AS/1
Applicability Statement 1, designed by the Internet Engineering Task Force (IETF) describes how current Internet standards can be used to achieve messaging functionality via MIME and SMTP. Security supported is object signature and object based encryption only. This transport is payload neutral and can also easily be used to transport other types of data such as XML.
Although the written specification does not state this, many organisations are successfully implementing AS/1 for the transfer of data types beyond EDI. AS/1 is a specification about how to transport data, not how to validate or process data. AS/1 only specifies the means to connect, deliver, validate and reply to (receipt) data in a secure, reliable, non-repudiable way. The data is then dispatched to the appropriate processor based upon its content-type.
AS/2
Applicability Statement 2 is a specification for Electronic Data Interchange (EDI) between businesses using the Internets Web page protocol, the Hypertext Transfer Protocol (HTTP). The specification is an extension of Applicability Statement 1 (AS1). Both specifications were created by EDI over the Internet (EDIINT), a working group of the Internet Engineering Task Force (IETF) that develops secure and reliable business communications standards.
The AS/2 standard allows businesses to use a common, single communications solution. This eliminates the complications and costs involved when different businesses in a network use different transfer protocols. Almost any type of data can be transmitted.
EDI over the Internet (EDIINT) is an alternative data transport to value added network (VAN) based data communications between trading partners. It provides the major auditable functions associated with major VAN services, for instance mail boxing, trading relationship management, security, authentication and non-repudiation - via enabled software, for example, Advance Broad Connect. The AS/2 standard provides Secure Multi-Purpose Internet Mail Extensions (S/MIME) and uses HTTP or a more secure version, HTTPS to transmit data over the Internet. AS/2 is a specification about how to transport data, not how to validate or process data. AS/2 only specifies the means to connect, deliver, validate and reply to (receipt) data in a secure, reliable, non-repudiable way. Security, authentication, message integrity, and privacy are assured by the use of encryption and digital signatures. Another important feature, non-repudiation, makes it impossible for the intended recipient of a message to deny having received it.
AS3
This Applicability Statement (AS3) describes how to exchange structured business data securely using the File Transfer Protocol (FTP) for XML, Binary, Electronic Data Interchange (EDI), or other data used for business-to-business data interchange for which MIME packaging can be accomplished using standard MIME content-types. Authentication and data confidentiality are obtained by using Cryptographic Message Syntax (S/MIME) security body parts. Authenticated acknowledgements employ multipart/signed replies to the original message. A FTP upload operation is used to send appropriately-packaged EDI, XML, or other business data. The receiving application will poll the FTP server for inbound messages, unpackage and handle the message data and generate a reply for the originator that contains a message disposition acknowledgement within a multipart/report that is signed or unsigned. This request/reply transactional interchange provides secure, reliable, and authenticated transport for EDI or other business data using FTP. The security protocols and structures used also support auditable records of these transmissions.
Digital certificate
A digital certificate is an electronic 'credit card' that establishes your credentials when doing business or other transactions on the Web. It is issued by a certification authority (CA). It contains your name, a serial number, expiration dates, a copy of the certificate holders public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. Digital certificates can be kept in registries so that authenticating users can look up other users public keys.
e-Commerce
Strictly speaking, e-commerce refers to any transactions conducted using digital means. It includes business-to-business transactions and sales of merchandise or information products to consumers. Though the term originally meant selling things online, it has evolved to mean conducting business online in a more general sense, including customer service functions, sales, marketing, PR, advertising etc.
EDI (Electronic Data Interchange)
EDI is a standard format for exchanging business data computer to computer, for example orders and invoices. The transactions involve sending and receiving messages with formats that must conform to strict specifications (set by standards committees) between computer applications. Most EDI transactions support the supply chain management activities of trading partners.
EDIINT
EDI over the Internet - is an alternative data transport to value added network (VAN) based data communications between EDI trading partners. EDIINT refers to a set of protocols used to communicate EDI messages over the Internet and is fast becoming the preferred method for exchanging EDI, XML and other data using the powerful and cost-effective reach of the Internet. EDIINT has been successful in helping companies reduce or eliminate the high costs of value-added network connections for themselves and their suppliers; though it does provide the major auditable functions associated with VAN services – mail-boxing, trading relationship management, security, authentication and non-repudiation - via software. EDIINT Acceptability Statements (AS) are specifications about how to transport data, not how to validate or process data.
FTP
File Transfer Protocol - This Internet protocol is used to copy files between computers. FTP facilitates the copying, moving, renaming and deleting of files.
HTTP
HyperText Transfer Protocol - a protocol used to request and transmit files, especially web pages and webpage components, over the internet or other computer network.
IBM AS/400
The AS/400 is IBMs successor to the System 36 and System 38. It is a midrange computer with its own operating system, OS/400. The operating system includes its own relational database. Able to run applications written for the System 36 and System 38, the AS/400 had a large number of applications available to users when it was launched.
IBM iSERIES
The eserver series based on, and replacing, the AS/400. According to IBM, the i stands for intelligent integration.
IETF
The Internet Engineering Task Force is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the internet. The actual technical work of the IETF is done in its working groups, which are organized by topic into several areas (e.g., routing, transport, security, etc.).
IPR (Intellectual Property Rights)
The general term for intangible property rights, which is a result of intellectual effort. Patents, trademarks, designs and copyright are the main intellectual property rights.
MIME (Multi-purpose Internet Mail Extensions)
Protocol for Internet email that enables the transmission of graphics, audio and video.
Non-repudiation
In general, non-repudiation is the ability to ensure that a party to a contract or a communication cannot deny the authenticity of their signature on a document or the sending of a message that they originated. On the Internet, the digital signature is used not only to ensure that a message or document has been electronically signed by the person that purported to sign the document, but also, since a digital signature can only be created by one person, to ensure that a person cannot later deny that they furnished the signature.
PKI (Public Key Interface)
Implementation and operation of a cryptography system based on digital certificates.
Port
Physical connection through which a telecommunications line interfaces with the network.
Private Key
Cipher key used to decrypt messages or files encrypted with a public key and to create digital certificates. It is kept secret by the key holder.
Public Key
Public cypher key, used to encrypt messages or files which can be decrypted with a corresponding private key and to verify signatures created with its corresponding private key.
Public Key cryptography
Method used to encipher and decipher information using a pair of mathmematically related keys. The public key encrypts information or verifies a digital signature; the private key decrypts information or generates a digital signature.
SSL (Secure Sockets Layer)
Security protocol that facilitates encrypted and authenticated communications across the internet, operating independently of Internet application protocols, such as HTTP.
S/MIME (Secure Multi-purpose Internet Mail Extensions)
Protocol for secure Internet email that defines how encryption and digital certificates are handled within the message.
SMTP
The protocol that is most commonly used for transferring email between servers over the internet.
Supply Chain
A sequence of events, which may include conversion, movement or placement, which adds value to goods, products, or services.
TCP/IP (Transmission Control Protocol/Internet Protocol)
Data transmission protocol which keeps track of all data packets that travel across the internet.
Tradanet
An UK VAN which specialises in EDI. More than 80% of all UK EDI transactions are transmitted across Tradanet, which is currently managed by GXS (Global eXchange Services).
VAN (Value Added Network)
A Data communications network that provides basic transmission facilities plus additional 'enhanced' services such as computerised switching, temporary data storage, protocol conversion, error detection and correction, EDI, electronic mail, etc.
VPN (Virtual Private Network)
Network which uses protocols that provide users private access to an intranet or extranet via public Internet.
WWW (World Wide Web)
Networked subset of the Internet designed for the dissemination of information using HTML.
XML
Extensible markup language - an open standard for describing data defined by the World Wide Web Consortium (W3C). XML enables computers to store, transfer, display and process data. XML separates data content from business rules making it easier for independent computer systems to communicate with each other.
XSL (eXtensible Style Language)
XSL provides a standard for the display and presentation of an XML document.
XSLT (XSL Transformation Language)
Language that enables an XML document to be reformatted into another XML document.
