Secure authentication and acknowledgement message
5. Segments Layout
 
Segment number:
4
-
M
99
-
A group of segments identifying the security service and security mechanisms applied and containing the data necessary to carry out the validation calculations.
This segment group shall specify the security service and algorithm(s) applied to the referenced EDIFACT structure. Each security header group shall be linked to a security trailer group, and additionally linked to the USY segment(s).
-
M
1
-
 
Function:
 
To specify a security mechanism applied to a EDIFACT structure (i.e.: either message/package, group or interchange).

Notes:
1. 0541, if not present the default scope is the current security header segment group and the message body or object itself.
2. 0507, the original character set encoding of the EDIFACT structure when it was secured. If no value is specified, the character set encoding corresponds to that identified by the syntax identifier character repertoire in the UNB segment.
3. S500, two occurrences are possible: one for the security originator, one for the security recipient.
4. S500/0538, may be used to establish the key relationship between the sending and receiving parties.
5. S501, may be used as a security timestamp. It is security related and may differ from any dates and times that may appear elsewhere in the EDIFACT structure. It may be used to provide sequence integrity.
 
EDIFACT
EAN
*
Description
Security service, coded
M
an..3
M
*
=
Referenced EDIFACT structure non-repudiation of origin
0534
Security reference number
M
an..14
M
 
Unique reference number assigned by the security originator to the security header group, security trailer group and the USY segment (USH, DE 0534; UST, DE 0534 and USY, DE 0534).
Scope of security application, coded
C
an..3
R
*
=
Whole related message, package, group or interchange
=
Part related message, package, group or interchange  (GS1 Temporary Code)
Specification of the scope of application of the security service defined in the security header.
Response type, coded
C
an..3
N
   
Filter function, coded
C
an..3
R
*
=
Hexadecimal filter
Identification of the filtering function used to reversibly map any bit pattern to a restricted character set.
The filter function describes how binary information (e.g., a digital signature) can be shown in a readable format. This is for example the case if the value "01111111 00111011" has no readable presentation and can be shown with the hexadecimal filter as "7F 3B".
Original character set encoding, coded
C
an..3
R
*
=
ASCII 7 bit
=
ASCII 8 bit
=
Code page 850 (IBM PC Multinational)
=
Code page 500 (EBCDIC Multinational No. 5)
Identification of the character set in which the secured EDIFACT structure was encoded when security mechanisms were applied (i.e., when the digital signature was generated).
Role of security provider, coded
C
an..3
N
   
S500
SECURITY IDENTIFICATION DETAILS
C
N
   
Security party qualifier
M
an..3
     
0538
Key name
C
an..35
     
0511
Security party identification
C
an..512
     
Security party code list qualifier
C
an..3
     
Security party code list responsible agency, coded
C
an..3
     
0586
Security party name
C
an..35
     
0586
Security party name
C
an..35
     
0586
Security party name
C
an..35
     
0520
Security sequence number
C
an..35
N
   
S501
SECURITY DATE AND TIME
C
R
   
Date and time qualifier
M
an..3
M
*
=
Security Timestamp
Date and time when the signature was generated.
0338
Event date
C
n..8
R
 
Date of event, format is CCYYMMDD.
0314
Event time
C
an..15
R
 
Time of event, format is HHMMSS
0336
Time offset
C
n4
O
 
UTC (Universal Co-ordinated Time) offset from event time. Format is HHMM. Shall be prefixed with '-' for negative offsets.
Segment Notes:
A segment specifying a security service applied to the referenced EDIFACT structure.
The security service data element (DE 0501) shall specify the security service applied to the referenced EDIFACT structure.

Example:
USH+7+1+3+1+2+1++++1:20011010:110522:0100'
© Copyright GS1
Edition 2016