The BDI Secure Data Delivery System (SDDS) provides a simple and secure
way to transfer highly confidential information to the BDI Processing
Center. The SDDS application utilizes high-grade, industry-standard,
128-bit SSL encryption to allow each customer to access the system.
Further, the SDDS application is built using Java technology - which
enables the application to compress uploaded data files and work with
client-side networking requirements such as Proxy Servers and Firewalls.
As with any Internet-based application, there are specific concerns
and questions that must be addressed in detail. These concerns and
questions are described below.
What is SSL, how does it work, and how secure
is it?
SSL (or Secure Sockets Layer), originally developed by Netscape Communications,
is a public technology for securely transmitting information over
the Internet. The SSL protocol has become the universal standard on
the Internet for Web site authentication and secure, encrypted communications
between browser users and Web servers.
SSL is a type of Public Key Cryptography. Public Key Cryptography
(PKC) utilizes a set of two "keys" - which are basically highly unique,
very-long numbers. One key (called the public key) is used to encrypt
all data going to a server.. The other key (called the private key)
is used by the server to decrypt the data being received. The security
of PKC comes from the nature of the two keys. Because of how they
are created, the private key is the only key that can decrypt data
that was first encrypted by the public key. Since no two keys are
ever the same, and because the private key is safely stored inside
the server - the data encrypted by the client browser is always secure.
However, the complexity of SSL is much greater than the previous description
- for a more detailed description of SSL please see the following
URL: http://www.verisign.com/rsc/gd/pmt/ecomm-tech/index.html
How secure is SSL? According to Verisign and RSA labs (both authorities
on Internet security), 128-bit SSL encryption is the world's strongest
and would take a trillion trillion years to crack using today's computer
technology.
What is Java?
Java is a portable, software development language. Software portability
means that an application can be "portable" and run on many different
types of computers and operating systems. Because if its portability,
Java is an ideal choice for Internet applications that may need to
run on Windows, Unix, and Macintosh systems simultaneously.
As part of the SDDS configuration instructions, each client browser
is configured to allow Java applications full permissions - but only
if that Java application comes directly from BDI. This means the
client browser can use the SDDS application without risk.
What is data compression, and why do I need
it?
Data compression is the process of reducing the size of computer data
- such as large data files and images. Compressing computer data into
a smaller size can greatly decrease the amount of time it takes to
transfer the data to another location. The SDDS application automatically
compresses uploaded data in order to minimize the amount of time needed
to transfer a file. On a typical uncompressed print-image statement
file, the compressed data only takes up 10-15% of its original size
- greatly reducing upload time.
Summary
At BDI, our goal is to provide the highest level of security to you,
our customer. By openly addressing the general security issues involved
in our SDDS application and explaining its structure, we are trying
to alleviate any possible concerns that our customers may have.
|
eStatements