Message Exchange

This page deals with issues around exchanging messages regardless of message format or content included. We’ll look particularly at what states are currently doing.

Communication Protocols

The following communication protocols are currently in use:

  • The AAMVA Internet Exchange (AMIE) service. AMIE allows communication over dedicated leased lines to AAMVA or using secure FTP (SSL). AAMVA charges a per message row and per character fee for sending messages.
  • Web Services. Message transmission is pushed from the state to a web service hosted by a participant. Messages can be any format. Message count validation is built in to ensure no messages are lost.
  • FTP. FTP allows the greatest flexibility as any file type can be exchanged.

Encryption Methods

The following encyption methods are currently in use:

  • The AAMVA Internet Exchange (AMIE) service. AMIE’s use of dedicated leased lines bypasses the need to encrypt data.
  • PGP. Pretty-Good-Privacy. Probably the most common file encryption technology. Involves and exchange of a private and public key. (Private keys are for encrypting and decrypting, public keys for encrypting and sending the file to the private key holder.)
  • SSH. Secure Shell. Works with FTP (SFTP).
  • SSL. Secure Socket Layer. Works with FTP (FTPS) and Web Services (HTTPS). Probably the most common encryption technology for data exchange.
  • VPN. Virtual Private Network. A VPN tunnel established on demand between the partner and the state’s firewall will encypt all data transmitted. Works with any communication protocol.
  • Zip. PKWare offers SecureZip which uses a password to encypt files. Includes built-in compression.

Evaluation of Practices by State

 

State Transmission Encryption Pros/Cons
Arizona FTP SSH
California FTP SSH
Florida FTP Zip
Georgia FTP SSL Pros: Georgia hosts the server and controls access. FTPS is widely available.
Cons: FTPS is difficult to automate (script).
Hawaii AMIE AMIE Pros: Most states already have an AAMVANet connection.
Cons: Expensive for both state and partner. No delivery confirmation of files sent to mailboxes.
Idaho AMIE AMIE Pros: Most states already have an AAMVANet connection.
Cons: Expensive for both state and partner. No delivery confirmation of files sent to mailboxes.
Iowa FTP SSL
Louisiana FTP SSH Pros: Louisiana has partners host FTP server.
Cons: Louisiana has partners host FTP server.
Massachusetts AMIE AMIE Pros: Most states already have an AAMVANet connection.
Cons: Expensive for both state and partner. No delivery confirmation of files sent to mailboxes.
Nebraska FTP SSH
New York Web Sphere Web Sphere Cons: Difficult setup. License expensive.
Ohio AMIE AMIE Pros: Most states already have an AAMVANet connection.
Cons: Expensive for both state and partner. No delivery confirmation of files sent to mailboxes.
Pennsylvania FTP PGP Pros: Pennsylvania hosts the server and controls access. FTP and PGP are widely available and simple to automate.
Cons: PGP garbles EBCDIC packed decimal fields.
South Carolina Web Services SSL Pros: Built in message delivery confirmation.
Cons: Proprietary communication requires custom development for partner.
South Dakota FTP SSL
Texas FTP Zip Pros: FTP and Zip are widely available and simple to automate. Texas has partners host FTP server.
Cons: Texas has partners host FTP server.
Virginia AMIE AMIE Pros: Most states already have an AAMVANet connection.
Cons: Expensive for both state and partner. No delivery confirmation of files sent to mailboxes.
Washington FTP SSH
Wisconsin FTP SSH