Docstoc

Glossary document - NRS - Eskom

Document Sample
Glossary document - NRS - Eskom Powered By Docstoc
					Prepaid Online Vending System
           Version 1.2




          Glossary
            And
     Definition of Terms
                           Prepaid Online Vending System – Glossary of Terms

Title Page


Document Title     Glossary and Definition of Terms


Document Number


Document Issue


Compiled By        Jimmy O’Kennedy


Issue Date


Controlled By


Electronic Media   Media                          Media Identifier
                   Disk identifier                Online Vending
                   File Identifier                Glossary and Definition of Terms
                   Disk controlled by



Approval           Position                Name                    Signature         Date

                   Executive Sponsor       Hugh McGibbon

                   Sponsor                 Brian Mokgele

                   Program Manager         William Mpye

                   Systems Architecture    Lloyd Jones

                   Prepayment
                   Development
                   Manager                 Deon van Rooi




                                                                                            Page 2
                      Prepaid Online Vending System – Glossary of Terms

Amendment History



        Doc. Issue     Date              Changed Chapter /          No of Pages   Checked by
                                           Topic / Page                           Name Initial
            1        05/12/2004      First Issue

          1.10       31/01/2005      Release with team
                                     comments

          1.12       01/03/2005      Redefine vendor types as
                                     specific vend configs

           1.2       12/07/2005      Updated PKI related
                                     definitions, Client feedback
                                     and Server Functional
                                     definitions




                                                                                           Page 3
                                                  Prepaid Online Vending System – Glossary of Terms


1. Table of Contents
  Title Page ........................................................................................................................................................................ 2
  Amendment History........................................................................................................................................................ 3
1. Table of Contents ........................................................................................................................................................ 4
2. Introduction ................................................................................................................................................................ 4
3. Abbreviations .............................................................................................................................................................. 4
4. Definitions .................................................................................................................................................................. 5
5. Online Vending System Overview ........................................................................................................................... 19




2. Introduction
        This document define the glossary of terms that are used in the prepaid environment with specific
        reference to Online Vending

        This document is a work in process for as long as the online vending system is under development and
        implementation. Please forward any comments, questions and further proposals to the Prepaid
        Development Department to enable us to update these terms and definitions.

        Note that there are several other prepayment specific documents that also cover a number of prepaid
        related definitions. It will be preferred to prevent duplication of definitions as far as practical. However,
        a number of parties that work on online vending systems and business related processes, may not be
        familiar with all the prepaid specific definitions. It is therefore deemed necessary to add some additional
        (i.e. duplicate) definitions in this document while such definitions may already exist in some other
        documents.

        As a general rule of thumb, specific online vending related terms and definitions should be in this
        document. Pure prepaid related definitions (e.g. algorithm type, and token technology) will be added
        here but only described in layman’s terms to be generally understood in the context of online vending. It
        will not be attempted to provide a formal definition for such terms to understand how they are created
        and may affect the rest of the prepaid system or STS.




3. Abbreviations
ACB                                            Automatic Clearing Bureau
APN                                            Access Point Name
AT                                             Algorithm Type
CA                                             Certificate Authority
CP                                             Certificate Policy
CPS                                            Certificate Practise Statement
CSR                                            Certificate Signing Request
CTMS                                           Credit and Tariff Management System
DES                                            Data Encryption Standard
EAN number                                     Numbering system designed by International Article Numbering Association
                                               (EAN) in Europe.
EBSST                                          Electricity Basic Support System Tariff, i.e. “Poverty” Tariff
GPRS                                           General Packet Radio Service
IPsec                                          IP Secure
KRN                                            Key Revision Number
LDAP                                           Lightweight Directory Access Protocol
MAC                                            Message Authentication Code
PKC                                            Public key Certificate
PKI                                            Public Key Infrastructure
POTS                                           Plain old telephone service

                                                                                                                                                                           Page 4
                       Prepaid Online Vending System – Glossary of Terms

RA                    Registration Authority
RSA                   A public key cipher under license from the company RSA inc.
SGC                   Supply Group Code
SOAP                  Simple Object Access Protocol
SSL                   Secure Socket Layer
STS                   Standard Transfer Specification
TCP/IP                Transmission Control Protocol over Internet Protocol
TI                    Tariff Index
TLS                   Transport Layer Security
TT                    Token Technology (Token Type)
VPN                   Virtual Private Network.
WORM                  Write-Once-Read-Many
X509                  The code for certificates used by SSL authentication and encryption
XMLVend               Common name for the NRS Standard that defines secure communication
                      between the Vending Server and Vending Clients




4. Definitions
Access Point Name     Refers to the network name assigned to a subnet on the GPRS network.
(APN)                 Service providers can allow access to specific devices to an APN, allowing a
                      client to access the computers only on a single network
Account Payment       Generally payment of money by a customer against any Eskom account
                      number. This may be payment for any outstanding fees e.g. normal bill, tamper
                      fee, lost card fee etc.

                      The current version of the Online Vending server does not support Account
                      Payment since the customer account information is not currently available to the
                      Online Vending Server this functionality is also not supported in XMLVend;
                      however it is envisaged as a future development.

Algorithm Type (AT)   A two-digit code defined by STS. There are codes for the algorithm to make an
                      STS token as well as for the various algorithms to make tokens for proprietary
                      meters. The combination of Token Technology and Algorithm Type, define the
                      Meter Type

                      See Token Technology, Meter Card and Key Change
Auto Key Change       The term “Auto Key Change” used to refer to a scenario where the Vending
                      Machine automatically triggered the generation of a Key Change Token when
                      the meter information on the Meter Database is different from the meter
                      information on the Meter Card.

                      The Online Vending System will not use Auto Key Change anymore since it now
                      has more direct control over the generation of Key Changes. The Online
                      Vending Server will instead respond with the respective error message if it
                      detects that a Key Change is required. The Vending Client can then decide to
                      request the required Key Change if it does indeed supports Key Change
                      operations. The process is described in more detail under Manual Key Change

                      See Manual Key Change, Meter Database and Meter Card
Availability          Availability is the measure of the probability that a service is available at any
                      given instant. Systems that have an uptime of five-nines (99.999%) are called
                      highly available.
Blind Vend            Blind Vend is where the Vend transaction is performed for a meter that does not
                      exist on the Meter Database. In such a scenario, the Meter information is
                      provided from a Meter Card or alternatively via manual entry by the Operator at
                      the Client, (often from an old token).

                      If the Meter information does not Exist on the Meter Database, the Server shall
                      capture this information as an exception record to allow maintenance personnel

                                                                                                Page 5
                               Prepaid Online Vending System – Glossary of Terms

                              to correct the data. However, the Meter information is never updated/captured
                              on the actual Meter Database since the Meter Database must never become a
                              master source of the Meter Data. The Meter Database will always only be
                              updated from the Customer Information System, i.e. CorDaptix

                              Note: The specific methods allowed to obtain Meter information at the Client
                              may be locally configured/designed in the Client but that does not have any
                              impact on the Blind Vend process.

                              See Vend, Meter Database, Meter Card, Vend Information Sources
Cancellation                  Cancellation refers to the cancellation of tokens possibly due to a vendor
                              entering the incorrect amount while typing the token value or some other
                              problem. Since there is some risk attached to cancellation of tokens, this
                              function will often be disabled on the server.
CDUID                         A unique number given by CorDaptix which identifies the Vending Client
                              uniquely.

                              See EAN Number
Certificate                   See Vendor Certificate
Certificate Authority (CA)    The certificate authority is a trusted “third party” that is used to promote trust
                              between two relying e-commerce transacting parties. The CA attests to the
                              identity of the entities involved in the transaction. The CA is the entity named in
                              the “Issuer” field of the certificate. In Online Vending the transacting parties are
                              the Utility and the Vendor.
                              See Security Certificate
CA Equipment                  The CA equipment shall include both an "off-line" component and an "on-line"
                              component, with the CA private key only available to the "off-line" component.
Certificate Policy (CP)       A named set of rules that indicates the applicability of a public key certificate to
                              a particular community or class of application with common security
                              requirements, in this Online Vending. The certificate policy states what needs to
                              be done to achieve the required levels of trust and accountability of the CA and
                              relying parties.
Certificate Practise          A statement of the practices, which a Certification Authority employs in issuing
Statement (CPS)               public key certificates. The CPS states how the certificate policy requirements
                              will be met.
Certificate Revocation List   This is a CA signed list of certificates that have designated as “untrusted” and
(CRL)                         no longer regarded as valid by the CA.
Certificate Signing           An unsigned certificate for submission to a Certification Authority, which signs it
Request (CSR)                 with the Private Key. Once the certificate request gets signed, it becomes a
                              Certificate.
Client                        See Vending Client and Vending Client Server
Client Server                 See Vending Client Server and Vending Server
Client Type                   See Vendor Type, Vending Client and Vending Client Server
Credit/ Energy Token/         Typically Tokens or Transactions for Energy as defined in STS. This includes
Vend/ Transaction             Normal Vend, EBSST, Meter Credit Transfer Token and Free Issue (if
                              allowed). It specifically excludes Key Change and any Engineering Tokens
                              (including Clear Credit)

                              See Vend Operation, EBSST Token, Engineering Token and Key Change
                              Token
Customer Database             See Meter Database
Data Encryption Standard      This is cipher that operates on 64-bit blocks of data, using a 56-bit key. It is
(DES)                         defined in FIPS 46-1 (1988). DES is identical to the ANSI standard Data
                              Encryption Algorithm (DEA) defined in ANSI X3.92-1981.
Documentation Set             The Generic Set of documents required to define the Online Vending System.
                              Note that this is not a complete specification as there may be several other
                              detail specifications that define certain sub-sets of the Online Vending System.
                              This Documentation Set is merely the minimum specifications required to
                              understand the design and configuration of the Online Vending System
                              The Documentation Set comprises the following Documents at this time:
                                    Online Vending Glossary and Definition of Terms
                                            o This document.

                                                                                                          Page 6
                       Prepaid Online Vending System – Glossary of Terms

                               Online Vending Business Processes
                                    o This document defines all the business processes and main
                                        tasks that are required for online vending.
                                    o It includes the business functionality required from the Vending
                                        Server as well as that from the various types of Vending
                                        Clients.
                                    o It also defines the main tasks that are required from Eskom
                                        personnel to administer, maintain and operate the Vending
                                        Server and Vending Clients;
                                    o As well as the main tasks expected from the various vendors to
                                        provide the vending services.
                            XMLVend specification
                                    o Defines the complete communication protocol to communicate
                                        between the Vending Server and various Clients.
                                    o Contains several optional (or configurable) components to
                                        support all the Eskom Business Requirements as well as
                                        additional requirements from other utilities.
                            Online Vending Server Functional Specification
                                    o All the functional requirements for the Server to support
                                        Eskom’s Business Rules.
                            Online Vending Server Technical Specification
                                    o Technical requirements for the Server to support Eskom’s
                                        requirements.
                            Online Vending Client Functional Specification
                                    o Although Eskom will not always have complete control over all
                                        the Client functionality. This specification informs
                                        manufacturers what typical functionality is expected from the
                                        various types of Client machines.
                            Online Vending Message Exception Document
                                    o Defines all the standard messages for Eskom to be
                                        implemented on the Server as well as on the Clients.
                            Human Resources Document
                                    o This document discusses the impact of online vending on the
                                        existing staff within the Prepayment Environment at Eskom and
                                        how work will be reallocated
EAN Number            Entity that provides guaranteed unique numbers globally from a universal set of
                      13 digit numbers. EAN is designed by the International Article Numbering
                      Association (EAN) in Europe

                      Vending Clients and Vending Client Servers that Communicate with the
                      Vending Server, will be assigned with unique EAN Numbers via the Security
                      Certificates. The Vending Server will link the EAN Number to the specific
                      Security Certificate and Vendor Account for that Vendor.

                      See Security Certificate, Vendor Account, Vending Client, Vending Server
EBSST (Token/ Vend/   A specific kind of Credit Token as defined by STS. A meter will only accept one
Transaction)          EBSST Token per month so there is no risk in vendors producing multiple
                      EBSST Tokens for a meter. Typically an EBSST Token does not have a Credit
                      (monetary) value (i.e. it is free) but it does have an Energy value which is used
                      for energy balancing purposes.

                      See Vend Operation, Credit/Energy Token, Engineering Token and Key
                      Change Token
End-Entity (EE)       An end-entity is a user of the CA that is named in its certificate as a subject. In
                      Online Vending the end-entities are:
                                The Utility and
                                The Vendor

                      See Subjects and EAN
Eskom Vendor          One of the defined Vendor Types
                      Often also referred to as Normal Vendor as a generic term for a Vendor that
                      operates a single Vending Client

                                                                                                   Page 7
                         Prepaid Online Vending System – Glossary of Terms


                        An Eskom Vendor would typically be a small, localized business where the
                        Vending Client communicates in online mode to the Vending Server (usually
                        via a GPRS link) but Eskom will own and manage this Vending Client. A
                        typical example might be a local Café owner or Spaza shop.

                        Eskom may / or may not, own the Client machine, depending on the contract,
                        communication costs and commission structure. A normal Vendor Client may
                        form part of a Super Vendor group

                        See Vendor Type, National Vendor, Offline Vendor and Super Vendor
Engineering Token/      Typically Tokens or Transactions for the specific Engineering Functions as
Transaction             defined in STS. This includes “Set Power Limit”, “Clear Tamper”, “Clear Credit”
                        etc. It specifically excludes Key Change as well as all Vending

                        See Vend Operation, Credit/Energy Token, EBSST Token and Key Change
                        Token
Failover                Failover is measured as the time it takes for the failover process to occur and a
                        successful take-over is achieved.
General Packet Radio    GPRS is a new technology used to allow modems to transfer data at
Service (GPRS)          significantly higher speeds than normal, however with the added advantage that
                        the system is always available, unlike normal GSM calls.
IP Secure (IPsec)       IPsec is a protocol that provides security for transmission of sensitive
                        information over unprotected networks such as the Internet. IPsec acts at the
                        network layer, protecting and authenticating IP packets between participating
                        devices ("peers"), such as Cisco routers.
Key Change              See Auto Key Change and Manual Key Change
Key Change Token        Two Tokens make up the generation of a Key Change Token. They are
                        created to change the meter configuration namely the Tariff Index, Supply
                        Group Code and Key Revision Number. Due to its different requirements and
                        approach, Key Change is not included as part of the normal Engineering
                        functions or Tokens.

                        See Auto Key Change, Manual Key Change, Engineering Token, Tariff
                        Index, Supply Group Code and Key Revision Number
Key Revision Number     The Key Revision Number is a single-digit number and if forms an integral
(KRN)                   component that points to the secure Vending Key for a specific Supply Group
                        Code.

                        Currently all Supply Group Codes still only exist for Key Revision 1 but if a key
                        is compromised, a new Vending Key will be created and while the Supply Group
                        Code will remain the same, the Key Revision would change. This change will
                        also require Key Changes for all the meters in that Supply Group.

                        See Supply Group Code, Meter Card and Key Change
Key Management Centre   The KMC is a secure trust centre that has been setup with Eskom to secure the
(KMC)                   STS master keys. The KMC also securely codes and distributes STS encoding
                        modules.
Mag Card (Magnetic      Not the same as Meter Card. Magnetic Card is a specific type of a Token This
Card/Token)             is usually a paper (disposable) Card that carries the credit or other data to the
                        meter. There currently exist STS as well as Proprietary Magnetic Cards

                        See Token and Token Carrier
Manual Key Change       A Manual Key Change is initiated by the Operator e.g. by selecting the
                        appropriate button or shortcut for a Key Change. The operator must then
                        provide the “From” information from the Meter Card or sometimes via manual
                        entry.

                        The Server will allow two types of Key Change requests; One termed “Database
                        Key Change” and one called “Defined Key Change”

                        The default operation is the “Database Key Change” and here the meter

                                                                                                  Page 8
                  Prepaid Online Vending System – Glossary of Terms

                 information is simply changed from the “From” information provided, to the
                 Meter Database information.

                 Only selected Vendor Roles may be configured on the Server to also enter the
                 “To” information manually, but the Server will only allowed this if the meter
                 information is not found on the Meter Database. This is called a “Defined Key
                 Change”.

                 A typical example where Defined Key Change will be required, is in a store
                 environment where a Technician may change new meters from the Default
                 codes to the correct field codes, before they are installed and loaded on the
                 Meter Database

                 See Auto Key Change, Vendor Roles, Meter Database and Meter Card
Meter Card       A plastic card with magnetic strip according to ISO 7812 series specification.
                 Meter Card is not the same as Token or Magnetic Card. Every new meter is
                 supplied with a Meter Card. The data on the Meter Card defines all the
                 information that is required to make a valid token for the meter. The following
                 information is encoded on track two of the Meter Card:
                       Meter Serial Number
                       Algorithm Type
                       Token Technology
                       Supply Group Code
                       Key Revision Number
                       Tariff Index

                 It is very important to ensure that the Information on the Meter Card remains
                 always in sync with the information configured in the meter. The Meter Card
                 must therefore always be re-coded whenever Key Change Tokens are created
                 for a meter.

                 See Auto Key Change, Manual Key Change, Token and Magnetic Card
Meter Database   This is the database that is used by the Vending Server to locate the Meter
                 Information required to generate a token. This information is currently
                 downloaded from the Customer Management System in a batch download.

                 It is often referred to as Meter Database since it is the Meter Information that is
                 required to perform a vend. However, there is sometimes some Customer
                 Information included in the database as well. This information is currently
                 mainly used as an alternative method to identify a meter e.g. with surname or
                 address search. In future, this information may be expanded to support
                 account payments and possibly down-payments or debt recovery.

                 Only meters that are installed, are included in the download for the Meter
                 Database. This means that new meters will not be downloaded until they have
                 been recorded as “installed” in CorDaptix. This has two implications:
                     If new meters are still in the store (typically on Default codes) it must still
                        be possible for Technicians to perform manual Key Changes on the
                        meters without having this meter data on the Meter Database. The
                        Technician must therefore be able to manually provide the “To” or “New”
                        meter information for the Key Change
                     Meters may be installed and customers may want to purchase electricity
                        before these meters have been recorded in CorDaptix and downloaded
                        to the Meter Database. For this reason it is very important that all
                        meters must always be supplied with an accurate Meter Card and all
                        Key Changes must also ensure that the Meter Card is updated. This
                        will allow customers to purchase credit even when the Meter Information
                        is not available yet on the Meter Database. (In this case the Vending
                        Server will log an Exception to update the Meter Database)

                 See Auto Key Change, Manual Key Change, Vendor Role, Meter Card,
                 Blind Vend

                                                                                             Page 9
                          Prepaid Online Vending System – Glossary of Terms

Meter Type               The Meter Type is a combination of Token Technology and Algorithm Type.
                         The Meter Type uniquely defines how a token should be created to work in the
                         meter.

                         See Token Technology and Algorithm Type
National Vendor/Agency   One of the defined Vendor Types

                         The National Vendor typically has one Vendor Account with Eskom and owns
                         its private Vending Client Server. The communication between the Vending
                         Server and the Vending Client Server is according to XMLVend. EasyPay/
                         TranSwitch Services and banks are typical examples of National Vendors

                         The National Vendor may have many proprietary Vending Clients that
                         communicate only to his Client Server and such communication may be via a
                         proprietary protocol. All Vending Requests from the Clients are then passed
                         between the Client Server and the Vending Server in the XMLVend format

                         The National Vendor may operate over the whole country or may only operate
                         in a restricted geographical or business area. The term “National” actually only
                         refers to the implementation of an additional Client Server instead of to the size
                         of the operation.

                         See Vendor Type, Eskom Vendor, Normal Vendor, Offline Vendor and
                         Super Vendor
Normal Vendor            One of the defined Vendor Types
                         Often also referred to as Eskom Vendor since Eskom will likely own many of
                         these Vending Clients

                         A Normal Vendor would typically be a small, localized business where the
                         Client machine communicates in online mode to the Vending Server (usually
                         via a GPRS link). A typical example might be a local Café owner or Spaza
                         shop. Note that a Normal Vendor is now defined as a type of Online Vendor
                         while a Vendor that does not operate in Online mode is called Offline Vendor.

                         Eskom may / or may not, own the Client machine, depending on the contract,
                         communication costs and commission structure. A normal machine may form
                         part of a Super Vendor group

                         See Vendor Type, National Vendor, Eskom Vendor, Offline Vendor and
                         Super Vendor
Offline Vendor           One of the defined Vendor Types

                         An Offline Vendor does not have Online communication to the Client machine.
                         This is usually a standard CDU that only communicate to a separate SMS in
                         batch mode. As such, the Offline Vendor is not part of the Online Vending
                         System but is included here for completeness.

                         Due to the limitations of reliable Online communication in some Eskom supply
                         areas, it is estimated that between 10% and 20% of existing vending machines
                         may continue to operate in Offline mode.

                         See Vendor Type, National Vendor, Normal Vendor and Super Vendor
Operator                 A generic term for any person that operates a Vending Client or a Vending
                         Server. This may include a Vendor, Technician or Supervisor etc
Plain old telephone      A name given to a communication mechanism supported by a normal telephone
service (POTS)           line. The Online Vending Client may use this mechanism in the event of an
                         communication failure to communicate with the online vending server
Proprietary (Meters /    Proprietary meters are not compatible amongst the various manufacturers.
Vending)                 Therefore they require proprietary vending machines which are typically
                         manufacturer specific, unlike STS which is compatible amongst all
                         manufacturers of STS meters and vending machines

                         At the moment the Vending Server in Eskom will only support STS meters.

                                                                                                  Page 10
                          Prepaid Online Vending System – Glossary of Terms


                         See STS
Recon (Reconciliation)   Historically, reconciliation was a process to compare the totals for uploaded
                         transactions, with the money banked by the vendor. The process was always
                         complicated by the fact that the vendor never banked the same amount (or the
                         same date period) that the banking batch closures were created. Exact
                         matches were therefore almost impossible.

                         Since Upfront vending and Online vending have been introduced, this type of
                         reconciliation is not required anymore. These vendors must now always have
                         more credit remaining than the value of the intended transaction.

                         There is still a requirement for basic second line reconciliation where the total
                         amount that has been banked by the Vendor, is compared with the Credit totals
                         that have been credited to the Vendor Account, and the money transferred to
                         the correct Region.

                         See Vendor Credit
Redundancy               Redundancy means that when one component in the system fails, a duplicate or
                         a replica component will be available and can continue processing.
Refund                   There is currently no automatic refund process/facility provided on the system.
                         If a Vendor requires the cancellation of some transactions, it will usually be done
                         via a manual reconciliation process and the refund will also be manually credited
                         to the Vendor Account if required.
Registration Authority   The entity given responsibility for performing some of the administrative tasks
(RA)                     necessary in the registration of users of the CA (subjects), such as: confirming
                         the subject’s identity; validating that the subject is entitled to have the values
                         requested in a Public Key Certificate and verifying that the subject has
                         possession of the private key associated with the public key requested for a
                         Public Key Certificate. The RA is the only entity that has communication
                         capabilities with the CA to sign certificates.

                         See Certificate Authority
Relying Party            A user (e.g., a client or server) who relies on the data in a certificate to make
                         decisions.
Reparability             Reparability tells us how quickly the system can be repaired after the
                         occurrence of failures, and expressed as a Mean Time to Repair (MTTR).
Replacement Token /      As defined in the NRS transaction types. However, the term “replacement”
Vend Transaction         caused many misunderstandings and conflicting interpretations. It has therefore
                         been renamed to “Meter Credit Transfer Token” or “Credit Transfer Token” for
                         short.

                         This transaction still creates a standard credit token to use in the meter. The
                         only differences are that it is specifically reserved for when a faulty meter has
                         been changed out and the customer provides the Operator with a voucher for
                         change-out. Also the Credit Transfer Token is typically for a kWh amount
                         instead of for a monetary value.
Reprint                  A Reprint simply reproduces a copy of one or more earlier tokens. (The
                         number of tokens is configurable on the Vending Server) The tokens may be
                         obtained from the Vending Server, or may still reside on the Vending Client.

                         Reprint is only allowed for a Supply Group that is unique (i.e. the Token will
                         only work in one meter). There is therefore no risk attached to a Reprint.
Reversal                 A Reversal is a system only generated action and is only defined for
(Transaction Reversal)   Transactions, i.e. not for Engineering Tokens, Key Changes etc.

                         The Client may typically send a Reversal to the Server if it experiences an
                         internal problem, e.g. if it cannot successfully encode a magnetic token for a
                         sale. The Server will then create a Reversal Transaction.

                         Since there is some risk attached to Reversals, it will not per default be allowed
                         for all Vendors. It must be possible to configure individual Vendors on the


                                                                                                   Page 11
                          Prepaid Online Vending System – Glossary of Terms

                         Server to allow or disallow Reversals.

                         If a Reversal is not allowed, the Vendor must keep the original Tokens to be
                         later evaluated and re-credited to the Vendor Account with a manual
                         Reconciliation process.

                         See Vendor, Vendor Role, Vendor Certificate, Reconciliation
Role                     See Vendor Role, Vending Client Type, Vendor Type

RSA                      RSA is a public key cipher which can be used both for encrypting messages and
                         making digital signatures The letters stand for the names of the inventors:
                         Rivest, Shamir and Adleman. The company RSA Data Security Inc. takes its
                         name from this algorithm, and has acquired the rights to the patents which cover
                         it.
Security Certificate     See Vendor Certificate
Server                   See Vending Server and Vending Client Server
Server Administrator     The Server Administrator is one or more persons assigned with rights to
                         maintain the Server configuration and ensure continued operation.
Simple Object Access     SOAP is a W3C standard to create a Web service. SOAP enables programmable
Protocol                 logic / web service to be accessible using standard Internet protocols. It
(SOAP)                   consists of service-agnostic request handler (a listener) that receives SOAP/XML
                         message requests, and a facade layer that exposes the operations supported by
                         the underlying business logic. The responses are then also packaged and sent
                         as standardized SOAP / XML messages.
STS (Meters / Vending)   STS defines how (what format) the Client communicates with the Meter. An
                         STS Client can create tokens that will work in STS meters from any
                         manufacturer.

                         Proprietary meters require proprietary vending machines which are typically
                         manufacturer specific.

                         At present the Vending Server in Eskom will only support STS meters.

                         See Proprietary
Subject                  A subject is the entity (Attribute Authority, Certification Authority, or End–entity)
                         named in a certificate. Subjects can be human users, computers (as
                         represented by Domain Name Service (DNS) names or Internet Protocol (IP)
                         addresses), or even software agents.
Super Vendor             One of the defined Vendor Types

                         A Super Vendor appears to the Vending Server just like a Normal Vendor
                         with one exception. For a Super Vendor, there is still a separate Vendor
                         Certificate generated for every Client machine. However, many Vendor
                         Certificates are linked to the same Vendor Account.

                         The result is that every Client still communicates directly to the Vending Server
                         but the Credit and Commission are linked to the same Vendor Account.

                         A typical example of a Super Vendor might be an owner with several small
                         shops or prepaid cell phone kiosks.

                         Due to the restrictions in the Eskom financial system, a Super Vendor cannot
                         operate across an Eskom Regional border. If this is required, the Super Vendor
                         must obtain and operate multiple Vendor Accounts, one or more per Eskom
                         Region.

                         See Vendor Type, National Vendor, Eskom Vendor, Normal Vendor and
                         Offline Vendor
Supervisor               One of the defined Vendor Roles

                         See Vendor Role, Operator, Vendor Type and Vending Client Type
Supply Group Code        A geographical group of meters. The Supply Group Code also defines the

                                                                                                      Page 12
                         Prepaid Online Vending System – Glossary of Terms

(SGC)                   owner of the meters in a specific geographical area. (Typically the supplier of
                        the electricity). Often a vendor is only configured to vend to a specific selection
                        of Supply Groups. The Supply Group Code is a six-digit code and together with
                        the Key Revision Number, points to the secure Vending Key that is used to
                        create the Meter Key.

                        See Key Revision Number, Meter Card and Key Change
Tariff Index (TI)       A two-digit code that defines what tariff the meter is on. The Tariff Index
                        typically points to the specific tariff price(s) as stored in the Vending Server for
                        Online mode, or in the CDU for Offline Vending mode.

                        See Meter Card and Key Change
Technician              One of the defined Vending Roles

                        See Vendor Role, Operator, Vendor Type and Vending Client Type
Token                   Various kinds of data packages that are created by the Vending system and
                        subsequently inserted into the meter to transfer information to the meter. Most
                        tokens are encrypted for security but some risk-free tokens are not encrypted.

                        The STS algorithm currently defines numeric Tokens and Magnetic Tokens. In
                        addition to STS, there are a number of proprietary tokens but the majority are
                        also numeric or magnetic cards, albeit incompatible with each other and with
                        STS.

                        Currently all tokens are stored on physical media, (i.e. numeric printed string, or
                        disposable magnetic card). In this respect the reference to “Token” often refers
                        to the physical media that carries the Token data, which is actually incorrect.
                        The Correct term for the physical device is actually “Token Carrier”.

                        Virtual tokens are under consideration as well but have not been implemented in
                        meters yet.

                        See Mag Card and Token Carrier
Token Carrier           A Token is only the data package that is created by the Vending system and
                        subsequently inserted into the meter to transfer information to the meter. It does
                        not necessarily define the physical media of the token. The physical media of
                        the Token is defined by the Token Carrier.

                        This is specifically relevant for STS since the Vending Server may create the
                        same STS token for any STS meter and send it to the Client. The Client may
                        then be locally configurable to support some, or all Token Carriers without
                        having to communicate this with the Vending Server.

                        Currently all tokens are stored on physical media, (i.e. numeric printed string, or
                        disposable magnetic card). These are therefore defined as the Token Carrier.

                        Virtual Tokens are under consideration as well but have not been implemented
                        in meters yet. Virtual Tokens will not have a physical Token Carrier as they may
                        be transferred via radio, power line communication or other means.

                        See Mag Card and Token
Token Technology/Type   A two-digit code defined by STS. There are codes for the various tokens used
(TT)                    by STS as well as for the tokens used by proprietary meters. The combination
                        of Token Technology and Algorithm Type, define the Meter Type

                        See Algorithm Type, Meter Card and Key Change
Transaction             The term Transaction usually refers to actions where credit for the meter is
                        affected, like a Vend, EBSST, Cancel or Replacement (i.e. Credit Transfer)
                        Transaction. (i.e. this usually does not include thins like Power Limit Tokens or
                        Key Changes) The Transactions are defined in detail in NRS 009-3.

                        Below is list of the most common Transaction Types as defined by NRS009-3


                                                                                                     Page 13
                               Prepaid Online Vending System – Glossary of Terms

                                     Definition                  Typical use                 kWh        Amount      Credit
                                                                                             effect      effect      limit
                               Prepayment sale            Token vend                        Credit      Credit      Deduct
                               Prepayment refund          Refund cash to customer           Debit       Debit       Deduct
                               Reprint                    Reprinted token/account           No Action   No Action   No
                                                          payment receipt                                           Action
                               Replacement token          Refund of credit left in faulty   No Action   No Action   Deduct
                               (renamed to Credit         meter
                               Transfer token)
                               Fixed charge               Repayment collection              No Action   Credit      Deduct
                               Free Issue token           Marketing                         Credit      No Action   Deduct
                               Cancel token               Operator made mistake with        Debit       Debit       None
                                                          amount
                               Account payment            Account sale                      Credit      Credit      None
                               Account cancellation       Account cancellation              Debit       Debit       None
                               Transaction pending        Error                             No Action   No Action   Deduct
                               (Pending flag in the Tx
                               record marks the Tx type
                               as pending)
                               EBSST token                EBSST token vend                  Credit      No Action   No
                                                          (support token)                                           Action
                               Recovery charge            Monthly right of use              No Action   Credit      Deduct

Transmission Control          De facto standard Ethernet protocol incorporated into 4.2 BSD Unix. TCP/IP
Protocol over Internet        was developed by DARPA for internetworking and encompasses both network
Protocol (TCP/IP)             layer and transport layer protocols. While TCP and IP specify two protocols at
                              specific protocol layers, TCP/IP is often used to refer to the entire DoD protocol
                              suite based upon these, including telnet, FTP, UDP and RDP.
Utility Certificate (Server   This certificate is generated on the Online Vending CA for every Utility that
Certificate)                  implements and XMLVend compliant Online Vending System. The server
                              certificate identifies the specific Utility together with an EAN number. It ensures
                              that all communication with the Vending Server is secured via TLS and this
                              certificate.

                              The Certificate does not directly identify the Vending Server hardware but the
                              Utility.

                              Since the Server Certificate is stored on separate hardware security module
                              (HSM), the server certificate may be moved to another Server in case of a
                              server failure for instance.

                              See Vendor Certificate

Vend (Vending                 A Vending operation or Vending transaction may be any one where a credit
Operation/Transaction)        token is generated for a meter. This includes a normal sale, EBSST token
                              issue, Free token (if supported), and Credit Transfer token. This specifically
                              excludes Engineering tokens and Key Change tokens.

                              See Credit Token, EBSST Token, Engineering Token and Key Change
                              Token
Vend Information Sources      Vend Information is the information that is required to Vend a Token. This
                              information is typically stored on the Meter Database and also on the Meter
                              Card but all these sources of information is not always available.
                                    Meter Serial Number
                                      This is typically provided through the user interface (or the Meter Card)
                                      and is used to locate subsequent information on the Meter Database of
                                      the Server.
                                    Supply Group Code
                                      If the meter Exists on the Meter Database, then that information must be
                                      used. If the meter does not exist on the Database, the information
                                      supplied via the Meter Card or Manual Entry may be used. (Manual
                                      Entry is usually off an old token)
                                    Key Revision Number
                                      If the meter Exists on the Meter Database, then that information must be
                                      used. If the meter does not exist on the Database, the information
                                      supplied via the Meter Card or Manual Entry may be used.

                                                                                                                    Page 14
                         Prepaid Online Vending System – Glossary of Terms

                               Tariff Index
                                If the meter Exists on the Meter Database, then that information must be
                                used. If the meter does not exist on the Database, the information
                                supplied via the Meter Card or Manual Entry may be used.
                               Algorithm Type
                                If this information is provided via XMLVend then the Vending Server
                                must use it, even if the meter exists on the Meter Database. If the
                                supplied information is different from the information in the Meter
                                Database, the Server must log an exception record against this meter to
                                allow maintenance personnel to correct it.
                               Token Technology
                                If this information is provided via XMLVend then the Vending Server
                                must use it, even if the meter exists on the Meter Database. If the
                                supplied information is different from the information in the Meter
                                Database, the Server must log an exception record against this meter to
                                allow maintenance personnel to correct it.

Vending Client          The Online Vending Machine/Software that issues the Token to the Operator.
                        The Vending Client does not have the capability to create a prepaid Token; it
                        must request tokens from the Vending Server via XMLVend protocol.

                        See Vending Server and Vending Client Server
Vending Client Server   The Vending Client Server does not have the capability to create a prepaid
                        Token. It receives Vend requests from its own (possibly proprietary) Clients,
                        which it passes on to the Vending Server via XMLVend protocol. The reply
                        communication from the Vending Server is similarly converted from XMLVend
                        to its proprietary protocol and passed on to the relevant Client.

                        See Vending Server and Vending Client
Vending Client Type     Client Type is a generic definition for the capabilities of the Client Machine.

                        The following Client Types are currently defined but it is not specifically
                        implemented in the XMLVend specification. (This classification is mostly used
                        for testing / approval of a client’s characteristics or capabilities) A Client may
                        have one or more type designations to define its capabilities e.g. VEK for full
                        capability Clients
                              Vend (V)
                                  Client can vend Numeric and Magnetic Tokens but no Engineering
                                  Tokens or Key Change Tokens.
                              Engineering (E)
                                  Client can issue Numeric and/or Magnetic Engineering Tokens but no
                                  Vending and no Key Change Tokens.
                              Key Change (K)
                                  Client can issue Numeric and/or Magnetic Key Change Tokens but no
                                  Vending and no Engineering Tokens. The Client shall also re-code the
                                  Meter Card with the new configuration information.

                        These Client Types are mostly used to define and evaluate/approve the
                        capabilities of a particular machine. However, the Client Type for a specific
                        Client machine may be changed easily without the Vending Server being
                        aware of this change; e.g. a magnetic token encoder may be connected or
                        removed from the Client ports.

                        It is therefore considered that the Client Type information may be of limited
                        value. In practice the Vendor Role will instead be used to restrict or allow
                        Vendor (or Client) capabilities.

                        See Vendor Role and Vending Client
Vending Information     The required Vending Information is the minimum information necessary to
(required)              generate a working credit token for a specific meter. This information may be
                        obtained from different sources, depending on the specific scenario. Some
                        sources of information take priority over other sources.

                                                                                                  Page 15
                              Prepaid Online Vending System – Glossary of Terms


                             Vending information required is:
                                  Meter serial number (MSN)
                                      Provided from Meter Card or manual entry (e.g. from old token). This
                                      information is then used to locate the rest of the information from the
                                      Meter Database if available.
                                  Algorithm Type (AT)
                                      Provided from Meter Card or Meter Database. This information on the
                                      Meter Card is one of only two fields that take precedence over the same
                                      field in the Meter Database. (The Vending Server will also log an
                                      exception to correct the Meter Database.)
                                  Token Technology (TT)
                                      Provided from Meter Card or Meter Database. This information on the
                                      Meter Card is one of only two fields that take precedence over the same
                                      field in the Meter Database. (The Vending Server will also log an
                                      exception to correct the Meter Database.)
                                  Supply Group Code (SGC) and Key Revision Number (KRN)
                                      Provided from Meter Card or Meter Database. Meter Database takes
                                      precedence over Meter Card if available. If the Meter Database is
                                      different from Meter Card, an Auto Key Change will be triggered.
                                      Manual entry (e.g. from old token) will only be allowed if Meter
                                      information is not available on Meter Database. (The Vending Server
                                      will then also log an exception to correct the Meter Database.)
                                  Tariff Index (TI)
                                      Provided from Meter Card or Meter Database. Meter Database takes
                                      precedence over Meter Card if available. If the Meter Database is
                                      different from Meter Card, an Auto Key Change will be triggered.
                                      Manual entry (e.g. from old token) will only be allowed if Meter
                                      information is not available on Meter Database. (The Vending Server
                                      will then also log an exception to correct the Meter Database.)
Vending Machine              A generic term for the device that issues the token. This may be a Vending
                             Client, a separate CDU or other device that can produce/issue a token.
Vending Server               The Vending Server is in a protected environment. It contains the security
                             hardware to create the prepaid Tokens, record Transactions and manage
                             Vendor Accounts. The Meter Database and several other components are
                             often also incorporated into the Vending Server.

                             Communication with all Vending Clients and Vending Client Servers, is via
                             XMLVend protocol.

                             See Vending Client Server and Vending Client
Vendor                       One of the defined Vendor Roles

                             The term Vendor may also refer to the vending entity in general, e.g. Shoprite,
                             EasyPay, and the owner of a Spaza shop, may all be referred to as Vendors.

                             The term Vendor must not be used as a generic term to refer to any person that
                             operates the vending terminal. Such a generic person should be called the
                             Operator, Client Operator or, Vending Operator.

                             See Vendor Role, Operator, Vendor Type and Vending Client Type
Vendor Account               Every Eskom Vendor will get an Account on the Eskom financial system and the
                             same Account number will be registered on the Vending Server. The Vendor
                             must deposit credit into this Vendor Account with Eskom. The Vendor
                             Certificate will also be linked to this Account number to identify the Vendor and
                             the credit will be deducted for the Vendor with every Vending operation.

                             See Vendor Role, Operator, Vendor Type and Vending Client Type
Vendor Certificate (Client   This certificate is generated on the Online Vending CA for every Vendor once
Certificate)                 the contractual processes have been completed between the Vendor and the
                             Utility. The certificate identifies the specific vendor by the Utility issued EAN
                             number and ensures that all communication with the Vending Server is secured

                                                                                                      Page 16
                 Prepaid Online Vending System – Glossary of Terms

                via TLS and this certificate.

                The Certificate does not directly identify the Vending Client although the Vendor
                (that will get the Vending Commission) is registered against all his Vending
                Clients on the Vending Server.

                Since the Vendor Certificate is stored on separate hardware, the Vendor may
                remove it and carry it with him. It is theoretically possible that the Vendor can
                insert the Certificate into another Vending Client and Vend from that Client. In
                that Case the Vending Server will still identify the Vendor correctly and deduct
                the credit from the correct Vendor Account. Similarly, the commission will also
                be calculated for this same Vendor Account.

                See Vendor, Vending Client Type, Vendor Role and Security Authority
Vendor Credit   Every Vendor has its own Vendor Account. All money deposited into this
                account will be added to his Credit level. The monetary value of all vending
                transactions is then deducted from the available Vendor Credit at the time of the
                transaction.

                The minimum credit level for every Vendor is configurable on the Vending
                Server and it is possible to allow a negative credit level under specific special
                cases for some low risk Vendors.

                See Vendor Account and Vendor Certificate
Vendor Role     Vendor Role is not necessarily related to Vendor Type or Client Type
                The following Vendor Roles are currently defined in Eskom
                    Vendor
                            o Can perform Vending and Auto Key Changes
                    Technician
                            o Can perform Engineering, Manual Key Changes, Auto Key
                                Changes and Vending only up to a configured maximum
                                amount e.g. 5kWh
                    Supervisor
                            o Can perform Vending, Engineering, Manual Key Changes
                                and Auto Key Changes

                Every Vendor is linked to a specific Vendor Role via his Vendor Certificate on
                the Server

                See Operator, Vendor Type and Vending Client Type and Vendor Certificate
Vendor Type     Vendor Type defines how the Vendor appears to the Vending Server and how
                the business rules would apply to the Vendor.

                Eskom has currently defined four different Vendor Types namely:
                    Eskom Vendor (also called Normal Vendor for a generic term). The
                      Eskom Vendor will usually have only one Vending Client that is owned
                      (and managed) by Eskom.
                    Super Vendor is specific to a region. There may be one or more Super
                      Vendors for the same region. A Super Vendor will typically have one
                      Vendor Account but will have one or more Vending Clients that operate
                      off that one account.
                    National Vendor
                    Offline Vendor

                Vendor Type is different from the Client Role

                Vendor Type is sometimes related to the specific Vendor but not necessarily

                The term Vendor refers to the vending entity in general, e.g. Shoprite, EasyPay,
                and the owner of a Spaza shop, may all be referred to as Vendors.

                The term Vendor must not be used as a generic term to refer to the specific

                                                                                           Page 17
                            Prepaid Online Vending System – Glossary of Terms

                           person that operates the vending terminal. That person should be called the
                           Operator, Client Operator or Vending Operator.

                           See Vendor, Operator, Vending Client Type and Vendor Role
Virtual Private Network.   A network infrastructure designed to limit access to recognised computers even
(VPN)                      though the data flows through normal TCP/IP networks.
X509v3                     Standard for definition of electronic certificates. These are used by SSL
                           authentication and encryption

                           See Security Certificate
XMLVend                    The NRS 009-6-10 specification specifies an XML communication mechanism
                           named XMLVend. The Vending Server will communicate to all Vending
                           Clients and Vending Client Servers though XMLVend. This specification is
                           obtainable from, http://www.nrs.eskom.co.za/xmlvend




                                                                                                 Page 18
                                          Prepaid Online Vending System – Glossary of Terms

5. Online Vending System Overview
                                                                      Credit                                                Bankings
                                                                                                                   Bankings
                                      Upfront           SAP
                                      Credit                                             Banks




                                                      CTMS
                                                 (Credit & Tariffs)
                                                                         Secure
                                                                       Credit /tariffs                  Offline / Upfront
                                                                                                             Vendor
Online
                                                              Cust/mtr >>
Credit
                                                              (std format)
                                CorDaptix            << Tx
         << Cust/mtr        (Customer, Meter &    (std format)                                                   Cred, Cust/mtr >>
         (std format)        Transaction data)                                                                         << Tx
                                                                                                                   (Prop format)
                     Tx >>                                                                                                                   CDU
                  (std format)                                                                                                         (Upfront Existing)
                                                                                               SMS
                                                                                         (Upfront Existing)



                                                            Normal
                                                                                                                 Bankings
                          XMLVend
                                            Online
                                                            Vendor
                                         Vending Client


                                          XMLVend
       Online                          (one account per
    Vending Server                      Super Vendor)
                                                                             Online
                                                                          Vending Client         Super
                                       XMLVend                                                                                  Bankings
                                    (one account per                                             Vendor
                                      Nat Vendor)
                                                                                                                                           Bankings
                                                                             Online
                                                                          Vending Client
                                                                                                                        National
                                                                                                                        Vendor

                                                                                                                                      Prop
              Broken lines = Batched communication                                                                                   comms
                                                                                                                                               Vending
              Solid lines = Real time communication
                                                                                                                                                Client


              Note: A super Vendor is simply a Normal
              Vendor where several Vending Clients                                                             Online
              are linked to the same account number.                                                    Vending Client Server                  Vending
                                                                                                                                                Client




                                                                                                                                                            Page 19

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:46
posted:10/22/2011
language:English
pages:19