Content-Type: text/html; charset=UTF-8 Actra ECXpert White Paper

Electronic Data Interchange

Introduction to ECXpert

Benefits

Requirements

System Requirements

Actra ECXpert White Paper

About this Paper

This paper introduces Actra ECXpert, Internet-centric messaging and application integration software.

ECXpert enables companies to conduct electronic commerce (EC) over the Internet or private networks, while providing extensive tracking and auditing capabilities. Furthermore, ECXpert has application integration tools designed for traditional EDI-based programs as well as more complex system integration needs.

This paper provides the reader with a basic understanding of ECXpert, including its benefits, functions, and underlying architecture.

The Emerging Role of Electronic Data Interchange Applications

In the late 1980s and early 1990s, electronic commerce, specifically electronic data interchange (EDI), emerged as a powerful tool to help corporations reduce the costs of business processes. Now, in the latter half of the 1990s, a new tool has emerged: Internet commerce, based on interoperable, Internet-specific EDI standards.

Internet Commerce has the potential to deliver huge productivity gains to its adopters because it is global, ubiquitous, and affordable. It is also rapidly becoming a secure, reliable, and powerful enabler.

Today, your involvement with electronic commerce (EC) programs at your company requires you to face the challenge of how to harness the Internet's high return-on-investment potential for your existing and planned EC programs.

A business document gateway product can help you realize that potential. It can do so because of its unique flexibility to handle simple file transfer processes, more complex EDI-based processes, and very complex processing requirements that arise in today's information system environments.

EDI Over The Internet Standards

The topic of EDI over the Internet has taken many interesting twists and turns over recent years, but the overriding factors continue to be reduced costs, security, and reliability. To address the security issue, the Internet Engineering Task Force (IETF) formed the Electronic Data Interchange-Internet Integration (EDIINT) Work Group.

The original Internet Request For Comment (RFC) on EDI and plain MIME was authored by David Crocker. RFC 1767 was a good foundation, but did not address security or implementation guidelines. The EDIINT Work Group built on this foundation, and established the requirements for interoperable, secure EDI. Chuck Shih, a co-author of this document, and Lincoln Yarbrough, a first reader, are both Actra employees.

The formal Internet-draft for "MIME-based Secure EDI" specifies the Internet standards needed to securely exchange EDI documents using MIME and public key cryptography.

For important, exciting information about how leading software vendors are conducting interoperability tests for MIME-based Secure EDI, based on the standards mentioned above, visit the CommerceNet EDI Task Force's Interoperability Test Team web site. This team is formally headed by Actra.

Actra's leadership in the development and implementation of Internet standards ensures that Actra products represent a new generation of interoperable Internet standards-based EC/EDI products.

"With major companies lining up behind a common set of Extranet standards, enterprise customers can expect true interoperability between applications from a variety of companies going forward."

Marc Andreessen, Senior Vice President of Technology

Netscape Communications Corporation

 

Introduction to ECXpert

ECXpert is an Internet-based Electronic Commerce (EC) Messaging software solution that allows companies to conduct business-to-business EC over the Internet, Extranet, and Intranets, also called Internet Commerce.

While built upon Internet technologies, ECXpert also addresses the messaging and application integration challenges faced by companies today within their existing EC programs.

This software solution provides secure and reliable communications through open, standards-compliant support of SMTP and S/MIME, Secure Sockets Layer (SSL) or private TCP/IP. To ensure privacy and data integrity and non-repudiation of receipt, ECXpert employs certificates, encryption, authentication, digital signatures, and signed receipt notices. Any-to-any mapping and translation capabilities, mailboxing, document level tracking, and a browser-based Java user interface are also key features of the ECXpert system.

 

 

ECXpert is designed for medium- to large-sized companies that are either planning new EDI programs based on the Internet, or already have existing programs and want to extend or migrate their programs to the Internet while protecting their legacy system investments.

The Benefits of ECXpert

When you implement ECXpert, you will be able to benefit by:

  • Leveraging Internet standards and extending the reach of EDI while protecting your investments in existing systems
  • Obtaining a total, integrated system for communications, membership, and data transformation, rather than a system that is nothing more than loosely assembled components
  • Maximizing today's computing environment by using processes that are designed specifically with a multi-threaded, distributed architecture without throughput bottlenecks
  • Addressing all of your company's data exchange requirements because the system is especially designed to handle broad data types: EDI, non-EDI, objects, binary files, documents, HTML forms and many more
  • Using a browser-based user interface for installation, document management, administration tasks, and reports
  • Tackling simple and complex data transformation tasks with state-of-the-art, drag-and-drop, graphical mapping
  • Leveraging sophisticated membership access controls based on user roles and responsibilities
  • Implementing easy-to-use, strong security and non-repudiation of receipt notices
  • Providing transaction life cycle management for event-driven EDI programs
The Requirements for an Internet-based Business Document Gateway

The challenge of determining the future of your company's Electronic Commerce strategy confronts you whether your company is experienced with or new to EC. With so many options, ideas, and practices available today, it is difficult to assess the options and make the best choice. As you look at the alternatives and consider a business document gateway as the infrastructure for your program, consider the following questions:

  • When should I migrate my EC program to the Internet/Intranet technology platform?
  • How do I realistically leverage the Internet's potential to extend the reach of my company's EC program?
  • Is there a more efficient way to establish new trading partners and applications on EDI?
  • How do I gain control over my EC program's on-going, internal and external costs?
  • How can I protect my current investment in EDI translation software, application integration, and system monitoring?
  • How can my systems support my company's move towards buying and selling on the Internet?

In response to these issues, Actra has designed many important capabilities into the first release of ECXpert in order to help you build your Internet Commerce program.

Version 1.0 ECXpert Capabilities

The following describes the basic functions and features of ECXpert.

 

 

1. Communications

ECXpert supports a variety of communication and messaging protocols:

  • Simple Mail Transfer Protocol (SMTP) Mail agent
  • HTTP Secure Sockets Layer (SSL) point-to-point protocol prototype used in the Automotive industry
  • File Transfer Protocol (FTP)
  • GE's and Advantis' EDI Value-Added Networks
  • TCP/IP Access Protocol API

ECXpert was designed to be a fully interoperable system for today's TCP/IP Internet-based communications environment. A transaction or file can be exchanged via FTP, SMTP, or HTTP protocols. Security can be enhanced by using SSL for HTTP and S/MIME for SMTP. ECXpert can also connect to a value-added network via FTP or Async outbound.

 

 

ECXpert supports the IETF EDI WorkGroup (EDIINT) standards, and has successfully completed the CommerceNet interoperability tests.

The communications modules of ECXpert are designed to not only handle the needs of communicating with external trading partners, but also to satisfy the requirement of communication with and between internal applications. For example, messages can be received from trading partners via SMTP and then can be immediately forwarded via FTP to an internal application.

Because companies can not expect to have their trading partners migrate to the Internet overnight, ECXpert comes with connectivity to traditional EDI VANs, such as GE and Advantis. Others are planned in future releases.

If a company would like to employ real-time streaming of data into and out of ECXpert, Actra has defined a TCP/IP-based ECXpert Access Protocol specifically for this scenario.

2. Security

ECXpert employs the following security technologies:

  • X.509 v3 certificates
  • EDIINT interoperability
  • S/MIME-based encryption and authentication
  • Message Disposition Notification for signed receipts and non-repudiation of receipts
  • Secure Sockets Layer for the link between the browser-based user and the ECXpert server, and also for HTTP-based data transmissions, and
  • User name logon IDs and encrypted passwords for system access

Public key encryption is a technique that uses a pair of asymmetric keys for encryption and decryption. For each pair of keys, one is called the public key and one is called the private key. The public key is made public by distributing it widely. The private key is never distributed and is always kept secret.

When data is encrypted using the public key it can only be decrypted using the private key. Conversely, when data is encrypted using the private key, it can only be decrypted using the public key. This asymmetric property is what makes public key cryptography so useful.

ECXpert supports two popular methods of using certificates. First, for testing and trusted situations, ECXpert has the ability to generate, export, and import self-issue X.509 certificates. Also, VeriSign Class 3 Digital IDs are also integrated, enhanced by a formal working relationship between Actra and VeriSign.

 

 

RSA's Secure Multi-purpose Internet Mail Extensions (S/MIME) specification has become the de facto cryptography method for business-to-business messaging, including both interpersonal mail and business document. ECXpert supports S/MIME as recommended by the IETF EDI Work Group, EDIINT. EDIINT has also defined how to use a new IETF draft standard, Message Disposition Notification (MDN), for returning signed receipts. The MDN enables trading partners to have an audit trail that can not be repudiated.

Since the user interface to ECXpert is HTTP-based, SSL can be optionally used to secure the link between the user's ECXpert Java applet, providing an encrypted link no matter where the user's might be located. To ensure controlled access, ECXpert requires logon IDs and passwords in order to access the system.

SSL can also be optionally turned on when HTTP is used for data transmissions according to the Automotive Industry prototype for HTTP point-to-point transmissions.

3. Services Manager

ECXpert is designed for extreme flexibility when it comes to processing various data objects according to each company's unique needs. The Services Manager controls which processes, or Services, are performed for each unit of work. This control is based on Service Lists which can be as granular as trading partner and document type.

When a unit of work is submitted, either by an inbound communications module or by the Submission executable, ECXpert authenticates the sender, receiver, and file type of the submitted object, and based on the trading partner relationship, ECXpert selects the predefined Service List, and begins to sequentially execute each Service.

For example, for inbound EDI purchase orders, a company could setup ECXpert to use a Service List that contained these Services: parse inbound interchange to verify the structure, translation that can be multi-threaded at the document level, functional acknowledgment generation, and then communications, perhaps using FTP to send the output to the company's order entry application residing on a mainframe.

 

 

If a company wants to add custom Services to ECXpert, it is a simple task of going to the Add Services user interface where the user provides the name, program type (executable or script), path name, arguments, and maximum threads. This custom Service can then be added to Service Lists so that processing can be totally under the control of ECXpert. Examples of custom Services are translation by a non-ECXpert translator or non-S/MIME encryption/decryption routines, such as those supporting the ANSI X12-specific standard, X12.58.

4. Document Management

ECXpert's Document Management facility includes:

  • Document storage or "mailboxing"
  • Activity Tracking services
  • Supports Oracle7 Workgroup Server relational database

 

At the moment a unit of workmessage is authenticated, it is assigned an ECXpert Tracking ID. This Tracking ID follows the unit message object through all subsequent ECXpert processing data management and communications services, ensuring complete accountability between the point of entry and the ultimate business application. ECXpert manages the complete transaction life cycle.

The document storage facility allows data to be retrieved on demand by an application, preferably through use the ECXpert Poll utility program.

 

 

Through the Activity Tracking user interface, companies can monitor all processing as well as the reconciliation and generation of MDNs and EDI acknowledgments. The search criteria that can be selected are very comprehensive. For example, users can search for overdue acknowledgments or mapping failures, or can search based on a date-time range.

5. Membership

In ECXpert, every system user and every trading partner (an organization or application) is a member. Membership levels determine what kind of system privileges each member will have. The System Administrator member has access to all system components, while regular members can only view information related specifically to them. Also, regular members cannot create new members, trading relationships, certificates, or services.

6. Object-oriented Data Mapping and Translation

  • Translates data to and from EDI standards as well as "any-to-any" mapping, such as spreadsheets and proprietary formats
  • Supports ANSI ASC X12, EDIFACT, UCS, and other public standards

Embedded within ECXpert is TSI Software International's Mercator™, a powerful mapping data transformation t ool, capable of practically any data transformation requirements a company might have. This Windows-based tool supports ANSI ASC X12, EDIFACT, UCS, and many other public standards, as well as user-defined proprietary formats. Map programs can be pre-loaded into memory for high performance processing, or can be executed using multiple threads.

7. Browser-based User Interface

  • Utilized for all system administration
  • Used for troubleshooting for missing documents, adding trading partner relationships, etc.

In keeping with today's "universal client" orientation, ECXpert provides a Java-based user interface for ECXpert that can be accessed simply by clicking on a bookmark in your browser. It is easy to use this innovatively designed, Java-based interface to perform such tasks as adding and updating trading partner relationships, defining Service Lists, and monitoring workflow. If companies desire to provide access to trading partners defined as external members within ECXpert, for example, to allow those trading partners to check on the processing status of documents they sent to the ECXpert user, there is no need for those trading partners to have anything except a browser and access to the ECXpert web site.

8. Web forms tools

  • Browser access for remote trading partners
  • Core architecture for processing data originating from and destined to a Web form
 
ECXpert is designed to take advantage of the Internet and its graphical aspect, the Worldwide Web. The core architecture of Version 1.0 supports forms processing scenarios such as this example: (a) Application data is submitted to ECXpert. (b) The ECXpert Service List includes Translate, which calls the appropriate Mercator map. This map transforms the application data to a user-defined format. This format can be in HTML, or can be a data file to be handled downstream by a CGI program. (c) Through Activity Tracking, the sender can see that the form was created successfully. (d) When the trading partner accesses the web server, the CGI program picks up the file and displays it to the trading partner as an HTML form. (e) When the trading partner views the form, the ECXpert database is updated and the ECXpert sending user will be able to see via Activity Tracking that the form was viewed. In future releases, Actra will be providing additional tools and ready-to-use services to build and process the HTML forms in conjunction with ECXpert.
This forms capability gives the user the capability to extend their EC/EDI program to their smallest, paper-based trading partners. The Web should replace today's practice of faxing EDI documents or "receive and print."

9. Scheduler

ECXpert comes with a Scheduler that allows users to have an alternative to immediate (data is sent when data is available to send) processing. For example, a user may want to access its VAN mailbox every hour for sending and receiving versus accessing it only when there is data to be sent. Also, the Scheduler can be used to run maintenance jobs such as Purge and Archive. Tasks can be customized at the trading relationship level or can be system-wide.

The Scheduler is accessed through the ECXpert browser-based system admin interface.

10. Scalability

  • All ECXpert processes are multi-threaded and can be distributed across platforms
  • Designed to operate in environments ranging from single-processor NT Workstations to a large scale, multiprocessor UNIX systems platform
  • Version 1.0 available on Windows NT Workstation, Windows NT Server, and Sun Solaris Unix.

ECXpert's modular, object oriented architecture allows the user to take advantage of today's multi-processor computer systems. Through the ECXpert system administration interface, companies can control how many maximum threads of execution can occur. For a single processor system, only one thread might be allowed, for example, while on a four processor system, ten threads might be allowed.

System Requirements

Hardware

  • Sun SPARC™, Solaris Version 2.5.1, 256MB RAM
  • Intel Pentium, Windows NT™ 4.0 Workstation/NT 4.0 Server, 256MB RAM

Software

Software products marked with an asterisk (*) are embedded or bundled with the ECXpert System package.

  • Netscape FastTrack Server™*
  • Netscape Navigator™ Gold*
  • Netscape Messenger Server™*
  • Seagate's Crystal Reports™*
  • Oracle 7 Workgroup Server™ Release 7.3.3.3* (optional if customer already has applicable Oracle license)
  • TSI Mercator™ Authoring System*

About Actra | Products | Services | Partners | News | Careers | Home