|HTTP And Email Specifications|
This is an overview of the functions provided by HTTP and email interfaces. Due to the absence of published protocols, the interfaces do not conform to any published standard, and are unique to HL7Connect.
HTTP is a client/server protocol. Either HL7Connect interface must be nominated as the server, and one as the client. If this is not possible, a bridging server must be used.
HL7Connect HTTP interfaces run in one of 3 modes:
|Mode Name||Incoming||Outgoing||Usage Notes|
|Forwards||Server||Client||Preferred configuration - lowest network traffic level per message.|
|Backwards||Client||Server||When the incoming interface cannot be the server, due to network design restrictions.|
|Bridge||Client||Client||When neither interface can be the server, due to network design restrictions.|
When the incoming interface is a client, it must poll the outgoing client, or the bridge server for messages. This works but reduces throughput, while increasing network traffic.
If neither interface can be a server, then a bridge will be required. www.hl7connect.com offers a bridge service.
HTTP is expected to used over very unreliable networks, so Packet Cyclic Redundancy Check (CRC), tracking and Encryption Cipher Block Chaining (CBC) is built into the protocol to ensure that the messages are delivered without error.
Multiple logical interfaces can listen on the same port, using different logical names. The name is configured in the HTTP interface settings and must be the same for both the connected interfaces. The actual request URL consists of http://address:port/name/<random>, with the random number being just one way of preventing proxy caches from caching the response.
Due to the strong encryption requirements in the protocol, the only effective attack on the HTTP transport layer is denial of services (by making bad requests). This will reset the server side CBC, and if done often enough, can prevent any messages from being sent successfully. If required, client IP restrictions can be used to prevent this attack.
Email interfaces exchange email messages sent by Simple Mail Transfer Protocol (SMTP) and received by Post Office protocol (POP). Each interface requires an email account, configured with the POP account details, and the SMTP address of the corresponding interfaces' email account.
Messages are encrypted using rolling CBC across messages. At this time, the outgoing interface will wait for a response from the remote interface, before sending the next message. This is an area of active development and may change in later versions of HL7Connect.
The HL7Connect development team is working with HL7 to publish some accepted standards for HTTP and Email transport layers, with full PKI support. Once such standards are available for comment, HL7Connect will begin supporting them.