Data Transport Standard (DTS) for NCHELP Business Perspective.

Data Transport Standard(DTS)

for NCHELP

Business Perspective

DTS for NCHELP - Business

Topics DTS Defined Brief History of Project PESC Documentation versus ESC

Documentation Benefits of DTS over existing transports Implementation Strategies


PESC DTS Specification

The PESC DTS defines a high level framework, built on internet specifications, for moving data securely. This standard is a roadmap for how to utilize specific internet technologies providing for a secure, real-time (immediate) or batch (deferred) communications channel to safely move mission critical data.


What DTS is not… not a product

– it is a specification

not content sensitive – it is designed to exchange any type of data,

Inquiries (Online Customer Access) Data exchange (CL4, CL5, CRC, CAM, Enrollment

Reporting, Lender Manifest, etc.)


What is DTS?

DTS is content neutral DTS uses internet technologies to facilitate real time

(immediate) and batched (deferred) data exchange DTS does not require a vendor specific product;

instead specifying stable internet technologies DTS reduces programming and per-transaction costs

through standardization DTS utilizes standard HTTPS encryption and digital

signatures to secure the channel


Where DTS fits in your infrastructure DTS is a Web Service based B2B communication

systems DTS is a specification that supplements FTP data

transport:– FTP or “secure FTP” utilizing PGP (rfc2440)– FTP still valid for large payloads (generally up to 10Mb)

DTS is intended to supplement or replace existing email transport systems with DTS Client software


What are the DTS Technologies?– WSDL (Web Services Description Language)– SOAP (Simple Object Access Protocol)– WS-I (Web Services Interoperability)– HTTP (Hyper Text Transfer Protocol)– SSL (Secure Sockets Layer)– X.509 Certificates– zLib (rfc1950) Compression– Other Web Services specifications (WS-*)


Brief History– Originated within NCHELP EEAT

Overcomes inefficiencies of existing transports Solves inflexibility and inefficiencies with existing

encryption methodology Supports real-time (immediate) and batch (deferred)

processing


Brief History (con`t)– Now governed by PESC

DTS approved as a PESC standard on 5/1/2006 NCHELP EEAT remains significantly involved in

governance due to extensive transport experience Expanded visibility of the standard = broader education

community adoption and implementation PESC Membership includes:

– AACRO, COHEAO, NACUBO, NASFAA – FSA, Registrars, NCHELP, among others– greater FAMS involvement


PESC DTS Specification– specification defines a high level framework for

moving data securely. – builds on internet specifications– is a roadmap of how to utilize specific internet

technologies to achieve a secure communications channel and move information.


NCHELP Technical Manual

– extending DTS Specification– identifies specific payload information for FFELP

CL all current versions CAM all current versions Lender Manifest Generic transport (MSC01 data types)

– supports future content enhancements as needed


Business needs solved by DTS– Delivery assurance– Content neutral– Useful for internal and external business communications– Support Immediate and Deferred data processing models– Cryptographically secure– No distribution or vendor royalties – uses public standards – Larger payload (generally up to 50 Mb)– Multiple technical platforms (.NET, Java, etc.)


– POP3 No confirmation Lost mail order of receipt uncertain

– FTP Confirmation by FTP Reply

codes which are complicated to manage

Order of receipt but can be complicated to manage

Delivery assurance– DTS

Active Confirmation– mandatory

synchronous response

Order controlled by sending party

– client dictates payload delivery


Highly Secure– Encryption

POP3/FTP uses external encryption application DTS encryption built-in (SSL part of HTTPS)

– Digital Signatures POP3/FTP signatures part of encryption application DTS signature with X.509 certificate part of specification

(built-in)


Security from Experience– Encryption separate steps/application– Key management / exchange


Key Management – Out-of-Band Exchange and management– DTSv2 Certificate in transmission

Signed by Certificate Authority ensures authenticity No out-of-band/prior exchange No storage necessary Single point for revocation/update


Larger Payloads– 50mb limit per specification

POP3 – 1mb; FTP – 10mb

– PayloadBytes header element

Single Transport for anything without evaluating payload– PayloadType Header element

Internet

Client Application

Client Core Service Core

Service Application

DTS SpecDTS Spec

Entity A Entity BPlatform specific communication

Platform specific communication

Reference Implementation Architecture

Internet

Client Application


Service Application

DTS SpecDTS Spec



Client Application


Internet

Client Application


Service Application

DTS SpecDTS Spec



Client Application

Client Application


Internet

Client Application


Service Application

DTS SpecDTS Spec


Client Application

Client Application

Service Application



ESB

Internet

Client Application


Service Application

DTS SpecDTS Spec

Point A Point B

Client Application

Client Application

Service Application

Platform, but DTS interface Platform, but DTS interface



Implementing DTS– All informational elements currently used by POP

and FTP are provided as Header elements in DTS

– Diagram – DTS into Existing system


PESC versus ESC Documentation– http://www.pesc.org/workgroups/datatransport/

Data Transport Standard v 1.01 Specification Data Transport Standard V 1.0 Reference

Implementation Guide

– http://www.nchelp.org (e-Library > Electronic Standards Documentation & Tools > Electronic Data Exchange Documentation)

NCHELP Technical Manual

Data Transport Standard (DTS) for NCHELP Business Perspective.

Documents

dts technologies

standardization dts

infrastructure dts

dts fits

mb dts

nchelp business topics

data transport standard

content neutral dts