Introduction

Six Payment Services (Europe) S.A. , formerly CETREL S.A., offers SOFiE as a complete service allowing SOFiE participants to exchange  files with a defined number of other participants in a secured environment.
The others participants could be for example the Centre Commun de la Sécurité Sociale (CCSS) or the Tax Administration of Luxembourg.
For data security, Sofie relies on LuxTrust Certificates and the LuxTrust Certificate Authority (CA).
Find on www.sofie.lu or call our HelpDesk or Commercial Department to get all detailed information needed to subscribe to this service.

Basic Functionalities of the SOFiE Tool

• SOFiE implements the main security principles; authentication, non-repudiation, confidentiality and integrity.
  These security functions are independent from the transfer mechanisms, and so it is possible to use alternative transfer solutions (memory-stick, tape, ...) without reducing the security level.
• The functions implemented in SOFiE are based on the IAIK Library [TM] developed by the Technische Universität Graz.
• SOFiE uses Certificates (X.509), established by LuxTrust. In the future, other certificates may be supported.
• The transfer mechanisms to send/receive files is based on the HTTP/S protocol.
  This makes SOFiE independent from difficult network security requirements.
• To exchange secured files you may choose the "connected mode" when you have a direct communication with Sofie using an Internet or a leased line.
• You may also choose the "stand-alone mode" configuration, when your data is coming from highly secured environment.
  In this case the data is secured on your station and the secured data is sent to your addressee by a medium he accepts.
  The most convenient solution is to put (by USB,CD,LAN...) your secured data on another computer that has has a SOFiE installation configured in "connected mode".
  Check the routing example for standalone infrastructure.
• SOFiE offers a functionality to recognize and verify structured files before the securization of the contents.
  This functionality avoids the transmission of incorrectly structured files.
• SOFiE is capable of distinguishing the context of an exchange.
  In "Production" context the exchange of real operational information is processed.
  The "Test" context is used to exchange data for test purpose.
• For the exchange of data, SOFiE participants subscribe to packages.
  This allows a participant to exchange data only according to rules established for the package (ex. which files are supported, which participants are allowed).
  The rules for every package are available at www.sofie.lu.
• Apart from the exchange of secured files, a package may include additional functionalities.
  For example the package FISEP allows paying agents to fill a report for the Tax Administration of Luxembourg.
  Data are formatted into a file, according to the requirements of the Administration.
  When the report is completed, the data are securely sent to the tax administration.
• The complete SOFiE documentaiton is available at www.sofie.lu.

SOFiE Concept

The concept of SOFiE:

1. The users having a direct connectivity to Sofie (here 999900202, 999900201, CCSS, Tax Administration, Banks) can exchange secured data between each other.
2. Every participant has it’s own SOFiE program installed on his infrastructure (server, PC, ...).
   Data to be sent are secured (encrypted + signed) on the sender infrastructure with the receiver’s certificate (for encryption) and sender’s private key (for signature of the encrypted file).
3. The sender sends the secured file to Sofie server then the server make it available to the receiver for download.
   
4. The receiver downloads the secured file, decrypts it with his own private key then checks the signature with the sender's certificate.

Installation

The installation and configuration process has been simplified and automated at its most.
To install SOFiE, please read the SOFiE Installation notes first.