Security

• Session security
• File security
• Secure authentication

Session security encrypts an entire communications session between two trading partners so that it is not possible for a third party to view the original documents being exchanged. All protocol data units are encrypted so it is not possible to understand what protocol units are being exchanged or to examine their content.

File security provides an additional level of security by allowing a file to also be encrypted. This, in conjunction with session security, means that it is possible for a file to be securely exchanged between two companies, but for the file to remain encrypted until it reaches it’s ultimate destination such as a specific department of individual inside the recipient company.

The exchanged files can also be signed by the originator to prove the authenticity of the files.

Secure authentication uses X.509 certificates to authenticate two communicating entities to each other. This security prevents malicious users from connecting to an EDI server and attempting to send viruses to it or attempting to hack it. Every trading partner uses a digital certificate, similar to the concept of someone’s passport, to identify themselves. The certificate proves the holder is who they say they are, and it is up to the recipient of the communications session to accept or reject the connection based upon the credentials supplied.

File Compression

OFTP2 has been designed to handle extremely large files (in the petabytes), way beyond anything thing that is currently considered realistic. However large files consume bandwidth and take a very long time to send or receive, potentially causing other files to be delayed in their transmission. OFTP2 caters for this by providing file level compression which can significantly reduce the size of a file, in some cases by as much as 10% of their original size. This is particularly relevant for companies exchanging ENGDAT data where file sizes are in the hundreds of megabytes and take significant amounts of time to exchange using the slow X.25 and ISDN networks. Not only will the data be transferred faster but also this means that the call duration will be shorted and hence significant cost savings can be achieved.

File Restart

When sending large files, it is important to note that connections do drop. Machines have a habit of hanging when put under high traffic volumes, and the Internet is reliably unreliable. If a company is 90% through transmitting a 500Mb file when the connection drops, having spent three hours previously transmitting it, it is a waste of time and communications bandwidth to start sending the file all over again. Resending the file could potentially delay other data that needed to get through. OFTP2 has restart built in to the protocol, so if a connection is dropped then the communication of the file restarts at a point just before the connection was dropped, not from the very beginning.

Reliability

OFTP2 is a protocol that is designed to work reliably regardless of the reliability of the underlying network. It has built in flow control, variable buffer sizes and check pointing. File restart allows transmission of a file to restart at the last know check point, so if a connection drops then the file transmission does not have to begin again from the beginning.

The performance of OFTP2 is such that it is actually possible to transfer a file via OFTP2 in less time than it takes to perform a DOS copy file command on the same file.