e-government architecture
TRANSCRIPT
![Page 1: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/1.jpg)
E-government architecture
Bozhidar Bozhanov
![Page 2: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/2.jpg)
Vanity slide
• Still a developer
• http://blog.bozho.net
• http://techblog.bozho.net
• http://twitter.com/bozhobg
• E-government adviser to the deputy prime
minister of Bulgaria
![Page 3: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/3.jpg)
E-government
We have e-government when the state does
not waste citizens’ time.
![Page 4: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/4.jpg)
Complex problem?
• 20% technical
• 20% legal
• 60% organizational
![Page 5: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/5.jpg)
Primary registers
• Register = database
• Primary - source of truth
• Population register, document register,
commercial register, NGO register, vehicle
register, property register, land register.
![Page 6: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/6.jpg)
Connecting the registers
• The task
• Legal - already done in the e-governance
act
• Technical - 2 solutions that haven’t worked
• Organizational - the reason why the 2
solutions haven’t worked
![Page 7: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/7.jpg)
“Once only”
• 2 laws forbid the administration to collect
data from citizens that the state already
has
• Automatic collection from primary registers
instead
![Page 8: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/8.jpg)
How?
• Decentralized architecture• or distributed?
• Addressing legal issues• “This does not concern us”
• “We have a special law”
• We need specific agreements
• Organizational issues: carrot and stick
![Page 9: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/9.jpg)
Requirements
• Many participating organizations• including private sector
• Personal data protection• 100% access accountability
• Secure authentication of information systems• PKI, HSM
• Sync, async and subscribe requests
• Change management
![Page 10: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/10.jpg)
Microservices?
• Similar
• … but they aren’t “micro”
• .... and they aren’t within a single
organization
![Page 11: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/11.jpg)
History
• “Administrative IS will talk to each other,
finally” (TechNews, June 2006)
• 1st attempt: ESOED• unsuccessful
• 2nd attempt: RegiX• unused as of yet
• “Interoperability framework”• a.k.a WSDL
![Page 12: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/12.jpg)
Meanwhile in Estonia...
• X-Road functions since 2001
• Connected registers: 200+
• Institutions: 900+
• Transactions: 600 million / year
• Saved man-hours annually: 47 million
![Page 13: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/13.jpg)
Technological drawbacks are not the reason for
the failures.
![Page 14: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/14.jpg)
Fundamental question
Documents, data, or services?
![Page 15: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/15.jpg)
• “Electronic document”
• Wrapper of data?
• Internal administrative service for serving
documents/data
• Main difference:• Document exchange vs. data exchange
![Page 16: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/16.jpg)
Architectural question
ESB or P2P?
![Page 17: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/17.jpg)
Източник: МТИТС
![Page 18: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/18.jpg)
ESOED
• ESB/Message Queue
• Works entirely with electronic documents
• Checks and routes documents
• Complex integration• Lack of accessible libraries
• Council for registration
• VPN?
![Page 19: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/19.jpg)
Източник: МТИТС
![Page 20: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/20.jpg)
ESOED - how?
• Entering all schemas into a register
(manually)
• SOAP requests with destinationURI
• Async response
• Encryption, signing
![Page 21: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/21.jpg)
RegiX
• ESB (sort of)
• Adapts legacy registers by exposing web
services
• Central component routes requests
• Adding a register requires additions to the
central component
• Does not support Subscribe
![Page 22: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/22.jpg)
RegiX - how?
• SOAP request to the central component• with service identifier
• with data about the requester
• Central component forwards to the adapter. • Checks access
• Logs the event (without the data)
• The adapter gets the data from the database
and responds
![Page 23: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/23.jpg)
NoESB
• ESBs are single point of failure• No matter how well “reserved”
• Their magical powers are only on paper
• Good interfaces and versioning them
removes the need for an ESB*
![Page 24: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/24.jpg)
X-Road
• p2p
• Security server (proxy) + adapter server -
integration components
• Security server instead of a centralized
ESB
![Page 25: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/25.jpg)
X-Road
![Page 26: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/26.jpg)
X-Road - how?
• Communication: only with a security server
• Security servers take of logging and
authentication
• Security servers are proxies
• Local cache
• Load balancing
![Page 27: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/27.jpg)
X-Road protocol
• Standard protocol for adapter servers• SOAP
• A list of available services and their definitions
• Versions?
• Every adapter server is entered into a
register
• Adapters are tightly integrated with the IS• And support subscribe
![Page 28: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/28.jpg)
UK: Registers
• One software for all registers
• Multi-tenant deployment
• RESTful integration
![Page 29: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/29.jpg)
Security server?
• Additional servers complicate the
infrastructure
• Instead of servers - standard components
• Price?
• Instead of certified security servers -
transaction coordinator?• Single point of failure?
![Page 30: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/30.jpg)
![Page 31: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/31.jpg)
Data, in addition to services
• Granularity: data
• Standard protocol for automatic handling of
the schemas of data
• Request: type/version/identifier
![Page 32: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/32.jpg)
![Page 33: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/33.jpg)
Distributed architecture?
• Storing data in a blockchain• Encrypted
• ...with the personal key of each citizen
• ...and with the key of the institution (in case the
citizen loses theirs)
• Estonia: health records
![Page 34: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/34.jpg)
Privacy
• Access control
• Event log
• Access for citizens• + notifications for reading their data
• Legal consequences for improper reading
of data
![Page 35: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/35.jpg)
So...
• Standard protocol
• Standard SDKs and components• Implementing the protocol
• Central registers with metadata• Access control, data types, list of registers
• Access log
• Documentation, sandbox
![Page 36: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/36.jpg)
KISS
• With a minimal set of components
• With minimal human interaction
• Complexity kills
![Page 37: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/37.jpg)
Complex problem?
• No
• Architecture can be simple
• Organizational and human factor -
complicated
![Page 38: E-government architecture](https://reader034.vdocuments.us/reader034/viewer/2022050613/58759fcb1a28ab6d198b6401/html5/thumbnails/38.jpg)
Thank you!