Electronic Data Interchange over the Internet
In these challenging economic times, many businesses are exploring solutions to lower their costs of doing business. To this end, the ongoing monthly/yearly costs associated with transmitting eBusiness (EDI or XML) messages, is one cost that may be lowered and/or eliminated by moving to an Internet solution. The Internet Engineering Task Force (IETF) has developed three sets of security protocols for transmitting Electronic Data Interchanges over the Internet (EDI-INT): the AS1, AS2 and the AS3 protocols. By utilizing products that have been developed around these standards, businesses can securely transmit and receive eBusiness transactions over the Internet which will drastically reduce the ongoing costs associated with eBusiness transmissions.
Overview
The "AS" stands for "Applicability Statement" and uses existing standards in a manner that facilitates ease of use in product development. There are three methods of EDI-INT transacting that have been defined, AS1, AS2 and AS3:
- AS1 uses SMTP for delivering S/MIME encrypted transactions
- AS2 uses HTTP and HTTP/S for delivering S/MIME encrypted transactions.
- AS3 is the draft specification standard for communicating EDI (EDIFACT or X12), binary and XML data securely over the Internet using FTP.
EDI-INT is a specification on securing and transporting data, not on validating or processing the data. The transported data is then dispatched to the appropriate processor based upon its content-type. Therefore, an eBusiness format translator will still be needed to process the "raw eBusiness" data. Rather than sending/receiving data via a VAN (Value Added Network), the data would be sent/received via the Internet in accordance with AS1/AS2/AS3 security features and imported/exported into the user's application system.
Benefits
A long term benefit in using EDI-INT is to significantly reduce and in some cases eliminate the traditional communication costs associated with VANs. A secondary benefit is in the decreased "turn-around" time for business transactions. Traditional EDI is "batch" processed in that messages are grouped together and sent/received at intervals throughout the day. With the AS1 standard, the time is reduced to the transfer time for e-mail, while with AS2/AS3, the time has been reduced to nearly instantaneous with direct HTTPS/FTP transfers.
Concerns
There is a wide spectrum of products being offered by a handful of companies. The cost of the AS1/AS2/AS3 products can range from $300 to $50,000. Additional costs may be associated with integrating AS2/AS3 into an existing EDI environment. Unless there were a high volume and/or high monthly costs, the ROI may not merit the purchase. However, with recent mandates by Wal-Mart, Kohl's, and others, many companies have little choice but to implement a certified EDI-INT AS2 solution.
Alternatives
FTP with optional Encryption
Although EDI-INT refers specifically to the AS1, AS2 and AS3 specifications, a third alternative, which would also give the intended cost savings, would be to transmit eBusiness data directly to and from the trading partners using FTP (file transfer protocol). Encryption software can optionally be used to secure the data. The reason for using encryption software is to protect the integrity of the transmitted documents, since the Internet is unsecured. Encryption software electronically "locks" the data, which can only be "unlocked" with the proper electronic key.
This approach might require a higher level of technical expertise to set up and integrate the several pieces. It could only be recommended for experienced users who had the personnel to monitor the data cycle. An additional consideration is that both parties involved must have the ability to encrypt and decrypt the transmitted data and agree upon the encryption method.
ebXML Messaging
Yet another alternative would be to use the Messaging Services of ebXML. ebXML Messaging Services (also called TRP - Transport Routing & Packaging ) specifically focuses on the means to transmit a document (payload) from one party to another, possibly via intermediaries. This protocol is an attempt to standardize the way B2B transactions are transmitted in a manner which includes all sizes of companies from the Large Enterprise (LE) to the Small & Medium Enterprise (SME). ebXML-MS does not define the business processes or the content of the messages being sent. ebXML-MS only concerns itself with the secure and reliable (not part of EDI-INT) transmission of the payload. ebXML-MS Message Service Handler (MSH) sits between the network protocol (SMTP, FTP, HTTP, etc.) and the Business Process at each end. In this way, the MSH is independent of both the transport protocol and the higher level Business Processes. ebXML-MS can be used to transmit any payload over any network connection.
One over-looked feature of ebXML Messaging Services is the reliable transmission part. Message-based ebusiness requires reliable messaging. AS1, AS2 and As3 doesn't address the issue crucial to the effective deployment of eBusiness, that of reliable messaging. ebXML's Messaging protocol provides reliable end-to-end messaging. ebMS fulfils the base-level reliability requirement of ensuring that a message reaches its destination. Other elements of ebXML MS add further layers of reliability, such as, confirming that the message was in a valid format and thus intelligible to the receiver ("structural reliability"), and that it was processed without errors ("substantive reliability").
Conclusions
As the use of the Internet to transmit business data grows, it makes sense to consider utilizing it to improve business performance and lower costs. To gain enterprise-class credibility, any Internet based messaging solution needs to live up to transactional messaging standards, which means having an infrastructure that guarantees messages not only get delivered, but also come from where they're supposed to have come from, are completely unambiguous, and get processed in the correct way. The decision to pursue this avenue should be explored to see which, if any, of the mentioned solutions would work best.