Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Databases

X-Road - Cybernetica AS

advertisement 
X-Road
eGovernment interoperability framework
Serving e-nation over 10 years
Backbone of the Estonian eGovernment
12 years of active duty, no downtime
Over 2000 connected e-services
More than 900 connected organizations, public registers and databases
Over 350 million transactions in 2013
Survived the first nationwide cyber-attack on the Estonian information
infrastructure in 2007
X-road / eGovernment interoperability framework
X-road highlights
X-Road provides a distributed, secure, unified web-services based inter-organizational
data exchange framework.
Distributed – X-Road is a completely distributed, resilient system with distributed management. X-Road does not
centralize the data and does not change the ownership of the data.
Heterogeneous – X-Road connects information systems built on any IT platform. X-Road does not prescribe any
tools and technologies for intra-organizational use.
Secure – designed to satisfy the security requirements of the inter-organizational communicationby ensuring the:
authenticity, integrity and non-repudiation of exchanged data
high availability of services
confidentiality of exchanged data
Reliable – the system does not have a single point of failure. All components of the system can be made redundant
for high resiliency against failures and attacks. Components that are available over shared or public network
employ protective measures against denial of service (DoS) attacks.
Federation support – X-Road supports Bi-lateral agreements between X-Road Centre’s
Easy to implement – X-Road infrastructure deployment is fast and efficient.
Several deployment options are available, including managed infrastructure.
Supports heterogeneous environments, including cloud-hosted information systems.
Consultation and system support are available for the development of organizational procedures and
legal framework.
Easy to use – X-Road is easy to adapt
All communication is based on web-services and can therefore easily used by all developers.
Access to all other organizations is unified – there is only one API and one set of rules that must be
followed by developers.
Secure services publication and management requires a minimum effort from the data owner.
Automated e-services user interface generation reduces the amount of tedious coding.
Remote administration service (optional) – X-Road technology can be provided as a fully administered service
based on the SaaS (Software as a Service) model.
X-road / eGovernment interoperability framework
Overview
X-Road is a technology that provides all the necessary
components for integration of inter-organizational e-services.
X-Road can also be provided in the form of Software
as a Service, which is fully managed by Service Provider.
Such service makes instant technical implementation possible.
X-road / eGovernment interoperability framework
X-ROAD KEY COMPONENTS
Implementation of X-Road does not change the ownership or location of the data. The databases and registers will
not be centralized. The data will be managed by the same institutions that manage them currently. X-Road just
unifies the access to all e-services and allows secure access to data in databases. Each institution is still responsible
for the quality of the data and can determine which other institutions have access to its data. X-Road does not limit
how the registries and organizations implement their information systems – all platforms and hosting models are
supported, including cloud-based setups.
Interoperability backbone – provides unified access to data. In particular, for interoperability backbone:
The receiver of the data can prove to third parties the origin and content of the received data (non-repudiation).
The system ensures that all data that is exchanged between institutions and travels over wide-area network
(either public, shared or private) is encrypted in order to ensure the confidentiality of the data.
The system implements access control mechanisms that allow the service providers to control the access
to services on the client institution basis.
Integrated Service Portals – acts as a single window of access to all public e-services
The end-user (a person) is authenticated by the portal.
The communication with end user is encrypted.
The portals for businesses and governmental institutions support the role-based management of user access
rights to invoke services.
Authentication of users – supports all authentication methods.
e-Services publication & aggregation
Citizen Portal
Officials Portal
Organization
Legacy or proprietary
System
Adapter
SECURITY GATEWAY
Entrepreneurs
Portal
Organization
SECURITY GATEWAY
SECURITY GATEWAY
Registry’s e-services
X-road / eGovernment interoperability framework
Features and Functions
of X-Road components
Central Services
and Administration
e-Services publication & aggregation
Citizen Portal
Officials Portal
SECURITY GATEWAY
Entrepreneurs
Portal
Monitoring Service
Certification Service
Organization
Legacy or proprietary
System
Adapter
Organization
SECURITY GATEWAY
SECURITY GATEWAY
Registry’s e-services
Catalogue of e-Services
Administration Services
Features and functions of Security Servers
Security Servers are one of two components of X-Road which should be installed, hosted, and managed in the service
provider network. As an alternative, Security Server can be provided as a managed access service to X-Road.
Main features
Security Servers implement a security gateways for web-services. All web-service requests and responses are
digitally signed, timestamped, encrypted and archived by security servers.
Security Servers implement organizational level access control for web-services.
Security Servers encapsulate all of the complexity of highly available PKI-based infrastructrures and provide
developers with transparently secured inter-organizational web services.
Security Servers provide meta-services for discovering the structure of the infrastructure, including organizations
and services.
Secure Messaging
Security Servers sign all messages they send to other data providers in X-Road.
Security Servers verify all messages they receive from other data providers in X-Road.
Security Servers log all query responses to the secure log.
Administration
web-based administrative interface for performing configuration and
maintenance tasks
management of e-services access rights
archival of exchanged web-service requests and responses in digitally signed form
all activities in the administrative interface will be recorded in an audit log
one server can support multiple organizations
built-in diagnostic tools for troubleshooting network and configuration problems
X-road / eGovernment interoperability framework
Additional features (optional)
X-Road Premium is a security server add-ons that enhance security server manageability and availability.
X-Road Centre
X-Road Centre is an organization that creates and maintains an X-Road infrastructure instance and offers services
to end-users:
trusted third party services: certification of security servers, management of secure directory infrastructure,
tamper-proof log service for security servers
monitoring service – health monitoring of security servers, provides warnings to system administrators in case
of error conditions
e-service usage monitoring – for statistical purposes
usage monitoring for detection of suspicious activities (such as unwarranted queries to collect confidential
information)
Certification Authority
Certification Authority offers standard certifications services:
Issues certificates for digital signature and for web servers
Offers certificate validity checking service using OCSP protocol
Offers time-stamping service using RFC 3161 protocol
Features and functions of Integrated Service Portals
Integrated Service Portals provide a single window for users to access all e-services:
provision of e-services for citizens, entrepreneurs and public officials
instant automatic publication of new services based on the service description (no programming needed)
authentication of users via multitude of authentication mechanisms, including smartcards, mobile-ID, federated
authentication, etc. With the possibility of adding new authentication methods
role-based access control for enterpreneurs and public officials
Features and functions of Adapter Servers
Adapter is optional custom component that implement web-services that will be shared via X-Road.
Adapter provide to developer a toolkit which consists of source codes, manuals, and templates for devoloping a
necessary adapter.
The platform for Adapters can be freely chosen by the organization to suit its existing platform and IT policies.
Adapter Servers have been successfully implemented on .NET, JEE, Python, various ESB and other platforms.
X-road / eGovernment interoperability framework
Technical implementation services:
eGovernment management consulting:
training and education
situation assessment and requirement analysis
technology provision, installation, configuration
planning
technical online support for administrators
eGovernment interoperability management
remote administration
consulting and training
consultations for e-service developers
legal framework consulting
development of Adapter Server
development of organizational processes
software support
PKI and digital signature implementation consulting
Contacts
Cybernetica AS
Mäealuse 2/1, 12618 Tallinn, Estonia
Phone: +372 6397991
E-mail: info@cyber.ee
Related documents
X-Road overview
X-Road overview
The Development of e- Governance. Building Blocks and Frameworks: Information Policy,
The Development of e- Governance. Building Blocks and Frameworks: Information Policy,
System Integration Process of Government Information Systems
System Integration Process of Government Information Systems
ID Card - E
ID Card - E
Nationwide e-Health platform Estonia
Nationwide e-Health platform Estonia
X-Road for International Information Exchange
X-Road for International Information Exchange
CS1001 Lecture 9
CS1001 Lecture 9
Download
advertisement