AN INTRODUCTION TO SECURITY IN EDIEANCOM

1
AN INTRODUCTION TO SECURITY IN EDI/EANCOM

• LUIS BELLO
• EAN INTERNATIONAL

2
What can you expect ?

• General information about the techniques used to
  secure electronic exchanges.
• Learn about the security implementation
  mechanisms used by EDIFACT
• Will not expect to learn specific details of
  algorithms used to perform the security.

3
AGENDA

• INTRODUCTION
• SECURITY THREATS
• SECURITY SOLUTIONS
• APPLICATION OF SECURITY SOLUTIONS
• CONCLUSIONS
• OPEN DISCUSSION

4
INTRODUCTION

• Background
• Barriers for Electronic Commerce (legal
  security)
• EANCOM in Trade and Finance
• New developments in the UN/EDIFACT
• New syntax ISO 9735
• EAN created a PT
• Apply this concept into an EDI environment
• Internal
• External

5
WITHIN OUR SYSTEM
Software EDI
INTEGRATION WITH EDI SYSTEM
INTERNAL APPLICATION
6
WITHIN OUR SYSTEM
Software EDI
INTEGRATION WITH EDI SYSTEM
INTERNAL APPLICATION
COMMUNICATIONS VANS, DIRECT
TRADING PARTNERS
B
C
7
EDI SECURITY

• SPECIFICALLY COVERS THE INFORMATION BETWEEN
  LEAVING YOUR EDI SECURE GATEWAY AND REACHING YOUR
  TRADING PARTNER

8
OUTSIDE OUR SYSTEM
MANUFACTURER
RETAILER
PURCHASE ORDER
INVOICE
REMITTANCE ADVICE
PAYMENT ORDER
CREDIT ADVICE
DEBIT ADVISE
BANK
BANKING STATUS
9
OUTSIDE OUR SYSTEM
MANUFACTURER
RETAILER
PURCHASE ORDER
INVOICE
REMITTANCE ADVICE
EANCOM 97
PAYMENT ORDER
CREDIT ADVICE
DEBIT ADVISE
BANK
BANKING STATUS
10
SECURITY THREATS

• THE MESSAGE MAY BE LOST
• THE MESSAGE MAY BE EFFECTED TWICE (WILLINGLY OR
  BY MISTAKE)
• THE MESSAGE MAY BE INTERCEPTED BY A THIRD PARTY
  AND MODIFIED
• MESSAGE MAY BE READ BY AN UNWANTED THIRD PARTY

11
SECURITY THREATS

• A TRADING PARTNER MAY CLAIM NEVER TO HAVE SENT OR
  RECEIVED A MESSAGE
• A THIRD PARTY MAY PRETEND TO BE A VALID TRADING
  PARTNER

12

• FORTUNATELY THERE ARE, AND RELATIVELY SIMPLE,
  TECHNIQUES WHICH CAN HELP BUSINESS TO AVOID THESE
  THREATS

13
SECURITY SOLUTIONS

• MESSAGE SEQUENCE INTEGRITY
• MESSAGE CONTENT INTEGRITY
• MESSAGE ORIGIN AUTHENTICATION
• NON - REPUDIATION OF ORIGIN
• NON - REPUDIATION OF RECEIPT
• CONFIDENTIALITY OF CONTENT

14
INTEGRITY

• MESSAGE CONTENT INTEGRITY PROTECTS AGAINST THE
  MODIFICATION OF THE DATA.
• PROTECTION CAN BE ACHIEVED BY INCLUDING AN
  INTEGRITY CONTROL VALUE

15
AUTHENTICATION

• Message origin authentication protects the
  receiver against the actual sender of a message
  claiming to be some other (authorised) entity
• Protection can be achieved by including with the
  transmitted message an authentication value

16
NON - REPUDIATION

• Non- repudiation protects one party (sender or
  receiver) from the others denial of sending or
  receiving the message
• Protection can be achieved by
• Including a digital signature
• Including a trusted third party
• Sending an acknowledgement upon

17
CONFIDENTIALITY

• Confidentiality of content protects against the
  unauthorised reading, copying, or disclosure of
  message content.
• Protection can be assured by encrypting the data.
  The message is essentially scrambled
  (substituting one letter for other)

18
SOLUTIONS USING THE STANDARD
Integrity value MAC value Digital
signature Acknowledgement
Confidentiality
Encryption
19
PKI

• Public Key Infrastructure (PKI) Is the mechanism
  needed when public keys are used to secure
  electronic messages.
• Symmetric cryptosystem (secret keys)
• Asymmetric cryptosystem (private and public keys)
• Differences

20
Secret Keys Symmetric process
MESSAGE SENDER A
MESSAGE RECIPIENT B
KABs
KABs
OPEN AND CLOSE USING THE SAME KEY
21
PRIVATE AND PUBLIC KEYSAsymmetric process
A
B
PRIVATE A
PRIVATE B
KApr
KBpr
A B C D
PUBLIC KEYS Third party
KBpu
KApu
MESSAGE TO B
MESSAGE FROM A
22
Cryptographic techniques

• Symmetric algorithms
• DES, IDEA
• Asymmetric algorithm
• RSA
• Hashing functions
• MD5, SHA1

23
What is the difference ?

• Integrity

B
Kse
Kse
A
C
Kse
D
Kse
Using Symmetric techniques
24
What is the difference ?

• Authentication

B
KABs
KABs
A
C
KACs
KACs
KADs
D
KADs
Using Symmetric techniques
25
What is the difference ?
CA

• Non repudiation of origin

B
KApu
KApu
KApr
KBpu
KBpr
A
C
KApu
KCpu
KCpr
KDpu
D
KApu
Using Asymmetric techniques
KDpr
26
Digital Signature

• To apply the security process to the entire
  message with the private key (Kpr) is to
  expensive. The result is to big.
• The common practice A hash value is calculated
  for the original message.
• The process applied to the hashing result is
  known as DIGITAL SIGNATURE.

27
Digital signature
Generating Process
Digital Signature DS
Digital Signature DS
Verify Sec.
Checking Process

28
What is the difference ?
CA

• Confidentiality

B
KApu
KBpu
KBpu
KBpr
A
KCpu
C
KCpu
KDpu
KCpr
KDpu
D
Using Asymmetric techniques
KDpr
29
Confidentiality
Security
P
P
C KABS(P)
A
B
30
Certificates and CAs

• The associations of public keys are secured using
  the CERTIFICATES
• An entity with recognised authority
  (Certification Authority) gives faith that
  certain Kpu belongs to certain user.

31
Certificates and CAs

• The CA generates an information structure with
  the following
• Public key (of a trading partner)
• ID of owner
• ID of CA
• Validity period
• Finally the CA signs the structure and adds it
  we have a CERTIFICATE

32
Certificates and CAs

• A certificate is a piece of information secured
  because it has a DS that it protects it against
  any external manipulation.
• There is no confidential information.

33
Certificates and CAs

• A user (B) could
• Obtain the certificate of a trading partner A
  from the CA
• Verify the validity of the certificate
• Validity period
• No revocation of the certificate
• Correct DS of the CA
• Verify the DS of the CA
• Now B should has the public key (KApu)

34
Certification Authority
CA
Certification request
Certification request
EDIFACT Application
EDIFACT Application
Send secured interchange
Security Module
Security Module
35
Certification Authority
CA-Es2
36
APPLICATION OF THE SECURITY SOLUTIONS
37
UN/EDIFACT SECURITY

• The need of security formed the security joint
  working group (SJWG)
• The group developed draft techniques for security
• Security at message level ?
• Long term solution should be handled
  syntactically ISO 9735

38
ISO 9735

• The rules at the application level for the
  structuring of data in the interchange of
  electronic messages between computer application
  systems.

ISO 9735
39
ISO 9735

• Part 5 security rules for batch EDI
  (authenticity, integrity, and non-repudiation of
  origin)
• Part 6 secure authentication and acknowledgement
  message (AUTACK)
• Part 7 security rules for batch EdI
  (confidentiality)
• Part 9 security key and certificate management
  message (KEYMAN)

40
MESSAGE LEVEL SECURITY

• The security services (solutions) can either be
  integrated into the message itself or provided in
  a separate message
• Integrated message security
• Separated message used by sender (AUTACK)

41
SECURITY IN UN/EDIFACT

• Integrated
• Incorporating security segments between the usual
  message header and the message trailer.

MESSAGE HEADER - UNH
MESSAGE
MESSAGE TRAILER - UNT
42
SECURITY IN UN/EDIFACT

• INTEGRATED
• Incorporating security segments between the usual
  message header and the message trailer.

MESSAGE HEADER - UNH
SECURITY HEADER - USH
MESSAGE
SECURITY TRAILER - UST
MESSAGE TRAILER - UNT
43
INT, AUT and NRO
Group 2
44
INT, AUT, NRO
Group n
9
C
UST
M
1
USA
USR
C
1
C
1
45
SEPARATED MESSAGE USED BY SENDER (AUTAK)

• There are two reasons
• To provide security to one or several messages
• To provide a secured acknowledgement to the
  sender for having received the original messages
  without returning them.

46
SJWG - R.1026
Interchange
1
2
3
4
47
SJWG - R.1026
Interchange
AUTACK
UNH
1
1
DS
DS
2
2
3
DS
4
DS
3
UNT
4
48
CONFIDENTIALITY

• Confidentiality of an EDIFACT structure (message)
  shall be provided by encrypting it using an
  appropriate algorithm.
• EAN will provide a service message called CONFID
• The CONFID can be used in two ways
• Encrypting the entire interchange
• Encrypting each message within an interchange
  creating several CONFID messages

49
Case 1
INTERCHANGE
UNA
UNZ
UNB
MESSAGES
MESSAGES
MESSAGES
COMPRESS ENCRYPT
UNA
UNZ
UNB
USA
UNH
USH
USC
USA
USR
USM
USM
UST
USR
UNT
CONFID MESSAGE
50
Case 2
INTERCHANGE
UNA
UNZ
UNB
MESSAGES
MESSAGES
MESSAGES
UNA
UNZ
UNB
UNH
USH
USM
UST
UNT
CONFID 2
CONFID 3
CONFID 1
51
CONCLUSIONS
AUTHENTICATION
INTEGRITY
SECURITY AND EANCOM
NON - REPUDIATION
CONFIDENTIALITY
52
WHERE ARE WE ?
1997-98
1988
1992-94
1998
1995-96
2000
ISO 9735 Version 3
ISO 9735 Version 4
Security Draft for ISO 9735 version 4
Release R.1026 Trial security for version 3
Today
EANCOM 2000
53
Benefits for EAN

• Solve the security problem NOW !!!!!
• It is a solid solution approved by the SJWG
• Security for all messages, all platforms
• At least two years of stability (EANCOM 2000)
• The transition to V4 will be easier
• EAN takes a leading role in security for EDIFACT

54
CONCLUSIONS

• Messages or information which are non critical
  can be exchanged without security
• Evaluate the risk (take decision) for critical
  messages
• EDIFACT/EANCOM caters for security requirements