasting servomechanism 240 and program updates servomechanism 250 in the present embodiment.Each servomechanism can utilize a unique host to be realized separately, also can optionally be arranged on the same main frame.
Comprised in the communication servomechanism 210 and be used for being actually responsible for hardware, solid (firmware) and the application program of carrying out communication, then do not limit its employed communications protocol type in the present embodiment especially, for example ATM (asynchronoustransfermode, asynchronous transfer mode) or other agreements used of high-speed transfer all can be used in the present embodiment.The major function of communication servomechanism 210 is to carry out the service of communication and transmission data or the like between head office's main frame 10 and this transaction system 20.
220 of transaction processing servomechanisms are that storage is various in order to handle the program module of various specific functions.
The various program modules that transaction processing servomechanism 220 in the present embodiment shown in Figure 3 is included are respectively switching on and shutting down processing module 221, safety control module 222, transaction processing module 223, application program processing module 224, are responsible for authorization module 225 and processed offline module 226.Mandatory declaration be that the illustrated various program modules of Fig. 3 are not in order to limiting the present invention, for the ordinary skill in the art, only at several modules that realized or add other subsidiary functions wherein, all do not depart from the scope of the present invention.As for the function and the operation of each program module, then explanation in the lump again when the descriptive system integrated operation.
Database servomechanism 230 is general known memory storage, is used for storing the related data that is used in this transaction system.
Message broadcasting servomechanism 240 has a message broadcast module, is used for receiving message or the self manufacture broadcast message that head office's main frame 10 sent and carries out message broadcasting.In the present embodiment, can the setting message show state be " immediately " and " generally " two kinds of situations by the message that head office's main frame 10 sent.This is in the counter-measure of considering that the user can take when receiving.When this message was " immediately " show state, the terminal processes device that expression receives was presented at the message content on the display screen immediately; When this message is " generally " show state, then only need to show and receive new message, the user can be in the time is opened reading more voluntarily after a while.The message show state can be adjusted according to the different application environment.
Program updates servomechanism 250 has a program updates module, receives the refresh routine that head office's main frame 10 sent or check voluntarily whether the program updates program is arranged when each start, and the program as if renewal is arranged then automatically performs refresh routine.
Except described servomechanism group, in transaction system 20, also comprise terminal processes device 260,270,280 by the person in charge and the practical operation of sales counter personnel institute, it can be general personal computer, terminating machine or workstation main frame or the like, the device of input information, show message when concluding the business for being responsible for carrying out.These terminal processes devices comprise equally and are used for carrying out required hardware of distinct program and software module, for example be used for carrying out the communication module 281 of Communications service, be used for carrying out the selection of transaction list module 282, data interpretation module 283 and the interface module 284 of transaction processing, be used for controlling the peripheral drive program 285 of peripheral equipment (262,272), and be used for finishing safety control module 286, program updates processing module 287 and the message broadcasting processing module 288 of particular job with each main frame.In addition, terminal processes device 260,270,280 is according to operator's position difference, must set its authority and executable operations by a control of authority module 289, generally can divide into the person in charge with terminal processes device and teller with two kinds in terminal processes device.The person in charge is commonly defined as the terminal processes device that the person in charge logins with the terminal processes device and has the person in charge's execution authority, and the teller is commonly defined as the terminal processes device that the sales counter personnel login with the terminal processes device and has teller's execution authority.Then cooperate every workflow described later to illustrate in the lump as for detailed operating process.
In addition, as shown in Figure 2, wherein terminal processes device 260,270 also illustrates the peripheral equipment 262,272 that is connected to other, and this wherein can comprise deposits Zhe printer, subpoena printer, PIN PAD, magnetic stripe reader, barcode scanner, mends Zhe machine or the like automatically.Described different peripheral equipment must be controlled by individual other driver, repeats no more herein.
Communication apparatus 290 in transaction system 20 then is to be responsible for by special line communication network and agency's 30 lines, has generally comprised the modem of message formatization and is responsible for finding router of destination address or the like on the special line communication network.On the other hand, distinguishing that 30 at thing place has corresponding communication apparatus 330, by the network 300 of inside, in order to terminal processes device 310,320 and the peripheral equipment 322 thereof that connects other.Basically, do not need to be provided with the main frame/servomechanism group as transaction system in agency, the terminal processes device that the person in charge and sales counter personnel user can directly be set gets final product.Should be noted that, transaction system 20 and distinguish between the thing place 30 it is to transmit by " the Internet " communication, but because " the Internet " communication network is an open communication structure, so all transmission data all need just can guarantee its security through encryption.This encryption must meet confidentiality (other people can't sense data), can not alter (preventing that other people from revising the data of financial transaction in the transmission) but and identification source (preventing that other people from replacing data of financial transaction in the transmission with the data of vacation) or the like requirement, for example various data encryption technologys (for example DES, RSA) and various digital signature technology repeat no more herein.
Software configuration
As previously mentioned, transaction processing servomechanism 220 has the module that is used for carrying out various specific functions.Wherein switching on and shutting down processing module 221, transaction processing module 223 and 224 respective modules that can be engaged in the employed terminal processes device of operator of application program processing module, the function of carrying out general operation and concluding the business.With the next function of describing these modules respectively.
Switching on and shutting down processing module 211 is the startup and shutdown basic procedure operations that are used for carrying out transaction system main frame group.
Transaction processing module 223 is the input and output functions that are used for handling various transaction operations, comprising input data compositions, output data reception and relevant peripheral device processes or the like work.
Application program processing module 224 is to be used for carrying out the application program that can independently carry out in the transaction system 20, as business such as loan, collections.
In addition; in the present embodiment in order to solve safety control defective and broken string or shutdown or the like the situation in the known bank computer system; in transaction processing servomechanism 220, comprised safety control module 222, be responsible for authorization handler module 225 and processed offline module 226, in order to handle safety control, to be responsible for mandate and processed offline or the like problem.The then explanation in the lump in the aftermentioned operating process of described these modules.
On the other hand, on the terminal processes device, then has corresponding processing module, for example safety control module 286, program updates processing module 28 7 and message broadcasting processing module 288.Same, the also explanation in the lump in operating process described later of these modules.
As for the data structure part in the transaction system of present embodiment, then be in the database servomechanism 230 that is stored among the servomechanism group.
Operating process
Fig. 3 represents in the embodiment of the invention, the structural representation of the system software in transaction system (comprising program module and database).As shown in the figure, database servomechanism 230 is used for storing the required data of various associative operation flow processs, and under the consideration of security, wherein data should be protected with suitable cipher mode in each database.In addition, 222 of the safety control modules in the transaction processing servomechanism 220 are to cooperate corresponding terminal processes device, are used to provide safety control function; In addition, being responsible for 225 of authorization modules is to cooperate corresponding terminal processes device, is used to provide person in charge's authorization function of networking; In addition, 226 of processed offline modules are to be used for handling the unexpected situation of shutting down, break or the like.Message broadcasting servomechanism 240 then is the message broadcasting processing module 288 that cooperates terminal processes device 260, is used for handling the message broadcast capability.At last, 250 of program updates servomechanisms are the program updates processing modules 287 that cooperates terminal processes device 260, are used for the handling procedure update functions.Structure and corresponding process flow diagram below in conjunction with Fig. 3 describe the every function in the present embodiment in detail.
(1) safety control operating process
In the safety control function of present embodiment, except possessing general safety control, for example when the servomechanism line of terminal processes device and transaction, can check its device authentication data, be terminal processes device code name (ID) or IP address; When the sales counter personnel login the terminal processes device, must carry out and login flow process (comprising input user code name and password); The password of authentication usefulness just can be stored in the code data 234 in the database servomechanism 230 after must passing through mess code (scrambling) processing; Preestablish each person in charge and sales counter personnel's trading privilege and administration authority.For the password of authentication usefulness, the security control operation in the present embodiment is particularly including following two mechanism, so that increase the security of password.
1. password forces change: when password surpasses a prescribed timelimit after setting, must force the user to change password.
2. password limits principle: formulate the principle that password limits for preventing that password from being cracked easily, and all qualification principles that the user needs compliance with system to set when setting code, this qualification principle can be set according to actual demand, for example:
(a) must not be identical with the password of having set of first last stipulated number;
(b) must not be for single same numbers or literal (for example 11111 or bbbbb), also must not have the numeral (for example cdefg or 13579) of consecutive numbers or equal difference.
(C) must not be identical with personal data such as operator's use title, birthdates.
Fig. 4 represents the process flow diagram of safety control operation in the present embodiment.This safety control operating process mainly is to be undertaken by the safety control module in the transaction processing servomechanism 220 222.At first, the terminal processes device is started shooting, and the verify data of corresponding this terminal processes device is sent to safety control module 222 (step S100).The code (ID) that described verify data generally can comprise this terminal processes device with and institute's predetermined IP address.The then safety control module on the servomechanism 222 verify data whether correct (step S102) that can check the terminal processes devices.If safety control module 222 can't find corresponding data, then terminal processes device boot failure (step S104).If successful, then picture appears logining in the terminal processes device, requires input user data, comprises user's code and password (step S106).
After the operator finished input and is sent to safety control module 222, safety control module 222 just can be according to the code data in the database servomechanism 230 and user's data, and correctly whether the data that inspection is imported (step S108).Described password and user's data also can be stored in the line acquisition via the communication servomechanism in head office's main frame.If when the continuous input error password of operator's this moment surpasses stipulated number (step S110), then can on this terminal processes device, demonstrate the message of logining failure, and limit this user and must not login operation (step S112) again.Described regulation errors number can be adjusted according to actual environment.
On the other hand, if the data that the operator imported are correct, safety control module 222 can check further whether the setting date of its password surpasses certain time limit (step S114), for example 15 days.If the setting date of this password does not go beyond the time limit, then success is logined in expression, and the control system of terminal processes device begins to start (step S116).On the other hand, if the setting date of this password goes beyond the time limit, then safety control module 222 can automatically perform and upgrade the password flow process, requires the user to input new password (step S118).Safety control module 222 must compare the new password of being inputed, and whether the predefined password of compliance with system limits principle (step S120).If meet, then represent password change success (step S122), and the control system of end equipment can also begin to start at this moment.
Except described password check and keyholed back plate flow process, the safety control module 222 in the present embodiment also provides other subsidiary function to strengthen its security mechanism, comprising forcing sign-out function and suspending and use the control function.
Forcing sign-out function is under specific circumstances, and the person in charge can promptly force specific teller sign-out automatically.Fig. 5 represents the process flow diagram that forces sign-out function of safety control operation in the present embodiment.As shown in Figure 5, this function is when being responsible for request and forcing sign-out specific teller.At first, safety control module 222 can receive from being responsible for what the terminal processes device was sent here and force sign-out request (step S200).Now, safety control module 222 can check whether the requestor has the authority (step S202) of carrying out this function.
If there is not this authority, then can replies message and represent to carry out failure (step S204).If be to send from the person in charge with this authority really, then safety control module 222 can require this requestor, and input will be specified sign-out teller's code (step S206).After receiving this teller's code, safety control module 222 just can be finished this function with this teller sign-out (step S208) from employed terminal processes device.
Suspend using the control function then is when the terminal processes device does not carry out any operation in a fixed time time (for example input device), automatically performs in order to prevent other people from invading transaction system by this terminal processes device to suspend use control function and come operator on automatically sign-out this terminal processes device.Fig. 6 represents that the time-out of safety control operation in the present embodiment uses the process flow diagram of control function.As shown in Figure 6, this function is mouse, keyboard or other device that detects itself from a certain terminal processes device voluntarily, is not used beginning in a period of time.At first, the terminal processes device mouse or the keyboard that detect oneself is not used and reaches a period of time (step S300), for example 30 minutes.Then, this terminal processes device can be sent to safety control module 222 (step S302) with this message (comprising present logged user's information).After receiving these messages, whether still safety control module 222 can check on these terminal processes devices under the state of transaction processing (step S304) earlier.If do not carry out transaction processing at present, then safety control module 222 can automatically be carried out sign-out function (step S306).
On the other hand, if this terminal processes device still has transaction to carry out at present, then safety control module 222 can be notified this terminal processes device (step S308) earlier, transfers to its inner corresponding module and handles.At this moment, the terminal processes device can freeze the state of present transaction processing earlier, and requires present operator to input its user's password (step S310).When the operator inputed its password, correctly whether the password that safety control module 222 meeting inspections are inputed (step S312).If proper password represents that this terminal processes device is still under the state of safety, so the transaction processing state (step S314) that just can recover originally to freeze is proceeded transaction.If but safety control module 222 checks that the number of times of input password mistake is above limiting number of times (step S316), then safety control module 222 can be sent the present stateful transaction of control system interruption of message notice terminal processes device, and automatically perform sign-out function (step S318), use the security that ensures transaction.
Therefore in the safety control function of present embodiment, except being strengthened for the setting management of password, force function sign-out and system halt use control by the person in charge simultaneously, can also in operating process, prevent possible cheating phenomenon, improve the security of system.
(2) be responsible for the Authorized operation flow process
Person in charge's authorization function of present embodiment is to be used for handling operating via being responsible for the transaction of authorizing.
Fig. 7 represents in the present embodiment to be responsible for the process flow diagram of Authorized operation, and it mainly is to utilize person in charge's authorization module 225 in the transaction processing servomechanism 220 and the safety control module 286 in each terminal processes device to carry out.
Below describe its flow process in detail.
At first, the safety control module 286 in each terminal processes device all can be checked and whether need authorize (step S400) via being responsible for for each transaction processing.If do not need, then this transaction processing can be proceeded (step S402).If but present transaction processing is to need to be responsible for to authorize just can carry out, then the safety control module 286 in this terminal processes device can require the sales counter personnel to import earlier and specify person in charge's data (step S404) of authorizing, for example recognizable information of the code that should be responsible for or the like.Then, safety control module 286 is sent to person in charge's authorization module 225 (step S406) of transaction processing servomechanism 220 just with person in charge's data of specified mandate and the transaction picture that needs mandate.
When transaction processing servomechanism 220 successfully receives the transaction picture of specifying mandate person in charge's data and needing to authorize, be responsible for authorization module 225 and just can be responsible for data, the transaction picture of needs mandate is sent to designated mandate is responsible on the terminal processes device at place (step S408) according to the appointment mandate that is received.Then, this person in charge place terminal processes device just can show the transaction picture that needs are authorized, and asks the person in charge for instructions and whether checks and approves (step S410).Then, if being responsible for, this mandate in limiting time, do not authorize (step S412), then be considered as unauthorized, this is responsible for the terminal processes device just with undelegated message, transfer back to person in charge's authorization module 225 (step S416) of transaction processing servomechanism 220, be responsible for authorization module 225 and this unauthorized message replied to this teller used the terminal processes device again, in using here transaction processing carry out (step S418).
On the other hand, whether the person in charge can determine deal at the appointed time to handle and check and approve, this can realize by the mode that direct input or utilization are swiped the card, the message of whether checking and approving is transferred back to person in charge's authorization module 225 of transaction processing servomechanism 220, sends former teller again back to terminal processes device (step S414) and be responsible for authorization module 225.Check and approve this authorized transactions if be responsible for, then can continuous business handle (step S402), if do not check and approve, then can in here transaction processing carry out (step S418).
The treatment scheme that the described person in charge authorizes can be accelerated the general process of being responsible for mandate, alleviates to be responsible for the workload of authorizing, and also can handle the transaction that needs mandate simultaneously more quickly.
(3) processed offline operating process
The arm's length transaction of present embodiment is handled, and be to carry out when being set in transaction with head office's main frame 10 lines, yet the situation of communicating interrupt still can take place network system sometimes.When transaction system and head office's main frame 19 are off-line state, just can't carry out general transaction processing according to normal mode, then be that processed offline module 226 by transaction processing servomechanism 220 starts off-line operation and carries out transaction processing in the present embodiment.The off-line operation flow process of present embodiment can directly be handled not the type of transaction that must line also can carry out, that is the database in this type of transaction and the head office's main frame 10 is irrelevant, for example registers customer data, handles the transaction account data, inquires about transaction transaction journal record data or the like.In addition, the off-line operation flow process of present embodiment also can processing section and the relevant type of transaction of head office's database, must temporarily be stored in handled transaction records in the database servomechanism this moment, recognizes the post-treatment operations of the database of data, renewal head office when the system recovery line more automatically.
Fig. 8 represents the process flow diagram of the off-line operation of present embodiment, the situation during in order to the processing off-line state, and it mainly is processed offline module 226 controls by transaction processing servomechanism 220.At first, when the communication servomechanism 210 in the transaction system detects off-line state (step S500), just can start the processed offline module 226 (step S502) in the transaction processing servomechanism 220.Then, processed offline module 226 just can be set at the state of working offline with the various terminal processes devices in the transaction, so that the transaction processing flow process (step S504) when beginning to carry out off-line.Then in subsequent transaction was handled, each terminal processes device can be sent to all data of off-line trading processed offline module 226 (step S506).Processed offline module 226 is then handled the data of these off-line tradings, and it is stored in (step S508) in the database servomechanism.
Fig. 9 represents the process flow diagram of the operation that resumes connections of present embodiment, in order to handle after off-line state again the situation with head office's main frame 10 lines.At first, when communication servomechanism 210 detect and 10 circuits of head office's main frame recover normal after (step S510), communication servomechanism 210 just can be carried out the operation (step S512) that resumes connections.Then, the off-line trading data that processed offline module 226 is stored during just with off-line are sent to head office's main frame 10, so that the operation (step S514) of recognizing and upgrading.
After finishing recognition and upgrading operation, each the terminal processes device in processed offline module 226 just will be concluded the business is reset to the state of line work, can carry out the transaction processing (step S516) under the normal condition.
(4) message broadcast operation flow process
Figure 10 represents the process flow diagram of the message broadcast operation of present embodiment.At first, head office's main frame 10 starts the message broadcast module (not shown) of himself, and the message (step S600) of input desire broadcasting.
Then, the message broadcast system of head office's main frame 10 is broadcasted servomechanism 240 (step S602) with the message that the message of importing is sent in the transaction system.Message broadcasting servomechanism 240 in the transaction system can receive from the broadcast message of head office's main frame 10 or import the message that desire is broadcasted voluntarily, cooperate the message display mode (for example " generally " and " immediately ") that sets, these messages are sent to the message broadcasting processing module 288 (step S604) of terminal processes device in the transaction system.At last, the message of each terminal processes device broadcasting processing module 288 just can be according to the display mode that sets, and is presented at the message content on the screen immediately or shows that on screen receiving the message notice then opens reading voluntarily by the operator.
By described message broadcast operation, the generality or the message of immediacy can by transaction system chain network or and head office between wire net, be delivered to apace on all terminal processes devices, reach needed message broadcast capability.
(5) program updates operating process
In the present embodiment, program updates has comprised the program updates operation of transaction main frame/servomechanism and the program updates operation on the terminal processes device.
Figure 11 represents that the transaction mainframe program upgrades the process flow diagram of operating in the present embodiment, at first, when the main frame of transaction system is started shooting (step S700), whether program updates servomechanism 250 can be checked earlier to have in the database servomechanism 230 in the transaction systems and upgrade the program (step S702) of using.If have, then can automatically perform this renewal and carry out program updates (step S704) with program.If no, the main frame of then concluding the business can continue to finish start operation, and carries out line (step S706) with head office main frame 10.In case after the success of head office main frame 10 lines, whether the program updating system that 250 of the program updates servomechanisms in the transaction system can detect in head office's main frame 10 has refresh routine (step S708).If refresh routine is arranged, then program updates servomechanism 250 can be downloaded this refresh routine and be stored (step S710), automatically performs this refresh routine again and upgrades (step S704).If do not have, then expression does not need to upgrade, and therefore directly enters general mode of operation (step S712).In addition, head office's main frame also can initiatively be sent to refresh routine the database of each transaction system and store, and this transaction system automatically performs renewal when starting shooting next time.
Figure 12 represents the process flow diagram of the program updates operation of transaction terminal treating apparatus in the present embodiment.Same, when this terminal processes device start (step S720), the program updates processing module 287 in the terminal processes device can check in the database servomechanism 230 whether the employed refresh routine of terminal processes device (step S722) is arranged.If have, then automatically perform this refresh routine (step S724).If do not have, represent that then the terminal processes device start shooting successfully, with the main frame line of concluding the business after (step S726), enter general operation state (step S728).
In described program updates operation,, finish the start operation again owing to no matter be that servomechanism or terminal processes device all are at the checked operation of carrying out refresh routine once starting shooting, and when refresh routine is arranged, carry out program updates immediately.Therefore servomechanism or terminal processes device in can guaranteeing to conclude the business are to operate with up-to-date program.
Though the present invention is described with a preferred embodiment; but described embodiment is not in order to limit the present invention; those of ordinary skills; without departing from the spirit and scope of the present invention; can do some changes and retouching, so protection scope of the present invention is as the criterion with the scope that accompanying Claim was defined.

Claims (19)

1. the transaction system of the keyholed back plate that tightens security, it comprises:
One link network;
One communication servomechanism is in order to line one external host and connect described link network;
At least one servomechanism installation connects described link network, in order to by described communication servomechanism and described external host line;
At least one terminal processes device connects described link network, in order to pass through described link network and described servomechanism installation line;
Wherein said terminal processes device receives the data of logining that described operator imports when logining described terminal processes device as an operator, and this is logined data and has the password of logining at least, and in order to provide logged operator to ask to carry out trading function;
Wherein said servomechanism installation storage is corresponding to legal operator's password of at least one legal operator;
Wherein said servomechanism installation has a safety control module, in order to according to described legal operator's password, checks that the operator of described terminal processes device inputs the described password of logining to judge whether allowing described operator to login;
Wherein said safety control module, in order to judge whether described legal operator's password meets a password and limit principle, this password limits principle and has not accessed to your password identical with corresponding described legal operator at least one in order to limit described legal operator's password, and the life period of this legal operator's password surpasses a prescribed timelimit, described safety control module starts a process, in order to force the described legal operator's password of change; And
Wherein said servomechanism installation has a transaction processing module and an application program processing module, in order to carry out the trading function that described logged operator asks.
2. transaction system as claimed in claim 1, wherein said transaction terminal treating apparatus comprises:
At least one operator's terminal processes device connects described link network, in order to pass through described link network and described servomechanism installation line;
At least one person in charge's terminal processes device connects described link network, in order to pass through described link network and described servomechanism installation line;
Terminal processes device wherein, in order to provide described logged operator to ask to carry out trading function, and request carry out one need to authorize transaction the time, the transaction data of needs mandate is sent to described servomechanism installation, and receives this servomechanism installation and pass the relevent information of whether authorizing back;
Wherein said servomechanism installation has one and is responsible for authorization module, need the transaction data of authorizing on described operator's terminal processes device in order to be received in, be sent to described person in charge's terminal processes device, and receive this person in charge's terminal processes device and reply the relevent information whether described transaction data authorizes, pass described operator's terminal processes device back; And
Wherein said person in charge's terminal processes device in order to receiving and to show the transaction data of described needs mandate, and will be replied the relevent information of whether authorizing and pass described servomechanism installation back.
3. transaction system as claimed in claim 1, wherein said safety control module has legal operator's instruction of forcing sign-out authority according to one, in order to force the sign-out described terminal processes device of described logged operator; And wherein said servomechanism installation stores the legal operator's who forces sign-out authority permissions data.
4. transaction system as claimed in claim 2, wherein said safety control module has the person in charge operator instruction of forcing sign-out authority according to one, in order to force the sign-out described operator's terminal processes device of described logged operator; And wherein said servomechanism installation stores the person in charge operator's who forces sign-out authority permissions data.
5. as claim 1 and 2 described transaction systems, wherein said safety control module does not use a stipulated time according to the terminal processes device, in order to force the sign-out described terminal processes device of described logged operator; And wherein said safety control module does not use a stipulated time according to the terminal processes device and this terminal processes device is in the stateful transaction, in order to freeze the transaction processing state of this terminal processes device.
6. as claim 1 and 2 described transaction systems, wherein said servomechanism installation also has a processed offline module, in order to the operation of handling described communication servomechanism and described external host off-line and resuming connections.
7. as claim 1 and 2 described transaction systems, wherein said servomechanism installation is sent to described terminal processes device in order to a broadcast message by described link network.
8. as claim 1 and 2 described transaction systems, wherein said servomechanism installation, then upgrades according to the refresh routine of being stored when described servomechanism installation is started shooting in order to the storage update program; And wherein said servomechanism installation is stored in order to down loading updating program to described servomechanism installation by described communication servomechanism.
9. as claim 1 and 2 described transaction systems, wherein also comprise a communication device, in order to far-end line one exterior terminal treating apparatus.
10. transaction method of using a transaction system with the keyholed back plate that tightens security, this transaction system has a link network; One communication servomechanism is in order to line one external host and connect described link network; At least one servomechanism installation connects described link network, in order to by described communication servomechanism and described external host line; And at least one terminal processes device, connect described link network, in order to pass through described link network and described servomechanism installation line; It comprises the following steps:
When an operator logins described terminal processes device, receive the data of logining that described operator imports, the described data of logining have the password of logining at least;
Transmit the described data of logining to described servomechanism installation;
According to stored in the described servomechanism installation corresponding at least one legal operator's legal operator's password and the described password of logining that is received, determine whether described operator is legal operator, if legal operator then allows to login this terminal processes device;
When described operator is legal operator, judge whether the life period of corresponding described legal operator's password surpasses a prescribed timelimit;
When the life period of described legal operator's password surpasses described prescribed timelimit, force the described legal operator's password of change, wherein Bian Geng described legal operator's password meets a password and limits principle, has not accessed to your password identical with corresponding described legal operator at least one in order to limit described legal operator's password; And
Described terminal processes device provides logged legal operator to ask to carry out the function of transaction, and carries out trading function by described servomechanism installation.
11. method as claimed in claim 10 wherein also comprises step:
Have and force the legal operator of sign-out authority to assign an instruction, in order to force the sign-out described terminal processes device of described logged operator.
12. method as claimed in claim 10 wherein also comprises the steps:
Whether normally detect with the line of described external host;
When and described external host between during off-line, the transaction data of described terminal processes device is stored in described servomechanism installation; And
When resuming connections, upgrade described external host with the described transaction data of storing with described external host.
13. method as claimed in claim 10 wherein also comprises the following steps:
Described servomechanism installation receives a broadcast message; And
Be sent to described terminal processes device by described link network.
14. method as claimed in claim 10 wherein also comprises the following steps:
Described servomechanism installation is by described communication servomechanism, by described external host down loading updating program to described servomechanism installation;
When described servomechanism installation is started shooting, upgrade according to the refresh routine that is stored in described servomechanism installation; And
When described terminal processes device was started shooting, by described link network, the refresh routine of storing according to described servomechanism installation upgraded.
15. method as claimed in claim 10, wherein said transaction system also comprise at least one operator's terminal processes device, connect described link network, in order to by described link network and described servomechanism installation on line; And at least one person in charge's terminal processes device, connect described link network, in order to by described link network and described servomechanism installation on line; Wherein this method also comprises the following steps:
When described operator's terminal processes device carry out one need to authorize transaction the time, the transaction data of needs mandate is sent to described servomechanism installation;
Described servomechanism installation is received in needs the transaction data of authorizing on described operator's terminal processes device, be sent to specified described person in charge's terminal processes device;
When described person in charge's terminal processes device received the described transaction that needs to authorize, showing needed the transaction data of authorizing, and the relevent information that will whether authorize is passed described servomechanism installation back; And
The relevent information whether described servomechanism installation authorizes transaction data is passed described operator's terminal processes device back.
16. method as claimed in claim 15 wherein also comprises step:
Have and force the person in charge operator of sign-out authority to assign an instruction, in order to force the sign-out described operator's terminal processes device of described logged operator.
17. method as claimed in claim 15 wherein also comprises the steps:
Whether normally detect with the line of described external host;
When and described external host between during off-line, the transaction data of described terminal processes device is stored in described servomechanism installation; And
When resuming connections, upgrade described external host with the described transaction data of storing with described external host.
18. method as claimed in claim 15 wherein also comprises the following steps:
Described servomechanism installation receives a broadcast message; And
Be sent to described terminal processes device by described link network.
19. method as claimed in claim 15 wherein also comprises the following steps:
Described servomechanism installation is by described communication servomechanism, by described external host down loading updating program to described servomechanism installation;
When described servomechanism installation is started shooting, upgrade according to the refresh routine that is stored in described servomechanism installation; And
When described terminal processes device was started shooting, by described link network, the refresh routine of storing according to described servomechanism installation upgraded.
CNB011012250A 2001-01-09 2001-01-09 Trade system with intensified safety control function Expired - Fee Related CN1148662C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB011012250A CN1148662C (en) 2001-01-09 2001-01-09 Trade system with intensified safety control function

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB011012250A CN1148662C (en) 2001-01-09 2001-01-09 Trade system with intensified safety control function

Publications (2)

Publication Number Publication Date
CN1365055A CN1365055A (en) 2002-08-21
CN1148662C true CN1148662C (en) 2004-05-05

Family

ID=4651997

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB011012250A Expired - Fee Related CN1148662C (en) 2001-01-09 2001-01-09 Trade system with intensified safety control function

Country Status (1)

Country Link
CN (1) CN1148662C (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1913431A (en) * 2006-08-24 2007-02-14 华为技术有限公司 Method and system of user password for managing network equipment and password management server
JP5033458B2 (en) * 2007-04-03 2012-09-26 日立オムロンターミナルソリューションズ株式会社 Trading system
CN101159715B (en) * 2007-11-16 2010-11-10 腾讯科技(深圳)有限公司 Safety information checking method and safety information checking device and client terminal

Also Published As

Publication number Publication date
CN1365055A (en) 2002-08-21

Similar Documents

Publication Publication Date Title
US6993556B1 (en) Context administrator
US9075986B1 (en) Systems and methods for software application security management
US9576111B2 (en) Uniform modular framework for a host computer system
US7278021B2 (en) Information processing device, information processing system, authentication method, storage medium and program
CN2667807Y (en) Network bank with device for encrypting and idetificating utilizing USB key
US8127338B2 (en) System and program product for automatically managing information privacy
US20070266234A1 (en) Information processing system
CN1547142A (en) A dynamic identity certification method and system
CN1688953A (en) Methods and apparatus for dynamic user authentication
US20050138421A1 (en) Server mediated security token access
CN1474986A (en) System and method for providing supervision of plurality of financial services terminals
US20040003322A1 (en) Method and apparatus for maintaining data integrity using a system management processor
CN1681260A (en) Processing system between enterprise and bank service abutting joint
KR19980063418A (en) Computer apparatus and method for providing a common user interface for software applications accessed through the World Wide Web
CN1271448A (en) Portable electronic device for safe communication system, and method for initialising its parameters
CN1229737C (en) Total system for preventing information outflow from inside
CN1977256A (en) Remote access system, gateway, client device, program, and storage medium
JP2002529008A (en) Apparatus and method for managing key material in disparate cryptographic assets
MX2011002423A (en) Authorization of server operations.
AU2005307724A1 (en) Methods and systems for use in biomeiric authentication and/or identification
CN1633084A (en) Token-based fine granularity access control system and method for application server
CN1694405A (en) System and method of remote computer service
WO2024045955A1 (en) Document processing method, apparatus and device for realizing ia by combining rpa and ai, and medium
GB2475787A (en) Accessing remote data or programs via a shell application from a portable memory device running in a virtual machine on a PC
CN1148662C (en) Trade system with intensified safety control function

Legal Events

Date Code Title Description
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C06 Publication
PB01 Publication
C14 Grant of patent or utility model
GR01 Patent grant
C56 Change in the name or address of the patentee

Owner name: JINGCHENG INFORMATION CO., LTD.

Free format text: FORMER NAME OR ADDRESS: JINGYE CO., LTD.

CP01 Change in the name or title of a patent holder

Address after: Taipei city of Taiwan Province

Patentee after: Jingcheng Information Co., Ltd.

Address before: Taipei city of Taiwan Province

Patentee before: Jingye Co., Ltd.

C19 Lapse of patent right due to non-payment of the annual fee
CF01 Termination of patent right due to non-payment of annual fee