mpcc architecture review
DESCRIPTION
MPCC Architecture Review. January 2008. Background. This review is being driven on behalf of the market to ensure that the MPCC architecture is maintained at the highest possible level. The Goals for this exercise are to: - PowerPoint PPT PresentationTRANSCRIPT
MPCC Architecture Review
January 2008
2
Background
• This review is being driven on behalf of the market to ensure that the MPCC architecture is maintained at the highest possible level.
• The Goals for this exercise are to:i. Help suppliers understand the current MPCC systems / technical
architecture
ii. Highlight the limitations of this architecture
iii. Get feedback from Market Participants
iv. Identify business requirements
v. Agree on the next steps
3
End to end view from Market Hub to MPCC
Firewall
SMIMEHTTP / SSL
TCP
IP
Physical
Data Link
Network
Transport
Session
XMLPresentation
WebForms
SuppliersApache Server
Firewall
RosettaNet RosettaNet
MRSOFTP
SAP ISU
Router
ESB BackEnd Systems
MarketHub
XML File
PC
Mainframe
Router
XMLMessaging formatused between ESBand other participants
WebForms
Firewall
XML File
HTTP is a request/response protocolbetween clients andservers
Secure Sockets Layer(SSL), are cryptographicprotocols which providesecure communicationson the Internet
ORACLERelationalDatabase
CGICommon Gateway Interface (CGI) isa standard protocol for interfacingexternal application software with aninformation server
GeoTrustDigital certificateprovider of SSLand SMIME certs
RossettaNetis based on XML and definesmessage guidelines, businessprocesses interface andimplementation frameworks forinteractions between companies
Ro
ssettaNet
Fram
ewo
rk
TCP/IPThe Internet protocol suite thatprovides the set of communicationsprotocols that implements theprotocol stack on which the Internetand many commercial networks run
XML Messagingformat used betweenESB and MarketParticipants
Oracle 9i
S/MIME (Secure /Multipurpose InternetMail Extensions) is astandard for public keyencryption and signingof e-mail encapsulatedin MIME.
PKIpublic key infrastructure (PKI) is anarrangement that provides for trustedthird party vetting of, and vouchingfor, user identities
IE 5.0Internet Explorer
MPCC
IISInternetInformationServices
Batch eWayIntelligent Routing
WebFormsWebForms will be used by the MPs to create/amend andview market messages. The data entered in the Web-Forms is converted into Market XML messages (MIMs)and stored for further transmission. The webformsmarket message creation is only appropriate for smallMP's and/or infrequent transactions
Java AppletsJava applets are used toimplement the upload/downloadrequests so the WebServer.The applets use Http POST tosend XML messages to theOnRamp Package
Digital Certificates Each MarketParticipant will have to providetwo digital certificates:
S/MIME certificate - 1024 bitSSL Webserver Certificate1024 bit for 128 bit SSL
OnRamp(Windows 2000 or NT 4.0, MS Access 97, NT4.0, Internet Explorer 5.0) The On-Ramp solutionoperating system must be Windows 2000 ServicePack 2, or NT 4.0 Service Pack 6a (or above). Inaddition Microsoft Internet Explorer version 5.0 orabove and MS Access 97 or above are required
4
Current Architecture – Communications LinkTechnical Architecture• Communications protocol stack is
in line with industry standards• TCP/IP is the standard comms
stack for communication over the internet
• SMIME and SSL (transport encryption) provide secure encryption of the Message and its contents as it travels over the internet
• PKI is used for vetting 3rd Parties• XML used for packaging data
Minor Limitations• Need to upgrade version of SSL• Need to investigate the usefulness
of PKI as MODSSL is performing a similar function
Firewall
SMIMEHTTP / SSL
TCP
IP
Physical
Data Link
Network
Transport
Session
XMLPresentation
SuppliersApache Server
Firewall
RosettaNet RosettaNet
HTTP is a request/response protocolbetween clients andservers
Secure Sockets Layer(SSL), are cryptographicprotocols which providesecure communicationson the Internet
GeoTrustDigital certificateprovider of SSLand SMIME certs
RossettaNetis based on XML and definesmessage guidelines, businessprocesses interface andimplementation frameworks forinteractions between companies
Ro
ss
etta
Ne
tF
ram
ew
ork
TCP/IPThe Internet protocol suitethat provides the set ofcommunications protocolsthat implements the protocolstack on which the Internetand many commercialnetworks run
XML Messagingformat used betweenESB and MarketParticipants
S/MIME (Secure /Multipurpose InternetMail Extensions) is astandard for public keyencryption and signingof e-mail encapsulatedin MIME.
PKIpublic key infrastructure (PKI) is anarrangement that provides for trustedthird party vetting of, and vouchingfor, user identities
MPCC
5
Current Architecture - Suppliers MPCCTechnical Architecture• CGI is used for interfacing to external
applications• OnRamp is used for unwrapping and
date time stamping messages• Webforms is used to create and
amend market messages
Limitations• Access 97 is not a suitable database
(not secure and unsupported)• Windows 2000 is not secure enough• IE 5.0 is not suitable for new
encryption technologies• CGI is inefficient at processing data• Software upgrades involves
distribution of CDs.
WebForms
SuppliersApache Server
XML File
PC
Mainframe
Router
WebForms
Firewall
XML File
CGICommon Gateway Interface (CGI) isa standard protocol for interfacingexternal application software with aninformation server
MS Access 97Desktop databaseapplication
IE 5.0Internet Explorer
IE 5.0Internet Explorer
Batch eWayIntelligent Routing
WebFormsWebFormsdeveloped in Java
Java AppletsJava applets areused to implementthe upload/ downloadrequests so theWebServer.
Windows 2000Microsoft Operatingsystem
XMLMessaging formatused between ESBand other participantsMPCC
6
Business IssuesMarket Participants• MPCC provides no new functionality• Message logs need to be regularly maintained• Limited visibility of message throughput ESB Networks• ESBN have recently adopted SAP’s application integration
platform and more specifically SAP XI (an XML based message broker) for their SEM and future internal needs.
• SeeBeyond OnRamp expertise will gradually become more limitedwithin ESBN
Regulatory• New design could facilitate new market entrants• Opportunity to design a single market gateway.• Opportunity for one supplier to provide IT services for
another.
7
Technical Issues
• Current software has a maximum shelf life of 3 to 5 years• Significant parts of the technical architecture are
unsupported– Access 97 is not a suitable database (not secure and
unsupported)– Windows 2000 is not secure enough– IE 5.0 is not suitable for new encryption technologies– CGI is inefficient at processing data
• Software upgrades involve the distribution installation of CDs.
• There is a licensing overhead which may be removed through the use of open source software
8
Other Business Issues ?
9
Business Requirements ?
10
Assumptions
• Any new MP messaging component to be developed via a third party contract i.e. not directly by ESB Networks resources.
• The favoured option should be that of a common MP messaging component as it would facilitate:– Testing– Integration
• Open source software should be used
11
Next Steps
• Provide a migration path
• Get feedback from Market Participants on:– Business needs based on evidence from their
experience of the current MPCC– Their preferences for development strategy