What Standard (Secure) Data Exchange Protocols are There?

In information technology, protocols enable file transfers by outlining a standard procedure for regulating the data exchange between businesses. Protocols specify interactions between the communicating entities, and they can often be prescribed by industry or other standards. 

Each data transport protocol has its own set of advantages and limitations. Depending on your business needs and external trading partner requirements, one or several protocols may be appropriate for your business now and in the future.

This blog will list the most commonly used Standard Data Exchange Protocols:

AS1 (Applicability Statement 1): AS1 is a data transfer standard that used the email protocol to move data and is largely unused in practice today for systematic file exchange. Disadvantages of AS1 include congregating AS1 payloads with regular email, and a delivery mechanism subject to vagaries of email relays, latencies, and loss of message control. Due to the low market adoption of AS1, it is not covered further in this paper.

AS2 (Applicability Statement 2): AS2 is a standard by which users transfer EDI or other data, such as Extensible Markup Language (XML) or plain text documents, over the Internet using HTTP and HTTPs. AS2 offers increased verification and security achieved through the use of receipts, digital signatures, and file encryption. Its transactions and acknowledgments occur in real time, increasing the efficiency of document exchanges.

AS3 (Applicability Statement 3): AS3 is the IEFT messaging specification standard that enables software applications to systematically communicate data, including EDI and XML, over the Internet using file transfer protocol (FTP). AS3 is not the next version of AS2 as it offers its own unique features and provides security for the transport payload through digital signatures and data encryption.

AS4 (Applicability Statement 4): AS4 provides guidance for a standardized methodology for the secure and document-agnostic exchange of B2B payloads using Web Services. The profile focuses on providing an entry-level onramp for Web Services B2B messaging.

FTP (File Transfer Protocol): FTP is an application protocol that uses the Internet’s Transmission Control Protocol (TCP)/IP protocols. FTP is commonly used to transfer Web page files from their creator to the computer that acts as their server for everyone on the Internet. It’s also used to download programs and other files to your computer from other servers. 

FTPs (File Transfer Protocol Secure — aka FTP over SSL): FTPs is a protocol for transferring files using Secure Sockets Layer (SSL) to secure the commands and data that are being transferred between the client and the server.

SSH FTP (Secure Shell File Transfer Protocol — aka SFTP): SSH FTP uses SSH to transfer files and requires that the client be authenticated by the server. Commands and data are encrypted to prevent passwords and other sensitive information from being exposed to the network in plain text.

HTTP (Hypertext Transfer Protocol): The foundation of data communication for the Internet, this application protocol is the one to exchange or transfer hypertext. HTTP defines how messages are formatted and transmitted, and what actions Web servers and browsers take in response to various commands.

HTTPs (Hypertext Transfer Protocol Secure — aka HTTP over SSL): HTTPs is a secure version of HTTP and it allows secure e-commerce transactions. Using HTTPs, computers agree on a code between them on a Secure Sockets Layer, and then they scramble the messages using that code so that no one in between can read them.

MLLP (Minimal Lower Layer Protocol): Commonly used within the HL7 (Health Level Seven) community for transferring HL7 messages, MLLP provides a minimalistic session-layer framing protocol. MLLP supports only direct connections between a sender and a receiver, and there is no authentication process. 

OFTP (Odette File Transfer Protocol): Established by Odette, the European automotive standards body, OFTP is the most prolific protocol inside Europe for the exchange of EDI data, in particular for the automotive industry, and was initially designed to work over an X.25 network.

OFTP2 (Odette File Transfer Protocol 2): This advanced version of OFTP is mainly intended for secure data exchange over the Internet, where security is enhanced by the use of encryption methods and digital certificates.

RNIF (RosettaNet Implementation Framework): This protocol defines how systems transport a RosettaNet message. RosettaNet is a set of XML standards for integrating business processes between companies, and RNIF is a robust transfer, routing, packaging, and security standard.

SMTP (Simple Mail Transfer Protocol): This a protocol for sending email messages between servers. Most e-mail systems that send mail over the Internet use SMTP to send messages from one server to another; the messages can then be retrieved with an e-mail client.

SMTPs (Simple Mail Transfer Protocol Secure — aka SMTP over SSL): This is a method for securing SMTP with transport layer security. It is intended to provide authentication of the communication partners. SMTPs is not an extension of SMTP; it is just a way to secure SMTP at the transport layer.

WS (Web Services): Web services are XML-based information exchange systems that use the Internet for direct application-to- application interaction. These systems can include programs, objects, messages, or documents. 

Summary

As you can see there are a lot of Data Exchange protocols out there. Your business circumstances most likely require support of not just one, but many data transport protocols. It’s important to invest in a solution that is a recognized leader in data transport. 

At ECS we have over 20 years of experience choosing the correct Data Communication/Integration solutions and have done over 1.000 implementations so far. If you have any questions or are in need to implement AS2, AS3, AS4 or another Secure Data Exchange Protocol, contact us for support.