The institution, in coordination with the other institutions participating in the agreement, defines an architecture enabling it to perform international data exchanges in an efficient and secure way.
In the case of multilateral agreements, the international architecture may include a “trusted third organization” storing key common information, such as a log of transactions, digital signatures and certificates.
Guideline code
ICT_07400
Mechanism
Mechanism
- The Responsible Technical Team (RTT) should define an international architecture for the international social security agreement, enabling it to perform international data exchanges in an efficient and secure way.
- The scope and features of a specific international architecture would strongly depend on the characteristics of the agreement:
- Architectures for bilateral agreements may be based on a liaison-to-liaison pattern, having the key resources on the liaison agencies’ sites;
- Architectures for multilateral agreements may require additional components to support multi-liaison interactions and additional common resources (e.g. directory of liaison agencies, log of transactions, etc.). In addition, an organization may play the role of a “trusted third organization” to manage the key common resources;
- Distributed architectures based on standards have the advantages of reducing the requirements for a central hub system as well as the risks of single point of failure. Nevertheless, a centralized hub-oriented approach would be appropriate for common services with a single validation point. Distributed architectures and centralized hub-oriented approaches are compatible;
- A variant of an international architecture for multiple bilateral agreements may be considered in order to reuse software applications and key resources.
- The international architecture should include a Common Reference Service (CRS), which works as a data broker between institutions. Some of the main goals of a CRS are to:
- Provide service-oriented interoperability mechanisms to perform efficient and secure data exchange operations between institutions;
- Manage the verified signatures of institutions’ staff as well as their corresponding authorizations to perform operations in the agreement;
- Manage metadata and semantic resources on the data to be exchanged;
- Provide the means to manage service quality indicators, especially concerning service-level agreements (SLAs) established for the agreement’s operations;
- Provide the means to manage transaction logs, keeping track of all operations in order to provide traceability functions.
- The RTT should oversee the implementation and management of the CRS, including the tasks of:
- Defining the technological infrastructure required for the CRS, particularly the interoperability mechanisms;
- Defining the data, metadata, processes and services the broker will use to serve as a common reference service;
- Defining metrics, performance indicators and monitoring mechanisms;
- Defining requirements concerning security vendors, security policy and key management, and identifying external service providers for the generation of digital certificates.
- The RTT, in coordination with the institution’s ICT unit, should define technical requirements and configurations to connect the institution to the CRS.
- The ICT unit, in collaboration with the RTT and following the institution’s interoperability policies, should develop the gateways necessary to connect the institution to the CRS.
Structure
Structure
- The management should commission the ICT unit and the institution’s delegates in the working committees of the agreement to establish an international architecture in coordination with the other participant institutions.
- To enable efficient and secure international data exchanges, the architecture should include interoperability mechanisms, security features, authorization and non-repudiation functions, as well as traceability services for the transactions.
- The international architecture should comply with the terms and administrative arrangements of the agreement.
- The management, with the assistance of the ICT unit, should appoint members of the institution’s staff to the Responsible Technical Team (RTT) of the international agreement, which manages the ICT aspects of the agreement at the international level.
- The international architecture should be the most compatible possible with the institutional architectures and models recommended in the current set of Guidelines, particularly Section A.2, ICT Management, and Part B, Key Technologies.
Title HTML
Guideline 55. International architecture
Type
Guideline_1
Weight
77