Government Service Bus

Download PDF
131 downloads 201351 Views 102KB Size Report
Comment
The GSB (Government Service Bus) is intended to become the central platform of integration and services for the provision of government electronic services.
Government Service Bus The GSB (Government Service Bus) is intended to become the central platform of integration and services for the provision of government electronic services and transactions, and a provider of common value-add Shared Services which will be used by all connected entities and government agencies. i.e. Identity management, e – Payment and core data exchange between government entities. Figure 1 shows the role of the GSB as an integration enabler to implement government e – services.

Figure 1: GSB role in the e – government services infrastructure. The government service bus project is considered among the most critical and high – impact projects within YESSER projects portfolio for 2007 GSB major components: The GSB project has been divided into two phases, based on the (6) pilot services requirements (category 1) and (category 2) services’ requirements as identified in the e – Government national action plan.

Phase 1 of the solution is sought for as a quick win phase, enabling the provision of 6 e-Services from 4 governmental agencies to use a common infrastructure for integration, sharing of data and the use of centralized shared services. It encompasses the following layers:

Integration & Messaging Layer

Messaging & Queuing The GSB Solution will provide the ability to perform Store and Forward of messages between the various services and clients of the GSB, both in synchronous or asynchronous way.

Service Registry The Service Registry will be used to provide a controlled point of access to service metadata for all services provided by e-Government.

Transaction Management Transactions are a fundamental concept in building reliable distributed applications over the KSA GSB. A transaction is a mechanism to insure all the participants in an application achieve a mutually agreed outcome.

Switching & Routing Service switching and routing is a key “enabling service” of the GSB which ensures that a service is accessed in most efficient and performing manner.

Service Provision and Delivery Gateways The Service Gateways makes the services of one application or provider available to others, and vice versa, in a controlled and secure manner. They provide an alternative to client-based or server-based wrappers and instead acts as an intermediary component to translate non-Web Services invocations into Web Services calls and messages, and vice versa.

e-Gov Adapters E-Government Adapters are software components that enable a logical business transactions to be executed seamlessly between systems. Data Management Layer

Shared Data Service The e-Gov Data Adapters will allow the GSB, through the Shared Data Service, to accept requests for data from client systems, invoke the relevant Adapter to

retrieve the data, validate it using the Data Schema Validation engine and returned in Canonical Data Format to the requester.

Database Access Service The Database Access Service (DAS) enables the GSB to query/update its RDBMS through a web service.

Data Schema Validation Data Schema Validation is an important feature of the GSB, ensuring that all data shared among services conforms to an agreed upon Schema or Metadata rules. These agreed upon schemas and metadata rules will be defined through the YEFI process framework. Security Layer

Security Overview Since the GSB will be handling sensitive personal and government data, as well as transactions with legal implication it must provide a high level of security for access, identification, authorization and non-repudiation. Below is a list of the general security requirements that will be provided by the GSB security solution.

Authentication and Single Sign-On The GSB solution will provide a centralized authentication via LDAP directory services. It will also provide a single sign on solution between the e-Gov portal and participating agency sites.

Authorization The GSB LDAP will hold some basic authorization levels that will be used internally within the GSB and accessible to external systems.

Identity Verification Government services rely on identity verification before tendering of service, which is usually done by requesting a citizen to show-up in person and present identification. In order to prevent fraud, eServices need to maintain a strong identity management and issuance process, so that a user requesting an e-Service can be verified to be what the user claims to be. Non-Repudiation For Phase 1 of the GSB, non-repudiation will be achieved through 1. Authentication (registered user with username/password)

2. One-time Identify verification process as outlined in the identity verification section. 3. Business transaction logs and audits. User Management The administration of User Accounts, along with creation, update, disabling and verification of users is done through this component Core Services Layer

Payment Gateway Since most e-Government services do require a payment of fees for the service rendered, it important that the GSB provide a common shared service for payment processing. This service can be used by any government agency system that is connected to the GSN. No need for each agency to have its own integration point into a payment service/gateway is needed any more.

Logging Engine The logging engine is responsible for logging different activities (business transitions and system actions) and errors within the GSB framework. The logging engine will also provide a framework for logging that can be used by different component of the GSB. Interaction Layer

Secure Management Site The Secure Management Site will be used by GSB Administrators and Yesser Customer Service Representatives.

Notification Engine The Notification engine will “push” or “route” service requests to recipients via a number of mechanisms, such as SMS, E-mail and even voice calls.

Email Gateway Among the GSB notification channels, secure e – mail solution will be used to notify users of the GSB in a reliable and timely manner.

UI Syndication The UI Syndication engine is the mechanism used to integrate remote user interface of e-Services developed and hosted by the various government agencies into the portal of the e-Government of Saudi Arabia, and to provide web-service interfaces to pages and user interfaces hosted on the e-Gov Portal or Secure Management Site to remote portals for use within their UI frameworks.

Auditing & Reporting Auditing and reporting modules provide access to business and technical activity logs across the different services and components of the GSB.

Systems Management The management tools will be used to manage and monitor the GSB hardware and software components Phase 2 of the solution is sought for as an additional phase, enabling the provision of an additional 20 e-Services from various governmental agencies to use the GSB infrastructure, and adding extra value-add services to the installation. It encompasses the following components:

Integration & Messaging Layer

Workflow & Choreography Choreography is about the development and execution of business process flow logic, which is abstracted from applications. Inherent in this are rules which govern the sequencing and control of service invocations, which in turn support these business processes and workflows

Orchestration Orchestration is a type of collaboration in which the primary service directly invokes other services. The primary service knows the sequence of actions and the interfaces, responses, and return states of the called services.

Protocol Transformation Protocol transformation has been traditionally provided as a key enabling feature of Message-Oriented-Middleware (MOM).

Quality of Service Management The Quality of Service (QoS) Management is an Observer Service that checks all the messages that flow through the GSB. Anytime a fault occurs the Observer raises an event to notify any systems subscribing to the service and it can then process the information appropriately.

Event Management

The GSB Event Management Service is a standard “push service” that enables decoupling clients from consumers of GSB events. The various GSB components can publish messages into an Event Channel and the Event Management Service will deliver the messages to all the appropriate subscribing users. Data Management Layer

Data Transformation Together with integration, data transformation involves the reformatting of the source data including files, records and fields, and the removal of data that is not required in the target system. It may also involve decoding and translating field values, adding a time attribute (if one is not present in the source data) to reflect the currency of data, data summarization, and the calculation of derived values.

File System Access The File Access Service enables the GSB to read and write files to the local area network storage devices through Web Services.

Enterprise Search Engine The Enterprise-Wide Search service which will aggregate and filter data from local databases and file-systems, outputs of GSB services, as well as federated repositories of shared data and agency services. The search result will be returned in XML format following the GSB YEFI based structure for data, and can be used by any service or client to perform search needs.

Data Enrichment Data enrichment, also known as “data enhancement”, is about adding value to existing data already used in an organization. Security Layer

PKI Integration This is the proposed integration point to external security providers. The main entities identified so far are: PKI, MoI, and MoCI.

Encryption and Signing The solution components can be used for the encryption and signing of business data across the boundaries of the transaction. Core Services Layer

Service Level Management

This is the layer of management that belongs exclusively to the Service Level Agreements (SLAs). Interaction Layer

SMS Gateway The Short Message Service Gateway will allow all users of the GSB to integrate SMS with their existing systems through a single point of entry. The GSB will enable all providers and users the ability to simply 'plug in' to the SMS gateway and begin sending SMS messages. For those systems which already send out email alerts, the SMS Gateway will be able to supplement this alert mechanism through SMS messaging.

IVR Gateway The Interactive Voice Response Gateway will provide the necessary interaction services to handle telephone callers.

Postal Service Management The Postal Service Management interface can interact with the Postal Service system. The Postal Service Management interface will provide the GSB with a web service that enables the GSB to send a Pickup-Delivery request to the Postal Service Office System.

Development & Publishing Toolkit The development and publishing toolkit enables the ministries to develop and publish e-Services. Along with the reference architecture and the YEFI interoperability framework government agencies can use this toolkit to develop their services systematically. The toolkit will contain a sample e-Gov Adapter, YEFI, reference architecture, technical reference model, and all other necessary development tools and guidelines.