AS3: Secure, Reliable, and Interoperable Messaging for FTP-Centric Environments

File Transfer Protocol (FTP) is commonly used due to its ease of use and widespread adoption. However, the use of FTP in industries where sensitive data is exchanged, such as healthcare and financial was limited due to a lack of security and reliability. Even with FTPs, or FTP with Secure Sockets Layer (SSL), the protocol lacks the level of security required for these organizations.

A main issue deals with the need to confirm receipt of a message by a specified, trusted party. FTP does not offer a method to indicate whether or not a message was received by the intended recipient. Also, secure FTP poses issues with how it encrypts the data. FTP/S encrypts network-level packet communications. With packet encryption, firewalls are prevented from inspecting the flow of network traffic. This scenario was not acceptable for many business security groups. These issues left organizations to develop proprietary solutions that were expensive and did not promote open business standards.

AS3 was developed by the Internet Engineering Task Force (IETF) to address these specific problems. AS3, or Applicability Statement 3, is a specification by which applications communicate EDI data, or other information such as XML documents, securely over the Internet using the FTP protocol. Where it advances over FTP is in the use of receipts, or Message Disposition Notifications (MDNs). MDNs provide a legal way to verify receipt of a message. The sender can request a digital signature along with the receipt, ensuring the identity of the recipient. The combination of an MDN and digital signature provides a high level of security and verification known as “non-repudiation.” This is the same level of security and reliability provided in AS2.

AS3 (like AS2) is an open standards protocol promoting interoperability. The Drummond Group certifies interoperability among software products. Interoperability makes the solution attractive to organizations that desire to do business with a wide variety of partners and do not want to be constrained to the limits and expense of a proprietary solution.

The combination of reliability, security, interoperability, and efficiency makes AS3 attractive to any company desiring secure communications. AS3 may be particularly well suited for FTP-centric businesses that have a significant investment in FTP scripting, applications, or security. AS3 offers both “push” and “pull” FTP capabilities. This “push/pull” set up is similar to the asynchronous and bisynchronous environments that you may be familiar with and can be achieved with the integrated FTP Server in Cleo Harmony® and Cleo VLTrader®. Cleo LexiCom® software can be used for AS3 compliant client communications.

In the News

Cleo Names Tushar Patel Chief Marketing Officer

Published June 12, 2018

News Center
Upcoming Events

TMW In.Sight User Conference & Expo

Scheduled September 09, 2018

See All Events
Careers

Entry-Level Sales Representative

Cleo is looking for passionate, motivated self-starters who aspire to be successful business leaders to join our Sales Development team.

See All Openings