AS4
AS4 (Applicability Statement 4) is a communication protocol defined by the Organization for the Advancement of Structured Information Standards (OASIS). It is designed to facilitate the secure exchange of messages between information systems, particularly in the context of B2B (Business-to-Business) exchange and electronic transactions.
The AS4 protocol is based on the ebMS (ebXML Message Service) messaging protocol and provides a secure transmission layer for electronic messages. It uses HTTP (Hypertext Transfer Protocol) as the transfer mechanism and messages are encapsulated in HTTP requests.
The main objective of AS4 is to facilitate the exchange of information between trading partners in a secure, reliable and interoperable way. It provides a standardised framework for communication and promotes the automation of business processes through XML messages and web services.
Here are some of the key technical features of the AS4 protocol:
- Security: AS4 supports message security using mechanisms such as confidentiality, integrity and authentication. It uses X.509 certificates to verify the identity of the parties and allows the exchange of encrypted messages.
- Traceability: AS4 provides advanced tracking and logging mechanisms that enable traceability of exchanged messages. This facilitates the verification and resolution of problems related to message exchange.
- Reliability: AS4 ensures reliable delivery of messages through mechanisms such as acknowledgements and error correction. It also enables the management of transactions, including confirmations and cancellations.
AS4 supports routing of messages between trading partners. It can be configured to route messages based on various criteria such as recipient address, message type or other metadata. - Integration with other protocols: AS4 is designed to integrate with other protocols and standards commonly used in B2B exchange, such as Simple Object Access Protocol (SOAP) and ebMS exchange profiles.
- Interoperability: AS4 is designed to promote interoperability between different stakeholders. It is based on widely accepted standards and technologies, such as XML and Web Services, to facilitate the integration of enterprise information systems and enable smoother data exchange.
- Compliance with the law: in certain sectors, such as health or finance, there are strict rules on the exchange of information. AS4 meets these security and traceability requirements, making it an attractive choice for organisations wishing to comply with these regulations.
In summary, AS4 is a secure and reliable communication protocol that facilitates the exchange of electronic messages in B2B environments. It offers advanced features such as security, traceability, reliability, and routing, making it a popular choice for companies involved in e-commerce and business partnerships.
It should be noted that while the adoption of AS4 is growing, other protocols and standards such as AS2, SFTP and ebXML are still used for B2B exchanges. The choice of protocol depends on the specific needs of each organisation and the ecosystem of partners with which it interacts.
Protected file transfers (MFT)
The secure file transfer solution protects file “movements and operations” both at rest and during transfer. Protected File Transfer ensures file integrity and movement, even if the connection is lost or the files being sent are large.
While there are many file sharing options – some free, some inexpensive – not all are secure or meet today’s operational security, compliance and efficiency requirements. A secure file-sharing mode helps keep data safe from intruders or unauthorised users.
MFT must be able to support the latest security protocols and algorithms to integrate with all your customers and business partners. It must also be able to comply with the specifics of any regulations that apply to you, and have centralized controls that only authorized administrators can access.
Secure file transfer solutions encrypt data and create audit trails of transfer activity to document compliance with PCI DSS, RGPD, SOX, HIPAA, NIST and other compliance requirements.
GoAnywhere MFT
GoAnywhere MFT is an all-in-one secure file transfer solution that streamlines file exchange processes while protecting your data. This MFT solution supports multiple file transfer protocols (AS2, AS3, AS4, PeSIT, SFTP, FTPS, etc.), audit reports to help meet compliance requirements, and automation features to save time and reduce the risk of human error.
The solution is now AS4 certified by the Drummond Group. This certification demonstrates that GoAnywhere MFT has passed a comprehensive interoperability test to ensure that data is exchanged and received securely and in accordance with AS4 (Applicability Statement 4) standards.
AS4 is a recent security protocol that facilitates the use of web services for the transfer of large files. AS4 is growing in popularity because it easily supports attachments and downloads of all file types.
Here are just a few of the benefits:
- GoAnywhere MFT is not limited to attaching one file per AS4 message. You can attach multiple files to a message or use a variable to automatically attach files that meet the criteria.
- Compression: Improve transfer time by reducing the size of messages.
- Digital signatures: digitally sign messages to ensure their authenticity. Most AS4 servers require incoming messages to be signed. Signed messages provide trading partners with confirmation of the sender of the message.
- Encrypt messages: Encrypt all messages you send to a trading partner with the trading partner’s public key. With digital signatures and message integrity checks, message encryption protects your data.
- Signed receipts: GoAnywhere MFT receives automated message receipts over synchronous connections. Manual acknowledgements via asynchronous email and HTTP/S-URL addresses are also available. Receipts can be digitally signed to achieve a secure AS4 message cycle.
- Logging: GoAnywhere MFT message logging records not only the standard AS4 message traffic but also the date and time of the message, the sender, and the message sent.
Drummond AS4 certification benefits organisations by ensuring that, as their digital operations grow, the solutions they use to exchange files with third parties and business partners have been carefully tested for security and interoperability.
💡Additional information:
