170 likes | 182 Views
This presentation discusses the definition of a federated messaging and trust infrastructure for secure and reliable exchange of data, with a focus on defining specifications, content agnosticism, and leveraging existing technologies.
E N D
www.oasis-open.org Defining a federated messaging and trust infrastructure for secure and reliable exchange of data Kenneth Bengtsson OASIS Business Document Exchange (BDX) TC 19th UN/CEFACT Forum Geneva, 17 April 2012
BDX –Business Document eXchange • Defining specifications for multi-cornered messaging infrastructures • Secure and reliable exchange of information • Content agnostic • Defining both trust and messaging standards • Base on existing and proven technologies wherever possible
Current situation • Many solutions to the same problem • National / regional / local / sector specific / public / private • Big difference in complexity and architecture • Peer-2-peer model • 3-corner models • 4-corner models • Web-based and/or based on machine-2-machine interaction • Many different business models
High-level infrastructure requirements • Secure and reliable • Support for small and medium sized organizations • Trust requirements raise the barrier • Low-latency and availability requirements raise the barrier • Leverage investments in existing infrastructures • Base on existing and proven standards
Achievements • Clear architecture model that fits into existing approaches • Coexists and enhances existing infrastructures and networks • Avoids creating another infrastructure “island” • Scalable and robust - no single point of failure • As few centrally managed parts as possible • Trust in the network • Governance enabled • Low barriers-to-entry
PEPPOL’s overall architecture Service Metadata Locator PEPPOL Certificate Authority Central Governance Points Distributed Replicated Scaled Systems Service Metadata Publisher PEPPOL Access Point Service
PEPPOL scenario SMP Registry SML Registry Country A Invoice • SMP point: • SMP point de • http://smp.de/ • Key: CompanyC Operator 1 • Key: CompanyC • Doc: Invoice • Profile: Peppol • Endpoint: • Access point 2 • http://ap2.de/ BusDox Access point, VAN 1 Company B Company A Company C • Transport properties • Secure • Reliable • Profile properties • Transport + QoS Country B Access point 2, Operator 2 Operator 2 Public agency D
Thank you Kenneth Bengtsson OASIS BDX TC kenneth@alfa1lab.com
Overall standards used in PEPPOL • DNS • Service Metadata Locator (SML) • HTTP • SMP (HTTP GET) • START and LIME profiles (SOAP transport) • SOAP • START and LIME profiles • WS-Transfer • START and LIME profiles • WS-Security, WS-ReliableMessaging • START profile
Why use a four-corner model? • Connecting existing infrastructures rather than creating a new “island among the islands” • Freedom to choose service provider and avoiding lock-ins • Avoiding the need to connect to multiple providers • The requirements differs a lot between service providers, large companies and SME’s • Trust requirements raise the barrier • The technical solution requires a trusted third-party • Low-latency and availability requirements raise the barrier • Requires hosted services with good SLA • No single transport profile matches all the requirements. The four-corner model caters for this inherent problem
Why is the SMP separate from the Access Point? • Orthogonal • Can use metadata without agreed transport protocol • Can use transport protocol without looking up metadata • e.g. hardcoded endpoints • Allows new protocols to be added • Allows alternate governance models Metadata Transport