Managing Electronic Records

Electronic Commerce and Electronic Data Interchange

Managing Electronic Records -- LIS389C.5 -- Summer 1996

Electronic Commerce

Electronic commerce is a broad term which generally describes business activities which are conducted electronically. Within the boundaries of electronic commerce, large bodies of information can be found concerning global information, reengineering workflows, marketing strategies to enhance competitiveness, electronic data interchange, electronic funds transfer and other payment systems, network security, value added networks, and the Internet. This paper is intended to focus on Electronic Data Interchange and will also discuss Value Added Networks (VANs), network security issues, and the Internet as a new vehicle for electronic commerce activity.

Business Today

It is generally recognized that the world seems to be growing smaller and everything is moving faster in personal and business lives. New growth in business seems to be coming from thousands of small companies who are able to produce and deliver creatively and quickly using desktop systems. Larger corporate entities have taken note of the business pressure. Companies with long and respected corporate histories are restructuring, hoping to reduce or meet the pressures coming from all sides. These pressures are described as the following types:

Competitive pressure
Demanding customer requirements
Reduced product life cycles requiring accelerated new product development and offerings
Pressure from stakeholders for improved financial performance
Pressure to reduce inventories and production and storage costs
Global regulatory changes
Rapidly changing telecommunications and information delivery means

The development of electronic avenues to conduct commerce activity is seen as one method of coping with and addressing these pressures. Electronic commerce is a way of conducting business transactions using computer and telecommunications networks to help improve productivity and competitiveness. It provides access to the global marketplace with millions of customers and nearly as many products and services. It provides quick response, develops new partnerships, and places companies both small and large on the same level.

Electronic commerce is not new. TEXAS-ONE, an initiative of the Texas Department of Commerce, in its web site introductory materials points out that for years direct payroll deposit, electronic fund transfers, and Automatic Teller Machines have been available to businesses. Faxes and modems are now commonplace in business and those tasks that were once performed by hand, in person, or by mail can now be taken care of remotely, automatically, and electronically. Each of these tools saves the business money. For businesses large and small, the reduction of time it takes to send and receive purchase orders, invoices, and product information has a dollar value. Ways to reduce processing errors and error correction time has a dollar value. Ways to decrease the time necessary to compare prices from different vendors and locate service providers has a dollar value. TEXAS-ONE and other governmental agencies are promoting the advantages of using tools like electronic data interchange (EDI) to help businesses take advantage of dynamic trade relationships enabled by the General Agreement on Tariffs and Trade (GATT) and the North American Free Trade Agreement (NAFTA). The federal government is supportive in these efforts. In Texas, three Department of Defense funded Electronic Commerce Resource Centers (ECRC) have been established to provide consultation and education services to both industry and government. In Texas, these centers are located in Orange, Palestine, and San Antonio.

Today cost saving opportunities that have traditionally been available to larger companies are now available to the smallest of companies through the Internet, which is gaining in widespread use, and the lower cost of computer equipment, making it possible to have substantial computing power on desktops in small businesses. The impetus for widespread adoption of electronic commerce as a way to save costs through automation and integration of existing computerized transactions is now taking hold in a growing number of businesses. Electronic commerce activity may become as commonplace as the fax machine has become in all businesses.

Electronic Data Interchange (EDI)

Electronic data interchange is the transmission, in a standard syntax, of information of business significance between computers of independent organizations. EDI is the common "language" used to get information from one computer system to another. It is one of the tools that makes electronic commerce possible and delivers the cost savings business is seeking. Electronic data interchange can be traced back to industries that have traditionally been concerned with products and services that have a short shelf life but a high unit cost. Early adopters of methods to use electronic means to replace paper transactions can be located in the distribution and transportation industries such as the airlines, trucking, railroads, and in the automotive industry as early as 1960. Standards development for electronic data interchange can be traced back to the 1970s. In 1975, there were 45 transactions sets established for the transportation industry. Today, the ANSI (American National Standards Institute) ASC (Accredited Standards Committee) X.12 has over 200 transaction sets associated with it covering a wide variety of industries and businesses. By the mid 1980s, two general purpose industry standards in electronic data interchange had emerged. In 1986, the United Nations Electronic Data Interchange for Administration, Commerce, and Transport (EDIFACT) took shape while the ANSI ASC X.12 in the United States continued to expand. These two standards have benefited business by prescribing ways of structuring data according to agreed message standards between independent computer systems. Structuring the data allows for the presentation of the content of a document to be interpreted without error and for the data to be acted upon using automatic processing reducing the need for human intervention in the process. Traditionally, it has been the larger companies who have had the investment dollars to fund development of electronic data interchange activity for themselves and many times for their suppliers or trading partners. Use of EDI has grown. The reduction of costs of computing hardware, software, and telecommunications combined with trade agreements negotiated globally have brought EDI to the attention of businesses of all sizes as a desirable and necessary method of conducting commerce. Today the use of electronic data interchange extends to all trade and trade related activities. Banking and finance, healthcare industries, manufacturing, retail, tourism and travel, transport industries of all types, and governmental enterprise all use electronic data interchange to conduct business. It is estimated that there are tens of thousands of EDI users in North America as well as many users in the Pacific Rim and Europe. Because of the varied implementations across types of commerce, varied approaches and definitions of EDI have developed. In the book Frontiers of Electronic Commerce, four definitions are quoted:

"Electronic data interchange is the transmission, in a standard syntax, of unambiguous information of business or strategic significance between computers of independent organizations."
The Accredited Standards Committee for EDI of the American National Standards Institute.
"Electronic data interchange is the interchange of standard formatted data between computer application systems of trading partners with minimal manual intervention."
UN/EDIFACT Training Guide.
"Electronic data interchange is the electronic transfer, from computer to computer, of commercial and administrative data using an agreed standard to structure an EDI message.
Article 2.1 of the European Model EDI agreement."
"Electronic data interchange is the electronic transfer from one computer to another of computer processable data using an agreed standard to structure the data."
International Data Exchange Association, The EDI Handbook: Trading in the 1990s.

Although the definitions vary, four components of EDI remain the same. EDI can be characterized as having a component that works with application level services such as purchasing or inventory control, EDI has a standards component that qualifies the structure of the data, EDI uses some method of transporting the data or messages such as electronic messaging or world wide web tools, and EDI uses a communication method such as the Internet or dial up lines to move the data from one computer to another computer.

The chief benefits of using electronic data interchange have been acknowledged as:

decreasing the potential sources of error caused by re-entry of data and handling paper involved in orders and accounts processing, reducing postage bills, and manual processing costs involved with paper filing systems.
shortening the lead time between receipt and fulfillment of orders as well as helping to plan production and reduce stocks of inventories and take advantage of just in time manufacturing techniques.
improving cash flow and reducing the amount of working capital required for a company through reduction in inventories when using just in time techniques.
providing trading information from historical data accumulated as a result of using electronic data interchange transactions to gain a competitive edge.
fostering closer working relationships between suppliers and customers and trading partners improving trading relationships.
enhancing the image of the company and increasing the company’s ability to provide faster and better customer service.

A number of testimonials to the benefits of using EDI in business can be found. Articles such as "Exploiting the Virtual Value Chain," "Managing in Marketspace: If You Think the Information Revolution Isn’t Transforming Your Business, Think Again," and "EDI Moves the Data," and "Businesses’ Changing Landscape: Technology Makes Much Commercial Real Estate Obsolete As Workers No Longer Need Be In Central Location" each report on electronic data interchange experiences and the changing of business processes in the marketplace.

A number of journals are dedicated to EDI among them are, EDI Forum, EDI Insider, EDI News, and EDI World. Numerous vendor directories exist including the EDI Software Directory, EDI Yellow Pages, and the Who’s Who in Electronic Commerce. In the United States, government resources concerning EDI are numerous including the Department of Defense Information Center, Fed World, the Federal Electronic Commerce Acquisition Team., and the National Institute for Standards and Technology. Regionally, across the United States, local societies and groups focus on electronic commerce and EDI issues. Professional societies and associations nationwide promote interest groups and chapters dedicated to exploring the topic of EDI. In Texas, the Central Texas EDI User Group serves the purpose of sharing information among professionals involved in electronic data interchange activity. A substantial amount of knowledge has been accumulated to promote this method of doing business among trading partners. Moving forward with the decision to incorporate the components of EDI into a business in order to reap the benefits is a major strategic decision for a company and its suppliers and business partners. Communication is the key element in the strategy.

Before successfully implementing EDI with a trading partner, three main items have to be addressed between the trading partners and it can take some number of months for trading partners to agree on these items. They are standards, software, and communications. Standards define the structuring of the data into the electronic messages which replace the paper documents. Each element of the paper trading document has to be defined so that the computers exchanging the information can act on it without error. Standards define these elements and currently there is more than one standard to choose from for determining EDI structure. The presence of multiple standards can complicate the decisions to be made concerning a choice of standard. The software used to translate the messages as they move among trading partners needs to be defined so that the messages can move correctly into the application software that is appropriate. The variety of software choices in the marketplace necessitates careful selection based on business needs and it may take some time to explore the business needs of the trading partners in a detailed enough manner to make a selection from the array of choices. The communications lines that enable the movement of the messages and electronic documents needs to be in place. These can be expensive to put into place and maintain and again, there are choices to be made concerning which communication method to be used. To assist in dealing with these choices and the varying products that are available, companies have formed businesses to facilitate communications, deal with multiple standards, provide software, and provide the necessary communications links between companies. They act as a third party to assist business in becoming successful trading partners. These business have been termed VANs, or Value Added Networks. They are characterized as being based on private, closed, leased-line or dial up access networks.

Case studies illustrate the point that EDI is not a business process that can be started up overnight. None of these choices or steps in implementation are easy to accomplish at the start. In an article authored by Sharon McLoone, "EDI or DIE? An End User Discovers Electronic Commerce as a Survival Tactic," Ms. McLoone describes her role in ensuring that EDI was implemented successfully in her company. She describes the glitches, first with employees being resistant to EDI, and second, with the semantic problems in the standards used for data exchange. She places a high priority on education and training for company employees when instituting the transition from paper based processes to EDI based processes. Employee involvement becomes one of the required components for exploiting electronic data interchange as a business strategy aimed at reducing costs and providing better service to customers.

VANS (Value Added Networks)

The requirement to communicate with trading partners, their banks, distributors, suppliers, and everyone involved in the trade cycle gave rise to the idea of creating networks of service providers that would offer a single channel for facilitating all aspects of this communication. When a company joins a VAN, it places its focus on its hardware and equipment and the links it needs to put into place to connect to the VAN, letting the VAN be concerned about all of the other links to the other ends and all of the issues in between. Traditionally, user communities with one industry in common tended to group around one VAN or another because there were no links between VANs. It was cost effective to all use the same VAN. If your trading partners belonged to a VAN different from yours, you had no choice but to belong to more than one VAN. It was not unheard of for a large company to dictate that its suppliers would also join in and adopt electronic data interchange as a business method if they wanted to continue doing business together. It was not unheard of that the larger company dictated the VAN that its suppliers and partners would use. Many times the larger company supported smaller suppliers by providing investment dollars to make this happen. Technology has progressed, and now value added networks support interconnections with each other so it is possible to communicate with trading partners across networks and broaden the choices for trading partners.

Additional services are provided by VANs as well. They include mailboxing which is the equivalent of the electronic post office box. Electronic messages are posted and placed in the appropriate mailbox of your trading partner. Security is provided to protect the sensitivity of your business order and trade relationships. Various password schemes and acknowledgment schemes are used. Checking is also done along the way to halt incomplete transmissions or faulty transmissions. Measures are taken to guard against duplicate message transmissions. End users are provided with audit trail information to help them manage and account for their resources. Training, implementation assistance, and other consulting services are standard VAN offerings. VANs are known to be high priced, charging by the number of characters transmitted with connect time and mailbox charges factored in. VAN to VAN interconnect charges may also be involved. Despite the price tag associated with these services, third party networks are many times preferable to the alternative of handing multiple phone line connections to each trading partner and monitoring security and transaction processes in house. They are also preferable to schemes which require trading partners to communicate at preset times and in a limited amount of time. A wide variety of VAN service providers exist from AT&T which has strong coverage in the United States to the very experienced Advantis/IBM and GEIS systems. Newer VANs include Unisource and Scitor which is owned by the airlines’ network Sita. It is still not unusual to find that trading partners cluster around one VAN to provide support for one another.

EDI Software

Selecting EDI Software poses the same range of problems as selecting software for any application area. There are many choices in the market place. The ease of use of the software, the financial stability of the software house, hardware compatibility with your existing environment, ease of upgrade, quality of maintenance, and degree of network connectivity and ability to use varying standards successfully are factors taken into consideration at the time of purchase. It is not necessary that all trading partners have identical software, but the sender must use a software application that creates an EDI file format similar to what the recipient’s computer application can read. One of the key features of value in using EDI Software is the integration of the electronic data interchange with other key business functions. Information mapping functionality allows for the integration of inventory management systems and payment systems. These mapping features help business realize the benefits of integrated workflow structures.

Standards

Two predominant standards are associated with electronic data interchange. They differ in syntax upon which the electronic data messages are sent. Syntax comprises the design rules and directories by which messages are constructed. In the United States, the ANSI (American National Standards Institute) ASC (Accredited Standards Committee) X.12 has been widely used. In Europe the syntax standard that has developed and is widely used is UN/EDIFACT, United Nations/Electronic Data Interchange for Administration, Commerce, and Transport. EDIFACT was born in 1985/6 while ANSI ASC X.12 has been in active existence since the 1970s. In the future, we will see an alignment of the two standards. At the end of 1995, ASC X.12 balloted its members with regard to migration to EDIFACT and the result was a vote favorable toward the migration. Some feel that most U.S. companies will opt to implement the requirements of both standards until such time as a migration strategy is developed to assist companies in migrating to whatever is developed out of the 1997 planned alignment effort. Standards are necessary in serving the business community and alignment of these two standards is expected to have a positive impact on global trade and electronic commerce. Having multiple choices of standards is viewed as one of the problems associated with electronic data interchange.

Problems Associated with EDI--Security Issues

Auditors have written about the challenges presented when the paper audit trails and internal controls that worked with paper based systems are replaced with electronic data interchange transmissions. Notaries worry that new regulations and laws will be needed to guard against fraud when the paper documents go away. Attorneys examine the legal aspects associated with paperless letters of credit. Headlines in news articles such as "Losses Linked to Lax Security of Computers" and "Digital Signatures That Can’t Be Forged" give us a hint as to some of the threats and fears that are associated with turning business processes over to computers. Security is one of the prime discussion areas in electronic commerce. Security issues are grouped into four basic categories of concern:

Privacy concerns
Access control concerns
Concerns about integrity
Concerns about authentication

Security depends on internal control structures and how they are implemented by people. The Value Added Network providers such as General Electric Information Services (GEIS) and Advantis /IBM provide a secure environment within which to exchange data. They offer proprietary solutions which sometimes restrict users to specific hardware and software programs in order to implement these solutions. One old adage concerning security runs along these lines:

"The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete bunker, and is surrounded by nerve gas and very highly paid armed guards. Even then, I wouldn’t stake my life on it."

Security is clearly a difficult problem area and many products have been produced which offer various methods of control. Some of the methods used to ensure access control and authentication are password protection, encrypted smart cards, biometrics, and firewalls. The firewall sits between two networks and evaluates all of the traffic passing between them. The firewall disallows suspicious traffic and notifies system administrators of possible attempts at penetration while allowing the desirable traffic to pass through. Biometric systems are considered the most secure level of authorization. They involve some personal aspect of a person’s body such as retinal patterns, palm prints, signature recognition, or voice recognition. Encrypted smart cards pass out a one-time password when a user wants to access the computer. Usually, these hand held devices which calculate the password also require some item of personal identification in the authorization process. Encryption is the scrambling or encoding of information to prevent anyone other than the intended recipient from reading the information.

Kerberos, which was developed in the 1980s, is a popular third party authentication protocol which has been adopted as a de facto standard. It was developed by the Massachusetts Institute of Technology. It is used by Net Cheque and NetCash and is a private-key encryption system. It does not produce digital signatures.

Private-key cryptography is a common approach used in encryption. It involves the use of a shared key for both encryption by the sender and decryption by the recipient. The weak point in private-key cryptography is that two parties have to agree on the key without any third parties finding out what the key is. Private-key cryptography has been widely adopted with implementation of the Data Encryption Standard (DES), a standard technique that translates data into an unbreakable code for public transmission. The actual software to perform DES is available at no cost to anyone who has access to the Internet. It came from IBM in the 1970s and has been extensively researched. It has withstood the test of time and is known to be difficult to break.

Public-key cryptography is another powerful form of encryption used today. It differs from the private-key technology in that it involves the use of two keys; a private-key and a public-key. Information encrypted by the private-key can be decrypted only using the corresponding public-key. The private-key, used to encrypt transmitted information by the user, is kept secret. The public-key used to decrypt the message is not secret. Since only the bona fide author of an encrypted message has knowledge of the private-key, a successful decryption using the corresponding public-key verifies the identify of the author and ensures the integrity of the message. It is sometimes used with digital signatures to provide authentication. One of the positive features of this method is that only one key needs to be managed because only one key is secret. RSA Data Security, Inc. is one well respected company which has produced the public-key cryptosystems. RSA is expanding its product line to incorporate its respected cryptosystems into World Wide Web browsers such as Netscape.

The cryptographic community is exploring various technical uses of digital signatures by which messages can be time stamped or digitally notarized to establish dates and times by which a recipient might claim to have had access to or read a message. United States government purchase orders will be signed using a digital signature standard. There is no doubt that security measures need to be in place for business to be able to confidently proceed. Some form of encryption is needed, particularly in view of the fact that some of the agencies and clearinghouses in business today are handing trillions of dollars daily via wire, satellite, and computers.

Nearly everyone has used some form of electronic fund transfer between banks and been amazed at the ease with which transfers occur. The issues of confidentiality of credit card numbers during their transmission, the privacy surrounding employee records or government files as they are being exchanged, the integrity of the files to insure that the contents of a message have not been tampered with or modified during the delivery all are issues that are taken for granted because the security provided is so deeply hidden behind the scenes. People and businesses need to be able to trust the computer systems. Authorization methods to make sure that only valid users and programs have access to information resources such as databases need to be in place to provide access control. Data and transaction security is needed to ensure that that the privacy and confidentiality as well as authenticity of the message is good. Without strong security in place, electronic commerce would not move forward.

Traditional vs. "new EDI" Ventures in the world of the Internet

New opportunities and challenges have come with the convergence of communications media industries and the digitalization of text, documents, graphics, video and audio. The internationalization of business around the world and use of global work groups has torn down boundaries that once were geographical factors which dictated markets. Falling costs of computers and networks, larger degrees of computer literacy, more wide spread use of email, and the driving search for competitive advantages for business all have an impact on EDI growth and interest in EDI. Ravi Kalakota and Andrew B. Whinston refer in their book to the "old EDI" and the "new EDI." The "new EDI" is forecast to transform business, helping businesses automate not just their internal processes but also their external processes by reducing the cost of setting up an EDI relationship with trading partners, fostering more short term relationships among a larger number of partners, and leveling the playing field so that all sizes of business enterprise can participate in EDI. The "new EDI" focuses EDI work on the high level business workflows which involve many low level interchange activities. The "new EDI" bypasses the standardization efforts at the transaction set and syntax level or message level structures covered so extensively in existing standards. The "new EDI" is aimed at point to point interaction which bypasses the need for a Value Added Network service. It is aimed at becoming a simple business procedure for either a short or long term relationship between business or trading partners. The Internet has become a transport vehicle for the "new EDI" to use and the availability of desktop computing places it in the hands of millions. One of the things that makes this possible is the Transmission Control Protocol/Internet Protocol (TCP/IP). This is a suite of protocols developed by the U.S. Department of Defense in the 1970s to support the construction of world-wide interconnected networks. Today, millions of users are connected to the Internet through software that uses the TCP/IP protocol suite.

Benefits of the Internet based electronic data interchange methods are:

Cost savings for access to corporate information--Internet access is less costly than access using a private wired network.
Flexibility--the Internet is more flexible and encourages adding new business partners.
Openness--The system is open and standards based and the information can be read by a number of different applications.

With the Internet based form of electronic data interchange, the security concerns for privacy, access control, authentication, and integrity of the files or messages still remain in place. Methods of encryption used with email include Privacy Enhanced Mail (PEM), the Internet standard designed by the Internet Activities Board to provide secure electronic mail over the Internet and Pretty Good Privacy (PGP). PEM incorporates encryption, authentication, and key management and allows use of both the public-key and private-key cryptosystems. It uses the DES algorithm for encryption and the RSA algorithm for sender authentication and key management. PEM also provides support for nonrepudiation which allows the third party recipient of a forwarded message to verify the identity of the message originator and to verify whether any of the original text has been altered. PGP provides confidentiality by encrypting messages to be transmitted or stored locally as files. It uses an algorithm known as IDEA (International data encryption algorithm) and is considered by some to be even stronger than DES which enjoys a reputation for strength.

World Wide Web security issues are closely related and products are developing for HyperText Transport Protocol (HTTP) implementations that will build confidence in the World Wide Web as a secure area for electronic commerce. HTTP is the most important protocol used in the World Wide Web. HTTP is the protocol used for moving hypertext files across the Internet. Examples of security developments for the World Wide Web include Netscape Communications Corporation’s Secure Sockets Layer (SSL) and Enterprise Integration’s Secure HyperText Transfer Protocol (S-HTTP). Another emerging product is called Secured Electronic Transaction (SET) and it is sponsored by a cooperative effort between Visa and Mastercard International.

Security issues seem to be the paramount concern with both the "old EDI" and the "new EDI" using the Internet for transport. With the "old EDI", the Value Added Network service provider has been able to serve as the security enforcer in the trading cycle using a closed circuit limited circle of subscribers who pay the price for the added value.

The Internet offers the opportunity for many thousands of computers all connected by phone lines that link tens of millions of users together from all corners of the world. These numbers are not present in the "old EDI" community even after twenty years of existence. Continued and rapid development in the Internet security areas by companies such as RSA Data Security, Inc. are giving many the idea that new developments in cryptography will provide strong protection features on the Internet and it will become the preferred transport for EDI exchanges. News articles tend to point toward trusting these product advances: "How NASA’s Goddard Space Flight Center Decided Security Can Support EDI on the Internet," "VeriFone Sets Internet Payment System for Banks to Sell, Lowering Web Barrier," and "Financial Players SET Sail."

Overall, several factors make the Internet a viable electronic data interchange transport tool:

Charges are less using the Internet than other alternatives now available.
Ubiquitous network coverage.
Common mail standards which are nonproprietary.
New security techniques which give businesses the confidence they need concerning the security needed for their electronic commerce transactions.

MIME (Multipurpose Internet Mail Extensions)

An important part of the electronic data interchange process is the software evaluation and processing of the message. Nearly all of the transactions defined in the "old EDI" are modeled on the exchange of electronic mail between computers. The "old EDI" uses a convention for mail based on the X.435 standard derived from the International Standards Organization (ISO) X.400 standard. The Internet EDI model is based on a standard for electronic mail called MIME. This standard is known as Request for Comment (RFC) 822 developed by the Internet Engineering Task Force. X.400 was meant to be the universal answer to email interconnectivity. It is designed to allow companies to connect all electronic mail systems using a single gateway. It is used primarily by VANs. The X.435 subset of the overall X.400 is specifically designated for electronic commerce use. A header is always placed at the top of the message when information is sent from one computer to another. It acts as an address on the outside of an envelope. A special field identifies it as an EDI message. It is designed to be a secure reliable way to send EDI and accompanying files; however, not many are using it. For whatever reason, this standard has not come into widespread use. People seem to be more interested in MIME (Multipurpose Internet Mail Extensions).

MIME dictates how multimedia message attachments such as spreadsheets, word processing documents, or EDI transaction sets can be sent as enveloped messages using the Internet Simple Mail Transport Protocol (SMTP). SMTP provides a common specification for the exchange of email messages between systems and networks. Most Internet email users use SMTP. As multimedia quickly becomes part of the networking world, email users and the business enterprise are no longer satisfied with sending simple text messages and files. Users want to send drawings, voice, spreadsheet, and text files, all of which MIME supports. The primary drawback to MIME is the security issue once again. The fact that it can input automatically to other programs such as PostScript files poses a danger. PostScript language is known for its security holes which have been exploited and are widely distributed. Without warning, because a contaminated message is automatically opened, the recipient’s entire system can be contaminated. The primary strength in MIME lies in its design which allows it to work with a variety of mail transport protocols including BITNET, UUCP, SMTP, and X.400. EDI formatted information can be handled easily. Methods of identifying EDI objects in a MIME message are being defined by the Internet Engineering Task Force now.

Summary

Electronic data interchange is a tool which is at the heart of electronic commerce activity. Using the carefully constructed standards which have been developed and which continue to evolve into a single set of internationally recognized standards establishes a firm communications base for electronic business transactions. The financial benefits which accrue from using these methods are substantial. Many companies have pioneered and perfected the use of electronic data interchange methods on their mainframe computers and many have elected to use the services of the value added network service providers. The VANs have invested a great deal in developing proprietary methods of securing and offering products which provide business with the audit and other reports they need. They have a strong position in the market place. EDI continues to grow according to Frost and Sullivan, a California-based marketing research firm. They expect the worldwide EDI market to quadruple from $669.01 million in 1994 to more than $3.19 billion by 2001. The United States Department of Defense has set its goals to be purchasing everything using EDI by July 1, 1997 and, at this time, they do not plan to handle bids over the Internet.

It appears that security is the most problematic point in the world of electronic commerce and that the security problem exists with both the Internet as a transport vehicle and in the traditional EDI world. The Internet because of its rapid expansion, ready acceptance, and low cost to enter is an attractive alternative for many companies and people who can not afford the costs of Value Added Networks for electronic data interchange. On April 1, 1996, at the Internet and Electronic Commerce Conference leading edge companies such as Microsoft, America Online, Netscape, and Sun Microsystems predicted that the World Wide Web would create dramatic changes in society as well as computer hardware. These changes will no doubt continue to impact the growth of EDI, particularly using the Internet. It is difficult to predict which will grow more quickly, the traditional EDI structure or the "new EDI" once security issues are further put to rest with EDI on the Internet.

For some, standards are still the key issue. The U. S. Department of Defense, for example, communicates to its vendors that its choice of standards is the ANSI X.12 EDI standard. They advise that:

"Should the Government decide to begin using the EDIFACT standards, you will be provided adequate notice."

The situation appears to be one where companies are looking at both the "old EDI" and the "new EDI" at the same time and are making plans to be open to a migration of their business processes using avenues the Internet might possibly provide and that the alignment of EDI standards might provide. Everyone can agree that tools that can speed the exchange of information, improve customer service, reduce costs, and increase global competitiveness will be used.

Sources List

"Almost Everything You Ever Wanted To Know About Security,"Version 2.2 FAQ: Computer Security, December 3, 1993, available from http://www.cis.ohio-state.edu/hypertext/faq/usenet/security-faq/faq.html.

Baig, Edward C. "Shielding the Net from Cyber-Scoundrels."Business Week, 14 November 1994, 88.

Blakeley, Michael. "EDI/MIME Opens Internet for Business Use."PC Week, 27 March 1995, N24.

Cavalli, Dr. Alexander. "Electronic Commerce Over the Internet and the Increasing Need for Security: A White Paper," December 8, 1995, available from http://www.galaxy.einet.net/tradewave/products/vpiwp.html. no longer available (2/2004).

Chen, Elaine. Web to Spark Change But Issues Remain.Electronic News, 1 April 1996,20.

Clark, Don. "VeriFone Sets Internet Payment System for Banks to Sell, Lowering Web Barrier."The Wall Street Journal, 18 June 1996, B6 C4.

"D&B Launches New Information-Based EDI Service," Business Wire, 13 September 1995, available on CD-ROM Business NewsBank.

Dalva, David I. "Security and the World Wide Web," June, 1994, available from http://www.tis.com/home/networksecurity/wwwarticle.html no longer available (2/2004).

Davis, Stan and Jim Botkin. "The Coming of Knowledge-Based Business: Smart Products and Services Will Turn Companies into Educators and Consumers into Lifelong Learners." Harvard Business Review, September-October 1994, 165-170.

Denn, James. "Businesses’ Changing Landscape: Technology Makes Much Commercial Real Estate Obsolete As Workers No Longer Need Be In Central Location," Times Union (Albany, New York), 10 March 1996, available on CD-ROM 1996 NewsBank NewsFile.

Deutsch, Peter. "A Sense of Security." Internet World, October 1994, 94-96.

Galland, Matthew W. "Legal Aspects of a Paperless Letter of Credit: Implications for the Transportation Industry and the Advancement of Electronic Data Interchange on the Internet," 6 December 1994, available from http://www.usfca.edu/suf/gallma10/EDI.html#RTFToC4. (not available 2/2004.

For more recent article by author, check Galland, Matthew W.: Paperless Letters of Credit and EDI on the Internet. In: Alt, Rainer; Schmid, Beat F.; Zbornik, Stefan: EM - Electronic Commerce and Reduced Transaction Costs. EM - Electronic Markets, Vol. 5, No. 3, 01.95. URL: <http://www.informationobjects.ch/NetAcademy/naservice/publications.nsf/all_pk/1664> [16.02.2004].

Haynes, Ted. The Electronic Commerce Dictionary: The Definitive Terms for Doing Business on the Information Highway. Menlo Park, California: Robleda Company, 1995.

"How NASA’s Goddard Space Flight Center Decided Security Can Support EDI on the Internet." I-S Analyzer, December 1995, 2-8.

Jacobs, Margaret A. "Will Notaries Still Reign Over Red Tape When Documents Move Electronically?" The Wall Street Journal, 12 March 1996, B1 C3.

Kalakota Ravi, and Andrew B. Whinston. Frontiers of Electronic Commerce. Reading, Massachusetts: Addison-Wesley Publishing Company, 1996.

Kerstetter, Jim. "Financial Players SET Sail." PC Week, 24 June 1996, 10.

Kumar, Ram and Connie W. Crook. "Educating Senior Management on the Strategic Benefits of Electronic Data Interchange." Journal of Systems Management, March-April 1996, 42-48.

Lankford, William M., and Walter E. Riggs. "Electronic Data Interchange: Where Are We Today?" Journal of Systems Management. March-April 1996, 58-64.

McLoone, Sharon. "EDI or DIE? An End User Discovers Electronic Commerce as a Survival Tactic." FORM Magazine, January 1995, available from http://www.huber.com/Avex/Avex95/ecgroup/newsedi.htm. no longer available (2/2004)

Nelson, Chris. "The ABC of EDI," UK/EDI Awareness Centres, no date, available from http://www.imaginet.co.uk/edi/feature4.htm.

Parent, Tawn. "Be Prepared for Electronic Bidding, Feds Tell Vendors," New Orleans City Business, 19 February 1996, available on CD-ROM 1996 NewsBank NewsFile.

Rayport, Jeffrey F., and John J. Sviokla, "Exploiting the Virtual Value Chain." Harvard Business Review, November-December 1995, 75-85.

Rayport, Jeffrey F. and Sviokla, John J. "Managing in the Marketspace: If You Think the Information Revolution Isn’t Transforming Your Business, Think Again." Harvard Business Review, November-December 1994, 141-150.

Sandberg, Jared. "Losses Linked to Lax Security of Computers." The Wall Street Journal, 18 November 1994, B4 C5.

"TEXAS-ONE Electronic Commerce Introduction," 22 January 1996, available from http://www.texas-one.org/ec-text.htm. no longer available (2/2004)

United States Department of Defense, Defense Information Systems Agency. EC/EDI Handbook, Chapter 7, no date, available from http://www.acq.osd.mil/ec/hdbk/chap08.html.

Ward, Getahn M. "TECHNOLOGY - Firms Tell Suppliers to Trash Paper, Take Orders By Computer," The Commercial Appeal, 16 July 1995, C1, available on CD-ROM 1996 NewsBank NewsFile.

Wayner, Peter. "EDI Moves the Data." Byte, October 1994, 121-128.

Wildstrom, Stephen H. "Digital Signatures That Can’t Be Forged." Business Week, 4 July 1994, 13.

Return to Table of Contents

This page is created and maintained by Sue Soy ssoy@ischool.utexas.edu
Last Updated 02/15/2004
© Copyright 1996 - 2006 Susan K. Soy
Please feel free to copy and distribute freely for academic purposes with this notice and attribution.
All other rights reserved.