Content-Type: text/html; charset=UTF-8
|
|
| ||||||||||||||||||||
|
|
Actra ECXpert White Paper About this Paper This paper introduces Actra ECXpert, Internet-centric messaging and application integration software. ECXpert enables companies to conduct electronic commerce (EC) over the Internet or private networks, while providing extensive tracking and auditing capabilities. Furthermore, ECXpert has application integration tools designed for traditional EDI-based programs as well as more complex system integration needs. This paper provides the reader with a basic understanding of ECXpert, including its benefits, functions, and underlying architecture. The Emerging Role of Electronic Data Interchange Applications In the late 1980s and early 1990s, electronic commerce, specifically electronic data interchange (EDI), emerged as a powerful tool to help corporations reduce the costs of business processes. Now, in the latter half of the 1990s, a new tool has emerged: Internet commerce, based on interoperable, Internet-specific EDI standards. Internet Commerce has the potential to deliver huge productivity gains to its adopters because it is global, ubiquitous, and affordable. It is also rapidly becoming a secure, reliable, and powerful enabler. Today, your involvement with electronic commerce (EC) programs at your company requires you to face the challenge of how to harness the Internet's high return-on-investment potential for your existing and planned EC programs. A business document gateway product can help you realize that potential. It can do so because of its unique flexibility to handle simple file transfer processes, more complex EDI-based processes, and very complex processing requirements that arise in today's information system environments. EDI Over The Internet Standards The topic of EDI over the Internet has taken many interesting twists and turns over recent years, but the overriding factors continue to be reduced costs, security, and reliability. To address the security issue, the Internet Engineering Task Force (IETF) formed the Electronic Data Interchange-Internet Integration (EDIINT) Work Group. The original Internet Request For Comment (RFC) on EDI and plain MIME was authored by David Crocker. RFC 1767 was a good foundation, but did not address security or implementation guidelines. The EDIINT Work Group built on this foundation, and established the requirements for interoperable, secure EDI. Chuck Shih, a co-author of this document, and Lincoln Yarbrough, a first reader, are both Actra employees. The formal Internet-draft for "MIME-based Secure EDI" specifies the Internet standards needed to securely exchange EDI documents using MIME and public key cryptography. For important, exciting information about how leading software vendors are conducting interoperability tests for MIME-based Secure EDI, based on the standards mentioned above, visit the CommerceNet EDI Task Force's Interoperability Test Team web site. This team is formally headed by Actra. Actra's leadership in the development and implementation of Internet standards ensures that Actra products represent a new generation of interoperable Internet standards-based EC/EDI products. "With major companies lining up behind a common set of Extranet standards, enterprise customers can expect true interoperability between applications from a variety of companies going forward." Marc Andreessen, Senior Vice President of Technology Netscape Communications Corporation
ECXpert is an Internet-based Electronic Commerce (EC) Messaging software solution that allows companies to conduct business-to-business EC over the Internet, Extranet, and Intranets, also called Internet Commerce. While built upon Internet technologies, ECXpert also addresses the messaging and application integration challenges faced by companies today within their existing EC programs. This software solution provides secure and reliable communications through open, standards-compliant support of SMTP and S/MIME, Secure Sockets Layer (SSL) or private TCP/IP. To ensure privacy and data integrity and non-repudiation of receipt, ECXpert employs certificates, encryption, authentication, digital signatures, and signed receipt notices. Any-to-any mapping and translation capabilities, mailboxing, document level tracking, and a browser-based Java user interface are also key features of the ECXpert system.
ECXpert is designed for medium- to large-sized companies that are either planning new EDI programs based on the Internet, or already have existing programs and want to extend or migrate their programs to the Internet while protecting their legacy system investments. When you implement ECXpert, you will be able to benefit by:
The challenge of determining the future of your company's Electronic Commerce strategy confronts you whether your company is experienced with or new to EC. With so many options, ideas, and practices available today, it is difficult to assess the options and make the best choice. As you look at the alternatives and consider a business document gateway as the infrastructure for your program, consider the following questions:
In response to these issues, Actra has designed many important capabilities into the first release of ECXpert in order to help you build your Internet Commerce program. Version 1.0 ECXpert Capabilities The following describes the basic functions and features of ECXpert.
1. Communications ECXpert supports a variety of communication and messaging protocols:
ECXpert was designed to be a fully interoperable system for today's TCP/IP Internet-based communications environment. A transaction or file can be exchanged via FTP, SMTP, or HTTP protocols. Security can be enhanced by using SSL for HTTP and S/MIME for SMTP. ECXpert can also connect to a value-added network via FTP or Async outbound.
The communications modules of ECXpert are designed to not only handle the needs of communicating with external trading partners, but also to satisfy the requirement of communication with and between internal applications. For example, messages can be received from trading partners via SMTP and then can be immediately forwarded via FTP to an internal application. Because companies can not expect to have their trading partners migrate to the Internet overnight, ECXpert comes with connectivity to traditional EDI VANs, such as GE and Advantis. Others are planned in future releases. If a company would like to employ real-time streaming of data into and out of ECXpert, Actra has defined a TCP/IP-based ECXpert Access Protocol specifically for this scenario. 2. Security ECXpert employs the following security technologies:
Public key encryption is a technique that uses a pair of asymmetric keys for encryption and decryption. For each pair of keys, one is called the public key and one is called the private key. The public key is made public by distributing it widely. The private key is never distributed and is always kept secret. When data is encrypted using the public key it can only be decrypted using the private key. Conversely, when data is encrypted using the private key, it can only be decrypted using the public key. This asymmetric property is what makes public key cryptography so useful. ECXpert supports two popular methods of using certificates. First, for testing and trusted situations, ECXpert has the ability to generate, export, and import self-issue X.509 certificates. Also, VeriSign Class 3 Digital IDs are also integrated, enhanced by a formal working relationship between Actra and VeriSign.
RSA's Secure Multi-purpose Internet Mail Extensions (S/MIME) specification has become the de facto cryptography method for business-to-business messaging, including both interpersonal mail and business document. ECXpert supports S/MIME as recommended by the IETF EDI Work Group, EDIINT. EDIINT has also defined how to use a new IETF draft standard, Message Disposition Notification (MDN), for returning signed receipts. The MDN enables trading partners to have an audit trail that can not be repudiated. Since the user interface to ECXpert is HTTP-based, SSL can be optionally used to secure the link between the user's ECXpert Java applet, providing an encrypted link no matter where the user's might be located. To ensure controlled access, ECXpert requires logon IDs and passwords in order to access the system. SSL can also be optionally turned on when HTTP is used for data transmissions according to the Automotive Industry prototype for HTTP point-to-point transmissions. 3. Services Manager ECXpert is designed for extreme flexibility when it comes to processing various data objects according to each company's unique needs. The Services Manager controls which processes, or Services, are performed for each unit of work. This control is based on Service Lists which can be as granular as trading partner and document type. When a unit of work is submitted, either by an inbound communications module or by the Submission executable, ECXpert authenticates the sender, receiver, and file type of the submitted object, and based on the trading partner relationship, ECXpert selects the predefined Service List, and begins to sequentially execute each Service. For example, for inbound EDI purchase orders, a company could setup ECXpert to use a Service List that contained these Services: parse inbound interchange to verify the structure, translation that can be multi-threaded at the document level, functional acknowledgment generation, and then communications, perhaps using FTP to send the output to the company's order entry application residing on a mainframe.
If a company wants to add custom Services to ECXpert, it is a simple task of going to the Add Services user interface where the user provides the name, program type (executable or script), path name, arguments, and maximum threads. This custom Service can then be added to Service Lists so that processing can be totally under the control of ECXpert. Examples of custom Services are translation by a non-ECXpert translator or non-S/MIME encryption/decryption routines, such as those supporting the ANSI X12-specific standard, X12.58. 4. Document Management ECXpert's Document Management facility includes:
At the moment a unit of workmessage is authenticated, it is assigned an ECXpert Tracking ID. This Tracking ID follows the unit message object through all subsequent ECXpert processing data management and communications services, ensuring complete accountability between the point of entry and the ultimate business application. ECXpert manages the complete transaction life cycle. The document storage facility allows data to be retrieved on demand by an application, preferably through use the ECXpert Poll utility program.
Through the Activity Tracking user interface, companies can monitor all processing as well as the reconciliation and generation of MDNs and EDI acknowledgments. The search criteria that can be selected are very comprehensive. For example, users can search for overdue acknowledgments or mapping failures, or can search based on a date-time range. 5. Membership In ECXpert, every system user and every trading partner (an organization or application) is a member. Membership levels determine what kind of system privileges each member will have. The System Administrator member has access to all system components, while regular members can only view information related specifically to them. Also, regular members cannot create new members, trading relationships, certificates, or services. 6. Object-oriented Data Mapping and Translation
Embedded within ECXpert is TSI Software International's Mercator, a powerful mapping data transformation t ool, capable of practically any data transformation requirements a company might have. This Windows-based tool supports ANSI ASC X12, EDIFACT, UCS, and many other public standards, as well as user-defined proprietary formats. Map programs can be pre-loaded into memory for high performance processing, or can be executed using multiple threads. 7. Browser-based User Interface
In keeping with today's "universal client" orientation, ECXpert provides a Java-based user interface for ECXpert that can be accessed simply by clicking on a bookmark in your browser. It is easy to use this innovatively designed, Java-based interface to perform such tasks as adding and updating trading partner relationships, defining Service Lists, and monitoring workflow. If companies desire to provide access to trading partners defined as external members within ECXpert, for example, to allow those trading partners to check on the processing status of documents they sent to the ECXpert user, there is no need for those trading partners to have anything except a browser and access to the ECXpert web site. 8. Web forms tools
9. Scheduler ECXpert comes with a Scheduler that allows users to have an alternative to immediate (data is sent when data is available to send) processing. For example, a user may want to access its VAN mailbox every hour for sending and receiving versus accessing it only when there is data to be sent. Also, the Scheduler can be used to run maintenance jobs such as Purge and Archive. Tasks can be customized at the trading relationship level or can be system-wide. The Scheduler is accessed through the ECXpert browser-based system admin interface. 10. Scalability
ECXpert's modular, object oriented architecture allows the user to take advantage of today's multi-processor computer systems. Through the ECXpert system administration interface, companies can control how many maximum threads of execution can occur. For a single processor system, only one thread might be allowed, for example, while on a four processor system, ten threads might be allowed. Hardware
Software Software products marked with an asterisk (*) are embedded or bundled with the ECXpert System package.
|
About Actra | Products | Services | Partners | News | Careers | Home |