DEP is sometimes used an abbreviation for “Data Exchange Partner”.
DEPCON is the common name for the Unisys Distributed Enterprise Print Controller software. This software is often deployed in financial data centers that use it to break apart and distributed aggregated reports. As more and more print jobs moved to electronic distribution formats, file transfer technology was frequently applied to either handle incoming report batches or to deliver the final product.
Deprovisioning is the act of removing access from and freeing up resources reserved by end users and their file transfer workflows. Rapid removal of access upon termination or end of contract is key to any organization. Freeing up of related resources (such as disk space, certificates, ports, etc.) is also important, but often follows removal of access by a day or more (especially when overnight processes are used to free up resources).
The act of deprovisioning should always be audited, and the audit information should include the identity of the person who authorized the act and any technical actions the system took to deprovision the user.
Most file transfer servers today allow administrators to chain up to Active Directory (AD), LDAP or RADIUS or other external authentication to allow centralized management (and thus deprovisioning) of authentication and access.
“Rollback” of deprovisioned users is a competitive differentiator across different file transfer servers, and varies widely from “just restore credentials”, through “also restore access” and on to “also restore files and workflows”.
BEST PRACTICE: Whenever possible, implementers of file transfer technology should use an external authentication source to control access and privileges of end users. When an external authentication source is used to control authentication in this manner, deprovisioning on the file transfer server occurs at the moment the user is disabled or deleted on the central authentication server.
See also “provisioning“.
DES (“Digital Encryption Standard”) is an open encryption standard that offers weak encryption at 56-bit strength. DES used to be considered strong encryption, but the world’s fastest computers can now break DES in near real time. A cryptographically valid improvement on DES is 3DES (“Triple DES”) – a strong encryption standard that is still in use.
DES was one of the first open encryption standards designed for widespread use in computing environments, and it was submitted by IBM in 1975 based on previous work on an algorithm called Lucifer. It was also the first encryption algorithm to be specified by a “FIPS publication”: FIPS 46 (and subsequent FIPS 46-1, 46-2 and 46-3 revisions).
See the Wikipedia entry for DES if you are interested in the technical mechanics behind DES.
In file transfer, a “document definition” typically refers to a very specific, field-by-field description of a single document format (such as an ACH file) or single set of transaction data (such as EDI’s “997″ Functional Acknowledgment).
Document definitions are used in transformation maps and can often be used outside of maps to validate the format of individual documents.
The best known example of a document definition language today is XML’s DTD (“Document Type Definition”).
Many transformation engines understand XML DTDs and some use standard transformation mechanisms like XSLT (“XML Transformations”). However most transformation engines depend on proprietary mapping formats (particularly for custom maps) that prevent much interoperability from one vendor to another.
A “double post” is the act of sending a file in for processing twice on a production system.
Most operators consider a “double post” to be far worse than a missing file or missing transmission, because files sent in for internal processing often cannot be cleanly backed out. Double post violations involving hundreds or thousands of duplicate payment, payroll and provisioning transactions are relatively common experiences and are feared by all levels of management because they take considerable time, expense and loss of face to clean up.
There are many technologies and technologies used today to guard against double-posts. These include:
Remembering the cryptographic hashes of recently transmitted files. This allows file transfer software to catch double-posts of identical files and to quarantine and send alerts appropriately.
Enforcing naming and key-record schemes on incoming files. This often prevents external systems from blindly sending the same file or batch of records again and again.
Synchronizing internal knowledge of records processed with external file transfer systems. This advanced technique is EDI-ish in nature, as it requires file transfer technology to crack, read and interpret incoming files. However, it allows more sophisticated handling of exceptions (such as possible “ignore and go on” cases) better than simpler “accept/reject file” workflows.
Most file transfer protocols follow RFCs, and AS2 is no exception. (AS2 is specified in RFC 4130, and the “MDNs” AS2 relies on are specified in RFC 3798). However, the AS2 protocol and Drummond certification are closely tied together like no other file transfer protocol or certification because of Wal-Mart, the world’s largest retailer. In 2002 Wal-Mart announced that it would be standardizing partner communications on the AS2 standard, and that companies that wished to connect to it must have their AS2 software validated by Drummond. As Wal-Mart and its massive supply chain led, so followed the rest of the industry.
There are two levels of tests in Drummond certification. Interoperability is the basic level against which all products must test and pass. There is also a second level of “optional profile” tests which check optional but frequently desirable features such as AS2 Restart. There are also minor implementation differences, such as certificate import/export compatibility, that, combined with optional AS2 profiles, allow for significant differences between Drummond certified implementations, though the core protocol and basic options are generally safe between tested products.
Not every product that claims its AS2 implementation is Drummond certificated will itself be entirely Drummond certified. Some software, such as Ipswitch’s MOVEit and MessageWay software and Globalscape’s EFT software, make use of third-party Drummond certified libraries such as \n Software’s IP*Works! EDI Engine. In those cases, look for the name of the library your file transfer vendor uses instead of the file transfer vendor product on Drummond’s official list.
The Drummond Group is a privately held test laboratory that is best known in the file transfer industry as the official certification behind the AS2 standard. See “Drummond Certified” for more information about the AS2 certification.
The Drummond Group also offers AS1 and ebXML validation, quality assurance and other related services.