AS2 overview
Applicability Statement 2 (AS2) defines communication methods that can be used to efficiently and reliably exchange business data between trading partners.
AS2 provides a mechanism for secure transfer of business data (EDI
and XML) over the Internet. Following are the key benefits of using
AS2:
- Security - Digital certificates are used for authentication and for encrypting business data to ensure data confidentiality and integrity.
- Message Disposition Notification (MDN) - An MDN is an electronic receipt for the AS2 message that was transferred. After the intended receiver receives an AS2 message, the receiving system generates an MDN and sends it to the sender. An MDN contains information about the original message, including the message-ID and the message hash. The sender can verify the message ID and the message hash to confirm that the receiver received the complete message. Based on the specifications in the original message, an MDN may also be signed or unsigned. The sender can also specify whether they intend to receive a synchronous or an asynchronous MDN. If an MDN is sent using the same HTTP session as the original message, it is called a synchronous MDN. If an MDN is sent using a different HTTP session, it is called an asynchronous MDN.
- Non-repudiation - Non-repudiation entails establishing the sender, receiver, the contents of the file that is transmitted, and that the contents of the file are not altered during transmission. Sender and receiver details are established by using the authentication credentials, such as digital signatures or login credentials. The message-digest in the MDN is used to prove that the contents of the file were not changed. In addition to the digital signatures and MDN, AS2 provides an option to store the original data before sending and store the received data before processing.