GS1Trade Sync Data Pool - FTPS Service

Similar documents
GS1 Finland Synkka Data Pool Connectivity guide - FTPS Service

GS1 Finland Synkka Data Pool - AS2 Connection

GS1Trade Sync Data Pool - Web Services for Data Source

GS1Trade Sync Data Pool

Change of Data Pool Service Provider Policy

GS1 Source TSD v1.1 Technical Implementation Guide for Aggregators Issue 1, Ratified, Jun-2014

National Product Catalogue Publisher User Guide Part Four

How to write GDSN Validation Rules. Lists the rules and conventions to be used when developing or modifying GDSN Validation Rules

APA Automatic Nomination System. FTPS Access Request. For Gas Transmission Customers

APA Web Services Access Request

Electronic Data Interchange

Intel Small Business Extended Access. Deployment Guide

SafeNet Authentication Manager

Oracle Agile Product Lifecycle Management for Process Content Synchronization and Syndication User Guide Release E

Certification Test Plan SSRF Conformance for OpenSSRF Software v Document WINNF-14-S-0023

IBM UrbanCode Cloud Services Security Version 3.0 Revised 12/16/2016. IBM UrbanCode Cloud Services Security

Intel Unite. Enterprise Test Environment Setup Guide

GS1 Recall User Guide Chapter 4 Receiving, Responding and Reporting

ios 9 support in IBM MobileFirst Platform Foundation IBM

SDLC INTELLECTUAL PROPERTY POLICY

Intel Unite. Intel Unite Firewall Help Guide

NICC ND 1636 V1.1.1 ( )

ONVIF Advanced Security Client Test Specification

File Transfer Protocol over Secure Sockets Layer (FTPS)

SafeNet Authentication Service

Intel & Lustre: LUG Micah Bhakti

EAM Portal User's Guide

Intel Unite Solution Version 4.0

Intel Unite Solution Version 4.0

One Identity Quick Connect for Base Systems 2.4. Administrator Guide

Feesers Food Distributors

SafeNet Authentication Service

Identity Federation Requirements

NICC ND 1636 V1.2.2 ( )

GDSN Operations Manual Release 3.1. GDSN Version 3.1

National Product Catalogue Publisher User Guide Part One

Version 9 Release 0. IBM i2 Analyst's Notebook Premium Configuration IBM

SafeNet Authentication Manager

Product Release Information

Quick Start Guide. BlackBerry Workspaces app for Android. Version 5.0

SafeNet Authentication Service

Configuring Microsoft Windows Shared

Version 9 Release 0. IBM i2 Analyst's Notebook Configuration IBM

SafeNet Authentication Service

Certification Test Requirements for Conformance with the Standard Spectrum Resource Format (SSRF) Document WINNF-14-S-0022

Cisco Expressway with Jabber Guest

SafeNet Authentication Client

Installation Guide. CompanyCRYPT v1.4.5

Migration Tool. Migration Tool (Beta) Technical Note

SafeNet Authentication Manager

[MS-FILESYNC]: File Synchronization Protocol. Intellectual Property Rights Notice for Open Specifications Documentation

White paper. April Security

Configuring Intel Compute Stick STK2MV64CC/L for Intel AMT

Content Synchronization and Syndication User Guide

Intel Manageability Commander User Guide

SafeNet Authentication Service

IBM XIV Provider for Microsoft Windows Volume Shadow Copy Service. Version 2.3.x. Installation Guide. Publication: GC (August 2011)

Integrating the Hardware Management Console s Broadband Remote Support Facility into your Enterprise

Open-E Data Storage Server. Intel Modular Server

Instructions for Completing the Implementation extra Information for Testing (IXIT) for NFC Forum Device. NFC Forum TM Version 1.5.

Terms of Use. Changes. General Use.

Ecma International Policy on Submission, Inclusion and Licensing of Software

SonicWall Mobile Connect ios 5.0.0

Validoo Item Operations Manual

One Identity Starling Two-Factor Desktop Login 1.0. Administration Guide

One Identity Starling Two-Factor HTTP Module 2.1. Administration Guide

SafeNet Authentication Client

<Xml Remote Phonebook Intro>

Joint Initiative on a PSD2 Compliant XS2A Interface NextGenPSD2 XS2A Framework Operational Rules

One Identity Defender 5.9. Product Overview

INCLUDING MEDICAL ADVICE DISCLAIMER

Oracle Hospitality Simphony Cloud Services Post-Installation or Upgrade Guide Release 2.10 E July 2018

HYCU SCOM Management Pack for F5 BIG-IP

SafeNet Authentication Client

Configure Settings and Customize Notifications on FindIT Network Probe

SafeNet Authentication Service Token Validator Proxy Agent. Installation and Configuration Guide

4. Save as expressly set out herein no license is granted in respect of any intellectual property rights vested in F1000 or other third parties.

NICC ND 1635 V 1.1.1( )

Intel Unite Solution Intel Unite Plugin for WebEx*

Computer Management* (IEA) Training Foils

Wireless Innovation Forum Contribution

ONVIF Uplink Specification

Best practices. Starting and stopping IBM Platform Symphony Developer Edition on a two-host Microsoft Windows cluster. IBM Platform Symphony

Dell One Identity Cloud Access Manager 8.0. Overview

Oracle Communications Services Gatekeeper

Apple Inc. Certification Authority Certification Practice Statement

VSC-PCTS2003 TEST SUITE TIME-LIMITED LICENSE AGREEMENT

Bazaarvoice hosted authentication reference and implementation guide

Modernizing Meetings: Delivering Intel Unite App Authentication with RFID

TEST METHODOLOGY. SSL/TLS Performance. v1.0

Enhanced Serial Peripheral Interface (espi) ECN

Oracle Payment Interface Token Proxy Service Security Guide Release 6.1 E November 2017

Dell One Identity Quick Connect for Cloud Services 3.6. Administrator Guide

Oracle Hospitality Simphony Post-Installation or Upgrade Guide. Release 18.2

SAML SSO Okta Identity Provider 2

Apple Inc. Certification Authority Certification Practice Statement

AN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP

SafeNet Authentication Service

Installation Guide. CompanyCRYPT v1.4.5

Quest Collaboration Services 3.6. Installation Guide

Transcription:

GS1Trade Sync Data Pool - FTPS Service Connectivity Guide Version 1.0, Draft/Approved, 2018.08.05

GS1 Hungary Document Summary Document Item Document Name Current Value (Connectivity Guide) Document Date 2016.03.03. Document Version 1. Document Status Document Description Draft/Approved This document describes the FTPS-based connection used for GS1Trade Sync Data Pool system. Contributors Name Tibor Gottdank Zsolt Jacsó Organisation GITM Kft. GITM Kft. Log of Changes Release Date of Change Changed By Summary of Change 0.1 20/02/2016 Tibor Gottdank Skeleton of document 0.2 23/02/2016 Tibor Gottdank First draft 0.8 03/03/2016 Zsolt Jacsó Chapter 4 5 6 updates 0.9 04/03/2016 Tibor Gottdank Figure update 1 08/05/2018 Mads Blankenburg New test URL Disclaimer GS1, under its IP Policy, seeks to avoid uncertainty regarding intellectual property claims by requiring the participants in the Work Group that developed this (Connectivity Guide) to agree to grant to GS1 members a royalty-free licence or a RAND licence to Necessary Claims, as that term is defined in the GS1 IP Policy. Furthermore, attention is drawn to the possibility that an implementation of one or more features of this Specification may be the subject of a patent or other intellectual property right that does not involve a Necessary Claim. Any such patent or other intellectual property right is not subject to the licencing obligations of GS1. Moreover, the agreement to grant licences provided under the GS1 IP Policy does not include IP rights and any claims of third parties who were not participants in the Work Group. Accordingly, GS1 recommends that any organization developing an implementation designed to be in conformance with this Specification should determine whether there are any patents that may encompass a specific implementation that the organisation is developing in compliance with the Specification and whether a licence under a patent or other intellectual property right is needed. Such a determination of a need for licencing should be made in view of the details of the specific system designed by the organisation in consultation with their own patent counsel. THIS DOCUMENT IS PROVIDED AS IS WITH NO WARRANTIES WHATSOEVER, INCLUDING ANY WARRANTY OF MERCHANTABILITY, NONINFRINGMENT, FITNESS FOR PARTICULAR PURPOSE, OR ANY WARRANTY OTHER WISE ARISING OUT OF THIS SPECIFICATION. GS1 disclaims all liability for any damages arising from use or misuse of this Standard, whether special, indirect, consequential, or compensatory damages, and including liability for infringement of any intellectual property rights, relating to use of information in or reliance upon this document. GS1 retains the right to make changes to this document at any time, without notice. GS1 makes no warranty for the use of this document and assumes no responsibility for any errors which may appear in the document, nor does it make a commitment to update the information contained herein. GS1 and the GS1 logo are registered trademarks of GS1 AISBL. Version 0.9, Draft/Approved, 04-03-2016 All rights reserved @ GS1 Hungary Page 2 of 12

GS1 Hungary Version 0.9, Draft/Approved, 04-03-2016 All rights reserved @ GS1 Hungary Page 3 of 12

Table of Contents GS1 Hungary 1 Introduction... 5 1.1 Purpose of Document... 5 1.2 Document Conventions... 5 1.3 Target Audience... 5 2 About FTPS... 6 3 Overview... 7 4 Details of FTPS Connection... 8 5 Security... 9 5.1 HTTPS-based Security Aspects... 9 5.2 Authentication... 9 6 Connection Parameters... 10 7 Appendix... 11 7.1 Abbreviations... 11 7.2 Glossary... 11 7.3 References... 12 7.4 List of Figures... 12 Version 0.9, Draft/Approved, 04-03-2016 All rights reserved @ GS1 Hungary Page 4 of 12

GS1 Hungary 1 Introduction 1.1 Purpose of Document The GDSN Standard-specific FTP service is one of the three machine-to-machine interface technology 1 available for communicating with GS1Trade Sync. Therefore, the connectivity documentation of GS1Trade Sync Data Pool contains three main parts. This document specifies the connectivity details of FTPS-specific communication of GS1Trade Sync Data Pool v1.0 system. 1.2 Document Conventions This document structure is partially based on the specification standard of Rational Unified Process (RUP) methodology. Within this specification, the terms SHALL, SHALL NOT, SHOULD, SHOULD NOT, MAY, NEED NOT, CAN, and CAN NOT are to be interpreted as specified in [1]. When used in this way, these terms will always be shown in ALL CAPS; when these words appear in ordinary typeface they are intended to have their ordinary English meaning. The following typographical conventions are used throughout the document: ALL CAPS type is used for the special terms from [1] enumerated above. Monospace type is used to denote programming language, UML, and XML identifiers, as well as for the text of XML documents. This document uses several abbreviations which long forms are located in Appendix. 1.3 Target Audience The audience of this specification includes all assigned GS1Trade Sync Data Pool project members from both GS1 Denmark and GS1 Hungary, and the staff of developer companies assigned to the project on GS1 Hungary s authority. Additionally, this document is intended for developers and testers who are familiar with the GDSN standard and who has general knowledge of other GS1 standards. 1 There are WS-, AS2-, FTPS-based interfaces in GS1Trade Sync Data Pool system. Version 0.9, Draft/Approved, 04-03-2016 All rights reserved @ GS1 Hungary Page 5 of 12

2 About FTPS GS1 Hungary FTPS (FTP over SSL/TLS) 2 is an extension to the commonly used FTP that adds support for the SSL/TLS cryptographic protocol. It uses a control channel and opens new connections for the data transfer. As it uses SSL/TLS, it requires a certificate. Features of FTPS: Widely known and used The communication can be read and understood by a human Provides services for server-to-server file transfer SSL/TLS has good authentication mechanisms (X.509 certificate features) FTP and SSL/TLS support is built into many internet communications frameworks 2 FTPS should not be confused with the SSH File Transfer Protocol (SFTP), an incompatible secure file transfer subsystem for the Secure Shell (SSH) protocol. It is also different from FTP over SSH, the practice of tunneling FTP through an SSH connection. Version 0.9, Draft/Approved, 04-03-2016 All rights reserved @ GS1 Hungary Page 6 of 12

3 Overview GS1 Hungary The FTPS-based connection ensures the appropriate communication between GS1 partner and GS1Trade Sync Data Pool. As you see on Fig. Fig. 3-1, the communication between GS1 partner (DS or DR) and DP is performed in form of XML messages. Partners are able to upload messages to FTPS Storages, in order to be processed by the server. Every partner using FTPS interface has their own storage. Communication between FTPS partner and Data Pool / GDSN Network members are done using specific FTPS folders. The FTPS communication between DP and partners corresponds to GS1 XML standard [2]. Note: In order to communicate properly between DP and GS1 partner, GS1 partner should install FTPS client. Fig. 3-1. Overview of FTPS-based communication between GS1 partners and GS1Trade Sync Data Pool Version 0.9, Draft/Approved, 04-03-2016 All rights reserved @ GS1 Hungary Page 7 of 12

4 Details of FTPS Connection GS1 Hungary Next section describes the process of FTPS-based connection between GS1 partner and GS1Trade Sync Data Pool (Fig. 4-1. ). The major steps are as follows: Fig. 4-1. FTPS-based communication process 1. Partner creates an XML message to process it by DP. 2. Partner opens an FTPS connection to the DP to upload the message. 3. Partner uploads the message to the Outbox folder of the FTPS storage. 4. DP realizes a new message in Outbox folder and then starts to process it. 5. Processing starts with renaming the file to ensure the uniqueness, then it will be moved to the Processing folder. 6. Once the processing finishes the file and the response will be placed in the Processed folder. 7. The processed message will stay in Processed folder. It can be accessed by partner. (Every request/response can read here through History function.) Note: The Inbox is the folder within the DP FTPS storage to store communication elements between partners. It contains the CIN/CIHW messages for DR as well as CIC messages for DS. Version 0.9, Draft/Approved, 04-03-2016 All rights reserved @ GS1 Hungary Page 8 of 12

5 Security GS1 Hungary This chapter contains the security aspects and client connection details for communication with GS1Trade Sync s FTPS solution. 5.1 HTTPS-based Security Aspects The server is configured to FTP over TLS (Transport Layer Security) Explicit mode. Explicit security requires that the FTP client issues a specific command to the FTP server after establishing a connection to establish the SSL link. In explicit TLS the FTP client needs to send an explicit command (i.e. "AUTH TLS") to the FTP server to initiate a secure control connection. The default FTP server port is used. Default port: 21 Data Exchange: The FTP protocol exchanges data using separate channels known as the command channel and data channel. Data channel port range: 4000 5000 Note: Because FTP uses a dynamic secondary port (for data channels), many firewalls were designed to snoop FTP protocol control messages in order to determine which secondary data connections they need to allow. However, if the FTP control connection is encrypted using TLS/SSL, the firewall cannot determine the TCP port number of a data connection negotiated between the client and FTP server. Therefore, in many firewalled networks, an FTPS deployment will fail when an unencrypted FTP deployment will work. This problem can be solved with the use of a limited range of ports for data and configuring the firewall to open these ports. 5.2 Authentication User authentication is done using the supplied username / password credentials. The username should be set as the following pattern: Gln/Email address Note: A company with GLN 5790001090159 and email user@email.com should use the 5790001090159/user@email.com string as username. Version 0.9, Draft/Approved, 04-03-2016 All rights reserved @ GS1 Hungary Page 9 of 12

GS1 Hungary 6 TEST Connection Parameters Parameter name URL Default port number Value https://uat.gs1tradesync.dk/ 21 Data port range 4000 5000 FTPS configuration Client credentials FTPS Explicit SSL Username: gln/email address Password: user password Version 0.9, Draft/Approved, 04-03-2016 All rights reserved @ GS1 Hungary Page 10 of 12

GS1 Hungary 7 Appendix 7.1 Abbreviations Abbreviation Term AS2 Applicability Statement 2 CIC CIHW CIN DP DR DS FTP FTPS SFTP SSH SSL TLS XML Catalogue Item Confirmation Catalogue Item Hierarchy Withdrawal Catalogue Item Notification Data Pool Data Recipient Data Source File Transfer Protocol FTP over SSL/TLS SSH File Transfer Protocol Secure Shell Secure Sockets Layer Transport Layer Security extensible Markup Language 7.2 Glossary CIC (Catalogue Item Confirmation) It refers to GDSN-specific electronic communication from the DR to the DS indicating what action has been taken on the item. The confirmation process occurs in the recipient s data pool. CIHW (Catalogue Item Hierarchical Withdrawal) It is a business message used to transmit trade item information from DS or DP to DR with the GDSN with regards to a correction that is required to an item hierarchy that has already been synchronised. CIN (Catalogue Item Notification) It is a business message used to transmit trade item information from DS or DP to DR with the GDSN. CIP (Catalogue Item Publication) It is a business message standard used to distribute trade item information within the GDSN. DR (Data Recipient) It represents the demand side data. It can be a company that receives product information from a data source. This company could be a retailer, hospital, distributor, wholesaler, foodservice operator, group purchasing organization, government, etc. DS (Data Source) It represents the supply side data. It can be a company (supplier, manufacturer, distributor etc.) that enters product information into GDSN-based synchronisation systems that are sent to DRs. FTP (File Transfer Protocol) Standard network protocol used to transfer files between a client and server on a network. FTP is built on a client-server model architecture and uses separate control and data connections between the client and the server. FTP users may authenticate themselves with a clear-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it. For secure transmission that protects the username and password, and encrypts the content, FTP is often secured with SSL/TLS (FTPS). FTPS (FTP over SSL/TLS) An extension to the commonly used FTP that adds support for the TLS and SSL cryptographic protocols. SSL/TLS Cryptographic protocols designed to provide communications security over a computer network. Version 0.9, Draft/Approved, 04-03-2016 All rights reserved @ GS1 Hungary Page 11 of 12

GS1 Hungary 7.3 References [1] ISO/IEC, "ISO/IEC Directives Part 2 - Rules for the structure and drafting of International Standards," ISO/IEC, 2011. [2] GS1 "XML Transport Instruction and Response", Implementation Guide, GS1 GO, 2012. [3] GS1 "Business Message Standard (BMS) Catalogue Item Sync, BMS Release 3.1.0", GS1 Global Office, GS1 AISBL, 2015. 7.4 List of Figures Fig. 3-1. Overview of FTPS-based communication between GS1 partners and GS1Trade Sync Data Pool 7 Fig. 4-1. FTPS-based communication process 8 Version 0.9, Draft/Approved, 04-03-2016 All rights reserved @ GS1 Hungary Page 12 of 12

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback