Info Exchange Security
Newforma Info Exchange encrypts all communications to and from its web server by using Secure Sockets Layer (SSL). A requirement for using SSL is to have a digital certificate installed on the server. Certificates can be obtained from a Certificate Authority (CA) such as Verisign. The CA is trusted by popular operating systems and web browsers, so any certificate issued by a trusted CA is assumed to be valid by the program accessing the website.
There is a process by which the CA determines that the certificate requester is legitimate. This involves specifying information such as the server's address (for example, www.newforma.com), the company's name and address, a contact's email address, a contact's phone number, and other pertinent information. The CA then verifies this information against public records. Anything that cannot be verified automatically is verified manually by the CA. When the verification is complete, the certificate is sent to the requester who then installs it on the web server. Once the certificate is installed using a secure address (such as https://infoexchange.newforma.com), the communications are encrypted.
In a Project Center network, there are several programs that communicate with the Info Exchange Server. The Project Center Server manages the flow of file transfers to and from the Info Exchange Server. The Project Center clients act as the interface and also manage file transfers. Web browsers connect to the Info Exchange Server so that users can create and download file transfers. Each of these programs uses SSL to ensure that all communication is kept private.
Certificates have an expiration date, so the CA will typically send the requester an email reminder to renew the certificate before it expires. The Project Center Administration activity center also shows the date the certificate expires. If the certificate is not renewed, each of the programs listed above will have problems communicating with Info Exchange. This will result in file transfers no longer being able to be transferred to and from Info Exchange.