data transport standard (dts) for nchelp business perspective
TRANSCRIPT
Data Transport Standard(DTS)
for NCHELP
Business Perspective
DTS for NCHELP - Business
Topics DTS Defined Brief History of Project PESC Documentation versus ESC
Documentation Benefits of DTS over existing transports Implementation Strategies
DTS for NCHELP - Business
PESC DTS Specification
The PESC DTS defines a high level framework, built on internet specifications, for moving data securely. This standard is a roadmap for how to utilize specific internet technologies providing for a secure, real-time (immediate) or batch (deferred) communications channel to safely move mission critical data.
DTS for NCHELP - Business
What DTS is not… not a product
– it is a specification
not content sensitive – it is designed to exchange any type of data,
Inquiries (Online Customer Access) Data exchange (CL4, CL5, CRC, CAM, Enrollment
Reporting, Lender Manifest, etc.)
DTS for NCHELP - Business
What is DTS?
DTS is content neutral DTS uses internet technologies to facilitate real time
(immediate) and batched (deferred) data exchange DTS does not require a vendor specific product;
instead specifying stable internet technologies DTS reduces programming and per-transaction costs
through standardization DTS utilizes standard HTTPS encryption and digital
signatures to secure the channel
DTS for NCHELP - Business
Where DTS fits in your infrastructure DTS is a Web Service based B2B communication
systems DTS is a specification that supplements FTP data
transport:– FTP or “secure FTP” utilizing PGP (rfc2440)– FTP still valid for large payloads (generally up to 10Mb)
DTS is intended to supplement or replace existing email transport systems with DTS Client software
DTS for NCHELP - Business
What are the DTS Technologies?– WSDL (Web Services Description Language)– SOAP (Simple Object Access Protocol)– WS-I (Web Services Interoperability)– HTTP (Hyper Text Transfer Protocol)– SSL (Secure Sockets Layer)– X.509 Certificates– zLib (rfc1950) Compression– Other Web Services specifications (WS-*)
DTS for NCHELP - Business
Brief History– Originated within NCHELP EEAT
Overcomes inefficiencies of existing transports Solves inflexibility and inefficiencies with existing
encryption methodology Supports real-time (immediate) and batch (deferred)
processing
DTS for NCHELP - Business
Brief History (con`t)– Now governed by PESC
DTS approved as a PESC standard on 5/1/2006 NCHELP EEAT remains significantly involved in
governance due to extensive transport experience Expanded visibility of the standard = broader education
community adoption and implementation PESC Membership includes:
– AACRO, COHEAO, NACUBO, NASFAA – FSA, Registrars, NCHELP, among others– greater FAMS involvement
DTS for NCHELP - Business
PESC DTS Specification– specification defines a high level framework for
moving data securely. – builds on internet specifications– is a roadmap of how to utilize specific internet
technologies to achieve a secure communications channel and move information.
DTS for NCHELP - Business
NCHELP Technical Manual
– extending DTS Specification– identifies specific payload information for FFELP
CL all current versions CAM all current versions Lender Manifest Generic transport (MSC01 data types)
– supports future content enhancements as needed
DTS for NCHELP - Business
Business needs solved by DTS– Delivery assurance– Content neutral– Useful for internal and external business communications– Support Immediate and Deferred data processing models– Cryptographically secure– No distribution or vendor royalties – uses public standards – Larger payload (generally up to 50 Mb)– Multiple technical platforms (.NET, Java, etc.)
DTS for NCHELP - Business
– POP3 No confirmation Lost mail order of receipt uncertain
– FTP Confirmation by FTP Reply
codes which are complicated to manage
Order of receipt but can be complicated to manage
Delivery assurance– DTS
Active Confirmation– mandatory
synchronous response
Order controlled by sending party
– client dictates payload delivery
DTS for NCHELP - Business
Highly Secure– Encryption
POP3/FTP uses external encryption application DTS encryption built-in (SSL part of HTTPS)
– Digital Signatures POP3/FTP signatures part of encryption application DTS signature with X.509 certificate part of specification
(built-in)
DTS for NCHELP - Business
Security from Experience– Encryption separate steps/application– Key management / exchange
DTS for NCHELP - Business
Key Management – Out-of-Band Exchange and management– DTSv2 Certificate in transmission
Signed by Certificate Authority ensures authenticity No out-of-band/prior exchange No storage necessary Single point for revocation/update
DTS for NCHELP - Business
Larger Payloads– 50mb limit per specification
POP3 – 1mb; FTP – 10mb
– PayloadBytes header element
Single Transport for anything without evaluating payload– PayloadType Header element
Internet
Client Application
Client Core Service Core
Service Application
DTS SpecDTS Spec
Entity A Entity BPlatform specific communication
Platform specific communication
Reference Implementation Architecture
Internet
Client Application
Client Core Service Core
Service Application
DTS SpecDTS Spec
Entity A Entity BPlatform specific communication
Platform specific communication
Client Application
Reference Implementation Architecture
Internet
Client Application
Client Core Service Core
Service Application
DTS SpecDTS Spec
Entity A Entity BPlatform specific communication
Platform specific communication
Client Application
Client Application
Reference Implementation Architecture
Internet
Client Application
Client Core Service Core
Service Application
DTS SpecDTS Spec
Entity A Entity BPlatform specific communication
Client Application
Client Application
Service Application
Platform specific communication
Reference Implementation Architecture
ESB
Internet
Client Application
Client Core Service Core
Service Application
DTS SpecDTS Spec
Point A Point B
Client Application
Client Application
Service Application
Platform, but DTS interface Platform, but DTS interface
Reference Implementation Architecture
DTS for NCHELP - Business
Implementing DTS– All informational elements currently used by POP
and FTP are provided as Header elements in DTS
– Diagram – DTS into Existing system
DTS for NCHELP - Business
PESC versus ESC Documentation– http://www.pesc.org/workgroups/datatransport/
Data Transport Standard v 1.01 Specification Data Transport Standard V 1.0 Reference
Implementation Guide
– http://www.nchelp.org (e-Library > Electronic Standards Documentation & Tools > Electronic Data Exchange Documentation)
NCHELP Technical Manual