Fort Knox has featured in many movies over the years, often labelled as the most secure bank vault in the world. I just happened to watch the James Bond film ‘Gold Finger’ a month ago and it was interesting to see how the villains attempted and succeeded to get inside Fort Knox. OK, so the red laser mounted on the back of a truck simply sliced through the back door but none the less in the real world there is no place safer on earth to store your gold bullion!
I have posted a number of blogs over the past couple of years on OFTP2, a web based internet communications protocol designed from the ground up to transfer large files securely. ‘Securely’ being the operative word in this case as OFTP2 offers no less than three ways to secure a transaction or file as it is sent from A to B.
One of the reasons why car manufactures have been reluctant to exchange sensitive design information across the internet has been due to concerns of what would happen to their design data if it was somehow intercepted whilst being exchanged across the internet. OFTP2 has almost single handedly changed the perception of using the internet for secure transmission of design or other sensitive information. AS2 has seen widespread adoption in the retail space and it was hoped that AS3 would see traction in the market but for one reason or another it has struggled. Meanwhile OFTP2 has slowly been gaining traction, particularly in the automotive sector and it has almost become the standard across the European automotive industry for the exchange of large files between remote design centres across the world.
OFTP2 offers three levels of security but what are they and how do they offer a ‘Fort Knox level of security’ for exchanging files securely across the internet, well let’s find out.
Firstly the transmission tunnel is secured between sender and receiver to offer authentication and session encryption. The secured session relies on the utilisation of Transport Layer Security (TLS) encrypted TCP/IP comms links. In addition the sender and receiver are authenticated by cryptographic keys (X509 certificates).
Secondly the data can be encrypted asymmetrically.
Thirdly, if the business process or legal environment requires signed documents, OFTP2 provides the ability to attach digital signatures to business documents.
In addition to the three levels of security, each company will need to secure an ID from Odette’s OSCAR system. OSCAR (Odette System for Coding And Registration) simply provides a way to identify a company and it allows the identifications of entities in all physical and information exchanges. OSCAR was designed specifically for the automotive industry as many companies today are using either their own organisation codes or codes provided by external third parties such as Dun and Bradstreet or GS1.
Finally, as well as an OSCAR ID, users will also need to acquire an Odette Certificate, this merely ensures that data received by a user comes from a trusted source. The Odette organisation has set up a dedicated Odette Certification Authority website, where these certificates can be acquired. These certificates are required for all OFTP2 related data exchanges, document and email signing & encryption for general internet application protection. Certificates issued by the Odette CA are recognised by the Odette Trust Service and ensure security and interoperability with business partners across the automotive industry.
Not every car manufacturer will implement all three levels of OFTP2 security, it will depend on their file exchange requirements and the level of expertise they have internally to manage such an environment. What companies may opt to do is implement level 1 security and then introduce level 2 and 3 over time as customer demand dictates. The key thing here is that the company has the choice of how to deploy OFTP2.
With more and more companies evaluating cloud based services, it is important that the communication lines to these cloud platforms are as secure as possible and OFTP2 provides the security to ensure that files/transactions remain safe as they travel across the public internet.