15 Mar 2021 What are the different types of transfer protocols available?
Before implementing a secure file transfer solution, it is good to know the basics of protocols that are involved in the secure transmission of data.
by Eloïse Gruber
The FTP file transfer protocol is a popular transfer method that has been around for decades. FTP exchanges data using two separate channels: the command channel to authenticate the user and the data channel to transfer files.
However, these two FTP channels are not encrypted, which implies that the data sent has a risk of being exploited even if it requires a username and password to authenticate access.
Short for FTP, FTPS is a secure file transfer protocol that allows you to transfer files securely through SSL/TLS (Secure Sockets Layer/ Transport Layer Security). FTPS transfers can be authenticated by support methods, such as customer certificates, server certificates and passwords.
SFTP stands for FTP part SSH (Secure Shell). This is a secure FTP protocol that is an excellent alternative to unsecured FTP tools or manual scripts. SFTP allows data to be exchanged via an SSH connection that provides a high level of protection for file sharing between systems, cloud, collaborators, etc.
Like FTPS and SFTP, TFTP is based on the FTP protocol. TFTP (Trivial File Transfer Protocol) is a simple transfer protocol that allows you to send and receive files. TFTP is used when the reliability of the file is known and no security is required when sending or receiving the file because authentication and encryption of the data are not possible. Anyone who knows the path can download the files. This is not the most secure transfer solution.
SCP, or Secure Copy Protocol, is an older network protocol that supports file transfers between network hosts. It is somewhat similar to FTP, however SCP supports encryption and authentication functions.
HTTP and HTTPS
The cornerstone of the World Wide Web, HTTP (Hyper Text Transfer Protocol) is the backbone of data communication. It defines the format of messages by which browsers and web servers communicate and determines how a browser should respond to a query.
HTTP uses TCP (Transmission Control Protocol) as a secondary protocol, which is also a stateless protocol. This means that each command is executed independently and no session information is retained by the recipient.
HTTPS (Hyper Text Transfer Protocol Secure) is the secure version of HTTP where communications are encrypted by TLS or SSL.
AS2, AS3, and AS4
AS2, AS3 and AS4 are all protocols used to send and secure sensitive file transfers.
AS2 is used to reliably transmit confidential data over the Internet. AS2 uses digital certificates and encryption standards to protect information as it transits between systems and networks. AS2 messages can be compressed, signed, encrypted and sent via a secure SSL tunnel.
AS3 is a standard that can be used to transmit virtually any type of file. AS3 provides an additional level of security when transmitting data through digital signatures and data encryption. It was originally created to transfer XML and EDI data files. Unlike AS2, which is a defined transfer protocol, AS3 is a message standard and focuses on how a message should be formatted when transmitting from server to server. Once an AS3 message has been dialled, it can be transmitted via any other protocol (FTP, SFTP, HTTPS, etc.) provided both parties can access where the message was placed.
AS4 allows companies to exchange data securely. It builds on the foundation established by AS2, but works with web services and provides delivery notifications. As a business-to-business standard, AS4 helps make document exchange safe and simple on the internet.
PeSIT is the abbreviation for the “Exchange Protocol for an Interbank Telecompensation System.” PeSIT is a file transfer protocol that was developed by the French Interbank Interbank Systems (GSIT) Economic Interest Group. It is mainly used to meet European banking standards and to transfer communications between banks in Europe.