Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

R I T S Reserve Bank Information and Transfer System

advertisement 
RITS
Reserve Bank Information and Transfer System
RITS USER INTERFACE: MEMBER INFORMATION PAPER No. 6
Welcome to the sixth RITS User Interface: Member Information Paper.
This edition describes some enhancements to RITS functionality that will be
implemented on 30 April 2007 and updates the details of supported user desktop
platforms and supported versions of software. Also included is a summary of feedback
from the RITS User Group sessions which were held in mid-February and changes to
RITS as a result.
In this edition:
™
Shutting down of the old screens
™
Changes to RITS functionality in the latest implementation.
™
Supported user desktop platforms
™
Internet Explorer 7
™
RITS User Group feedback
™
The RITS security solution summarised
™
Contact details
This
Information
Paper
is
available
on
the
RBA
website
(www.rba.gov.au/PaymentsSystem/RITSOperationalNotes/)
and
in
the
RITS
Information Facility, which is found on the internet (www.rba.gov.au/rits) and in the
RITS Production and Pre-Production environments.
User Guides are available from the RITS Information Facility.
1. SHUTTING DOWN THE OLD SCREENS
In early March the old screens were withdrawn from use and in June the service will
be permanently decommissioned. The decommissioning of the old screens went
smoothly and Members are to be congratulated on their efforts.
April 2007
1
RITS USER INTERFACE PROJECT: MEMBER INFORMATION PAPER No. 6
2. ENHANCEMENTS TO RITS FUNCTIONALITY IN THIS RELEASE
On 30 April four enhancements to functionality become available.
•
When the function Cash Transfers / Authorise is selected from the menu or
from the outstanding cash transfer authorisations link in the Header, the
function is opened with the list already populated with data based on the
default filter criteria. This change was suggested at the recent RITS User
Group forums.
•
In the Cash Account Enquiry and Cash Account Enquiry Report the ‘Other
Member’ field will display the branch (6 character) mnemonic of the
counterparty, replacing the Member (4 character) mnemonic.
•
The number of records displayed on a page increases from 50 to 100, while
the maximum number of records returned in a query in an enquiry function
increases from 5,000 to 10,000.
•
Screens that are displayed when changing your password now have added
information to assist the user. There has been some confusion about the
meaning of “Old Password”. If the password administrator has reset a user’s
password, it is the (temporary) password created by the password
administrator that must be entered at “Old Password”.
When a password expires the following screen is displayed.
April 2007
2
RITS USER INTERFACE PROJECT: MEMBER INFORMATION PAPER No. 6
If the entry in ‘Old Password’ is incorrect the following screen is displayed.
April 2007
3
RITS USER INTERFACE PROJECT: MEMBER INFORMATION PAPER No. 6
A message is now also displayed on the entry for “New Password”, which is validated
against the rules shown at the bottom of the screen.
April 2007
4
RITS USER INTERFACE PROJECT: MEMBER INFORMATION PAPER No. 6
April 2007
5
RITS USER INTERFACE PROJECT: MEMBER INFORMATION PAPER No. 6
3. SUPPORTED DESKTOP PLATFORMS
The new RITS user interface requires Members to maintain certain minimum hardware
and software standards to ensure that users can achieve optimal access to RITS.
As new hardware and software becomes available, the RBA will test their compatibility
with all RITS functionality and make adjustments to the RITS environment as
appropriate.
The Reserve Bank will notify Members when new platforms are
supported for use with RITS.
Until a new hardware or software component has been fully tested, Members are
advised not to install these in their environment as access to RITS cannot be
guaranteed. Details of current requirements are found in the Technical Information
Paper and the Technical Requirements summary page, both of which are available on
the RITS Information Facility.
Members should include RITS access in their planning and testing of future PC
(hardware or software) or network (ANNI, Internet or LAN) changes.
Internet Explorer Version 7
In the Technical Information Paper dated October 2006 the Bank said that it will not
support the use of IE7 until it had completed testing to ensure that all functionality
will work appropriately. This was expected to be completed by Q2 2007.
This testing has been completed and IE7 is now supported for use for RITS from
30 April. 1
Current Desktop Requirements
The current requirements for optimal access to RITS are listed below.
Minimum PC Hardware Requirements
1
•
Pentium 4
•
Windows 2000 (Service Pack 4) OR Windows XP (Service Pack 2)
•
512MB RAM
•
Screen Resolution of 1021 X 768 pixels
Austraclear is expected to support IE7 on release of version 2.3, currently planned for implementation later in 2007.
April 2007
6
RITS USER INTERFACE PROJECT: MEMBER INFORMATION PAPER No. 6
•
Spare USB Port (which must not be “locked out”)
Software Requirements
•
Internet Explorer Version 6 or Version 7*
•
Sun’s Java Runtime Environment (JRE) v1.4.2_10. (can be supplied by RBA)
•
A Java Cryptographic Toolkit (supplied by RBA)
•
Safenet Driver for Hardware Security Token (supplied by RBA)
* With IE7, when the Print icon is selected to generate a report, the font size on the
report is significantly smaller than IE6. It is expected that this will be corrected in the
fourth quarter of 2007.
Recommended Software for Reports and Downloads
•
Adobe Reader 7.0
•
Microsoft Excel 2003 (used to export data from RITS)
More information is provided in the updated Technical Information Paper (April 2007),
which is available from the RITS Information Facility.
4. RITS USER GROUP FEEDBACK
RITS User Group sessions were held in Sydney and Melbourne in mid-February. We
would like to thank those who attended and contributed to the success of the
sessions.
The forums are an opportunity for the Reserve Bank to update Members on
developments in RTGS operations and RITS functionality and also give Members an
opportunity to provide feedback on RITS functionality or other issues relevant to RITS
operations. Forums will be held around twice a year.
Suggestions for improvements to RITS are encouraged and, where appropriate, will be
developed and incorporated into RITS at the earliest possible opportunity.
The following feedback was offered at the February meetings. Some suggested
changes are already in progress and others are being investigated.
Item
Member feedback
Response
April 2007
7
RITS USER INTERFACE PROJECT: MEMBER INFORMATION PAPER No. 6
Item
Member feedback
Response
1
Cash Transfer Authorise
This change has been made and is
included in the current delivery.
It would be more efficient if the
cash transfer authorise function was
automatically populated with data
when it was selected from the menu
or from the outstanding Cash
Transfer authorisations link in the
Header.
2
Populate the Batch Enquiry screen These changes are expected to be
when it is selected from the menu. implemented later in 2007.
To enable the list to populate
change the default value in the
Branch filter to “All”.
3
Populate the Cash Transfer Enquiry
screen when it is selected from the
menu.
4
Populate the ESA/Credit Queue
Management function with data
when it is selected from the menu.
Users will save time as they do not
need to execute a ‘Find’.
For organisations with a relatively
low number of queued payments at
any one time this suggestion would
be a benefit. However, larger
organisations have many queued
transactions at key times and entry
into the function would initiate a
large enquiry which would reduce
efficiency.
The RBA will monitor this function
to obtain information on usage
patterns before supporting this
change.
April 2007
8
RITS USER INTERFACE PROJECT: MEMBER INFORMATION PAPER No. 6
Item
Member feedback
Response
5
In the ESA Position screen the
aggregate of Queued Inwards and
Queued Outwards is displayed.
These aggregates could be turned
into a link which opens the
ESA/Credit
Queue
Management
function already populated with the
filter for Direction set to “In” and
“Out” respectively.
Providing a link from the ESA
Position screen to the ESA/Credit
Queue
Management
screen
is
possible and is under consideration.
However, the automatic population
of
the
ESA/Credit
Queue
Maintenance screen raises the same
efficiency issues as in Item 4 above.
6
Provide a link to the Change ESA Under investigation.
Sub-Limit
screen
form
the
ESA/Credit
Queue
Management
screen. Currently, the ESA Position
screen must be opened to access
the link to the Change ESA SubLimit screen.
7
Search for an exact amount.
Under investigation.
There are circumstances when it
would be useful to search for a
transaction based on a known
amount.
Currently RITS provides the ability
to search for transactions with
amounts greater than or equal to
the amount entered into the
amount filter (Settled Payments
Enquiry, Transaction Enquiry and
ESA/Credit Queue Management and
Cash Account Queue Management).
April 2007
9
RITS USER INTERFACE PROJECT: MEMBER INFORMATION PAPER No. 6
Item
Member feedback
Response
8
Change the filter defaults
<Please Select> to “All”.
from The rationale for forcing a selection
in these filters is to deter the user
from unintentionally engaging in
In a number of functions, including large searches that could potentially
the Settled Payments Enquiry, return up to 10,000 records. Large
Transaction Enquiry and SWIFT searches take time and have the
Message Enquiry users are required potential to impact the response
to change the filter default from times for other users within the
<Please Select>. This is seen as organisation. For Members with few
unnecessary as it slows access to transactions this will not be a
problem. However, Members with
the data.
large volumes of transactions need
to be aware of the consequences.
The
RBA
will
monitor
these
functions to obtain information on
usage patterns before supporting
this change.
9
When logging back in after being
logged out at the expiry of the
session limit, it is possible to be
returned to function that the user
was previously in?
In
December
2006
password
administrators were given the
ability to set the session time out
for each user of 15, 30 or 60
minutes.
Users are automatically logged out
of RITS at the expiry of a set period
of time without any user activity
(the default is 15 minutes).
The provision of a longer time out
period should greatly reduce the
incidence and inconvenience of
being logged out.
April 2007
10
RITS USER INTERFACE PROJECT: MEMBER INFORMATION PAPER No. 6
Item
Member feedback
Response
10
Remove the ‘unnecessary clicks’ in Notification screens were built to
Cash
Transfer
and
Queue provide information to the user
after the action is submitted e.g.
Management functions.
the Cash Transfer ID and status of
Cash Transfer / Entry – one click to the Cash Transfer.
Submit and another to close the
notification screen, which provides Confirmation screens provide the
opportunity to cancel an action
the Cash Transfer ID and status.
which
may
affect
numerous
Cash Transfer / Amend or Delete – transactions or which deletes an
to amend a cash transfer, one click entry.
to Submit and another to close the
notification screen. To delete the The RBA will survey users to gauge
cash transfer there is another click their experience in these functions.
to confirm the action.
Cash Transfer / Authorise – one
click to Submit, another to confirm
the action (and to view the sum of
payments and receipts) and a third
to close the notification screen.
ESA/Credit Queue Management –
one click to Submit and another to
close the notification screen.
April 2007
11
RITS USER INTERFACE PROJECT: MEMBER INFORMATION PAPER No. 6
Item
Member feedback
Response
11
The RITS administrators have tools
to measure the time that it takes
Several users noted slow response RITS to process a request from the
user. The time that it takes for a
times.
request to reach RITS and for the
response from RITS to the user is a
function of the Member’s network
connection to RITS, the amount of
traffic on this connection at the
time
and
the
users
PC
configuration.
Slow response times.
If users experience slow response
they are requested to document the
event and promptly contact the
RITS
Help
Desk,
which
will
investigate further. If required, staff
from the RBA will attend the
Member’s premises.
12
Tokens and digital certificates.
The next section of this paper
describes the basis for the RITS
A number of users were concerned security solution for user access
answers
several
of
the
about accessing RITS from their and
back-up
sites,
including
the frequently asked questions.
inconvenience of carrying the token
with them or having to acquire a The security solution is described in
User
Interface
Member
new certificate while at the back-up RITS
Information Paper No 2 (available
site.
on the RITS Information Facility
under the Current Projects link). A
brief summary of the security
solution with some frequently asked
questions are contained in the next
section of this paper.
5. RITS USER ACCESS SECURITY SOLUTION
The security solution for user access to RITS is based on a Public Key Infrastructure
(PKI) that uniquely identifies the user by means of digital identification. The RITS PKI
April 2007
12
RITS USER INTERFACE PROJECT: MEMBER INFORMATION PAPER No. 6
enables secure access via the Internet, and provides for improved non-repudiation,
authentication and message integrity.
Digital identification of the user is underpinned by a mix of technology and
Member/RBA procedures. At enrolment for a digital certificate, the private and public
key pair is generated on a RITS security token, and a single digital certificate is issued
to the user. The private key can never leave the token or be copied, thus creating a
unique association between the user and the signature.
Using the private key on the token, all logons and submitted updates to RITS
functions are digitally signed. RITS uses the digital certificate and public key to verify
the digital signature. All records digitally signed are archived.
The security token also has the capability to import an existing digital certificate onto
the token e.g. an Austraclear certificate.
Some frequently asked questions and answers:
Q: Can a user have a second digital certificate stored on a token at the back-up site?
A: No. A user’s private key used to digitally sign should be under the sole control of
the user and this may not be able to be enforced at the back-up sites.
Q: Can the RITS certificate be stored on the user’s PCs at two different locations?
A: No. The RBA chose to issue a single unique certificate to the user and to make the
certificate portable by placing it on a security token. The decision to store digital
certificates on a security token rather than using software certificates took into
account a number of benefits from this approach:
♦
The generation of the private and public key pair on the security token,
where it cannot be copied, provides credentials that uniquely identifies an
individual;
♦
lost or stolen tokens are readily reported and certificates can be quickly
revoked by the Member or the RITS Help Desk;
♦
they can be used from virtually any location;
♦
there is no need to develop controls and processes around copying
certificates to alternate PCs or sites; and
♦
they are appropriate for Internet access and do not require a secondary
verification device (such as an RSA token).
Q: If in a contingency situation users need to acquire a new certificate at their
back-up site, how long will this take and what impact will this have the Member’s
activities?
A: In this situation the RITS Help Desk would provide every assistance to users
April 2007
13
RITS USER INTERFACE PROJECT: MEMBER INFORMATION PAPER No. 6
requiring a replacement certificate. The issuance procedure is relatively
straightforward and can normally be completed quite quickly. How long this process
takes in a contingency would depend on the availability of the Member’s authorised
signatories and the number of users and organisations affected. In the interim, the
RBA would be available to conduct assisted transactions on the user’s behalf.
Q: If I have failed to logon successfully I don’t know the reason why it failed and the
failure isn’t evident until I have entered all of my personal details - username and
password and the token codeword – and pressed Submit. Why I am required to enter
all of these details before I find out if I have failed?
A: RITS verifies both the RITS account and certificate details but does not indicate
which element is invalid so as to not to provide information to potential hackers about
where to focus their attentions. This is especially important for access via the internet.
RBA CONTACTS
If you have any questions about any of the material in this Information Paper, please
contact:
Business questions
Peter Gallagher Senior Manager (Planning & Client Relations), Payments Settlements
Telephone: (02) 9551 8941, Email: gallagherp@rba.gov.au
Bob Howe
Manager (New Projects), (Planning & Client Relations)
Payments Settlements
Telephone: (02) 9551 8921, Email: howeb@rba.gov.au
Technical questions
Gary Hill
Senior Manager (RTGS Systems), Payments Settlements
Telephone: (02) 9551 8981, Email: hillg@rba.gov.au
RITS Help Desk
Telephone: 1800 659 360
Fax: 02 9551 8063
Email: rits@rba.gov.au
April 2007
14
Related documents
RESERVE BANK OF AUSTRALIA RITS Low Value Settlement Service (LVSS)
RESERVE BANK OF AUSTRALIA RITS Low Value Settlement Service (LVSS)
RESERVE BANK OF AUSTRALIA RITS Low Value Settlement Service (LVSS)
RESERVE BANK OF AUSTRALIA RITS Low Value Settlement Service (LVSS)
RITS Production Environment File Name Deletion RITS Low Value Clearing Service
RITS Production Environment File Name Deletion RITS Low Value Clearing Service
Download
advertisement