Security issues in electronic data interchange (EDI) systems

Currently there is limited security offered in the Electronic Data Interchange (EDI) systems. Due to the growth of global market, Electronic Data Interchange is becoming an important tool for improving business prospects and hence becoming a target for fraud and misuse of information. This thesis attempts to provide security enhancements in the EDI systems. A model of the EDI system, the Direct Store Delivery System is described with security features added for global use. The model uses a Third Party Service Provider providing Message Handling Systems for communication between the trading partners. This thesis describes the security enhancement in the EDI messages using the UN/EDIFACT standard of formatting the EDI messages with the inclusion of certificates, digital signatures in the messages without changing the syntax of the EDI message. Also, a proposal to use X.500 Directory Services standards for global authentication is described along with other network security services. All these security services are included in the Application layer of the OSI reference model and are transparent to the user. As a result of the proposal, the security services can be implemented on a global ba^is as a step towards an open-edi system.