Electronic data interchange & FTP – Electronic Data Interchange

Electronic data interchange (EDI) is the structured transmission of data between organizations by electronic means, which is used to transfer electronic documents or business data from one computer system to another computer system, i.e. from one trading partner to another trading partner without human intervention.[1] It is more than mere e-mail; for instance, organizations might replace bills of lading and even cheques with appropriate EDI messages. It also refers specifically to a family of standards.

In 1996, the National Institute of Standards and Technology defined electronic data interchange as “the computer-to-computer interchange of strictly formatted messages that represent documents other than monetary instruments. EDI implies a sequence of messages between two parties, either of whom may serve as originator or recipient. The formatted data representing the documents may be transmitted from originator to recipient via telecommunications or physically transported on electronic storage media.” It distinguishes mere electronic communication or data exchange, specifying that “in EDI, the usual processing of received messages is by computer only. Human intervention in the processing of a received message is typically intended only for error conditions, for quality review, and for special situations. For example, the transmission of binary or textual data is not EDI as defined here unless the data are treated as one or more data elements of an EDI message and are not normally intended for human interpretation as part of online data processing.”

EDI can be formally defined as the transfer of structured data, by agreed message standards, from one computer system to another without human intervention.

FTPS (also known as FTP-ES, FTP-SSL and FTP Secure) is an extension to the commonly used File Transfer Protocol (FTP) that adds support for the Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographic protocols.

FTPS should not be confused with the SSH File Transfer Protocol (SFTP), an incompatible secure file transfer subsystem for the Secure Shell (SSH) protocol. It is also different from Secure FTP, the practice of tunneling FTP through an SSH connection.

Background

The File Transfer Protocol was drafted in 1971 for use with the scientific and research network, ARPANET.[1] Access to the ARPANET during this time was limited to a small number of military sites and universities and a narrow community of users who could operate without data security and privacy requirements within the protocol.

As the ARPANET gave way to the NSFnet and then the Internet, a broader population potentially had access to the data as it traversed increasingly longer paths from client to server. The opportunity for unauthorized third parties to eavesdrop on data transmissions increased proportionally.

In 1994, the internet browser company Netscape developed and released the application layer wrapper, Secure Sockets Layer.[2] This protocol enabled applications to communicate across a network in a private and secure fashion, discouraging eavesdropping, tampering, and message forgery. While it could add security to any protocol that uses reliable connections, such as TCP, it was most commonly used by Netscape with HTTP to form HTTPS.

The SSL protocol was eventually applied to FTP, with a draft Request for Comments (RFC) published in late 1996.[3] An official IANA port was registered shortly thereafter. However, the RFC was not finalized until 2005.