Standards for Technology in Automotive Retail
STAR recommends Message-Level security be applied where applicable. The key benefit of Message-Level security is the ability to route secure messages through multiple parties, endpoints, applications and or transfer protocols. In lieu of Message-Level security, STAR recommends Infrastructure-level security such as SSL.
If parties agree, security may be applied at both Message-Level and transfer Infrastructure-Level.
STAR recognizes that there are specific messages that do not require advanced security features such as Encryption. For example, if a message is a simple request to display a picture of a car model, the request and reply messages do not reasonably require any special security features.
When security is applied at the transfer Infrastructure-Level, Identification and Authorization are handled by a transfer level protocol, the most common standard being SSL. SSL provides encryption of the entire message during its transport over the network. During the initial SSL handshake a shared key is generated allowing for highly performant encryption, and the entire message is encrypted as it travels over the network. The handshake also requires the Authentication of the Receiver.
The Sender’s system authenticates:
It believes the digital certificate presented by the Receiver is associated with the Receiver
The Receiver’s digital certificate has been digitally signed by a party the Sender trusts
Optionally, the Receiver may request that the Sender present a digital certificate, which the Sender may then validate.
In other words, the Sender always authenticates the message Receiver; the Receiver may optionally authenticate the message Sender.
Advantages of an Infrastructure-Level Security include:
End user applications do not require the ability to sign or encrypt messages
SSL is widely used, well understood, relatively easy to use and significantly secure
Many companies require a VPN and have the infrastructure in place already to support them
Possible disadvantages of Infrastructure-Level Security include:
Point to Point only
Security is transient, once received, the message is no longer encrypted
When security is applied at the Message-Level, a message may be encrypted, may be digitally signed or both.
Advantages of Message-Level Security include:
Transfer Protocol independent security. The same message can be routed over HTTP or over more proprietary messaging systems such as message queue systems or Virtual Private Networks.
More flexible client architectures. Secure messaging can be accomplished without the requirements that the client architecture support SSL and or Web Server like functionality
Persistent non-repudiation can be enabled (a signed message may be stored, allowing a way to later prove the content validity and origin of the message)
Authorization can be based on security tokens within the message itself. SSL requires the use of Digital Certificates, message based authentication can be more flexible allowing for Username/Password combinations or other security tokens
Possible disadvantages of Message-Level Security include:
Sender and Receiver must agree to somewhat complex best practices for what parts of a message may be encrypted or signed, what algorithms may be used, and how Header elements describe the secured parts of the message.