ПРАВИЛНИК Untitled Document
Enclosure 11 (E11) – Technological Procedure for Communication with the Information System of the CD AD  

1. Access ways The ways to access the information system /IS/ of CD AD are the following:

1.1. Via dial-up, phone numbers: 4002090, 500290, 900290

1.2. Via radio frequency connection through the communication system of the Bulgarian Stock Exchange Sofia AD

1.3. Via Internet global network, SSL protocol.

2. Exchange protocol The data exchange protocol is TCP/IP. On application level, the protocol is FTP. Encrypting and electronic data exchange is used for all messages from and to CD AD. For this, a PKI infrastructure is built at CD AD, with a Central Certification Server to generate and store the X.509 certificates, along with a LDAP server.

3. Structure of the information transmitted The structure of the information transmitted is as follows: Information is exchanged in file format. Information to CD AD: At the Central Depository AD, the basic communication standard adopted is the ISO15022 standard /also used by SWIFT/. Information from CD AD to the information intermediaries: Information about the settlement: Central Depository AD generates information also in the form described in the Enclosure on the processing of data received from the intermediaries about the transfer of securities, according to the ISO 15022 standard.

4. Communications In order to communicate with the investment intermediaries, a LINUX server with a FTP server installed thereon is installed at the Central Depository. The data exchange between investment intermediaries includes:

4.1. Preparation, by the investment intermediaries, of the files about the transactions concluded, and archivating thereof with ARJ.EXE or WinZip. The investment intermediaries, with the help of the software they use, prepare the files and archivate them, while a copy of the archivated file is sent to the Central Depository. It is advisable to include the day and month of the relevant date in the files. The number of files and the sending time are determined by the investment intermediary. The file names should be up to 8 symbols long, if they are compressed with ARJ.EXE. To communicate under the ISO 15022 standard, only files compressed with WINZIP and having ZIP extension will be used. Files names can be arbitrarily long. The compressed file should contain only one uncompressed file having ISO extension.

4.2. Establishing a connection with the Central Depository’s communication server and copying the archivated file into the In subdirectory of the intermediary’s personal directory. Each intermediary receives Instruction (see Enclosures) from the Central Depository on how to establish connection with the communication server, in which instruction, along with the technological sequence of actions needed to establish the connection, the user name, password and NT domain are given as well. The user name and password can be changed upon user’s request, and the password can be changed by the user himself, from a remote workplace. Communication happens only via FTP protocol, which means that the way of sending and receiving is based on FTP commands, while principally meaning that on the root directory, the directories IN, OUT and ARHIV are available. As described in the Instruction, the files from the investment intermediary are copied into the In subdirectory on the depository’s server. Since the files are processed by the software at the Central Depository, it is possible that the file “disappears” right after being sent to the In subdirectory, which in practice means that the file has been already copied into the depository’s archive and loaded into the database. A file sent for the second time will be processed, too, but the attempt to load it into the database will result in generating an error message. In case files are sent that have the same name, but different contents, each file will be processed correctly, and while copying those into the Central Depository’s archive, the files of the same name will be renamed and given a subsequent number. If the file has not been processed yet – i.e., it is in the In subdirectory on the intermediary’s personal directory, - it can be deleted or replaced by the intermediary himself. This can lead to loss of information, in case the investment intermediary, who wants to send another file with the same name, but different information contents, does not check if the previous file has been loaded. 4.1. Checking the archivated file with ARJ.EXE. When checking the presence of files in the investment intermediaries’ directories, each file found is checked for correctness with ARJ.EXE. The file can be checked by the sender before as well as after being sent to the server, by way of executing the command "ARJ T name_of_file" in a DOS session. In case the file was achivated correctly, a message "testing name_of_file OK" appears for each file. 4.2. Copying the archivated file into the Central Depository’s archive, desarchivating and loading the individual files into the Central Depository’s database. When processing the data at the Depository, each file that has passed the test with ARJ.EXE or WINZIP is copied in the archive (with a new name, if necessary), desarchivated and loaded into the database in the same form as it was submitted. The loading also includes checking the data structure in the files themselves, and fixing the errors occurred in the loading process. The messages about data not loaded to the database are sent to the investment intermediary in the evening, along with the rest of the daily processing output.

4.3. In order to provide access to the Central Depository’s server, the following are required:

4.3.1. Presence of a PC with an operating system Windows XP/2000 or newer versions and a modem connected thereto;

4.3.2. Each user receives a pseudonym on the name of his/her directory (in the example below: myshare) and a password for access to it (in the example: 121212).

4.3.3. In Control Panel -> Network, it is necessary to have installed protocol TCP/IP and Client for Microsoft Networking.

4.3.4. In Control Panel -> Network, it is necessary to have installed protocol NETBEUI and Client for Microsoft Networking, for communication until 31 March 2001. 4.4. Data are sent to the Central Depository every day from 9:00 am to 6:00 pm, into the IN subdirectory of the personal directory.

4.5. Data about the investment intermediaries can be downloaded from 9:00 am to 6:00 pm, from the OUT subdirectory of the personal directory. The files are deleted after they are read.

4.6. The connection with the computer at the Central Depository is established as follows:

4.6.1. Start application Dial-Up Networking (Start->Programs->Accessories->Dial-Up Networking or via Explorer). If we cannot see it, i.e., the application is not installed, it should be installed from the Windows installation discs.

4.6.2. If connection is not established – it is established when logging in to the Central Depository for the first time, - we shall establish it: Make new connection…, where we enter code +359 for Bulgaria, 02 for Sofia and phone number 4002090, 500290, 900290.

4.6.3. We select the connection with the Central Depository while leaving the password field empty, and choose OK for the communication to start. 4.6.4. User name and password are entered: USER NAME: user1 Password: 121212 Logon Domain: ipdomain

4.7. Further notes: Each user has full rights within his/her directories, i.e. he/she can copy, delete or replace files and directories. To the IN directory, only archivated files are sent (ARJ and WINZIP – ZIP extension); files having extension other that ZIP are not processed by the Central Depository’s software. For Windows 95/98 users, it is required that the name of the Windows 95 user be the same as the USER NAME (in the example: user1). If the names are not the same, the access to the server will be normal, but if attempt is made to see the personal directory’s contents, a message “incorrect password” will appear. For Windows NT users, when inquired Connect As they should enter the user name for access to the depository’s server. The Central Depository’s server can be seen in Network Neighborhood (following a successful connecting), but only accessible is the respective investment intermediary’s directory. Besides, for Windows 98 users it is required to have the user name registered within Control Panel->Users. For FTP users: 1. After the connection is successfully established via Dial-UP or in another way, starting the FTP client follows and the FTP server is approached with the command: C:>FTP 2. After the command is successfully executed, name and password inquiry appears above: User ( None)) : myname Password :******** 3. If connection is successful, a message appears: WELCOME INTO CENTRAL DEPOSITORY FTP SERVER User myname logged in. 4. Change directory: Cd /broker/XXXXX/in

5. Execute the series of commands to send a file: Hash 2048 Binary PUT name of file

6. Execute the series of commands to receive a file: Cd /broker/XXXXX/out Hash 2048 Binary GET name of file The directories’ contents can be reviewed with command LS or DIR. In case of FTP connection, the time of each session is limited to 15 minutes. When it runs out, the servers disconnects. In case of no activity throughout 5 minutes, the server disconnects automatically.

7. Disconnecting from the FTP server: Bye All rules regarding the files processing are valid for the files received via the FTP server. For TCP/IP connection, the following dial-up connection options have to be set as follows: Allowed network protocols: TCP/IP TCP/IP Settings: Server Assigned IP address: marked Server assigned name server address: marked Use IP header compression: marked Use default gateway on remote network : marked For users of the BSE-Sofia AD’s communication network and for Internet users, the FTP connection procedure starts from item 1 above, without making the dial-up connection.