as4 - astra zeneca
Post on 26-May-2015
1.002 Views
Preview:
DESCRIPTION
TRANSCRIPT
Copyright (c) 2009, Drummond Group
AS4: Secure B2B Document Exchange Using Web Services
By Timothy Bennett, Drummond Group
timothy@drummondgroup.com
615.337.6087
Copyright (c) 2009, Drummond Group
What is AS4?
An open standard for the secure and payload-agnostic exchange of B2B documents using Web services
Maps the AS2 functional requirements onto the WS-* stack using ebMS 3.0 as a leverage point
Constrains the ebMS v3.0 specification (and its underlying specifications) for message packaging, transport, security, exchange patterns, and business non-repudiation
Copyright (c) 2009, Drummond Group
Purpose of AS4
Provides an entry-level on-ramp for Web services B2B messaging by embracing “elegant simplicity”
Promotes the adoption of Web services
Extends the use of SOA deployments for inter-business communication
Copyright (c) 2009, Drummond Group
Benefits Summary Web services landscape lacks a B2B messaging specification
that has the simplicity and elegance of AS2
Simplification of Web services for B2B breeds an environment whereby the likelihood for interoperability become achievable
As SOA and Web services deployments becomes more pervasive, the opportunity for B2B communication on these platforms will increase
New markets that are Web services centric can benefit from the AS2 success story
Copyright (c) 2009, Drummond Group
B2B Web Services Messaging
ebMS 3.0 is one of the first “applicability statement” specifications for Web services messaging
Composes and extends SOAP, WS-Security, WS-ReliableMessaging, and other WS-* standards to provide comprehensive guidance on WS messaging
But even ebMS 3.0 is too complex and the AS4 profile brings the AS2 success story closer to the Web Services landscape
Copyright (c) 2009, Drummond Group
AS4 Profile Highlights
Message packaging governed by ebMS 3.0
Support for both document push and pull message exchange choreographies
Message security governed by WS-Security specification along with support for payload compression
Support for an AS2-like business Non-Repudiation Receipt
Reception Awareness – Just enough reliable messaging
Copyright (c) 2009, Drummond Group
AS4 Message Packaging
Message contained within a SOAP Envelope
Two types of messages: user messages and signal messages
Payloads contained either in the SOAP:Body or SOAP Attachments
Message metadata contained in SOAP:Header
Copyright (c) 2009, Drummond Group
AS4 Document Push/Pull Support for AS2's synchronous and asynchronous document push
choreographies
Support for the ebMS v3 document pull choreography which is not available with AS2
Important for markets where 24x7 Internet connectivity and IP addressability is not available
Clients can access multiple document pull channels (priority, document types, etc)
AS4 defines a “Light Client” for deployment to IT and cost challenged endpoints
Copyright (c) 2009, Drummond Group
AS4 Message Security
Support for payload compression and must occur prior to attaching the document(s) and prior to any message-level security
Support for message-level security including various combinations of XML Digital Signature and/or XML Encryption as governed by WS-Security
X.509 security tokens for signing/encryption; additional support for username/password tokens for access to message pull channels
Copyright (c) 2009, Drummond Group
AS4 Non-Repudiation of Receipt (NRR)
Support for business non-repudiation receipts similar to AS2's RFC3798 (MDN)
The MDN is specified by the ebXML BPSS in the form of an XML schema and returned as special signal message
AS4 defaults to requiring message recipients to return a signed receipt and contain digests necessary for NRR
Receipt may contain error information if the Recipient could not process the Sender's message
Copyright (c) 2009, Drummond Group
AS4 Reception Awareness
Makes use of the message receipt as the signal to the message sender that the recipient received the business payload – similar to AS2 Reliability
Support for Duplicate Detection at the message Recipient
Support for Message Retry if the Sender does not receive a receipt.
Copyright (c) 2009, Drummond Group
Copyright (c) 2009, Drummond Group
Copyright (c) 2009, Drummond Group
Copyright (c) 2009, Drummond Group
Copyright (c) 2009, Drummond Group
Copyright (c) 2009, Drummond Group
Copyright (c) 2009, Drummond Group
Q&A
Comments? Questions?Feedback?
top related