Security considerations

Each trading partner is responsible for his own individual
risk assessment and security policies. In the interest of the automotive community,
however, CSPs and EPOs will be required to implement a consistent level of security to
protect their own facilities against unauthorized access. CSPs must also offer to
subscribers network layer security mechanisms (such as encrypting firewalls) that provide
the foundation for an ANX virtual private network.

Independent of what the ANX provides, however, subscribers
should also address security needs at the application layer where security can be provided
by encryption or security protocol products. Different classes of business processes and
corresponding applications using the ANX may require different levels of security. It is
the responsibility of the data owner to assess the risk involved in the transmission of
data and apply the appropriate security mechanism(s) as needed. In some cases, the
integrity of a single transaction is critical but the value of the information being
transmitted is short-lived (such as advance shipping notices). In other cases, the
individual transaction can be replicated relatively easily, but the underlying information
must be protected for an extended period (such as CAD file transfer).

The ANX will provide a common network infrastructure for
the many applications deployed by the automotive industry. Each application imposes its
own set of requirements on the ANX but each CSP will meet them all. Trading partners will
be expected to test applications thoroughly prior to deployment on the ANX.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

View profiles in store

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData

Submit

UK USA Afghanistan Åland Islands Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bonaire, Sint Eustatius and Saba Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos Islands Colombia Comoros Congo Democratic Republic of the Congo Cook Islands Costa Rica Côte d"Ivoire Croatia Cuba Curaçao Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard Island and McDonald Islands Holy See Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Isle of Man Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati North Korea South Korea Kuwait Kyrgyzstan Lao Latvia Lebanon Lesotho Liberia Libyan Arab Jamahiriya Liechtenstein Lithuania Luxembourg Macao Macedonia, The Former Yugoslav Republic of Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia Moldova Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Palestinian Territory Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Réunion Romania Russian Federation Rwanda Saint Helena, Ascension and Tristan da Cunha Saint Kitts and Nevis Saint Lucia Saint Pierre and Miquelon Saint Vincent and The Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia and The South Sandwich Islands Spain Sri Lanka Sudan Suriname Svalbard and Jan Mayen Swaziland Sweden Switzerland Syrian Arab Republic Taiwan Tajikistan Tanzania Thailand Timor-Leste Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates US Minor Outlying Islands Uruguay Uzbekistan Vanuatu Venezuela Vietnam British Virgin Islands US Virgin Islands Wallis and Futuna Western Sahara Yemen Zambia Zimbabwe Kosovo

Industry * Academia & Education Aerospace, Defense & Security Agriculture Asset Management Automotive Banking & Payments Chemicals Construction Consumer Foodservice Government, trade bodies and NGOs Health & Fitness Hospitals & Healthcare HR, Staffing & Recruitment Insurance Investment Banking Legal Services Management Consulting Marketing & Advertising Media & Publishing Medical Devices Mining Oil & Gas Packaging Pharmaceuticals Power & Utilities Private Equity Real Estate Retail Sport Technology Telecom Transportation & Logistics Travel, Tourism & Hospitality Venture Capital

Tick here to opt out of curated industry news, reports, and event updates from Just Auto.

Submit and download

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

The existing application types include:

Batch EDI – This requires consistent throughput to
ensure that data is always delivered in a timely fashion, enabling trading partners to
anticipate and avoid critical parts shortages. Once Batch EDI is converted to TCP/IP, its
interaction with the ANX will be better defined.

Interactive EDI – This includes real-time access to
the same databases that drive batch EDI, automated messaging triggered by specific events
such as critical shortages, and real-time interaction between individuals or processes at
different trading partners. Interactive EDI requires excellent response time, implying low
latency and prioritization of interactive traffic. Timeliness of the information is more
important than for batch EDI. Connection redundancy is a critical requirement.

CAD File Transfer – File transfer will be the
dominant CAD application on the ANX initially. It requires secure, error-free transmission
with certification of the file’s origin, and consistent throughput.

Collaborative and Interactive CAD – Three specific
needs are critical for these applications. First, after the applications have been
initiated, they need constant network availability until the session is ended. The network
must also be highly responsive. It must also tolerate the multi-megabyte data bursts that
collaborative and interactive CAD create and which already stress many internal networks.

Mail/Messaging – In its simplest form, e-mail
places little demand on a network. As attachments and multimedia are associated with
e-mail, demand increases considerably. The Simple Mail Transfer Protocol (SMTP) will be
the basis for e-mail exchange on the ANX. E-mail security will require digital signatures,
content integrity, and encryption. A trading partner who does not have a dedicated
connection to the ANX will require secure mail storage on a system provided by a third
party.

Client-Server – With respect to network capacity
and network latency, client-server applications do not place any unique requirements on
the ANX. However, these applications vary widely in terms of how efficiently they use
networks which has profound implications for bandwidth requirements, and thus network
costs, as well as user response time. ANX subscribers launching new applications or
expanding the use of existing ones over the ANX should thoroughly test application
performance and network load over a range of expected conditions including end-to-end
bandwidth, latency and background traffic.

Groupware Applications – These may result in large
data bursts depending on the frequency and granularity of data synchronization. This will
affect the requirements for the trading partners’ connection to the ANX. Groupware
applications also have directory and security needs similar to e-mail.

Legacy – Legacy applications that do not natively
support TCP/IP communications will gain access to the ANX through protocol translation
gateways. It will be the responsibility of the trading partners to provide sufficient
gateway capacity to enable such access until all applications are replaced or modified to
use TCP/IP.

Value Added Networks (VAN) and Service Bureaux –
These are a special type of ANX subscriber that provide telecommunications network
services. Such services may include data translation and store-and-forward services for
CAD, EDI and e-mail. These subscribers may be activities within CSPs themselves or
entirely independent companies that offer services other than TCP/IP transport to the rest
of the ANX subscriber base. Companies wishing to market such services to the ANX community
are strongly encouraged to connect to the ANX, rather than require their customers who are
ANX subscribers to purchase a separate network connection to access the VAN or service
bureau.

Once operational, the ANX will be entirely funded by fees
paid by subscribers for their connections to a CSP or exchange point.

Funding for the ANX Business Manager position is provided
by the AIAG as specifically approved by the AIAG Board of Directors.

Seed funding for ANX startup, including equipment, floor
space and initial services development will, if needed, be provided by AIAG members
represented on the TPT.

CSPs and trading partners connecting directly to an
exchange point will pay a fee to the EPO based on the bandwidth of that data transport
connection.

Funding for a Southeast Michigan Exchange Point will be
provided by those parties connecting to this facility, in the same manner exchange points
are funded in the internet today.

Funding for CSP operation will be provided by subscriber
fees including surcharges to cover Overseer operations and the higher QOS level required
by ANX subscribers.

Funding for the ANX Overseer will be derived partly from
certification and renewal fees paid by CSPs and exchange point operators, and partly by
fees for value-added services required by most ANX subscribers, such as security key
services and directory services.

A pilot implementation of the ANX was set up on December 1,
1997. Its intention is to prove out the concept of the ANX and to ensure that the aims of
the project are being achieved. It also gives the service suppliers the opportunity to
demonstrate their ability to meet the ANX stringent requirements for data security and
operating reliability, as they are being asked to deliver a level of performance that they
have never had to do so far.

The ANX pilot network interconnects nine corporate
internets. The companies participating are car manufacturers Chrysler, Ford and General
Motors, Tier-one suppliers Dana, Dofasco and UT Automotive, and steel suppliers Magna,
MAKSTEEL and Taylor Steel. Product engineering data is being exchanged between the car
manufacturers and the Tier-one suppliers. The steel companies are sharing applications
with one another and with Dofasco, including EDI, electronic commerce and e-mail.

Acting as ANX Overseer for the ANX pilot is New Jersey
telecommunications company Bellcore. It will probably be contracted for a three-year
period to continue with the project when ANX goes live.

The ISPs taking part in the ANX pilot are Ameritech, Bell
Canada, EDS and MCI. Those that demonstrate the required level of performance will be
ANX-certified. The certification of service providers will be market driven and this is
likely to lead to ten to 20 providers becoming CSPs once the ANX is fully operating.

Security gateways to the pilot ANX network are being
offered by Checkpoint Software, Cisco Systems, RadGuard, Raptor Systems and Trusted
Information Systems.

The first results from the pilot are expected to be
available at the end of February 1998 or early March. Assuming that the results are good,
the ANX should be ready to go live in mid-1998. Trading partners will then be able to
start signing up. The AIAG expects hundreds of companies to have subscribed by the end of
1998.

The ANX is planned to migrate and become a global means of
communication for the automotive industry. However, this will take some time.

In 1999, efforts will be made to bring Europe into the
project. With this aim in view, the AIAG is developing a memorandum of understanding with
Odette, the European umbrella organization which handles standardization issues. Other
parts of the world will follow at a later date.

Companies low down in the automotive supply chain can no
longer be excluded from the benefits of electronic commerce technologies. New solutions
are required to reduce the complexity and cost of inter-enterprise communication.

Ford, General Motors and Chrysler have endorsed the TCP/IP
as the standard protocol suite for inter-enterprise data communications among automotive
trading partners.

The ANX is a TCP/IP network comprised of trading partner
subscribers, certified service providers and network exchange points allowing for
efficient and secure electronic communications among subscribers, each requiring only a
single access circuit.

An ANX pilot project currently running should lead to full
implementation during the course of 1998 in North America. Efforts are being made to bring
Europe into the project in 1999, and other parts of the world at a later date.

AIAG – Automotive Industry Action Group
ANX – Automotive Network eXchange
CSP – Certified Service Provider
EDI – Electronic Data Interchange
EPO – Exchange Point Operator
ISP – Internet Service Provider
MAP – Manufacturing Assembly Pilot
QOS – Quality Of Service
SMTP – Simple Mail Transfer Protocol
TCP/IP – Transmission Control Protocol/Internet Protocol
TPT – Telecommunications Project Team
VAN – Value Added Network

Sign up for our daily news round-up!

Give your business an edge with our leading industry insights.

Sign up