Nothing Special   »   [go: up one dir, main page]

CN101304434B - System and method for preventing WAP service from illegally ordering - Google Patents

System and method for preventing WAP service from illegally ordering Download PDF

Info

Publication number
CN101304434B
CN101304434B CN2008101121987A CN200810112198A CN101304434B CN 101304434 B CN101304434 B CN 101304434B CN 2008101121987 A CN2008101121987 A CN 2008101121987A CN 200810112198 A CN200810112198 A CN 200810112198A CN 101304434 B CN101304434 B CN 101304434B
Authority
CN
China
Prior art keywords
parameter
wap
user
order
behavior
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN2008101121987A
Other languages
Chinese (zh)
Other versions
CN101304434A (en
Inventor
梁鹏
董越
李兵
蓝曾威
孟祥森
林野
孙宇
欧阳秀平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN2008101121987A priority Critical patent/CN101304434B/en
Publication of CN101304434A publication Critical patent/CN101304434A/en
Application granted granted Critical
Publication of CN101304434B publication Critical patent/CN101304434B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention relates to a system of preventing the illegal order of WAP business and a method thereof, which respectively puts forward technical proposals for integration aiming at three illegal orders of WAP business: 1. the WAP platform uses the way of adopting a Userid to mark users in charging gateway for preventing the illegal order behaviors without going through WAP gateway; 2. the WAP platform mainly prevents the illegal order without going through the WAP platform charging gateway by the way that the sequence generated randomly by the charging gateway is the only method of marking the order behaviors of users; 3. on the page for the users for order confirmation, specific sendreferers are marked and when normal users click on the page to originate the confirmation, an explorer can join special Header to prevent CP simulated order according to the sendreferers in the request; by the integration of at least two of the three technical proposals, the WAP business illegal order assembled randomly in the prior art can be prevented.

Description

Prevent the professional illegal system and method for ordering of WAP
Technical field
The present invention relates to the WAP business, relate in particular to and prevent the professional illegal system and method for ordering of WAP.
Background technology
Be accompanied by the professional development of WAP (WAP (wireless application protocol)), the situation of increasing unauthorized access and order appears in WAP platform (comprising WAP door and charging gateway), the approach of summing up various unauthorized access and order, roughly be divided into three kinds: one, without the illegal order of WAP gateway: by visiting on the main frame of charging gateway at WAP gateway or other, dispose unauthorized applications, analog subscriber is ordered, and walks around WAP gateway, the phenomenon that malice is ordered occurs; Two, without the illegal order of charging gateway: (for example openwave) browses portal page by the IE/ simulator, walks around the control of WAP platform charging gateway, the phenomenon that malice is ordered occurs; Three, content supplier (CP) subscription simulation: by disposing unauthorized applications at user terminal, analog subscriber is ordered.
Do not propose the corresponding techniques scheme at above-mentioned illegal order in the prior art, two kinds even three kinds of illegal orders for occurring simultaneously on the WAP platform in above-mentioned three kinds of illegal orders do not have corresponding solution yet.
Summary of the invention
Prevent the professional illegal system and method for ordering of WAP in order to solve above-mentioned technical problem, to the invention provides, its purpose is, prevents from illegally to order the WAP business, protection consumer's legitimate rights and interests.
The invention provides and prevent the professional illegal method of ordering of WAP, comprising:
Step 101, charging gateway generate and store the parameter that identifying user is ordered behavior after receiving user's subscription request;
Step 102, charging gateway be redirected to be ordered the prompting page, and will comprise described identifying user and order the request of the parameter of behavior and be sent to the WAP door;
Step 103, WAP door be mark page elements mark in ordering the prompting page, will comprise the parameter of described identifying user order behavior and the request of the order prompting page with page elements mark and be sent to user terminal;
Step 104, after the user confirmed, browser is marked at according to page elements confirmed spelling joint file in the subscription request, comprises the parameter that identifying user is confirmed the order behavior in this header file; After WAP gateway receives that comprising described identifying user confirms the request of the parameter of order behavior and the parameter that described identifying user is ordered behavior, this request is sent to charging gateway, charging gateway is sent to the WAP door with this request, identifying user is confirmed the parameter of order behavior in the described header file of WAP portal authentication, and order the parameter of behavior to the described identifying user of charging gateway requests verification, order and return order and successfully point out; Perhaps comprise:
Step 201, WAP gateway are obtained this user's of sign parameter after receiving user's subscription request in charging gateway, and the request that will comprise this parameter is sent to charging gateway;
Step 202, charging gateway generate and store the parameter that identifying user is ordered behavior, are redirected to order the prompting page to the WAP door, and will comprise described identifying user and order the request of the parameter of behavior and be sent to the WAP door;
Step 203, WAP door will comprise the parameter of described identifying user order behavior and order and point out the request of the page to be sent to user terminal;
Step 204, after the user confirms, the request that will comprise the parameter of described identifying user order behavior is sent to WAP gateway, WAP gateway will comprise described this user's of sign parameter and described identifying user to be ordered the request of the parameter of behavior and is sent to charging gateway, and charging gateway is sent to the WAP door with this request;
Step 205, the WAP door is ordered parameter from the parameter of behavior to described this user of sign of charging gateway requests verification and described identifying user, orders and returns order and successfully point out; Perhaps comprise:
Step 301, WAP gateway are obtained this user's of sign parameter after receiving user's subscription request in charging gateway, and the request that will comprise this parameter is sent to charging gateway;
Step 302, charging gateway are redirected orders the prompting page to the WAP door;
Step 303, WAP door be mark page elements mark in ordering the prompting page, and the request that will comprise the order prompting page with page elements mark is sent to user terminal;
Step 304, after the user confirmed, browser is marked at according to page elements confirmed spelling joint file in the subscription request, comprises the parameter that identifying user is confirmed the order behavior in this header file; After WAP gateway receives and comprises described identifying user and confirm the request of parameter of order behavior, will comprise described identifying user and confirm that the request of the parameter of order behavior and described this user's of sign parameter is sent to the WAP door through charging gateway;
Step 305, the described identifying user of WAP portal authentication is confirmed the parameter of order behavior, and to described this user's of sign of charging gateway requests verification parameter, orders and return order and successfully point out; Perhaps comprise:
Step 401, WAP gateway are obtained this user's of sign parameter after receiving user's subscription request in charging gateway, and the request that will comprise this parameter is sent to charging gateway;
Step 402, charging gateway generate and store the parameter that identifying user is ordered behavior, are redirected to order the prompting page to the WAP door, and will comprise identifying user and order the request of the parameter of behavior and be sent to the WAP door;
Step 403, WAP door be mark page elements mark in ordering the prompting page, and the WAP door will comprise the parameter of identifying user order behavior and the request of the order prompting page with page elements mark is sent to user terminal;
Step 404, after the user confirmed, browser is marked at according to page elements confirmed spelling joint file in the subscription request, comprises the parameter that identifying user is confirmed the order behavior in this header file; After WAP gateway receives that comprising described identifying user orders the request of the parameter of behavior and the parameter that described identifying user is confirmed the order behavior, this request is sent to charging gateway, and charging gateway will comprise the request that described identifying user confirms that the parameter of order behavior, described identifying user are ordered the parameter of behavior and identified this user's parameter and be sent to the WAP door;
Step 405, the described identifying user of WAP portal authentication is confirmed the parameter of order behavior, and orders the parameter of behavior and this user's of sign parameter to the described identifying user of charging gateway requests verification, orders and returns order and successfully point out.
The parameter that described identifying user is ordered behavior is the sequence number that charging gateway generates.
In the step 101,202 or 402, charging gateway is also stored the corresponding relation with described sequence number and Subscriber Number.
Charging gateway be redirected to be ordered the prompting page or WAP door and is received and confirm after the subscription request, and described WAP door is also to the corresponding relation of the described sequence number of charging gateway requests verification and described sequence number and Subscriber Number.
Described this user's of sign parameter is the customer identification number that charging gateway generates.
Step 201,301 or 401 comprises: WAP gateway receives after user's the subscription request parameter of this user of inquiry sign in the charging gateway, if there is this user's of sign parameter in the charging gateway, then WAP gateway obtains this user's of sign parameter, and the request that will comprise this parameter is sent to charging gateway; Otherwise charging gateway generates and stores described this user's of sign parameter, and WAP gateway obtains this user's of sign parameter, and the request that will comprise this parameter is sent to charging gateway.
In the step 201,301 or 401, when charging gateway generates described this user's of sign parameter, also store the corresponding relation of described customer identification number and Subscriber Number.
Customer identification number is made of province coding, Subscriber Number and rise time sequence number.
Described Subscriber Number is IMSI or MDN.
But page elements is labeled as the sendreferer=" true " that the page link of user's order business adds later.
Described identifying user confirms that the parameter of order behavior is the service tariff page link.
The invention provides and prevent the professional illegal system that orders of WAP, comprise user terminal, charging gateway and WAP door, browser is installed on the user terminal,
Charging gateway, also be used to generate and store identifying user and order the parameter of behavior, and will comprise described identifying user order behavior parameter request and comprise identifying user and confirm that the parameter of order behavior and the request that described identifying user is ordered the parameter of behavior are sent to the WAP door; Browser also is used for being marked at affirmation subscription request spelling joint file according to page elements, comprises the parameter that identifying user is confirmed the order behavior in this header file; The WAP door, also be used for ordering prompting page mark page elements mark, to comprise the parameter of described identifying user order behavior and the request of the order prompting page and be sent to user terminal with page elements mark, verify the parameter of described identifying user affirmation order behavior, and order the parameter of behavior to the described identifying user of charging gateway requests verification; Perhaps
Charging gateway, the parameter and the identifying user that also are used to generate and store identifying user are ordered the parameter of behavior, and will comprise described identifying user order behavior parameter request and comprise described identifying user and order the request of the parameter of the parameter of behavior and described identifying user and be sent to the WAP door; The WAP door also is used for ordering the parameter of behavior to the parameter of the described identifying user of charging gateway requests verification and described identifying user, and will comprise described identifying user and order the request of the parameter of behavior and be sent to user terminal; WAP gateway also is used to obtain the parameter of described identifying user, and the request that will comprise the parameter of described identifying user is sent to charging gateway; Perhaps
Charging gateway also is used to generate the parameter with the storaging mark user, and the parameter and the identifying user that will comprise described identifying user confirm that the request of the parameter of order behavior is sent to the WAP door; WAP gateway also is used to obtain the parameter of described identifying user, and the request that will comprise the parameter of described identifying user is sent to charging gateway; The WAP door, also be used for ordering prompting page mark page elements mark, the request that will comprise the order prompting page with page elements mark is sent to user terminal, and verify that described identifying user confirms the parameter of order behavior, and to the parameter of the described identifying user of charging gateway requests verification; Browser also is used for being marked at affirmation subscription request spelling joint file according to page elements, comprises the parameter that identifying user is confirmed the order behavior in this header file; Perhaps
Charging gateway, the parameter and the identifying user that also are used to generate and store identifying user are ordered the parameter of behavior, and will comprise described identifying user order behavior parameter request and comprise the parameter of described identifying user, described identifying user and order the parameter and the described identifying user of behavior and confirm that the request of the parameter of order behavior is sent to the WAP door; WAP gateway also is used to obtain the parameter of described identifying user, and the request that will comprise the parameter of described identifying user is sent to charging gateway; The WAP door, also be used for ordering prompting page mark page elements mark, to comprise the parameter of described identifying user order behavior and the request of the order prompting page and be sent to user terminal with page elements mark, verify the parameter of described identifying user affirmation order behavior, and order the parameter of behavior and the parameter of described identifying user to the described identifying user of charging gateway requests verification; Browser also is used for being marked at affirmation subscription request spelling joint file according to page elements, comprises the parameter that identifying user is confirmed the order behavior in this header file.
The parameter that described identifying user is ordered behavior is the sequence number that charging gateway generates.
Charging gateway also is used to store the corresponding relation with described sequence number and Subscriber Number.
The WAP door also is used for the corresponding relation to the described sequence number of charging gateway requests verification and described sequence number and Subscriber Number.
Described Subscriber Number is IMSI or MDN, and described corresponding relation is the corresponding relation of described sequence number and IMSI or MDN.
Described this user's of sign parameter is the customer identification number that charging gateway generates.
Charging gateway when also being used for WAP gateway and obtaining this user's of sign parameter, if there is not the parameter that identify this user in the charging gateway, then generates and stores the parameter that identifies this user.
Charging gateway also is used to store the corresponding relation of described customer identification number and Subscriber Number.
Customer identification number is made of province coding, Subscriber Number and rise time sequence number.
Described Subscriber Number is IMSI or MDN.
But page elements is labeled as the sendreferer=" true " that the page link of user's order business adds later.
Described identifying user confirms that the parameter of order behavior is the service tariff page link.
The present invention has increased the difficulty of CP (content supplier) analog subscriber request cover expense; guaranteed that WAP gateway issues the request of WAP platform and sent by valid application; rather than the illegal application on the WAP gateway machine (such as the application of a malice analog subscriber) sends, and protected consumer's legitimate rights and interests.The present invention guarantees that all order behaviors all pass through WAP platform control; to strictly controlling without the order behavior of WAP platform control; guaranteed the income of CP (content supplier)/SP (service provider); consumer's legitimate rights and interests have been protected; development that can standard value-added service market guarantees the sound development of WAP business.The present invention has guaranteed that the subscription request of initiating comes from user terminal fully, rather than comes from the shell script of terminal, and the phenomenon of having stopped just to be deducted fees under the unwitting situation of user takes place, and has protected consumer's legitimate rights and interests.
Description of drawings
Fig. 1 is the flow chart that prevents illegal order provided by the invention;
Fig. 2 normally uses professional flow chart for the user;
Fig. 3 prevents the illegal system diagram of ordering.
Embodiment
The present invention proposes prevent without the solution of the illegal order of WAP gateway be: the WAP platform mainly takes to come with customer identification number (Userid) unique identification user's mode in charging gateway, normal user orders behavior, WAP gateway obtains WAP platform unique identification user's Userid by interface, and the user orders behavior and also interrelates with Userid.When the illegal application of WAP gateway is initiated to order, the unique identification Userid that can't calling interface obtains the user, be that illegal application can not be obtained Userid by the visit charging gateway, the WAP platform detects the Userid less than the user, can not handle this type of order behavior.The order behavior that the WAP platform comes recording user by user's unique identification is disregarded the order behavior that does not have user's uniquely identified user, has prevented the illegal order behavior without WAP gateway well.
Userid is the sign of WAP platform inside to the user.WAP gateway can get access to this information by the corresponding interface that the WAP platform provides after the online of user's one key, this interface is only open to WAP gateway.WAP gateway all can be with Userid each when charging gateway is transmitted request, charging gateway can bring the WAP door equally.The WAP door can go to verify the Userid that no user is arranged in the request when ordering, if having then order, if not then forbid ordering.Therefore for non-WAP gateway system, can't obtain Userid information, i.e. checking can not passed through.
Userid is user's a sign, and goes to charge by Userid.Charging gateway generates and stores Userid, also stores the corresponding relation of Userid and Subscriber Number (Subscriber Number can be international mobile subscriber identifier IMSI, also can be mobile phone book number MDN) simultaneously.WAP gateway obtains Userid to the charging gateway inquiry, if there is no, then Userid of charging gateway generation obtains for WAP gateway, concrete create-rule is: (Subscriber Number can be international mobile subscriber identifier IMSI to province coding+Subscriber Number, also can be mobile phone book number MDN)+the rise time sequence number, each user is unique.The user comes up, and just removes to return Query Result if generated Userid in the past, if do not generate in the past, charging gateway obtains for WAP gateway with regard to a newly-generated Userid.
Provided by the invention preventing without the solution of the illegal order of charging gateway is: the WAP platform mainly takes to come by the sequence number that is generated at random by charging gateway (Sequence) unique identification user's order behavior, order behavior through WAP platform charging gateway all can have a Sequence corresponding with its operation in charging gateway, order behavior without WAP platform charging gateway can not have the Sequence record in charging gateway, therefore can be by the WAP platform processes without the illegal order of WAP platform charging gateway.The WAP platform has prevented without the illegal order of WAP platform charging gateway well by the normal order record of unique identification user in charging gateway.The Sequence that generates in the time of BG (charging gateway) the bullet quotation page is an agreement between BG and the WAP PORTAL (WAP door).If comprise Sequence in user's the subscription request and be proved to be successful, the WAP door is carried out and is ordered, and returns order and successfully point out, and orders the failure prompting otherwise return.
For the CP subscription simulation, because therefore the request that reality is still initiated from mobile phone is difficult to distinguish with the real user request.Among the present invention, order the user on the page of affirmation, indicated specific page elements mark (sendreferer).When the normal users mobile phone was clicked the page initiation affirmation, mobile phone browser can be according to this mark, the special Header of splicing in request, and promptly the user confirms mark, and passes to the WAP door.And be loaded into the script of analog subscriber request on the mobile phone, whether the function of splicing request Header, so WAP door can be differentiated according to this mark is the real request of clicking of user.
For the foregoing reasons, the solution of the CP of preventing subscription simulation provided by the invention is: in the page link that mobile phone browser is seen, the WAP door has increased the sendreferer element, when the user confirms to order when promptly clicking this link, to splice the Header that name is called Referer in HTTP (HTML (Hypertext Markup Language)) request package automatically, value is service tariff page address URL (URL(uniform resource locator)), claim this Header to confirm mark for the user, the WAP door is by verification Header and Header value, confirm that the user clicks the normal subscription request of initiating from this page, if not during this parameter, the WAP door is then thought the illegal order that the shell script analog subscriber is initiated in user's request package.When the WAP door is verified, then return order if the verification passes and successfully point out, if authentication failed is then returned and ordered the failure prompting.
But such as the page url that orders original user's order business among the prompting page http://wap.uni-info.com.cn/home.aspx be:<go href=" http://wap.uni-info.com.cn/test.aspx " 〉.To in this url, add special marking:<go href=" http://wap.uni-info.com.cn/test.aspx " sendreferer=" true " among the present invention 〉, this is to click this link, after the user clicks affirmation, browser splices Header, i.e. a Referer:http in the affirmation request package of HTTP: //wap.uni-info.com.cn/test.aspx.Http:// wap.uni-info.com.cn/test.aspx is the service tariff page.And if CP is loaded into the malice accesses script on the user mobile phone, initiate request by script, script does not splice the function of Header, this Header in the time of therefore can't producing normal request.
For example, the cellphone subscriber plans to order a kind of music download business, and this music download business is divided into monthly payment business and message rate service.The user downloads by the URL address of clicking music, after the WAP door receives request, to return to the cellphone subscriber and order prompting page address (as top http://wap.uni-info.com.cn/home.aspx), but also to return simultaneously user's order business the URL address (Shang Mian go href=http for example: //wap.uni-info.com.cn/test.aspx, the monthly payment that can order is professional different with the URL of message rate service).In order to realize purpose of the present invention, need the back to increase sendreferer=" true ", click when selecting for the user.After the user clicks, the Header of browser splicing on the mobile phone (as top Referer:http: //wap.uni-info.com.cn/test.aspx).The WAP door can be verified the value of Header after receiving the request of user's affirmation, after checking is passed through, returns order to the user and successfully points out.
At occurring above-mentioned two kinds or three kinds of illegal order behaviors in the WAP platform simultaneously, the present invention will be fused at the solution of various illegal orders in the complete scheme, thereby reach the purpose that prevents two kinds or three kinds illegal order behaviors simultaneously.
The flow process that prevents three kinds of illegal order behaviors provided by the invention comprises as shown in Figure 1:
Step 1, the user clicks certain service URL, initiates request;
Step 2 after WAP gateway obtains request, is initiated the request obtain Userid to charging gateway;
Step 3, charging gateway is inquired about corresponding Userid according to Subscriber Number from charging gateway, if there is corresponding Userid in the charging gateway, return Userid to WAP gateway; If there is not corresponding Userid in the charging gateway, then charging gateway generates and stores Userid, and returns this Userid to WAP gateway;
Step 4, WAP gateway is transmitted to charging gateway with request, and special header information such as transmission Userid etc.;
Step 5, charging gateway judge whether the user ordered this business, find not order, and then generate Sequence, and the corresponding relation (for example corresponding relation of IMSI or MDN and Sequence) of storage Sequence and Sequence and Subscriber Number;
Step 6, charging gateway are initiated redirect, request is turned to the order page on the WAP door, and transmit parameters such as Sequence and user profile;
Step 7, the WAP door is received request, is ordering the specific page elements mark (being sendreferer=" true ") of mark on the prompting page;
Step 8, whether whether the WAP door exists to charging gateway requests verification Sequence, and correct with user's corresponding relation;
Step 9, charging gateway are returned the checking result;
Step 10 after the success of WAP portal authentication, is returned the prompting page and the Sequence (not shown) ordered;
Step 11, charging gateway are returned the prompting page and the Sequence (not shown) of order;
Step 12, WAP gateway are returned the prompting page and the Sequence (not shown) of order;
Step 13, after the user sees the page, the product type that selection is liked, click and confirm, initiate to confirm request to WAP gateway, mobile phone browser can be according to the page elements mark, and the special Header of splicing (being Referer) confirms mark as the user in request, comprises Sequence in this request and the user confirms mark;
Step 14 after WAP gateway obtains request, will comprise Sequence, the user confirms that the request of mark and Userid is transmitted to charging gateway;
Step 15, charging gateway see that this comprises the non-service URL of request that Sequence, user confirm mark and Userid, directly is transmitted to the WAP door;
Step 16, WAP door receive to order and confirm request whether Sequence exists to the charging gateway requests verification, and whether correct with user's corresponding relation;
Step 17, charging gateway are returned the checking result;
Step 18, the WAP door is to charging gateway requests verification Userid;
Step 19, charging gateway are returned the checking result;
Whether step 20 has the user to confirm mark in this request header file of WAP portal authentication, and promptly whether verification Header exists, and whether its value is the service tariff page address;
Step 21, checking is passed through, and carries out and orders logic;
Step 22, the WAP door returns order and successfully points out the page;
Step 23, charging gateway will be ordered and successfully point out the page to return;
Step 24, WAP gateway will be ordered and successfully point out the page to return.
Whether above-mentioned steps 8,9 can be omitted, and does not verify promptly whether sequence exists, and correct with user's corresponding relation, and the prompting page and the Sequence that directly will order in step 10 return.
Fig. 2 is that the user normally orders the flow process of using the WAP business, comprising:
Step 25, the user sees that order successfully points out, and clicks the business that enters, and initiates the service URL request;
Step 26 after WAP gateway obtains request, is transmitted to charging gateway with request, and this request comprises user Userid;
Step 27, charging gateway judge whether the user ordered this business, and at this moment the user orders, and the user can visit;
Step 28, charging gateway directly are transmitted to business site;
Step 29, the response of business site back page;
Step 30, the response of charging gateway back page;
Step 31, the response of WAP gateway back page.
If in order to prevent any two kinds of illegal order business in above-mentioned three kinds of illegal WAP of order business conduct, only need to keep corresponding flow process, reject corresponding flow process of another solution and the related parameter of this flow process.For example in order to prevent illegal order behavior without charging gateway, and prevent illegal order behavior without WAP gateway, only need the step 7 in the above-mentioned flow process, 20 deletions, and in step 13, no longer splice the user and confirm mark (being not comprise the user during the user confirms to ask to confirm mark), in step 14,15 request, do not comprise the user and confirm mark, can realize.For other situation, be easy to obtain by analogizing, repeat no more herein.
System provided by the invention comprises user terminal as shown in Figure 3, WAP gateway, and charging gateway and WAP door are equipped with browser on the user terminal, wherein:
Charging gateway, also be used to generate and store identifying user and order the parameter of behavior, and will comprise described identifying user order behavior parameter request and comprise identifying user and confirm that the parameter of order behavior and the request that described identifying user is ordered the parameter of behavior are sent to the WAP door; Browser also is used for being marked at affirmation subscription request spelling joint file according to page elements, comprises the parameter that identifying user is confirmed the order behavior in this header file; The WAP door, also be used for ordering prompting page mark page elements mark, the parameter that will comprise the behavior of described identifying user order is sent to user terminal with the order prompting page with page elements mark, verify the parameter of described identifying user affirmation order behavior, and order the parameter of behavior to the described identifying user of charging gateway requests verification; Perhaps
Charging gateway, the parameter and the identifying user that also are used to generate and store identifying user are ordered the parameter of behavior, and will comprise described identifying user order behavior parameter request and comprise described identifying user and order the request of the parameter of the parameter of behavior and described identifying user and be sent to the WAP door; The WAP door also is used for ordering the parameter of behavior to the parameter of the described identifying user of charging gateway requests verification and described identifying user, and will comprise described identifying user and order the order prompting page of the parameter of behavior and be sent to user terminal; WAP gateway also is used to obtain the parameter of described identifying user, and the request that will comprise the parameter of described identifying user is sent to charging gateway; Perhaps
Charging gateway also is used to generate the parameter with the storaging mark user, and the parameter and the identifying user that will comprise described identifying user confirm that the request of the parameter of order behavior is sent to the WAP door; WAP gateway also is used to obtain the parameter of described identifying user, and the request that will comprise the parameter of described identifying user is sent to charging gateway; The WAP door, also be used for ordering prompting page mark page elements mark, to comprise the order prompting page and be sent to user terminal, and verify that described identifying user confirms the parameter of order behavior with page elements mark, and to the parameter of the described identifying user of charging gateway requests verification; Browser also is used for being marked at affirmation subscription request spelling joint file according to page elements, comprises the parameter that identifying user is confirmed the order behavior in this header file; Perhaps
Charging gateway, the parameter and the identifying user that also are used to generate and store identifying user are ordered the parameter of behavior, and will comprise described identifying user order behavior parameter request and comprise the parameter of described identifying user, described identifying user and order the parameter and the described identifying user of behavior and confirm that the request of the parameter of order behavior is sent to the WAP door; WAP gateway also is used to obtain the parameter of described identifying user, and the request that will comprise the parameter of described identifying user is sent to charging gateway; The WAP door, also be used for ordering prompting page mark page elements mark, the parameter that will comprise the behavior of described identifying user order is sent to user terminal with the order prompting page with page elements mark, verify the parameter of described identifying user affirmation order behavior, and order the parameter of behavior and the parameter of described identifying user to the described identifying user of charging gateway requests verification; Browser also is used for being marked at affirmation subscription request spelling joint file according to page elements, comprises the parameter that identifying user is confirmed the order behavior in this header file.
Those skilled in the art can also carry out various modifications to above content under the condition that does not break away from the definite the spirit and scope of the present invention of claims.Therefore scope of the present invention is not limited in above explanation, but determine by the scope of claims.

Claims (23)

1. prevent the professional illegal method of ordering of WAP, it is characterized in that, comprising:
Step 101, charging gateway generate and store the parameter that identifying user is ordered behavior after receiving user's subscription request;
Step 102, charging gateway be redirected to be ordered the prompting page to the WAP door, and will comprise described identifying user and order the request of the parameter of behavior and be sent to the WAP door;
Step 103, the WAP door is mark page elements mark in ordering the prompting page, the WAP door is ordered the parameter of behavior to charging gateway requests verification identifying user, after the parameter of described identifying user order behavior was proved to be successful, the parameter that the WAP door will comprise the behavior of described identifying user order was sent to user terminal with the order prompting page with page elements mark;
Step 104, after the user confirmed, browser is marked at according to page elements confirmed spelling joint file in the subscription request, comprises the parameter that identifying user is confirmed the order behavior in this header file; After WAP gateway receives that comprising described identifying user confirms the request of the parameter of order behavior and the parameter that described identifying user is ordered behavior, this request is sent to charging gateway, charging gateway is sent to the WAP door with this request, identifying user is confirmed the parameter of order behavior in the described header file of WAP portal authentication, and order the parameter of behavior to the described identifying user of charging gateway requests verification, order and return order and successfully point out; Perhaps comprise:
Step 201, WAP gateway are obtained this user's of sign parameter after receiving user's subscription request in charging gateway, and the request that will comprise this parameter is sent to charging gateway;
Step 202, charging gateway generate and store the parameter that identifying user is ordered behavior, are redirected to order the prompting page to the WAP door, and will comprise described identifying user and order the request of the parameter of behavior and be sent to the WAP door;
Step 203, the WAP door is ordered the parameter of behavior to charging gateway requests verification identifying user, after the parameter of described identifying user order behavior was proved to be successful, the order prompting page that the WAP door will comprise the parameter of described identifying user order behavior was sent to user terminal;
Step 204, after the user confirms, the request that will comprise the parameter of described identifying user order behavior is sent to WAP gateway, WAP gateway will comprise described this user's of sign parameter and described identifying user to be ordered the request of the parameter of behavior and is sent to charging gateway, and charging gateway is sent to the WAP door with this request;
Step 205, the WAP door is ordered parameter from the parameter of behavior to described this user of sign of charging gateway requests verification and described identifying user, orders and returns order and successfully point out; Perhaps comprise:
Step 301, WAP gateway are obtained this user's of sign parameter after receiving user's subscription request in charging gateway, and the request that will comprise this parameter is sent to charging gateway;
Step 302, charging gateway are redirected orders the prompting page to the WAP door;
Step 303, the WAP door is mark page elements mark in ordering the prompting page, the WAP door is ordered the parameter of behavior to charging gateway requests verification identifying user, after the parameter of described identifying user order behavior is proved to be successful, the WAP door will comprise the order prompting page with page elements mark and be sent to user terminal;
Step 304, after the user confirmed, browser is marked at according to page elements confirmed spelling joint file in the subscription request, comprises the parameter that identifying user is confirmed the order behavior in this header file; After WAP gateway receives and comprises described identifying user and confirm the request of parameter of order behavior, will comprise described identifying user and confirm that the request of the parameter of order behavior and described this user's of sign parameter is sent to the WAP door through charging gateway;
Step 305, the described identifying user of WAP portal authentication is confirmed the parameter of order behavior, and to described this user's of sign of charging gateway requests verification parameter, orders and return order and successfully point out; Perhaps comprise:
Step 401, WAP gateway are obtained this user's of sign parameter after receiving user's subscription request in charging gateway, and the request that will comprise this parameter is sent to charging gateway;
Step 402, charging gateway generate and store the parameter that identifying user is ordered behavior, are redirected to order the prompting page to the WAP door, and will comprise identifying user and order the request of the parameter of behavior and be sent to the WAP door;
Step 403, the WAP door is mark page elements mark in ordering the prompting page, the WAP door is ordered the parameter of behavior to charging gateway requests verification identifying user, after the parameter of described identifying user order behavior was proved to be successful, the parameter that the WAP door will comprise the behavior of identifying user order was sent to user terminal with the order prompting page with page elements mark;
Step 404, after the user confirmed, browser is marked at according to page elements confirmed spelling joint file in the subscription request, comprises the parameter that identifying user is confirmed the order behavior in this header file; After WAP gateway receives that comprising described identifying user orders the request of the parameter of behavior and the parameter that described identifying user is confirmed the order behavior, this request is sent to charging gateway, and charging gateway will comprise the request that described identifying user confirms that the parameter of order behavior, described identifying user are ordered the parameter of behavior and identified this user's parameter and be sent to the WAP door;
Step 405, the described identifying user of WAP portal authentication is confirmed the parameter of order behavior, and orders the parameter of behavior and this user's of sign parameter to the described identifying user of charging gateway requests verification, orders and returns order and successfully point out.
2. the professional illegal method of ordering of WAP that prevents as claimed in claim 1 is characterized in that the parameter that described identifying user is ordered behavior is the sequence number that charging gateway generates.
3. the professional illegal method of ordering of WAP that prevents as claimed in claim 2 is characterized in that in the step 101,202 or 402, charging gateway is also stored the corresponding relation with described sequence number and Subscriber Number.
4. the professional illegal method of ordering of WAP that prevents as claimed in claim 3, it is characterized in that, charging gateway be redirected to be ordered the prompting page or WAP door and is received and confirm after the subscription request, and described WAP door is also to the corresponding relation of the described sequence number of charging gateway requests verification and described sequence number and Subscriber Number.
5. the professional illegal method of ordering of WAP that prevents as claimed in claim 1 is characterized in that described this user's of sign parameter is the customer identification number that charging gateway generates.
6. the professional illegal method of ordering of WAP that prevents as claimed in claim 5, it is characterized in that, step 201,301 or 401 comprises: WAP gateway receives after user's the subscription request parameter of this user of inquiry sign in the charging gateway, if there is this user's of sign parameter in the charging gateway, then WAP gateway obtains this user's of sign parameter, and the request that will comprise this parameter is sent to charging gateway; Otherwise charging gateway generates and stores described this user's of sign parameter, and WAP gateway obtains this user's of sign parameter, and the request that will comprise this parameter is sent to charging gateway.
7. the professional illegal method of ordering of WAP that prevents as claimed in claim 6 is characterized in that, in the step 201,301 or 401, when charging gateway generates described this user's of sign parameter, also stores the corresponding relation of described customer identification number and Subscriber Number.
8. as claim 5, the 6 or 7 described professional illegal methods of ordering of WAP that prevent, it is characterized in that customer identification number is made of province coding, Subscriber Number and rise time sequence number.
9. the professional illegal method of ordering of WAP that prevents as claimed in claim 8 is characterized in that described Subscriber Number is IMSI or MDN.
10. the professional illegal method of ordering of WAP that prevents as claimed in claim 1 it is characterized in that, but described page elements is labeled as the sendreferer=" true " that the page link of user's order business adds later.
11. the professional illegal method of ordering of WAP that prevents as claimed in claim 10 is characterized in that described identifying user confirms that the parameter of order behavior is the service tariff page link.
12. prevent the professional illegal system that orders of WAP, comprise user terminal, charging gateway and WAP door, browser is installed on the user terminal, it is characterized in that,
Charging gateway, also be used to generate and store identifying user and order the parameter of behavior, and will comprise described identifying user order behavior parameter request and comprise identifying user and confirm that the parameter of order behavior and the request that described identifying user is ordered the parameter of behavior are sent to the WAP door; Browser also is used for being marked at affirmation subscription request spelling joint file according to page elements, comprises the parameter that identifying user is confirmed the order behavior in this header file; The WAP door, also be used for ordering prompting page mark page elements mark, the parameter that will comprise the behavior of described identifying user order is sent to user terminal with the order prompting page with page elements mark, verify the parameter of described identifying user affirmation order behavior, and order the parameter of behavior to the described identifying user of charging gateway requests verification; Perhaps
Charging gateway, the parameter and the identifying user that also are used to generate and store identifying user are ordered the parameter of behavior, and will comprise described identifying user order behavior parameter request and comprise described identifying user and order the request of the parameter of the parameter of behavior and described identifying user and be sent to the WAP door; The WAP door also is used for ordering the parameter of behavior to the parameter of the described identifying user of charging gateway requests verification and described identifying user, and will comprise described identifying user and order the order prompting page of the parameter of behavior and be sent to user terminal; WAP gateway also is used to obtain the parameter of described identifying user, and the request that will comprise the parameter of described identifying user is sent to charging gateway; Perhaps
Charging gateway also is used to generate the parameter with the storaging mark user, and the parameter and the identifying user that will comprise described identifying user confirm that the request of the parameter of order behavior is sent to the WAP door; WAP gateway also is used to obtain the parameter of described identifying user, and the request that will comprise the parameter of described identifying user is sent to charging gateway; The WAP door, also be used for ordering prompting page mark page elements mark, to comprise the order prompting page and be sent to user terminal, and verify that described identifying user confirms the parameter of order behavior with page elements mark, and to the parameter of the described identifying user of charging gateway requests verification; Browser also is used for being marked at affirmation subscription request spelling joint file according to page elements, comprises the parameter that identifying user is confirmed the order behavior in this header file; Perhaps
Charging gateway, the parameter and the identifying user that also are used to generate and store identifying user are ordered the parameter of behavior, and will comprise described identifying user order behavior parameter request and comprise the parameter of described identifying user, described identifying user and order the parameter and the described identifying user of behavior and confirm that the request of the parameter of order behavior is sent to the WAP door; WAP gateway also is used to obtain the parameter of described identifying user, and the request that will comprise the parameter of described identifying user is sent to charging gateway; The WAP door, also be used for ordering prompting page mark page elements mark, the parameter that will comprise the behavior of described identifying user order is sent to user terminal with the order prompting page with page elements mark, verify the parameter of described identifying user affirmation order behavior, and order the parameter of behavior and the parameter of described identifying user to the described identifying user of charging gateway requests verification; Browser also is used for being marked at affirmation subscription request spelling joint file according to page elements, comprises the parameter that identifying user is confirmed the order behavior in this header file.
13. the professional illegal system that orders of WAP that prevents as claimed in claim 12 is characterized in that the parameter that described identifying user is ordered behavior is the sequence number that charging gateway generates.
14. the professional illegal system that orders of WAP that prevents as claimed in claim 13 is characterized in that charging gateway also is used to store the corresponding relation with described sequence number and Subscriber Number.
15. the professional illegal system that orders of WAP that prevents as claimed in claim 14 is characterized in that the WAP door also is used for the corresponding relation to the described sequence number of charging gateway requests verification and described sequence number and Subscriber Number.
16. the professional illegal system that orders of WAP that prevents as claimed in claim 15 is characterized in that described Subscriber Number is IMSI or MDN.
17. the professional illegal system that orders of WAP that prevents as claimed in claim 12 is characterized in that the parameter of described identifying user is the customer identification number that charging gateway generates.
18. the professional illegal system that orders of WAP that prevents as claimed in claim 17, it is characterized in that, charging gateway, also be used for WAP gateway obtain the sign this user parameter the time, if there is not the parameter that identifies this user in the charging gateway, then generate and store this user's of sign parameter.
19. the professional illegal system that orders of WAP that prevents as claimed in claim 18 is characterized in that, charging gateway also is used to store the corresponding relation of described customer identification number and Subscriber Number.
20., it is characterized in that customer identification number is made of province coding, Subscriber Number and rise time sequence number as claim 17, the 18 or 19 described professional illegal systems that order of WAP that prevent.
21. the professional illegal system that orders of WAP that prevents as claimed in claim 20 is characterized in that described Subscriber Number is IMSI or MDN.
22. the professional illegal system that orders of WAP that prevents as claimed in claim 12 it is characterized in that, but page elements is labeled as the sendreferer=" true " that the page link of user's order business adds later.
23. the professional illegal system that orders of WAP that prevents as claimed in claim 22 is characterized in that described identifying user confirms that the parameter of order behavior is the service tariff page link.
CN2008101121987A 2008-05-21 2008-05-21 System and method for preventing WAP service from illegally ordering Active CN101304434B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2008101121987A CN101304434B (en) 2008-05-21 2008-05-21 System and method for preventing WAP service from illegally ordering

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2008101121987A CN101304434B (en) 2008-05-21 2008-05-21 System and method for preventing WAP service from illegally ordering

Publications (2)

Publication Number Publication Date
CN101304434A CN101304434A (en) 2008-11-12
CN101304434B true CN101304434B (en) 2011-03-23

Family

ID=40114138

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2008101121987A Active CN101304434B (en) 2008-05-21 2008-05-21 System and method for preventing WAP service from illegally ordering

Country Status (1)

Country Link
CN (1) CN101304434B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102264073B (en) * 2010-05-28 2014-04-16 华为技术有限公司 Method and device for monitoring WAP (Wireless Application Protocol) service subscribing process
CN102567903B (en) * 2010-12-07 2016-01-27 中国移动通信集团公司 A kind of Web applications subscribe method, Apparatus and system
CN102905264B (en) * 2012-10-11 2015-01-21 东信和平科技股份有限公司 Network service protection method and network service protection system based on sim card
CN104144400B (en) * 2013-05-10 2017-11-07 中国电信股份有限公司 The charging method and system of application on site
CN104796879A (en) * 2014-01-22 2015-07-22 中国电信股份有限公司 Method of transmitting user number in NET internet access mode, system and Web gateway
CN105721894A (en) * 2014-12-05 2016-06-29 中国电信股份有限公司 Method,business platform and system for realizing user authentication charging

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20020071488A (en) * 2002-06-20 2002-09-12 에스케이 텔레콤주식회사 Method For Commercial Transaction In Wireless Communication Network And System Thereof
KR20050019702A (en) * 2003-08-21 2005-03-03 주식회사 팬택 Method for reproduced mobile terminal detecting
WO2005038684A1 (en) * 2003-10-16 2005-04-28 Mobilians Co., Ltd. Method for approving electronic payment using the short message service including url call back and system for implementing the same
CN1980245A (en) * 2006-12-06 2007-06-13 中兴通讯股份有限公司 Business processing method of WAP net gate server
CN101119258A (en) * 2007-09-03 2008-02-06 中国联合通信有限公司 Method and system for settling anonymous access to WAP gateway

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20020071488A (en) * 2002-06-20 2002-09-12 에스케이 텔레콤주식회사 Method For Commercial Transaction In Wireless Communication Network And System Thereof
KR20050019702A (en) * 2003-08-21 2005-03-03 주식회사 팬택 Method for reproduced mobile terminal detecting
WO2005038684A1 (en) * 2003-10-16 2005-04-28 Mobilians Co., Ltd. Method for approving electronic payment using the short message service including url call back and system for implementing the same
CN1980245A (en) * 2006-12-06 2007-06-13 中兴通讯股份有限公司 Business processing method of WAP net gate server
CN101119258A (en) * 2007-09-03 2008-02-06 中国联合通信有限公司 Method and system for settling anonymous access to WAP gateway

Also Published As

Publication number Publication date
CN101304434A (en) 2008-11-12

Similar Documents

Publication Publication Date Title
CN101473670B (en) Method and system for controlling access to networks
CN104283841B (en) The method, apparatus and system of service access control are carried out to third-party application
CN102710640B (en) Authorization requesting method, device and system
CN1992594B (en) URL extension method for streaming media system
CN101304434B (en) System and method for preventing WAP service from illegally ordering
CN102239673A (en) Method and system for profiling data traffic in telecommunications networks
US9173050B2 (en) Application store system and development method using the application store system
CN105007280A (en) Application sign-on method and device
JP2011100489A (en) User confirmation device and method, and program
CN102340526A (en) Method and system for issuing directed information and home gateway
CN106162641A (en) A kind of safe and efficient public's WiFi authentication method and system
CN102946396B (en) User agent's device, host web server and user authen method
CN102567903B (en) A kind of Web applications subscribe method, Apparatus and system
CN105338000A (en) Verification method and verification system
CN102075515A (en) Transfer method of user account number information
CN102843584A (en) Method and system for authenticating network terminals
CN103441857A (en) Value-added service integration method and system for network television user
CN101257518B (en) Method and system for preventing lawless ordering without through charging gateway in WAP platform
CN106102064B (en) The authentication method and router of wireless network
CN101478754B (en) Media file downloading method, apparatus and system based on copyright management
CN102045398B (en) Portal-based distributed control method and equipment
CN101267456B (en) Method and system for preventing CP subscription simulation
CN104144400A (en) Online application charging method and system
CN111260342B (en) Authentication payment method and device
CN102695171B (en) Subscriber identity obtaining method, system and equipment thereof

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
EE01 Entry into force of recordation of patent licensing contract

Assignee: China Telecom Co., Ltd.

Assignor: China United Communication Co., Ltd.

Contract fulfillment period: 2008.7.27 to 2028.5.21 contract change

Contract record no.: 2008990000845

Denomination of invention: System and method for preventing WAP service from illegally ordering

License type: General permission

Record date: 20081020

LIC Patent licence contract for exploitation submitted for record

Free format text: COMMON LICENSE; TIME LIMIT OF IMPLEMENTING CONTACT: 2008.7.27 TO 2028.5.21; CHANGE OF CONTRACT

Name of requester: CHINA TELECOMMUNICATIONS GROUP CO.,LTD.

Effective date: 20081020

C14 Grant of patent or utility model
GR01 Patent grant