A4SWIFT Security Features for Message Repair and New Submission
BizTalk Accelerator for SWIFT (A4SWIFT) provides out-of-the-box facilities for SWIFT message creation, repair, rekey verification, and approval. Business users create, edit, and review SWIFT messages by using Microsoft OfficeInfoPath, which provides a graphical representation and user interface for financial (FIN) messages. InfoPath renders the entry/repair/rekey verification form from the XML produced by the A4SWIFT runtime and BizTalk Server. A4SWIFT provides an InfoPath template for each FIN message type (based on the corresponding A4SWIFT XSD schema) so that you can open any SWIFT FIN message types in InfoPath. A4SWIFT provides the following features to aid in security.
InfoPath Forms
Through the InfoPath forms generated with the FormGenerator Utility provided by A4SWIFT, business users submit and retrieve SWIFT messages to and from inboxes and outboxes implemented on secure Windows SharePoint Services Web folders. Windows SharePoint Services Web folder security is provided completely by Microsoft Windows SharePoint Services using file-system access control lists (ACLs), Windows Authentication, and Internet Information Services (IIS) security features. Data is protected while "on the wire" between Windows SharePoint Services Web folders and InfoPath by Secure Sockets Layer (SSL) and HTTPS transport protocols.
A4SWIFT InfoPath forms are created as "untrusted." This status provides the highest level of security. For more information about trusted and untrusted, see InfoPath Security.
Runtime Service
A4SWIFT provides a runtime service (implemented as a BizTalk orchestration) to authenticate, validate, process, and route SWIFT messages between the SharePoint Web folders, message repair/entry orchestrations, back-end systems, and ultimately, to the SWIFT network. This runtime service is known as A4SWIFT Message Repair and New Submission.
Secure Messages
The storage and delivery of SWIFT messages between InfoPath, Windows SharePoint Services, and Message Repair and New Submission is secured by underlying services (Windows SharePoint Services, IIS, Windows) and transport protocols (SSL, HTTPS). However, the message creation, repair, approval, and submission infrastructure made up of Message Repair and New Submission, Windows SharePoint Services, and InfoPath requires additional user-level security to enforce authenticity and protection of SWIFT messages handled by end users.
A4SWIFT also defines and implements user-level security semantics to make sure that SWIFT messages are modified and submitted only by trusted and authorized users, and that message data is not altered or tampered with during the asynchronous steps of the submission process (for example, while messages are sitting in a SharePoint Web folder waiting for user intervention). Coordinated and choreographed security features on the workstation (through InfoPath) and server (through A4SWIFT Message Repair and New Submission) enforce these user-level security policies.