Design and Implementation of A Lightweight Brokering System for Content/Service Charging in a Cellular Network Centric Business Model Jenq-Shiou Leu Department of Electronic Engineering National Taiwan University of Science and Technology Taipei, Taiwan
[email protected]
Abstract—Cellular operators offer voice services for years and own a solid amount of users with a certain authority on running cellular business. Recently, various fascinated value added contents and services are emerging in the post-voice era. To extend the business and leverage the exiting operation and maintenance systems, operators strive to become a trusty broker that aggregates a variety of valued added services provided by lots of third-party service/content providers as well as a payment agency that collects the service/content fees into a unified bill for users. In the past, little studies had ever clearly and deeply revealed for how to practically substantiate a lightweight system for connecting users, cellular operators and content/service providers by highly exploiting the mature cellular environment to achieve a triple-win situation. In this article, we elaborate a wellconstructed A.A.A. brokering system sitting between the content/service providers and users to link the value chain in such a triple-play game - A4BS, which generalizes certain basic mechanisms that govern authentication, authorization, advice-ofcharge issuing, accounting, billing and settlement. Through this tried-and-true system, content/service providers can focus on service creation without much attention to the end-user billing. Meanwhile, users can be charged on a transaction basis with an instant expenditure notification and have a one-stop payment in a single cellular bill as well.
through cellular operator’s assistance and earn more revenues back without investing in too many advertising efforts. Contents/services providers may consequently pay more attention to the content/service innovation without worrying about annoying payment logistics toward end users. Moreover, with the endorsement from the reputed operators, customers may alleviate their anxiety while conducting transactions in the cyber world. In accordance with the reputation of operation, cellular operators can build a trustworthy relationship among cellular users and content/service providers to conduct a networkoperator-centric business [6] like i-mode as Fig. 1 shows.
Keywords- Content/Service Billing, A.A.A. Brokering System, Advice-of-Charge, Cellular Network Centric Business Model
I.
INTRODUCTION
As cellular business has been taking off, cellular services are deemed indispensable for most people in the daily life. In the post-voice era, value added contents and services are booming. Many efforts are put on service platform construction [1,2], content pricing [3], and complex charging models [4][5]. Cellular operators strive to conduct a drivethrough culture to get contents/services instantly via people’s hand-held devices. Cellular users can therefore easily purchase various fascinated value added contents/services from the onestop service center which may be operated by cellular operators and then pay the content/service fees in their monthly bill later. On the other hand, content/service providers (CPs/SPs) may broaden their product visibility
1-4244-0264-6/07/$25.00 ©2007 IEEE
Figure 1. Network Operator Centric Business Model
A middle-tier system must play the central role in-between in such a model and the cellular operator controls the user’s profile and charging. The developing OSA/Parlay charging API [7] introduced by 3GPP [8] seems an ideal but underconstructed and future fully realized solution to place the network operator again in the central role of service provisioning [9,10]. However, cellular operators strive not to alienate their users and keep its predominance before such a perfect world comes true. In the past, little studies had ever clearly and deeply revealed for how to practically substantiate a lightweight system for connecting users, cellular operators and content/service providers by highly exploiting the mature cellular environment to achieve a triple-win situation.
In this article, a well-constructed A.A.A. brokering system sitting between the content/service providers and users to link the value chain in such a triple-play game is presented. To simply realize this concept, we build a lightweight system, which generalizes certain basic mechanisms that govern authentication, authorization, advice-of-charge, accounting, billing, and settlement (thereafter referred to as “A4BS”). Through this system, content/service providers can focus on service creation without much attention to the end-user billing. Meanwhile, users can be charged on a transaction basis with an instant expenditure notification and conduct a one-stop payment in a single cellular bill as well. The rest of this paper is organized as follows. Section 2 describes the architectural overview, the system components, and the functionality of each component in A4BS. Session 3 depicts a thorough transaction process flow. Session 4 presents the design and implementation of A4BS and covers some empirical experiments to analyze the system performance in term of the time consumption for some major processes. Concluding remarks are finally drawn in Section 5. II.
A4BS SYSTEM OVERVIEW
The whole system architecture and some main modules in A4BS are shown in Fig. 2.
Figure 2. A4BS System Architectural Overview
Users can buy the service/content via HTML shopping pages through Internet or WML ones through cellular networks. Before putting service items on the service menu portal (Service Menu Module), all services should be registered by CPs/SPs and their corresponding service rate/settlement plans must get approved by the administers of the operator on A4BS through the administration interfaces (Admin Module). In addition, all users must be contracted and active for the cellular operators, which run A4BS between users and CPs/SPs. A4BS helps bridge users and CPs/SPs in an easier way. Most of functioning modules are built on web services [11]. Main functions in A4BS are illustrated as follows:
A. 1st A: Authentication A4BS provides authentication services (Logging Module) for CPs/SPs. In general, the Mobile Subscriber ISDN Number (MSISDN) [12] is a key to identify users in the cellular business. To defend users’ privacy from malicious use in the Internet, A4BS generates a one-time session ticket within a hidden MSISDN to carry out transactions at the CP/SP sites. If users intend to purchase any content or service without an effective session ticket, CPs/SPs delegate the authentication process to A4BS. After passing authentication, CPs/SPs periodically validate the user sessions (Session Validation Module) toward A4BS as well. In particular, A4BS supports the auto-login feature if users access services via WAP since the WAP gateway can carry the undeniable user identifications - MSISDNs to A4BS. That implies users would not be asked for an explicit logon process if they come by way of WAP. This feature simplifies the user authentication process. Furthermore, with Single Sign-on (SSO Control Module), users do not need to repeatedly sign on while browsing from one service to another and do not need to identify themselves to CPs/SPs after logging on A4BS. B. 2nd A: Authorization After the user gets authenticated, the authorization process determines what kind of service or content subscription can be permitted to buy according to different user levels. Premier users may get a preferential interest rate. Besides, the authorization can avoid fraud losses by implementing some simple controls. The backend cellular billing system would periodically knowledge A4BS about users quotas. A4BS would carry out a real-time credit control (Credit Checking Module) based on user’s expenditure and prohibit user’s buying if the user monthly spending exceeds the personal hard quota or some wanted subscription fee overtakes the specific service limit. C. 3rd A: Advice-of-Charge Advice of charge (AOC Module) is used to notify users of the related charge before the service is actually provisioned. The reply to this message from the use is captured in logs to clarify the possible disputes after service. D. 4th A: Accounting The accounting process (Event Accounting Module) collects data concerning service/content consumption into the local accounting database. Each accounting goes along with one instant expenditure notification by SMS [13] messaging via SMSC. Therefore, users can get aware by a SMS notification once they subscribe or unsubscribe services. Such a notification can caution users about the usage charge at the early stage and keep legitimate users from fraud by some malicious impostors. E. B: Billing The billing process (Simple Billing Module) periodically performs making up the bill for value added services based on all corresponding transactional logs by referring to the local accounting data and pre-defined service rates. Since cellular
operators have constructed a robust billing system to collect users’ usage fees, cellular operators could charge users in the unified cellular bills. F. S: Settlement The settlement process (Simple Settlement Module) works on a service basis per contracted value added service provider. Operators clear revenues with CPs/SPs by following a prenegotiated settlement rate based on the actual traffic amount of service usages via A4BS. In general, this process can be done resting on either the transaction records or the real user payment situation. The former one is simpler but with a lower settlement rate for CPs/SPs due to higher risk in bad debts. Most of core models in A4BS are not only connecting but also leveraging the existing cellular operation systems like fraud notification system, billing system, settlement system and customer care system. III.
5. 6.
7. 8.
PRACTICAL TRANSACTION FLOW THROUGH A4 BS
The generic transaction flow can be depicted as the sequence diagram shown in Fig. 3 and described as follows.
9. 10. 11.
12.
13. 14. 15. Figure 3. A Typical Transaction Sequential Diagram
1. 2. 3. 4.
Through the one-stop value added service menu of the cellular operator, any user may be redirected to CP/SP site to surf potential contents or services. Once the user takes a liking to some objects of interest at some CP/SP site, he or she may express the intention to buy or subscribe some service. If this user connection does not contain a session token, the visited CP/SP site would redirect this user to A4BS for authentication in advanced. Once redirected, A4BS would challenge the user for authentication by a prompt page requesting him or her to input the username and password. In particular, if the user comes via WAP, the WAP gateway might automatically forward the user MSISDN to A4BS to conduct an auto-login. Hence, A4BS would not issue any challenge to users since users already get authenticated via the front-end Authentication
16. 17. 18. 19. 20. 21. 22.
Center(AuC)[12] in the cellular network. If the situation is like this, the flow can bypass the step (4)(5). The user would type in the username - MSISDN plus password and then submit them to A4BS for authentication. A4BS would conduct an authentication on this response by referring to the local authentication database, which is periodically synchronized by the cellular user database to refresh the up-to-date user status. If this user gets authenticated, A4BS would generate a onetime/one-user used only session token (ST) for singlesign-on for further visiting other sites use. ST would be expired until the corresponding lifetime is due or the session is closed. A4BS would redirect the user back to the CP/SP site once user authentication is finished. To prevent fraud, the CP/SP site could validate the ST along with the visitor toward A4BS through a SSL (Secure Sockets Layer) tunnel. However, this part can be optional since it is not a realistic business transaction. A4BS responds the result of validation to the CP/SP. If valid, the CP/SP would inform the buying intention of the user to A4BS. A4BS would conduct an authorization check including user legitimate and his or her real-time credit by referring to the local authorization database. If authorized, A4BS would generate a one-time/oneuser/one-service used only transaction token (TT) for the coming possible consumption. Upon this buying intention, A4BS would issue an advice-of-charge message including the service name and will-be-charged service fee to probe the final user decision. The user responds the final decision after advised. A4BS receives user response and records the result accompanied with the ST and TT into the local log database. If the response is positive, A4BS would further forward this buying request with ST/TT to the CP/SP site to ask for delivering the content or service. Before actual delivering the service, the CP/SP would do a final check on ST/TT toward A4BS via a SSL tunnel. If ST and TT are valid, the CP/SP would deliver the service to the user. Once delivered, the CP/SP asks A4BS to record a corresponding accounting log into the local database. A4BS records this buying log for the user and acknowledge the CP/SP. A4BS would send an instant expenditure notification SMS message through the cellular network. The cellular operator would conduct a unified bill for the user according to the user billing cycle (normally monthly). The cellular operator would conduct a settlement process for the CPs/SPs according to the pre-agreed cycle (normally monthly).
IV.
IMPLEMENTATION AND DESIGN
1) WebService WSDL
A. Internal Entity Design Fig. 4 illustrates the core entity diagram inside A4BS. Three basic entities – User, CPSP, and Service keeps the user, CPs/SPs, and service profiles respectively. ServiceRatePlan and ServiceSettlementPlan related to each service need to set before the service goes online. ServiceMenu and Top10Service present the service menu and top service list on the portal site. SSO and TransactionToken keep the status of session and transaction tokens while conducting single-signon and effective transaction among all service sites. AOCLog and TransactionLog are two major tables to keep the log while conducting business transactions, to offer information for billing, settlement, and even possible dispute clarifying after service. PersonalSubscription keeps the service subscription records for individual user. User
SSO PK
SToken
FK1
MSISDN CreateDate RequestIP RedirectURL SSOStatus Remark
PK
Transaction Log
CPSP
MSISDN
PK
Password ContractID Last_Modify_Date Last_Modify_User Quota Status
FK1 FK2
MSISDN ServiceID Last_Modify_Date Last_Modify_User Remark
Name UNI ZipCode Address ContractName ContractTEL ContractMobile TechnicalName TechnicalTEL TechnicalMobile Status Last_Modify_Date Last_Modify_User Remark
Service PK TransactionToken PK
TToken
FK1 MSISDN FK2 ServiceID CreateTime TransactionStatus Status Remark
AOCLog
PersonalSubscription PK,FK1 MSISDN
FK1 FK2
TToken SToken UserReply Last_Modify_Date Last_Modify_User Remark
FK2
ServiceID Status Last_Modify_Date Last_Modify_User Limit PersonalSubscriptionCol1
ServiceID
FK1 PID ServiceCode Description Price ServiceType ServiceChannel ServiceStatus SubscriptionMSG UnsubscriptionMSG StartDate EndDate WEBURL WAPURL ImageType Image BannerType Banner ContractName ContractTEL ContractMobile Status Last_Modify_Date Last_modify_User Remark
ServiceRatePlan
PID
ServiceMenu
ServiceDescription TreeID FK1 ServiceID Status Last_Modify_Date Last_modify_User Remark
Top10Service
- - - + + + 2) SOAP Request Message (From CPs/SPs) Transaction Token
ServiceDescription FK1 ServiceID Status Last_Modify_Date Last_Modify_User Remark
ServiceSettlementPlan
PK
RateID
PK
SettlementID
FK1
ServiceID Rate Status Last_Modify_Date Last_Modify_User Remark
FK1 ServiceID Rate Status Last_Modify_Date Last_modify_User Remark
Figure 4. Core Class Diagram inside A4BS
B. External Interface Design To facilitate frequent interaction and data exchange between the cellular operator and CPs/SPs, web services were adopted to develop the external interfaces on A4BS. Acting up to the Simple Object Access Protocol (SOAP) standards [11], we combined with the Java Web Service, Java Secure Socket Extension [14] to develop the external interfaces with CPs/SPs. Take transaction token validation as a practical example in the following lists:
3) SOAP Response Message (To CPs/SPs) True|False
C. A Typical Examle from User Viewpoint Fig. 5 presents a typical transaction flow from user viewpoint over WAP. Fig. 5(a) shows that the handset user may be surfing services on the service menu and hunting some amusing services like Java Games here via WAP (a similar scenario is also applicable to the web browser-based access). In Fig. 5(b), once the user takes a liking to some specific service, the user would be redirected to the neutral A4BS and then be asked to login if the WAP gateway does not support an auto-login feature. Following the indication, the user needs to type MSISDN and the password into the requesting page and then submit them for authentication. In Fig. 5(c), once authenticated, an advice-of-charge message issued by A4BS would remind the user of the service price. The user can make a final decision according to such a warning message. In Fig. 5(d), once the user decides to purchase it, the service would be delivered by the CP/SP. After receiving the service, the user would get a final expenditure notification by not only a WAP page but also a SMS message.
draws people’s attention. Cellular operators have already built a good environment to make service-getting more easily with a trustworthy reputation and deliver digital contents/services from providers to users. In the past, little studies had ever been fastened at practically establishing a lightweight system to bridge the value chain between users and content/service providers with highly taking advantage of the existing mature cellular environment. In this paper, a middle system - A4BS is proposed and constructed to take charge of the user authentication/authorization/accounting delegation and issuing advice-of-charge to users for the CPs/SPs. Meanwhile, A4BS also provides flexible billing and settlement mechanisms to CPs/SPs and conducts a real-time expenditure charging and notification/a unified billing for users. Furthermore, A4BS enables all the involved business partners to register their contents or services, to define the rating policies, to submit their charging items, to receive the usage statistics and finally to apportion revenues under the administrative domain of cellular operators and CPs/SPs. REFERENCES [1]
[2]
[3] Figure 5. A Typical Transaction Flow over WAP
D. EmpiricalEexperiments A4BS, sitting between CPs/SPs and users, would lead to numerous interactions in-between including some major processes, such as “Authentication”, “Token Validation”, “Event Accounting” and “Expenditure Notification via SMS”. The empirical evaluations for these processes in A4BS are illustrated in Tab. 1. TABLE I.
TIME CONSUMPTION FOR SOME MAJOR PROCESS ON A4BS
Major Processes Authentication Session/Transaction Token Validation Event Accounting SMS Expenditure Notification
V.
Time Consumption 2,013 ms 549 ms 778 ms 35 ms
CONCLUSION
In the post-voice era, people in the mobility world attentively gaze at the growth of valued added services. A neutral connector between users and content/service providers
[4]
[5]
[6]
[7]
[8] [9]
[10]
[11] [12] [13] [14]
O. Drogehorn, K. David, “Design Principles for Future Service Platforms”, the 2005 Symposium on Applications and the Internet Workshops, pp. 132 – 135, 31-04 Jan. 2005 H. Chen, P. Mohapatra, “Using service brokers for accessing backend servers for web applications”, Journal of Network and Computer Applications, Vol. 28, Issue 1, pp. 57-74, Jan. 2005 B. Stiller, K. Almeroth, J. Altmann, L. McKnight, M. Ott, “Content pricing in the Internet”, Computer Communications, Vol. 27, Issue 6, pp. 522-528, Apr. 2004 N. Blefari-Melazzi, D. Di Sorte, G. Reali, “Accounting and pricing: a forecast of the scenario of the next generation Internet”, Computer Communications, Vol. 26, Issue 18, pp. 2037-2051, Dec. 2003 D. Di Sorte, G. Reali, “Pricing and brokering services over interconnected IP networks”, Journal of Network and Computer Applications, Vol. 28, Issue 4, pp. 249-283, Nov. 2005 Report 21 from the UMTS Forum (2002), “Charging, Billing and Payment Views on 3G Business Models”, http://www.umts-forum.org/ reports 3GPP TS 29.198-12 version 5.4.0, 3rd Generation Partnership Project; Technical Specification Group Core Network, ”Open Service Access (OSA); Application Programming Interface (API); Part 12: Charging (Release 5)” 3G Partnership Project, http://www.3gpp.org/ A. Cuevas, J.I. Moreno, P. Vidales, H. Einsiedler, “The IMS service platform: a solution for next-generation network operators to be more than bit pipes”, IEEE Communications Magazine, Vol. 44, Issue. 8, pp. 75-81, Aug. 2006 M. Koutsopoulou, A. Kaloxylos, A. Alonistioti, L. Merakos, “A platform for charging, billing, and accounting in future cellular networks”, Computer Communications, In Press, Available online 19 Jan. 2006 http://www.w3.org/2002/ws/ Y.-B. Lin, I. Chlamtac, “Wireless and Mobile Network Architectures”, Wiley, New York, 2001 “Short Message Service”, http://www.gsmworld.com/technology/sms/ http://java.sun.com/
