Management & Technology Consultants Service-Oriented Architectures for E-Government Connecting People and Public Services – The Irish Governments SOA Initiative Andrew S. Townley McLean, VA 24-May-2006

1 Management & Technology Consultants © 2006 BearingPoint Introductions Andrew S. Townley Principal Architect Reach Public Services Broker

2 Management & Technology Consultants © 2006 BearingPoint Agenda Reach and its mission Key project requirements PSB technical overview Lessons learned

Management & Technology Consultants Service-Oriented Architectures for E-Government Reach and its Mission

4 Management & Technology Consultants © 2006 BearingPoint The Reach Agency Established by Irish Government legislation in 1999 and 2000 to: Develop a strategy for the integration of public services Develop and implement the framework for electronic government To radically improve the quality of service to personal and business customers of Government and to develop and deploy the Public Services Broker to help agencies achieve that improvement In particular Reach is to develop and implement an integrated set of processes, systems and procedures to provide a standard means of access to public services, to be known as the Public Services Broker (PSB)." To radically improve the quality of service to personal and business customers of Government and to develop and deploy the Public Services Broker to help agencies achieve that improvement In particular Reach is to develop and implement an integrated set of processes, systems and procedures to provide a standard means of access to public services, to be known as the Public Services Broker (PSB)." The Reach Mission:

5 Management & Technology Consultants © 2006 BearingPoint Reach Governance Social Security Information Society Public Service Reform Governance Structures Cabinet Committee (chaired by PM) Secretary General Group (permanent heads of Depts.) Assistant Secretary Group (CIOs) Reach Board (DSFA, Prime Minister, Finance) Governance Instruments Primary Legislation & Secondary Regulation Government Decisions Government (Prime Minister /Finance) Circulars Funding decisions (Information Society Fund & Annual Estimates) Name & Shame at Central Groups Office of the Prime Minister Department of Social and Family Affairs Department of Finance Reach

6 Management & Technology Consultants © 2006 BearingPoint Reach Agency Objectives Provide Standards & Regulations for e-Government Develop and maintain a common data exchange format across agencies Provide interaction policies and guidelines for agency service delivery Establish the legislative and regulatory framework allowing service delivery Provide Coordination & Leadership of e-Government Initiatives Advance the e-Government program across the public service agencies Coordinate and manage projects relating to e-Government service delivery Devise the communications and marketing strategy for services offered by the PSB Provide Implementation & Delivery of e-Government services Procure the implementation of the PSB core architecture Actively engage with public service agencies to deliver new services

7 Management & Technology Consultants © 2006 BearingPoint Public Service Broker Objectives Interoperability Create a standards-based architecture Define standardized, structured business documents Common Service Catalogue Provide shared access to services to both citizens and agencies Centralize management and access control Reusability Services provide distinct business operations Once deployed, services are available to authorized PSB users and agencies Single Access Point Centralized interface for both businesses and citizens Visibility of pending service requests across all participating agencies

8 Management & Technology Consultants © 2006 BearingPoint Technology Landscape, c XML specification published (1998) W3C XML Schema Working Group activity Java enterprise computing takes off JSP specification (1999) J2SE v.1.3 (2000) J2EE v.1.3 (2000) Microsoft gets serious about the enterprise Windows 2000/IIS 5/ASP 3 (2000) COM+ combines COM/DCOM/MTS (2000) C# and.NET framework (2000) Web services platform starts to take shape ebXML initiative starts (1999) SOAP 1.1 released as W3C Note (2000) WSDL 1.0 released (2000) UDDI 1.0 released (2000) Vendor Web Services toolkits become available (2000)

9 Management & Technology Consultants © 2006 BearingPoint Pilot Projects ( ) Initial reachservices.ie portal Initially launched in April 2002 with development started in 2001 Allowed individuals to self-register Registration details verified against governmental databases Provided initial point of access and government service taxonomy Provided electronic forms delivery capabilities, but no forms delivered Inter-Agency Messaging Service (IAMS) Developed between based on discussions in 2001 Proof-of-concept for the XML messaging broker Provides delivery of life events between 3 government agencies Initial cost of 81K with total expenditure < 200K for development Delivers real business value reducing time of benefits payment receipt from 22 to 2 days

10 Management & Technology Consultants © 2006 BearingPoint Reach Interoperability Guidelines (RIGs) A set of documents intended to ensure interoperability of the PSB Baseline Intended to define the core interoperability architecture Define the Reach XML Profile and Reach Canonical Form (RCF) Define XML Namespace and W3C Schema profiles Define Unicode, internationalization and versioning policies Define a REST-style reliable messaging transfer protocol Provide general service development guidelines Define the structure of the Reach Envelope Data Model Define canonical XML elements for shared business data elements Service Interface Protocols Defines message exchange patterns and external policies for available services For more information, see

Management & Technology Consultants Service-Oriented Architectures for E-Government Key Requirements for the PSB

12 Management & Technology Consultants © 2006 BearingPoint Centralized Access to Public Services Ubiquitous access Self-service via Web, phone and kiosk Assisted phone services Assisted walk-in services Automated interactions Aggregated services Unified status reporting User-centric Self-management of personal details Targeted service delivery through personalization

13 Management & Technology Consultants © 2006 BearingPoint Architectural Flexibility and Coherence HTTP BTF RPC MQSeries SOAP JMS

14 Management & Technology Consultants © 2006 BearingPoint Identity Management for e-Government CS AA CS – Credential Service AA – Agency Application Reach Project Scope

Management & Technology Consultants Service-Oriented Architectures for E-Government PSB Technical Overview

16 Management & Technology Consultants © 2006 BearingPoint Logical Architecture

17 Management & Technology Consultants © 2006 BearingPoint Architectural Layers HTTP-based protocol boundary reachservices.ie portal is just another service

18 Management & Technology Consultants © 2006 BearingPoint Messaging Infrastructure Send a message Must be in a Reach Envelope Put in mailbox Asynchronous operation Reach Envelope Source Destination Message type Identities Message ID Message body Receive a message Will be in a Reach Envelope Retrieve from mailbox Asynchronous operation Send Receive 1.7 R1752 MXXX M029 {TrustedHost-Principal} {Local user name} D......

19 Management & Technology Consultants © 2006 BearingPoint Example Service Request Message <R1750:PSI500AuthenticationRequest xmlns:R1750=" xmlns:R0101=" xmlns:R0111=" xmlns:R0113=" xmlns:R0114=" xmlns:R0115=" xmlns:R0133=" T09:00:00 qwerty RICHARD O'DONOGHUE MURPHY IE Ireland CORK 2 MOURNE AVE DILLONS CROSS true Document-oriented Message includes all necessary context Generated by requestor agent based on user input Self-describing Each element in schema Full URI of XML schemas Modular & versioned Element re-use from 6 separate schemas Tied together by RIG1750 Full versioning of each separate schema RIG0101:PublicServiceIdentity RIG0114:Country RIG0113:AdministrativeAreaName RIG0115:PersonInfo RIG0133:Reference RIG0111:PersonName

20 Management & Technology Consultants © 2006 BearingPoint Complete Response Message <R1751:PSI500AuthenticationStatus xmlns:R0101=" xmlns:R0104=" xmlns:R0111=" xmlns:R0113=" xmlns:R0114=" xmlns:R0115=" xmlns:R0123=" xmlns:R0124=" xmlns:R0133=" xmlns:R1751=" T09:00:00 qwerty Identity Confirmed RICHARD O'DONOGHUE MURPHY IE Ireland CORK 2 MOURNE AVE DILLONS CROSS true IE MR RICHARD O'DONOGHUE MURPHY IE IRELAND CORK 2 MOURNE AVE DILLONS CROSS true IE

21 Management & Technology Consultants © 2006 BearingPoint End-to-end Message Delivery Integration Framework Requestor Agent Provider Agent

22 Management & Technology Consultants © 2006 BearingPoint Canonical Service Agent Architecture Business Process Logic Service Activator Message Transfer Protocol Messaging Gateway WS-BEPL Proprietary process language Custom code JMS API MSMQ API RM4GS/JCA Apache Sandesha freebXML JBI Binding Component WS-Reliability WS-ReliableMessaging ebMS BTF RRMTP IIOP.NET Remoting WebLogic Integration BizTalk Server Engine Message-driven EJB Session EJB JBI Service Engine Custom code

23 Management & Technology Consultants © 2006 BearingPoint PSB Identity Management Communities Enforced separation of concerns Personal users cannot directly send messages Agency fulfillment users cannot access personal services Independent identity proofing Maximum registration level dependent on community Identity proofing process tailored to each community Identity Assertion Combination of registration level and authentication level Attempts to account for the integrity of the access channel Agency Service Fulfillment Users Integration Framework Principals reachservices.ie Personal Users

24 Management & Technology Consultants © 2006 BearingPoint Service Access Control IDMACS Access Check PSB Service Principal Service UI XML Service Request Agency Service 1. Can the principal access the URI? 2. Can the principal send messages to the service?

Management & Technology Consultants Service-Oriented Architectures for E-Government What Weve Learned So Far

26 Management & Technology Consultants © 2006 BearingPoint When to Use Standards If they are sufficiently mature Can be based on individual assessment or vendor implementations You understand the parts that are missing or broken The fundamental aspects are not under revision Just because a specification is published doesnt make it a standard Just because a specification is published doesnt make it a standard If they fit the problem youre trying to solve Pay attention to the 80/20 rule Does the benefit justify the cost? are not Technology and specifications are not in the drivers seat Everything should be made as simple as possible, but no simpler – Albert Einstein

27 Management & Technology Consultants © 2006 BearingPoint Technology Operational Costs Allow incremental adoption based on ROI for the participants No more big bang deployments SOA means as long as you do the what the how isnt as important Pay attention to licensing and upgrade costs Understand your platform and deployment constraints Be prepared for unexpected adoption rates that could affect TCO Minimize assumptions and dependencies Service implementations should be black boxes Just because a service is deployed here today doesnt mean it wont be deployed in another environment tomorrow Monitoring, diagnosis and manual intervention is critical Operations needs consistent, accurate views of the running system Dont forget about priority manual intervention and build in the mechanisms

28 Management & Technology Consultants © 2006 BearingPoint Interoperability Its about the messages Identify the fundamental information used by a business process The data will be around a lot longer than the systems that process it Specify the essentials, let the rest vary Core data elements and their meanings Reliability constraints Invocation interface Think the Internet Embrace loose coupling Tools, technologies and techniques are generally transient Isolate the moving partshide them behind standardized interfaces Minimize centralized controllet the participants own their processes

29 Management & Technology Consultants © 2006 BearingPoint Engagement with Government Agencies Dont underestimate organizational dynamics Each agency has a unique personality and way of doing things Encourage collaboration, not mandatory adoption of one true way You can lead a horse to water… Set realistic expectations Early adopters will likely bear the brunt of the costs ROI will be incremental, and generally not immediate Spell out data and process ownership, reconciliation and failure recovery scenarios Offer added value Federated identity management provides access to registered user base Auditing, logging and non-repudiation of message exchanges Offer incremental adoption Agency capabilities are not all equal Essential to deliver capabilities to the SOA quickly and cost-effectively

30 Management & Technology Consultants © 2006 BearingPoint Service Implementation Build the right levels of abstractions Easy to make services too fine-grained Dont worry about details not relevant to what the service does Strive for portability Design and build for change Well-defined interfaces between business logic and message transfer Strive for cost-effective scaling Scale out, not up Minimize statefulness Dont accidentally depend on tools and capabilities you dont really need Build a service, not an application The service should be generally useful, not tied to a given requestor

31 Management & Technology Consultants © 2006 BearingPoint Further Information The reachservices portal: The Services and Data Exchange Catalog (SDEC): PSB Service Design Guidelines, rig0019: The Reach Envelope, rig0100: RRMTP, rig0007: PSB requirements and tender documents: Inter-Agency Messaging Service information: EU e-Government case study #625 on REACH IAMS (2003):