201006199 九、發明說明: 【發明所屬的技術領域】 本發明涉及一種服務推播技術,尤其涉及一種用於行 動終端裝置上的安全機制。 【先前技術】 近年來行動廣告的所以成為風行的話題,無線通訊的 進步居功蹶偉。自從GSM行動網路普及之後,發送文字 簡訊逐漸成為產品宣傳的方式的一 ’而後無線應用協議 〇 (Wireless Application Protocol,WAP)的出現,讓行動廣告 的變化更多了,其不僅能快速下载聲音、螢幕圖樣,還有 許多電子優惠券、遊戲可供使用。 然而,由於WAP推播(WAP Push)規格書的規範,推播 祠服器(Push Initiator)可於未認證的情形下,主動將推 播訊息透過推播代理閘道器(Push Proxy Gateway )傳送到 用戶端的行動裝置上,而當使用者的行動裝置收到該推播 $ 訊息時’該行動裝置會立即連線至該推播初始器,之後該 推播初始器再將廣告訊息内容回復至該行動裝置。因此, 使用者可能接收到未經同意的連線請求、惡意的内容傳 送、未經同意的Push訊息等 因此,如何有效過濾並控管經由WAP push而接收到 廣告數量,成為以行動廣告為一種商業模式所必須考慮的 要素的一。 【發明内容】 鑒於以上内容,有必要提供一種控制網路推播資訊的 201006199 '· 系統及其方法,其可通過設置一白名單(White List)而達到 - 可有效過瀘並控管經由WAP Push而接收到的廣告數量。 一種控制網路推播資訊的系統,該等系統包含:設置 有一白名單的行動裝置,一推播初始器,及一推播代理飼 服器,其中該白名單包含至少一位址。該推播初始器用於 發出推播訊息的服務通知’而該推播代理伺服器用於在接 Φ 收該推播訊息的服務通知後,通過一推播空中協定將談服 務通知傳送至該等行動裝置。該行動裝置在接收到該^務 通知後,認證該推播訊息的來源位址是否存在於談白% 單,若該地址存在於該白名單,該行動裝置則進一步連 到該推播初始器以操取該推播訊息。 線 一種網路推播資訊的控制方法,該方法包括如下+ 驟:於一行動裝置上設置一白名單,該白名單包含至少二 位址;接收由一推播初始器發出且經由一推播代理词服。 傳送的一推播訊息的服務通知;認證該服務通知的來源器 ❹址是否存在於該白名單;及如果該服務通知的來源位址= 在於該白名單,該行動褒置則進一步連線到該推播初始: 以擷取該推播訊息。 °盗 相較於習知技術,本發明提供的控制網路推播資气 系統及方法,其通過設置一白名單過遽不明來源的推播切 息,如此-來,可有效控管傳送到該行動裳置的推 訊 【實施方式】 ° 圖1所示為本發明t控制網路推播資訊系統 系統100,,)的較佳實施例的系統架構圖。本系統⑽包含= 201006199 订動裝置10、一推播代理伺服器20及一推播初始器30。 於本較佳實施例中’該推播代理伺服器2〇安裝於行動 裳置10的移動營運商(Internet Service Provider),用於將資 5扎發送至該移動營運商所服務的用戶。該推播初始器30連 接至網際網路上’且其用於將夾帶有資訊的相關推播訊息 傳送至該行動裴置1〇,該資訊可能是股票行情、商店促銷 活動、及活動資訊…等。 ❹、在其他實施例中,該推播初始器30可能也安裝移動營 ,商處,用於將移動營運商所欲廣告的資訊發送到用戶 端。此外’還可能是由同一台伺服器同時執行該推播代理 伺服器20與該推播初始器30的相關功能。 首先,當推播初始器30欲發送一推播訊息到該行動裝 〇時,其必需知道行動裝置10的位址,才能通過網際網 的推播存取協議(Push Access Protocol)將推播訊息 的服務通知(Service Indication)以文字型態傳送至該推播 _ 代理伺服器20。 推播代理伺服器20是網際網路和無線網路的間的進入 ··。虽推播代理伺服器20接收到推播訊息的服務通知(文字 t L)時,其會針對該推播訊息進行一些必要的處理,例如 將文字型態的服務通知轉換成二進位型態的服務通知。之 後’該推播代理伺服器2〇利用推播空中協議(push 〇ver-the-Air,Push OTA)將這些推播訊息的服務通知傳送 到指定的行動裝置10,其中該推播空中協議係架構於無線 會。義協 §義(Wireless Session Protocol)上。 201006199 於本實施例中,該行動裝置ίο上設置—白名單,其於 收到該推播息的服務通知後’針對發出該推播訊息的推 播初始器30的來源位址進行認證。若該推播訊息的來源位 址不存在於該白名單,則該行動裝置1〇直接丟棄該推播訊 息,而不再進一步連線至該推播初始器3〇。若該推播訊息 的來源位址存在於該白名單,則該行動裝置1〇利用一WAp 取得(WAP Get)方式連上該推播代理伺服器2〇。 當該推播代理飼服器20收到來自該WAP取得的請求 ® 後,其依據該推播訊息内所註明的的網址,利用HTTP取得 (HTTP Get)方式連上推播初始器3〇以擷取該推播訊息的詳 細内容。 之後’該推播初始器30利用HTTP回應(HTTP Response) 的方式將文字型態的資訊頁面傳送到推播代理伺服器2〇。 應注意的是,此時’該資訊頁面是以無線標記語言(wireless Markup Language)編碼成文字型態。 _ 當該推播代理伺服器2〇收到該資訊頁面時,其會將該 廣告内容再進一步編輯成二進位型態,為了減少該廣告内 容所需浪費的系統資源,該推播代理伺服器2〇再以WAp回 應(WAP Response)方式將該二進位元型態的資訊頁面傳送 至該行動裝置10。 圖4所示為本發明中網路推播資訊控制方法的較佳實 施例的流程圖。首先,步驟S2,該推播初始器3〇通過推播 存取協定將該推播訊息的服務通知以文字型態傳送至該推 播代理伺服器20。步驟S4,該推播代理伺服器2〇通過推播 201006199 空中協議將該推播訊的服務型態以二進位型態傳送至該推 * 播初始器30。步驟S6,該行動裝置10依據一白名單認證該 推播服務的來源位址。若該來源位址存在於該白名單,於 步驟S8,該行動裝置10利用一 WAP取得的方式連線至該推 播代理伺服器20。之後,於步驟S10,該推播代理伺服器 20依據該推播訊息内所注明的的網址,利用HTTP取得方式 連上推播初始器30以擷取信息。 於步驟S12,該推播初始器30利用HTTP回應的方式將 〇 文字型態的資訊頁面傳送到推播代理伺服器20。最後,於 步驟S14,該推播代理伺服器20將二進位型態的資訊頁面 傳送到行動裝置10,並結束本流程。 於本實施例中,該白名單是儲存於該行動裝置10,因 此該認證程序是於該行動裝置10上執行。於其他實施例 中,為了進一步節省行動裝置10的系統資源,使用者可進 一步將其所設定的白名單上傳到該推播代理伺服器20,由 ^ 該推播代理伺服器20進行此認證程序。此時,當該推播代 ❿ 理伺服器20僅於該推播訊息的來源位址通過認證時,才通 過推播空中協議將該推播訊的服務型態以二進位型態傳送 至該推播初始器30。 另外,為了進一步減少用戶收到來自不明推播初始器 的廣告訊息,移動營運商也可自行於推播代理伺服器20設 置一代理伺服器端的白名單,並於經過使用者同意之後, 利用該代理伺服器端的白名單主動阻擋來路不明的廣告訊 201006199 综上該等,本發明符合發明專利要件,爰依法提出專 利申請。惟,以上所述者僅為本發明的較佳實施例,本發 明的範圍並不以上述實施例為限,舉凡熟悉本案技藝的人 士援依本發明的精神所作的等效修飾或變化,皆應涵蓋於 以下申請專利範圍内。 【圖式簡單說明】 圖1為本發明中控制網路推播資訊系統之較佳實施例 的系統架構圖。 圖2為本發明中網路推播資訊控制方法之較佳實施例 的流程圖。 【主要元件符號說明】 控制網路推播資訊系統系統 100 行動裝置 10 推播代理伺服器 20 推播初始器 30 11201006199 IX. Description of the Invention: [Technical Field] The present invention relates to a service push technology, and more particularly to a security mechanism for use on a mobile terminal device. [Prior Art] In recent years, mobile advertising has become a popular topic, and the progress of wireless communication has been greatly improved. Since the popularity of the GSM mobile network, sending text messages has gradually become a way of product promotion. Then the emergence of the Wireless Application Protocol (WAP) has made mobile advertising more changeable. It not only can download sounds quickly. , screen graphics, and many electronic coupons and games are available. However, due to the specification of the WAP Push specification, the Push Initiator can actively transmit the push message through the Push Proxy Gateway in the unauthenticated situation. Going to the mobile device of the client, and when the user's mobile device receives the push message, the mobile device will immediately connect to the push initiator, and then the push initializer will reply the content of the advertisement message to The mobile device. Therefore, the user may receive an unsolicited connection request, malicious content transmission, unapproved Push message, etc. Therefore, how to effectively filter and control the number of advertisements received through the WAP push becomes a kind of action advertisement One of the elements that must be considered in the business model. SUMMARY OF THE INVENTION In view of the above, it is necessary to provide a 201006199 '· system and method for controlling network push information, which can be achieved by setting a white list (which can be effectively overridden and controlled via WAP). The number of ads received by Push. A system for controlling network push information, the system comprising: a mobile device having a whitelist, a push launcher, and a push proxy server, wherein the whitelist includes at least one address. The push initializer is configured to send a service notification of the push message, and the push proxy server is configured to transmit the service notification to the broadcast notification by a push air protocol after receiving the service notification of the push message. Mobile device. After receiving the notification, the mobile device authenticates whether the source address of the push message exists in the white list, and if the address exists in the white list, the mobile device further connects to the push initializer. To fetch the push message. A method for controlling network push information, the method comprising the following steps: setting a white list on a mobile device, the white list includes at least two addresses; receiving is sent by a push initializer and transmitted through a push Agent word service. a service notification of a push message transmitted; whether the source address of the service notification is present in the white list; and if the source address of the service notification = in the white list, the action device is further connected to The push initial: to capture the push message. Compared with the prior art, the present invention provides a control network to push the air resource system and method, which can effectively control the transmission to the mobile broadcast by setting a white list over the unknown source. The action of the action is set [Embodiment] ° FIG. 1 is a system architecture diagram of a preferred embodiment of the t-control network push information system 100, . The system (10) includes a 201006199 binding device 10, a push proxy server 20, and a push launcher 30. In the preferred embodiment, the push proxy server 2 is installed in the mobile service provider (Internet Service Provider) for transmitting the payment to the user served by the mobile operator. The push initiator 30 is connected to the Internet and is used to transmit related information about the information to the mobile device, which may be stock quotes, store promotions, event information, etc. . In other embodiments, the push initiator 30 may also install a mobile camp, a business office, for transmitting information desired by the mobile operator to the user. Further, it is also possible that the function of the push proxy server 20 and the push initiator 30 is simultaneously executed by the same server. First, when the push initiator 30 wants to send a push message to the mobile device, it must know the address of the mobile device 10 in order to push the message through the Internet's Push Access Protocol. The Service Indication is transmitted to the push-to-proxy server 20 in text format. The push proxy server 20 is an entry between the Internet and the wireless network. When the push proxy server 20 receives the service notification (text t L) of the push message, it performs some necessary processing on the push message, for example, converting the text type service notification into the binary type. Service notification. Then, the push proxy server 2 transmits a service notification of the push message to the designated mobile device 10 by using a push 空中ver-the-Air (Push OTA), wherein the push air protocol system Architecture is wireless. On the Wireless Session Protocol. 201006199 In this embodiment, the mobile device ίο is provided with a white list, which is authenticated to the source address of the push initiator 30 that issued the push message after receiving the service notification of the push message. If the source address of the push message does not exist in the white list, the mobile device 1 discards the push message directly without further connecting to the push initiator 3〇. If the source address of the push message exists in the white list, the mobile device 1 connects to the push proxy server 2 by using a WAP access method. When the push proxy server 20 receives the request from the WAP, it connects to the push initiator 3 by HTTP (HTTP Get) according to the URL indicated in the push message. Capture the details of the push message. Thereafter, the push initializer 30 transmits the text type information page to the push proxy server 2 by means of an HTTP response. It should be noted that at this time, the information page is encoded into a text type in a wireless markup language. _ When the push proxy server 2 receives the information page, it further edits the advertisement content into a binary type. In order to reduce the wasted system resources required for the advertisement content, the push proxy server 2. The information page of the binary type is transmitted to the mobile device 10 in a WAP response mode. Fig. 4 is a flow chart showing a preferred embodiment of the method for controlling network push information in the present invention. First, in step S2, the push initializer 3 transmits the service notification of the push message to the push proxy server 20 in a text format by a push access protocol. In step S4, the push proxy server 2 transmits the service type of the push broadcast to the push initializer 30 by pushing the 201006199 air protocol. In step S6, the mobile device 10 authenticates the source address of the push service according to a white list. If the source address exists in the whitelist, in step S8, the mobile device 10 connects to the push proxy server 20 in a WAP acquisition manner. Then, in step S10, the push proxy server 20 connects to the push initializer 30 to retrieve the information by using the HTTP acquisition method according to the website address indicated in the push message. In step S12, the push initializer 30 transmits the information page of the 文字 text type to the push proxy server 20 by means of an HTTP response. Finally, in step S14, the push proxy server 20 transmits the information page of the binary type to the mobile device 10, and ends the flow. In the present embodiment, the white list is stored in the mobile device 10, so the authentication procedure is executed on the mobile device 10. In other embodiments, in order to further save system resources of the mobile device 10, the user may further upload the white list set by the user to the push proxy server 20, and the push proxy server 20 performs the authentication procedure. . At this time, when the push proxy server 20 passes the authentication only at the source address of the push message, the service type of the push broadcast is transmitted to the binary type by the push air protocol. The initializer 30 is pushed. In addition, in order to further reduce the user receiving the advertisement message from the unknown push initiator, the mobile operator may also set a white list of the proxy server on the push proxy server 20, and use the user's consent. The whitelist of the proxy server actively blocks the unidentified advertising news 201006199 In summary, the invention complies with the invention patent requirements, and patents are filed according to law. However, the above description is only a preferred embodiment of the present invention, and the scope of the present invention is not limited to the above embodiments, and those skilled in the art will be able to make equivalent modifications or variations in accordance with the spirit of the present invention. It should be covered by the following patent application. BRIEF DESCRIPTION OF THE DRAWINGS Figure 1 is a system architecture diagram of a preferred embodiment of a control network push information system in accordance with the present invention. 2 is a flow chart of a preferred embodiment of a method for controlling network push information in the present invention. [Main component symbol description] Control network push information system 100 Mobile device 10 Push proxy server 20 Push initiator 30 11