AUTACK Secure authentication and acknowledgement

Syntax Development Group (SDG)

AUTACK is a message authenticating sent, or providing secure acknowledgement of received interchanges, groups, messages or packages.

A secure authentication and acknowledgement message can be used to:

a) give secure authentication, integrity or non-repudiation of origin to messages, packages, groups or interchanges.

b) give secure acknowledgement or non-repudiation of receipt to secured messages, packages, groups or interchanges.

Header

1. 0010 · UNH · Message header · Max 1 · Mandatory

   To head, identify and specify a message.

   1. Data element S009/0057 is retained for upward compatibility. The use of
   S016 and/or S017 is encouraged in preference.
   2. The combination of the values carried in data elements 0062 and S009 shall
   be used to identify uniquely the message within its group (if used) or if
   not used, within its interchange, for the purpose of acknowledgement.

2. Segment group 1 Repeat 99

   1. 0030 · USH · Security header · Max 1 · Mandatory

      To specify a security mechanism applied to a EDIFACT structure (i.e.: either message/package, group or interchange).

      1. 0541, if not present the default scope is the current security header
      segment group and the message body or object itself.
      2. 0507, the original character set encoding of the EDIFACT structure when it
      was secured. If no value is specified, the character set encoding
      corresponds to that identified by the syntax identifier character
      repertoire in the UNB segment.
      3. S500, two occurrences are possible: one for the security originator, one
      for the security recipient.
      4. S500/0538, may be used to establish the key relationship between the
      sending and receiving parties.
      5. S501, may be used as a security timestamp. It is security related and may
      differ from any dates and times that may appear elsewhere in the EDIFACT
      structure. It may be used to provide sequence integrity.

   2. 0040 · USA · Security algorithm · Max 3 · Conditional

      To identify a security algorithm, the technical usage made of it, and to contain the technical parameters required.

      1. S503, provides space for one parameter. The number of repetitions of S503
      actually used will depend on the algorithm used. The order of the
      parameters is arbitrary but, in each case, the actual value is preceded by
      a coded algorithm parameter qualifier.

   3. Segment group 2 Repeat 2

      1. 0060 · USC · Certificate · Max 1 · Mandatory

         To convey the public key and the credentials of its owner.

      2. 0070 · USA · Security algorithm · Max 3 · Conditional

         To identify a security algorithm, the technical usage made of it, and to contain the technical parameters required.

         1. S503, provides space for one parameter. The number of repetitions of S503
         actually used will depend on the algorithm used. The order of the
         parameters is arbitrary but, in each case, the actual value is preceded by
         a coded algorithm parameter qualifier.

      3. 0080 · USR · Security result · Max 1 · Conditional

         To contain the result of the security mechanisms.

         1. S508, two occurrences shall be used in the case of signature algorithms
         requiring two parameters to express the result.
         In the case of an RSA signature, only one occurrence of S508 shall be
         used.
         In the case of a DSA signature two occurrences of S508 shall be used.

3. 0090 · USB · Secured data identification · Max 1 · Mandatory

   To contain details related to the AUTACK.

4. Segment group 3 Repeat 9999

   1. 0110 · USX · Security references · Max 1 · Mandatory

      To refer to the secured EDIFACT structure and its associated date and time.

      1. D5(050, 040) If first, then all
      2. D1(070, 090) One and only one
      3. D5(060, 040) If first, then all
      4. D5(080, 070) If first, then all

   2. 0120 · USY · Security on references · Max 9 · Mandatory

      To identify the applicable header, and to contain the security result and/or to indicate the possible cause of security rejection for the referred value.

      1. D3(020, 030) One or more

5. Segment group 4 Repeat 99

   1. 0140 · UST · Security trailer · Max 1 · Mandatory

      To establish a link between security header and security trailer segment groups.

      1. 0534, the value shall be identical to the value in 0534 in the
      corresponding USH segment.

   2. 0150 · USR · Security result · Max 1 · Conditional

      To contain the result of the security mechanisms.

      1. S508, two occurrences shall be used in the case of signature algorithms
      requiring two parameters to express the result.
      In the case of an RSA signature, only one occurrence of S508 shall be
      used.
      In the case of a DSA signature two occurrences of S508 shall be used.

6. 0160 · UNT · Message trailer · Max 1 · Mandatory

   To end and check the completeness of a message.

   1. 0062, the value shall be identical to the value in 0062 in the
   corresponding UNH segment.