Development and Application of EDI-DT System

Transcription

1 DEVELOPMENT AND APPLICATIONS OF EDI-DT SYSTEM Development and Application of EDI-DT System Guangming WANG, Guiyi WEI College of Computer and Information Engineering, Hangzhou University of Commerce, ABSTRACT: EDI is an important type of B2B electronic commerce practices. Basing on the result of a successful national research program on EDI, the paper presents the development philosophy and applications of an EDI system focusing on domestic trading. The techniques utilized to achieve high adaptability and flexibility, and the measures adopted to insure high security are discussed in detail. Key Words: EDI; UN/EDIFACT; domestic trading; business forms 1. Fundamentals of EDI-DT EDI (electronic data interchange) is an important type of B2B electronic commerce practices worldwide. Chinese government set up a key research program series on EDI (96-A20) during the last five year s planning involving international trading, domestic trading, commodity inspection, customs, etc. The above works have been done successfully, and have passed the national evaluation earlier As a part of the above program (96-A20-03), and basing on wide investigation and analysis, the authors and their research team have determined work flow of domestic trading, a set of standard business forms for it, and have developed a EDI system for domestic trading (EDI-DT). EDI-DT System has been adapted for daily operation by a number of companies in Shanghai and Hangzhou. The paper here presents the ideas and techniques utilized to achieve high adaptability and flexibility for EDI-DT, and the measures adopted to insure high security to realize system s high vitality. 2. High Flexibility and Adaptability Although some business forms have been defined during the period of system development, new forms are possibly required in the future, and the appearance of existent forms could be reshaped for different users, it is important to make EDI-DT flexible and adaptable to keep the system alive longer. The ability for customers to define new types of business forms and the ability to change the form of existent forms interactively without program rewriting are the techniques adapted by EDI-DT, and the ability for customers to redefine data dictionary therefore to guarantee correct form translation automatically without programmers' help is also realized. 2.1 Defining New Types Of Business Forms By selecting the menu item Setting of Business Forms users could define new types of business forms. Considering some data items, even a big share of data are possibly identical between two different forms, the system provides customers options to develop a new type of form starting from scratch, or picking up an existent form as template. This ability not only raises the flexibility and adaptability, but also speeds up system development because program coding and business form defining could be done parallelly.

2 DEVELOPMENT AND APPLICATIONS OF EDI-DT SYSTEM Redefining of Forms' Appearances Each business form consists of two documents: master and slave, which are related by compound key of form series number, form date, supplier ID code and demander ID code. User may decide which document to be updated or both. Redefining could be happened on the structure and shape of the form, font selection, character size and color setting, etc. In addition, the printing format of forms could also be readjusted according to users wish without programmers' help. 2.3 Adaptability of Message Translation In EDI-DT system business documents (for example, an order) are transferred from one place to another business partner in a precisely predefined data stream complied with UN/EDIFACT standards. Special measurements must be taken to make the translation module still workable when a new type of forms has been defined or the interfaces of existent forms have been changed. The technique of data dictionary is therefore used. Each type of forms has a related dictionary, in which each record corresponds to one simple data element of the form, showing its UN/EDIFACT s code, statement ordinal number, its position in the statement, etc. Translation will be done automatically according to the dictionary contents. It is required to create a new data dictionary or modify the corresponding one whenever a new type of form has been created or an old one has been changed. In many cases a closely similar template of dictionary is provided to users for updating reference, therefore, most of users will be able to update dictionaries after training, which is not a hard job, and the high adaptability of message translation is therefore achieved 3. Communication The EDI communication mode could be in one of the following ways: PTP(point to point), VAN(value added network) equipped with X.400, and Internet/intranet. Communication for EDI-DT is based on VAN obeyed with X.400 (picture 1).

3 DEVELOPMENT AND APPLICATIONS OF EDI-DT SYSTEM 国 家 EDI 服 务 中 心 x.400 x.435 国 际 EDI 其 它 省 市 EDI 服 务 中 心 x.25+ x.400 CHINAEDI 大 型 EDI 用 户 本 地 EDI 服 务 中 心 DDN 本 地 PSTN 大 型 EDI 用 户 一 般 EDI 用 户 一 般 EDI 用 户 Picture 1 EDI Communication Mode Picture 1 EDI Communication Mode The EDI center uses EDISwitch developed by GEIS company, it provides Intercept-Connect for client communication. The model is referenced by means of "esconnec my_para.par my_sta.sta'. Here, my_para.par is a parameter file containing all the information for communication port initialization and operations (such as sending, receiving message, updating transaction password, etc) for this connection. My_sta.sta is a status file, into which all the information about successfulness of the connection, receiving and sending messages will be written after the connection has been done. The system may judge the consequences of the connection and related operations. 4. Security of EDI-DT To make EDI transactions highly reliable some secure measurements must be taken to avoid disavowing, unauthorized interception and interpolation. Encryption/decryption and digital signature are used to achieve the above goal. Here, the EDI center acts as certificate authority, provides each registered user a pair of keys (a private and a public), and the public key of EDI center is open to all of users. Let us use M to represent the message to be sent over network, Kpuba, Kpria to represent the public and private key of user A, and Enc, Dec, H to represent the action of encryption, decryption and one way hash transform respectively, and use C for EDI center. Then Enc(H(M))Ppria means perform HASH transfer first, and then make encryption with the private key of B. Now secure message T transfer from A to B through C would be described as below.

4 DEVELOPMENT AND APPLICATIONS OF EDI-DT SYSTEM B:public Random Key(RK) Random Key(RK) Random Key PlainText PlainText Symmentric Text Text Internet Hash Func Digest Digital A:private s Pic 2 and Secure Text Transfer B:private Random Key Random Key(RK) Internet Text -- Text Symmentric PlainText Hash Func Digest Digital A:public Same? Digest' No Yes Verified Verification Failed Pic 3 Secure Text Receiving a. A sends a request R signed with Kpria to C requesting communication with B; b. After receiving the request C performs Enc on it with Kpuba, verifies the result; then signs Kpubb with Kpric, then performs Enc with Kpuba, and then sends the result to A; C does Enc on Ppuba with Ppric, Enc with Ppubb, and then sends the result to B; c. After receiving above message from C, A applies Dec with Ppria, then performs Dec with Ppubc, after verifying A obtains Ppub; d. A performs Enc(M) Kr, here Kr is a randomly generated key, Enc(Kr) Ppubb, applies Enc(H(M)) Ppria to generate A's signature, finally, sends Enc(M) Kr, Enc(Kr) Ppubb, and Enc(H(M)) Ppria to B; The picture 2 shows the above work flow; e. After receiving message from A, B performs reverse transfer described in picture 3. A may verify is the message received from is actually sent by A and without interpolation. Here, you may see that business document T (which could be long) is encrypted by using symmetric algorithm (which is fast), and the signature is realized by means of asymmetric encryption/decryption algorithm (which is relatively slow, but higher

5 DEVELOPMENT AND APPLICATIONS OF EDI-DT SYSTEM reliable). Hash is a one-way function turning T with variable length into a short and fixed length text for signature generation. The combination use of symmetrical and asymmetrical encryption technique is a good practice to achieve high security and efficiency. 5. Applications of EDI-DT The system has been used in Shanghai and Hangzhou in scale. Shanghai Lianhua Supermarket Group, Hangzhou Beida Department Store have adapted the system to exchange business documents on line with a number of their business partners. The business scope includes price asking, price reporting, ordering, ordering confirming, delivery noticing, delivery listing, etc. It makes the ordering practices, previously secrete, more regulated and open-eyed. Besides, due to a special characteristic provided by the system: manufacturers are able to examine dynamic movement of the goods supplied by them on line, they may reduce the number of sales persons dispatched previously in the department stores selling their products. It improves economic efficiency greatly. Furthermore, EDI-DT supports department stores to switch from two stage ordering to centralized ordering, which is considered one helpful approach to enhance enterprise competitive capability in the case of China is going to join WTO. Basing on the performances described above, the system was passed national checking and accepting, and technical appraisal separately in the year Further Work Much work has to be done in the future. Beside of expanding the business circle using EDI-DT, it is wise to develop new EDI system on Internet, due to the fact that XML (expansible markup language) supports additional capabilities in data type definition, display and linking abilities, making information exchange easier between web pages and databases. Developing XML/EDI applications is the preferable choice. REFERENCES 1. Guangming WANG, EDI Research and EDI development in domestic trading, Business Economics and Administration, Guangming WANG, Tang YONG, Principles of EDI Client System--Realization of Message Translation and Packing, Computer Engineering and Design, GE Information Services,Enterprise System and EDISwitch Administration and Support Guide,GE Information Services,Inc,USA, Robert L. Sullivan,Electronic Commerce with EDI,Twain, Inc., Jan C.A.VAN DER LUBBE, Basic Methods of ography, Cambridge University Press, Digital Standard, NISTCSL bulletin, Nov Guiyi WEI, Guangming WANG, Communication Security for Internet based MIS, Proceeding of 14 th National MIS conference, Ming WANG, Guangming WANG, Security and Digital for EDI System, Proceeding of 14 th National MIS conference,

6 DEVELOPMENT AND APPLICATIONS OF EDI-DT SYSTEM Guangming WANG Male, Born in 1945, Professor, Hangzhou University of Commerce Director of Institute of Information Engineering and Electronic Commerce Deputy chairman, Provincial Expert Group on Information Progress 1968, graduated from Qinghua University with bachelor degree, majored in electrical engineering , graduated from Polytechnic University of New York, USA, with master degree, majored in computer science , university lecturer, computer science, Governors State University, USA , technician in factories and mine 1980-present, lecturer, associate professor, professor, Hangzhou University of Commerce Guiyi Wei Male, Born in 1972, Instructor, Hangzhou University of Commerce 1973, Graduated from Hangzhou University of Commerce with bachelor degree, majored in MIS graduated from Hangzhou University of Commerce with Master degree, majored in economic information management