ebMS: The Direction of Secure Internet Communications for Interoperable, Global Business
ebMS, or ebXML Messaging Service, is the messaging layer of the ebXML framework. ebMS specifies how messages are sent and received over the Internet, including features for security, digital signatures, non-repudiation and reliability. ebMS, like EDIINT (EDI over the Internet, AS2 and AS3), offers the advanced level of security and reliability required for organizations dealing with sensitive information. Privacy is achieved through the encryption of the message. Authentication is achieved through the exchange of digital certificates to verify the identity of the sender and receiver. Public keys are exchanged to ensure the sender and receiver are who they claim to be. Lastly, receipts or acknowledgements provide a legal way to verify that the sender did receive the message. The sender can request a digital signature along with the acknowledgement, ensuring the identity of the recipient. The combination of an acknowledgement and digital signature provides a high level of security and verification known as “non-repudiation.” For those familiar with the Message Disposition Notifications (MDNs) used in AS2, and AS3, the acknowledgements used in ebMS are exactly the same.
ebMS is an open standards protocol promoting interoperability. The a Drummond Group, an independent testing organization, certifies interoperability among software products. Cleo is an ongoing participant in the certifications. Interoperability makes ebMS attractive to organizations that desire to do business with a wide variety of partners and do not want to be constrained to the limits and expense of a proprietary solution.
How Does ebMS Differ from EDIINT?
ebMS retains the unique benefits of ebXML in the communications process. It allows companies using ebXML to utilize the intelligent headers that are supported in ebXML (e.g. type of document, where the document should be routed, what action to take, etc.). This information is passed to the receiving end for efficient processing. ebMS is a logical choice for companies that employ ebXML in their business.
For companies that do not employ ebXML, and are using EDI or other document formats, ebMS allows for compliance with trading partners that mandate ebXML messages. ebMS creates the message header necessary for compliance. It is important to note that ebMS can transport any data type including EDI, XML, ebXML, and flat files. This flexibility provides businesses with a viable messaging standard when making a transition from EDI to ebXML.
An additional benefit to using ebMS over other secure messaging protocols, is that ebMS can be deployed as part of a web services architecture or as part of the larger ebXML framework. ebMS is essentially an extension of SOAP (web service) messages with attachments. For companies that utilize or are moving to a web-services architecture throughout their organization, ebMS is a logical choice for secure managed file transfer.