• subscribe
Search
Browse By: Author | Issue
February 01, 1999 12:00 AM

EDI, NT, and the Internet

Barrie Sosinsky
Windows IT Pro
InstantDoc ID #4770

Securing EDI Internet Traffic
The cost associated with using a VAN to send EDI transactions is steep, but the VAN offers secure transmission of the EDI traffic and the trading partners can choose to encrypt and authenticate the traffic. Sending EDI information over the Internet is cheap, but your packets are available for anyone to intercept and examine. Many organizations are applying encryption and digital signing techniques to EDI traffic over the Internet, and this type of security is a developing area of NT technology. For information about digital certificates, see Tao Zhou, "Digital Signature Technology," page 75.

One approach to securing EDI traffic is to route it over Virtual Private Networks (VPNs). A VPN uses point-to-point tunneling to reduce the risk of data interception and improve data transfer characteristics. By using a VPN, you can compress and encrypt the traffic that you transmit and receive. You create a tunnel between the sender and the receiver and open a named IP port on the receiving side only for the duration of the transmission reception. The amount of EDI traffic that flows over VPNs is limited at the moment, but the technology is gaining acceptance and will grow over the next few years.

Microsoft offers a proprietary VPN based on the Point-to-Point Tunneling Protocol (PPTP), an alternative to Cisco Systems' proprietary and widely used Layer 2 Forwarding (L2F) standard. PPTP might merge with L2F to create a new default VPN industry standard, but at the moment PPTP supports only Windows clients and NT servers. The initial implementation of PPTP has had both security and performance problems. Microsoft recently announced a replacement for PPTP based on the IP Security (IPSec) standard that Request for Comments (RFC) 1825 through 1929 outline. Currently, the most robust VPNs are running on proprietary hardware solutions that aren't industry standards.

The Future
Many third-party vendors are incorporating EDI into e-commerce packages, and many organizations are increasingly generating new EDI traffic on the Internet. For information about how Microsoft is incorporating EDI features into Site Server Commerce Edition (SSCE), see the sidebar, "SSCE and EDI," page 65. High-volume EDI traffic over VANs will likely be with us for a long time, but Internet commerce applications consisting of EDI represent the area of greatest future growth for document interchange, especially for low-volume traffic that small and midsized businesses require.

Internet-based EDI offers new methods for document exchange and provides an economical means for small companies to participate in and manage EDI traffic. By providing companies a standard they can work with, EDI might aid in making Web-based business-to-business exchange work. E-commerce software might even subsume EDI and ultimately make it transparent to end users and developers.



ARTICLE TOOLS

Comments
Add A Comment
  • Robb Salzmann
    13 years ago
    Aug 09, 1999

    I read Barrie Sosinsky’s “EDI, NT, and the Internet” (February), and I want to share some thoughts about the article’s topic. EDI technology is exciting when coupled with the potential leverage of the Internet and new database technologies. You can also effectively implement EDI within an organization. Many industries have linked data sets electronically, but perhaps not to such an extent that the effort adds value or electronic data transfer exceeds manual data handling.
    I’m a database junkie for what I think is a technologically progressive newspaper (The Orlando Sentinel). However, we can do much to enhance how we electronically share data among systems and use warehoused data. Plenty of opportunities exist to implement EDI between the newspaper and its advertisers and suppliers.
    Last year, I campaigned within our company to apply the strategy the article outlined. MicroEDI (EDI within a company) can add value to existing systems in a midsized company and increase operating efficiency with little or no additional infrastructure requirements. I’ve received positive feedback from my campaigning, but it takes a long time to steer even a not-so-big ship when the steering input comes from someone who isn’t even close to being in control of the rudder.
    I’m very excited about the possibilities that today’s database systems offer, and I hope to put my vision in place one day. By communicating and collaborating with people who have a similar vision, the reality of microEDI might come sooner.

    --Robb Salzmann



    EDI is a straightforward technology—–
    essentially, just a data-mapping exercise. Given a low-cost, secure transmission method and a well-thought-out, reasonable translation server, many companies (not just large rich companies) might be game to try it. Enabling EDI is one of the primary goals of Microsoft’s BizTalk initiative. (For more information about the BizTalk initiative, see http://www.microsoft.com/presspass/
    commerce/initiatives.)

    --Barrie Sosinsky

You must log on before posting a comment.

Are you a new visitor? Register Here

© 2012 Penton Media, Inc.

Windows is a trademark of the Microsoft group of companies. Windows IT Pro is used by Penton Media Inc. under license from owner.