Chapter 2    Installation and Connection

The Registry is an Internet-based service. It comprises a secure Internet server and a Secure File Transfer Protocol (SFTP) server for the sending and receiving of data file transfers. Each server operates security layers, to ensure secure access by known parties.

The Registry can be located using its Internet web address.

The Registry’s home page provides an entry point (user code and password) into the secure web site for transaction functions and links to other Registry information points.

Access to the Registry and SFTP Server

The following subsections document access to the Registry and SFTP server.

Access Options

It is possible to have access to the browser server and not the SFTP server. This allows for companies that require ad hoc access and do not want to integrate the Registry application into their systems.

Browser access is the default access mode. Browser transactions inspect or update one ICP at a time. The browser can also be used to request Registry output lists of ICPs or to inspect the user's file processing details.

The SFTP facilities also provide the delivery mechanism for lists of ICPs, which many organisations are likely to use to ensure that their systems remain synchronised with the Registry. For smaller traders and networks, browser access may be sufficient, but with higher volumes, the SFTP facilities are likely to be preferred, to provide an ability to automate the interaction with the Registry.

User Codes and Passwords

User codes and passwords are issued by each Registry participant’s designated supervisor, who maintains them. Requests for password changes of existing user codes and passwords may be made by contacting each Registry participant’s designated supervisor.

Responsibility for the security and use of user codes and passwords rests solely with the users.

Browser users are assigned a user type, which defines which functions they can perform. The following types are currently permitted.

• Trader – user acting for an electricity trading company

• Network – user acting for a network company

• Meter Equipment Provider (MEP) – user acting for a company owning meters

The participant supervisor, on behalf of his or her own organisation, is required to:

• Assign new logons with an initial one-time-use password and record an associated email address.

• Identify new or existing logons for accessing the Registry via Web services only.

  Logons identified as web services only cannot be used to access the browser, cannot act as agents, and their passwords do not expire.

• Assign access rights to logons. Access rights permit users access to one or more of the following functions.

  • Read-only (online functions)

  • Submit ICP event information

  • Submit specific switching messages

  • Submit specific reports

• Reset the passwords of locked-out logons

• Disable and re-enable logons

• Assign an agent to act on the participant's behalf

Other security features include:

• The Registry can identify individual participant logon identities and log the identity against updates made online.

• A participant supervisor can nominate another party to act on its behalf (an agent).

  The Registry identifies if the logon is acting as an agent when evaluating whether that agent is allowed to perform an update.

• A single logon supports the role of agent and the participant’s role.

• A single logon allows a participant to perform more than one role; that is, if a participant is both a Distributor and a Metering Equipment Provider, they can input or maintain a single ICP at which they have both roles or only one of those roles.

• The Registry locks out users after three consecutive invalid logon attempts.

  An alert is sent to the Registry Manager for further investigation when a user has five lockouts within four hours.

• Locked‑out users and users who have forgotten their password can request that the Registry sends a new one‑time‑use password to their previously stored email address.

• Users must change their passwords after a specified number of days. (This does not apply to web services logons.)

• Users with a password status of Reset cannot access the Registry via web services.

For details about adding new logons and permissions associated with each user, see Chapter 13, "Supervisor Utility”.

Which ISP Access Service?

You can use your existing Internet Service Provider (ISP) connections to access the Registry.

The associated ISP costs (the usage costs for the access or transfer of data, or both access and transfer of data) are still applicable, as per the standard rates from the ISP.

It may require some additional firewall configuration, or possibly a review of bandwidth availability. (For file transfer users, we recommend that you review the bandwidth utilised after the volume of data transfers is established.)

SFTP Setup

SFTP logons are authorised by the Registry supervisor and are issued by Jade through the approved channels. When this process is complete, you can communicate with the Registry via SFTP (that is, issue and receive files).

Browser Setup

You should have been issued with a Registry logon identifier and password, as well as the web address that you will need to use to access the Registry system.

For details, see Chapter 6, “Web Application Functions”.

Installation Considerations

If you experience a problem, contact the Registry Manager Helpdesk on telephone number 0800 - 652266 and log a fault into the computerised call system. You can also submit issues by email at any time, to registry.engineer@jadeworld.com.

Registry Participants

A list of registry participants is available from the Electricity Authority web site, http://www.ea.govt.nz. Enter Participant identifiers in the Search box at the top right of the screen.