EDI Security

Matthew K. McGowan, Bradley University


The Business Role of EDI

The EDI Process

EDI Vulnerabilities





EDI Security Mechanisms

Access Control



Data Integrity

Auditable History

Communications Network Alternatives

Value-Added Network Services (VANs)

Internet-Based EDI

Security Threats of Internet-Based EDI

EDI Standards

The ANSI X12 Standard


Security Features of EDI Standards

Secure EDI Application Examples

Navy Exchange Service Command (NEXCOM)

Mayo Clinic

Bank of America (BA)

Guidelines for Managing EDI Systems Risks

Establish Security Requirements by Data Class

Assess Risks

Conclusions and Recommendations


Cross References



Electronic data interchange (EDI) is the computer-to-computer exchange of business transactions in standardized formats. It is used for business-to-business (B2B) electronic commerce, the largest and fastest growing type of electronic commerce. EDI involves electronic links from one organization to another, classifying it as a type of interorganizational information system (IOIS). EDI includes support for a variety of business transactions. For example, Bell Helicopter (2002) uses EDI for invoices, payments, shipping schedules, and requests for quotes in conducting business with its suppliers. EDI uses standard formats for the electronic exchange of business transactions.

There are over 100,000 companies using EDI in ...

Get Handbook of Information Security, Volume 1, Key Concepts, Infrastructure, Standards, and Protocols now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.