Data Transport Standard (DTS) for NCHELP Business Perspective
DTS for NCHELP - Business Topics l DTS Defined l Brief History of Project l PESC Documentation versus ESC Documentation l Benefits of DTS over existing transports l Implementation Strategies
DTS for NCHELP - Business PESC DTS Specification The PESC DTS defines a high level framework, built on internet specifications, for moving data securely. This standard is a roadmap for how to utilize specific internet technologies providing for a secure, real-time (immediate) or batch (deferred) communications channel to safely move mission critical data.
DTS for NCHELP - Business What DTS is not… l not a product – l it is a specification not content sensitive – it is designed to exchange any type of data, l l Inquiries (Online Customer Access) Data exchange (CL 4, CL 5, CRC, CAM, Enrollment Reporting, Lender Manifest, etc. )
DTS for NCHELP - Business What is DTS? l l l DTS is content neutral DTS uses internet technologies to facilitate real time (immediate) and batched (deferred) data exchange DTS does not require a vendor specific product; instead specifying stable internet technologies DTS reduces programming and per-transaction costs through standardization DTS utilizes standard HTTPS encryption and digital signatures to secure the channel
DTS for NCHELP - Business Where DTS fits in your infrastructure l l DTS is a Web Service based B 2 B communication systems DTS is a specification that supplements FTP data transport: – – l FTP or “secure FTP” utilizing PGP (rfc 2440) FTP still valid for large payloads (generally up to 10 Mb) DTS is intended to supplement or replace existing email transport systems with DTS Client software
DTS for NCHELP - Business What are the DTS Technologies? – – – – WSDL (Web Services Description Language) SOAP (Simple Object Access Protocol) WS-I (Web Services Interoperability) HTTP (Hyper Text Transfer Protocol) SSL (Secure Sockets Layer) X. 509 Certificates z. Lib (rfc 1950) Compression Other Web Services specifications (WS-*)
DTS for NCHELP - Business Brief History – Originated within NCHELP EEAT l l l Overcomes inefficiencies of existing transports Solves inflexibility and inefficiencies with existing encryption methodology Supports real-time (immediate) and batch (deferred) processing
DTS for NCHELP - Business Brief History (con`t) – Now governed by PESC l l DTS approved as a PESC standard on 5/1/2006 NCHELP EEAT remains significantly involved in governance due to extensive transport experience Expanded visibility of the standard = broader education community adoption and implementation PESC Membership includes: AACRO, COHEAO, NACUBO, NASFAA – FSA, Registrars, NCHELP, among others – greater FAMS involvement –
DTS for NCHELP - Business l PESC DTS Specification – – – specification defines a high level framework for moving data securely. builds on internet specifications is a roadmap of how to utilize specific internet technologies to achieve a secure communications channel and move information.
DTS for NCHELP - Business NCHELP Technical Manual – – extending DTS Specification identifies specific payload information for FFELP l l – CL all current versions CAM all current versions Lender Manifest Generic transport (MSC 01 data types) supports future content enhancements as needed
DTS for NCHELP - Business needs solved by DTS – – – – Delivery assurance Content neutral Useful for internal and external business communications Support Immediate and Deferred data processing models Cryptographically secure No distribution or vendor royalties – uses public standards Larger payload (generally up to 50 Mb) Multiple technical platforms (. NET, Java, etc. )
DTS for NCHELP - Business Delivery assurance – DTS l – Active Confirmation l mandatory synchronous response l – l POP 3 Order controlled by sending party – l – No confirmation Lost mail order of receipt uncertain FTP l client dictates payload delivery l Confirmation by FTP Reply codes which are complicated to manage Order of receipt but can be complicated to manage
DTS for NCHELP - Business l Highly Secure – Encryption l l – POP 3/FTP uses external encryption application DTS encryption built-in (SSL part of HTTPS) Digital Signatures l l POP 3/FTP signatures part of encryption application DTS signature with X. 509 certificate part of specification (built-in)
DTS for NCHELP - Business l Security from Experience – – Encryption separate steps/application Key management / exchange
DTS for NCHELP - Business l Key Management – – Out-of-Band Exchange and management DTSv 2 Certificate in transmission l l Signed by Certificate Authority ensures authenticity No out-of-band/prior exchange No storage necessary Single point for revocation/update
DTS for NCHELP - Business l Larger Payloads – 50 mb limit per specification l – l POP 3 – 1 mb; FTP – 10 mb Payload. Bytes header element Single Transport for anything without evaluating payload – Payload. Type Header element
Reference Implementation Architecture
Reference Implementation Architecture
Reference Implementation Architecture
Reference Implementation Architecture
Reference Implementation Architecture
DTS for NCHELP - Business l Implementing DTS – – All informational elements currently used by POP and FTP are provided as Header elements in DTS Diagram – DTS into Existing system
DTS for NCHELP - Business l PESC versus ESC Documentation – http: //www. pesc. org/workgroups/datatransport/ l l – Data Transport Standard v 1. 01 Specification Data Transport Standard V 1. 0 Reference Implementation Guide http: //www. nchelp. org (e-Library > Electronic Standards Documentation & Tools > Electronic Data Exchange Documentation) l NCHELP Technical Manual
Скачать презентацию Data Transport Standard DTS for NCHELP Business Perspective
ce623f74b4a577f65eecad954d4e4e57.ppt