Sedex – the digital postman of the Confederation
With sedex, the Federal Statistical Office (FSO) and the Federal Office of Information Technology (FOITT) offer a secure data exchange for authorities and public administrations. Encryption and security certificates are used
What is sedex?
sedex stands for secure data exchange and is a service of the FSO which is operated by the Federal Office of Information Technology FOITT. The highly available platform (24/7) was set up as part of the modernisation of the census and has been designed for the secure asynchronous exchange of data between organisational units since it went into operation on 15 January 2008. Against this background, the first sedex customers were the residents’ services of the municipalities, which have to provide the statistics to the FSO on a quarterly basis. Since sensitive data is exchanged, the platform had to meet high security and traceability requirements right from the start. For this purpose, sedex uses modern encryption procedures as well as security certificates of the Swiss Government PKI. Since 2009, the governance of sedex has also included other domains, and interested organisations can also use sedex’s service under certain conditions. In the first quarter of 2019, sedex was used by over 6,600 organisational units spread over more than 70 domains. In 2008, approximately 17.6 million messages were transmitted via sedex.
Who are sedex’s customers?
The customer base of sedex is regulated by so-called domains and ranges from the communal to the cantonal administrative level to various federal offices. One is always in the field of application of sedex when the applied processes require a regular and legally regulated data exchange, represent a stable circle of users, need high security requirements and a traceability of the messages is necessary. Today, sedex counts among its customers not only the population registers of the municipalities with the statistics deliveries, but also the debt collection offices, the civil registry, the federal building and housing register, the association of hospitals H+, eOperations Suisse, SSK, the association HPI Suisse ePolice, the joint institution KVG and many more. Among other things, these benefit from the fact that they do not have to set up their own infrastructure for data transport, the security issue is regulated and controlled by two federal offices, and they do not have to set up their own user administration and support organisation.
How does sedex work?
The sedex client (a Java application) essentially consists of 3 components, the adapter, the web service proxy and the controller, which are used to exchange messages between the sedex participants within seconds. The main task of the service is the asynchronous data exchange of individual messages between two sedex participants identified in the message. A message consists of an arbitrary data file (data_) and a sedex envelope (envelope envl_). The data file can be in any file format. For example, pdf, docx, zip, jpg, tar, xml, etc. The technical content or conventions (e.g. use of standards) are regulated by the domains. The envelope is a standardised XML file according to the eCH standard eCH-0090. The sender’s specialist application first writes the data file into the outbox of the sedex client, then the corresponding envelope. The data file is encrypted for transport using the Governikus public key / private key system. The sender’s sedex client then connects to the sedex platform and transmits the data via a secure connection. The sedex client of the recipient specified on the envelope retrieves the data on the sedex platform and decrypts it in its infrastructure. The solution is technically designed in such a way that only the recipient is able to decrypt this data. The envelope and the data file are then stored in the inbox of the sedex client. From there, the recipient’s specialised application can read the data.
Positive receipt after delivery
After successful delivery, a positive receipt is issued to the sender and the data is destroyed on the sedex platform. If delivery cannot be made for any reason, the sender will receive a negative receipt with the corresponding reason. All transactions are logged and traceability is guaranteed at all times. The sedex client can also be used for synchronous data communication. Encrypted data communication between consumer and provider of a web service is ensured without influencing the content. The added value lies in offering sedex participants who want to consume web services a simplified and uniform implementation of these services. The specialist application establishes a connection with the sedex client. This happens within the protected infrastructure of the participant. The sedex client “knows”, based on the call, where the desired web service is available on the Internet and establishes a secure tunnel to it. The web service consumer can rely on the fact that the actually requested web service provider provides information (and not a fictitious one). The web service provider (e.g. UPI of the central compensation office) can check whether the request actually comes from the alleged consumer. The web service provider can also integrate the authorisation system of sedex to simplify the user administration of the web service consumers. The advantage and success of sedex lies in the simplicity of the system and the high level of security it guarantees. The system is secure, traceable and reliable and therefore counts more and more customers among its circle.