China Telecom Tianyi RF-UIM Enterprise Yijitong System Solution
[ad_1]
1 Overview
With the rapid development and popularization of wireless communication technology, especially the use of 3G and the rapid development of China’s next-generation Internet research, deployment and industrialization, it has provided sufficient conditions for the development of enterprise informatization. How to use 3G technology to improve the management efficiency of government and enterprises, how to use 3G technology to reduce existing operating costs, how to use 3G technology to facilitate employees to improve use efficiency, and truly realize the informatization of government and enterprises on the basis of existing government and enterprise informatization, Improving the image is the main problem and the direction of development facing the current construction.
As a long-term partner of China Telecom and meeting actual needs, China Telecom has formulated a wing-to-machine communication solution. I believe that under the promotion of China Telecom’s cooperation, combining the advantages of both parties can promote the construction of your company’s industry system, thereby improving management efficiency and enhancing corporate image.
2 Demand analysis
At present, the informatization construction of our unit has achieved preliminary results. However, with the development of the scale of the unit and the changes in market demand, the construction of the government and enterprise informatization system is more urgent. After actual investigation and analysis, our unit is in the informatization construction The main requirements are as follows:
One is to realize paperless office and improve office efficiency. The computer system in our unit has become very popular, and it is necessary to realize paperless office through informatization, and to realize efficient process of official documents and effective communication of information through electronic and mobile methods. In the enterprise card application, the phenomenon of repeated construction of multiple departments is more serious. Each application system exists independently and cannot communicate. Leaders and ordinary employees need to carry different cards for dining in the canteen, book borrowing, and attendance, etc. Because of the leaders and employees There are many documents to carry, which are easy to lose and it is more troublesome to apply for replacement. Each application system is independent of each other, and the exchange and sharing of data and resources have not been realized, which has caused a certain degree of difficulty to the unified management of the enterprise. The construction of enterprise all-in-one card equipment is relatively lagging, and the demand for enterprise information construction is urgent.
The second is to enhance corporate image and strengthen corporate management. My company’s corporate image and management are already in place, but how do we keep pace with the times in today’s informatization? How to manage modern enterprises with informatization methods? China Telecom has given an inevitable answer here.
Third, it is to develop the market in depth and provide convenience for employees. The main purpose of unit employees is to charge sub-wallets and use POS machines. Although some units have more application scenarios for electronic wallets, they still have low integration with public resources and less integration with social-related products, which invisibly creates social resources. waste. How to expand and deepen the application of electronic wallets to provide more convenience to citizens.
3 Technical solution
3.1 Design principles
According to the overall business plan, the informatization construction of this unit should follow the following basic principles:
Scientific planning: According to the actual situation of the unit, use scientific theories and systematic methods to unify planning and unify standards.
Internal and external training: get through the employee welfare consumption of the internal electronic wallet of the unit in the external mass social consumer business circle, or the consumption of currency nature.
Economical: Choose advanced and mature technologies, systems and products at telecom level to save money and meet current and future practical requirements.
3.2 Enterprise Wing-machine Communication
3.2.1 System introduction
“Enterprise Yijitong” is a comprehensive information application service product integrated with mobile payment functions provided by China Telecom to government and enterprise customers. By integrating various government and enterprise employee cards, meal cards, etc. into the Tianyi UIM card, government and enterprise users with Tianyi mobile phones can not only use personal communication services, but also realize access control, unit attendance, canteen consumption, and information through Tianyi mobile phones. Publish and other information application services.
Tianyi RF-UIM mobile phone features:
3.2.2 Enterprise Wing-machine Communication System Architecture
a) Yijitong central platform: A central platform system server can choose whether to adopt dual-machine hot backup mode and choose the server grade according to the actual application system scale. When the system is expanded, the platform system software will not change. If the hardware of the Yijitong Center does not meet the requirements, it can be transferred to the subsystem application to avoid duplication of investment; the Yijitong Center platform includes front-end equipment set according to the application.
The Yijitong Central Platform includes Yijitong Data Center and Yijitong identity front system and Yijitong integrated front-end system. The specific platform configuration can be adjusted according to the actual situation.
b) Yijitong front desk service system: Yijitong front desk management service center is the user reception center of Yijitong system. It is responsible for processing various service requests of unit users, and is responsible for various integrated services of cardholders. It is divided into individual and Batch business, including card making, account opening, account withdrawal, card replacement, loss/unlinking, freezing/unfreezing, card transfer, query, identity parameter maintenance, etc.
c) Yijitong application system: The access of the application subsystem is a manifestation of the powerful expansion performance of Yijitong. According to the characteristics of the actual subsystem, it can be connected to the Yijitong platform in a tightly coupled, loosely coupled or uncoupled mode of electronic wallet. .
Access control attendance management subsystem: The access control attendance management subsystem is one of the important application subsystems of the Wing-to-Aircraft communication system. It is mainly used for identity authentication in various occasions. For office area management, in addition to the function of access control, it can also manage the equipment, occupants, rooms and office area employees in the office area. At the same time, it can achieve the Statistics, office door status monitoring, and corresponding reports are formed to realize real-time monitoring, query, etc.
Business consumption subsystem: The business consumption subsystem is mainly used to manage the consumption behavior in the enterprise. Financial management is cleared monthly, database security is guarded, and high-strength data encryption. When a local failure does not affect the overall operation, the efficiency can be temporarily reduced. The cashier terminal can be separated from the main console to realize offline function, and when connected with the main console, valid data can be recovered. The main control terminal has super strong host monitoring capabilities, and the main operator can grasp the entire system at any time on the screen. It can achieve power-down data preservation and breakpoint recovery functions. It supports functions such as wing aircraft pass card recovery, life management, and dead-and-death account check.
3.2.4 Introduction to the Wing-machine Communication Terminal
a) Practical display of Yijitong terminal products
b) Dual interface UIM card: The dual interface card is made up of PVC laminated chip coils, based on a single chip, and is a smart card that integrates contact and non-contact interfaces. It has two operation interfaces for access to the chip. The chip can be accessed by contacting the contacts or by being separated by a certain distance by radio frequency. There is only one chip on the card, two interfaces, the same operation can be performed through the contact interface and the non-contact interface. The two interfaces follow two different standards respectively, the contact interface complies with ISO/IEC 7816, and the non-contact complies with ISO/IEC 14443. Use CPU chip card with dual interface communication function: both contact (ISO7816 standard) and non-contact (Mifare or T=CL standard, namely ISO14443) communication interface. The contact interface is used for mobile communication applications with mobile terminals, and the contactless interface is used for applications with wireless radio frequency payment terminals. The contactless frequency adopts 13.56MHz, which meets the existing industry application POS terminal frequency standard. The mobile phone needs to be modified. The modified part includes two parts: hardware and communication software. Payment and mobile functions can be carried out at the same time, and the UIM card contains payment-related information.
c) Multi-applications of dual interface cards: The dual interface UIM cards are currently divided into dual interface UIM cards for bus wing-machine communication and dual-interface UIM cards for enterprise wing-machine communication by application. The two applications are simultaneously integrated on a dual-interface UIM card based on the converged application standards formulated by China Telecom and the local network conditions, which can achieve the purpose of communication between the enterprise and the public.
3.2.5 Security and openness of the system
a) The security of the hardware entity
The transmitted data is encrypted to protect sensitive information. Prevent illegal interception and deciphering.
An encryption card that uses a financial security processor as the core device to store information such as keys.
Data center construction: The data center computer room should be set up in a place where water is discharged, fireproof, and anti-theft, and the ambient temperature and humidity are stable and clean.
System operation and management need to establish strict rules and regulations. The management personnel of the computer room must strictly follow the operation manual and operation specifications for daily operation, data backup, and system testing.
b) Data transmission security: From the aspect of transmission platform, the “Enterprise Wing Jitong” system supports both the public network and the private network. From the aspect of transmission protocol, the ISO8583 standard of financial message exchange format is adopted, and encryption measures such as MD5 digital signature, DES, RSA, etc. are adopted to prevent illegal interception, tampering, and deciphering. All access uses dynamic keys for sign-in and sign-out.
c) The security of the wing-machine communication terminal: The wing-machine communication terminal in the system is classified and managed, and different permissions and functions are granted to enhance safety.
The loss report takes effect immediately
Update the blacklist in real time
Password limit, enable personal password for large consumption
Personal password confidentiality: The operator cannot see the cardholder’s personal password on the system, which protects the cardholder’s rights.
The Yijitong terminal adopts an encryption mechanism of one card, one secret, and one zone, one secret to prevent theft and abuse. Join the company’s special logo and use a special algorithm to effectively prevent counterfeit cards. The DES proprietary hybrid algorithm is used to form an effective wing-to-plane communication terminal key management mechanism. Adopt a public and independent information sharing area to form a unified and divide-and-conquer data management strategy.
d) Physical security
Product guarantee: guarantee the safety of product purchase, transportation, installation, etc.
Data center construction: The data center computer room should be set up in a water-proof, fire-proof, and anti-theft place, with a stable and clean environment temperature and humidity.
In terms of power supply guarantee: Yijitong hardware equipment can adopt UPS power supply and backup battery to ensure that the normal operation of the dining hall will not be affected in the event of a temporary power failure.
Construction of rules and regulations: System operation and management need to establish strict rules and regulations. The management personnel of the computer room must strictly follow the operation manual and operation specifications for daily operations, data backup, and system testing.
3.2.6 Training and after-sales service
When the system construction is completed, technical training will be carried out for the customer’s management personnel and engineering and technical personnel. Before training, first distribute training manuals to relevant personnel. The content of the manual includes the correct operation procedures of various equipment, troubleshooting methods, maintenance instructions and other items.
The training provided to customers includes the following:
System overview, principle and composition design
Introduction to system equipment functions, setting operations and troubleshooting;
System software function introduction, operation, query, printing function operation.
Practice operation
Precautions
Troubleshooting
In the service process, we take the tenet of customer first and service first to carry out systematic after-sales service work, provide users with free warranty for contract equipment within the specified period of the contract, and provide after-sales service for life-long maintenance.
The specific maintenance items and measures are as follows:
Two-year free warranty is provided for the products of this project.
Emergency response: If the equipment or system fails, we will respond within one hour after the user reports the failure; and arrive at Party A’s site for repair or replacement within a reasonable time.
Equipment maintenance: We provide regular equipment maintenance services, including equipment cleaning, screw tightening, circuit inspection, circuit board dust removal, etc.
Regular telephone consultation: We take the initiative to provide telephone consultation and tracking services to users’ various departments on a regular basis to keep abreast of equipment and system operation status. At the same time, the user’s operator’s consultation on operation and use will be answered at any time.
3.3 Enterprise switchboard
The enterprise switchboard service is a comprehensive information service based on fixed-line and mobile integrated virtual network services, which integrates enterprise switchboards, number hundred information services, unified numbers, and e-communications.
Features introduction:
Support fixed phone and Tianyi mobile phone integration network
Local or cross-regional networking according to needs
Call discounts, flexible account management; according to the needs of the enterprise, flexible account management can be set up for unit and individual account allocation rules.
Short number mutual dialing, fast and convenient
Office phones and China Telecom’s mobile phones can be bundled to achieve simultaneous vibration
Enterprise unified external voice portal, 4008XXXXXX, 800XXXXXXX, and common fixed-line numbers can be selected arbitrarily, and the incoming call will never be busy. The number will never change.
The user dials the switchboard number 18, can query the corporate address book and transfer the phone, and can also get information services such as business travel and legal consultation.
When you need to have a meeting to discuss issues, dial all landlines, mobile phones, and PHSs across the country on 19, and you can call at one point
[ad_2]