SECURE DATA INTERCHANGING IN E-GOVERNMENT A MODEL FOR TURKEY

Transcription

1 SECURE DATA INTERCHANGING IN E-GOVERNMENT A MODEL FOR TURKEY A MASTER S THESIS in Computer Engineering Atılım University by ÖZGÜR ÖZTÜRK APRIL 2005

2 SECURE DATA INTERCHANGING IN E-GOVERNMENT A MODEL FOR TURKEY A THESIS SUBMITTED TO THE GRADUATE SCHOOL OF NATURAL AND APPLIED SCIENCES OF ATILIM UNIVERSITY BY ÖZGÜR ÖZTÜRK IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF MASTER OF SCIENCE IN THE DEPARTMENT OF COMPUTER ENGINEERING APRIL 2005

3 Approval of the Graduate School of Natural and Applied Sciences Prof. Dr. İbrahim Akman Director I hereby certify that this thesis satisfies all the requirements as a thesis for the degree of Master of Science. Prof. Dr. İbrahim Akman Head of Department This is to certify that we have read this thesis and that in our opinion it is fully adequate, in scope and quality, as a thesis for the degree of Master of Science. Prof. Dr. Ali Yazıcı Co-Supervisor Instructor Ziya Karakaya Supervisor Examining Committee Members Prof. Dr. İbrahim Akman Prof. Dr. Ali Yazıcı Asst. Prof. Dr. Çiğdem Turhan Dr. Ali Arifoğlu Instructor Ziya Karakaya

4 ABSTRACT SECURE DATA INTERCHANGE IN E-GOVERNMENT: A MODEL FOR TURKEY Öztürk, Özgür M.S., Computer Engineering Department Supervisor: Instructor Ziya Karakaya Co-Supervisor: Prof. Dr. Ali Yazıcı April 2005, 80 pages The developments in internet technologies provide opportunities for secure, fast and effective data interchange through the Internet. The efficient use of these technologies such as electronic government services contributes to the welfare of individuals, companies and agencies in several aspects. Since many of the currently used government architectures do not provide effective data interchange between the agencies and individuals, important problems occurred across the e-government network upon start of the new internet based technologies used as international standards; the proposed model provides an effective and secure data interchange in e- government. This thesis proposes a secure data interchange model in e-government for Turkey. Keywords: Interoperability, Interoperability Framework, Agency, E-Citizen, Portal, E-Company, E-government iii

5 ÖZ E-DEVLET İÇİNDE GÜVENLİ VERİ DEĞİŞİMİ TÜRKİYE İÇİN BİR MODEL Öztürk, Özgür Yüksek Lisans, Bilgisayar Mühendisliği Bölümü Tez Yöneticisi: Instructor Ziya Karakaya Ortak Tez Yöneticisi: Prof. Dr. Ali Yazıcı Nisan 2005, 80 sayfa İnternet dünyasındaki gelişmeler güvenli, hızlı ve etkili bir veri iletimine imkan sağlamaktadır. Bu teknolojilerin yerinde kullanımı insanların, kamu kurumlarının ve şirketlerin refahını etkileyen bir çok faktörden biri olan devletin elektronik ortamdaki hizmetlerine önemli katkılarda bulunabilecektir. Devlet kurumlarının kendi aralarında yada bu kurumlar ile bireyler veya şirketler arasında elektronik ortamda yapılmaya çalışılan veri iletiminin standart, güvenli ve hızlı olamaması önemli sorunlar yaratmaktadır. Bu model internet tabanlı yeni teknolojilerindeki gelişmeleri kullanarak e-devlet yapısı içerisinde ve e-devleti oluşturan unsurlar arasında güvenli, dünya standartlarına uygun, etkili ve hızlı bir veri iletimini hedeflemektedir. Bu tez, Türkiye için güvenli ve etkili bir e-devlet modeli önermektedir. Anahtar Kelimeler: Birlikte çalışabilirlik, Birlikte çalışabilirlik çerçeve yapısı, Kurum, E-Vatandaş, Portal, E-Şirket, E-Devlet iv

6 To my dear family Thanks for their endless support v

7 ACKNOWLEDGMENTS First, I would like to thank my thesis supervisor Ziya KARAKAYA for his guidance, insight and encouragement throughout the study. Thanks also go to my co-supervisor Prof. Dr. Ali YAZICI. I should also grateful to examination committee members Prof. Dr. İbrahim AKMAN, Dr. Ali Arifoğlu, Asst. Prof. Dr. Çiğdem Turhan for their valuable suggestions and comments. I would like to express my love to all the members of my family for their patience, sympathy and support during the study. vi

8 TABLE OF CONTENTS ABSTRACT... iii ÖZ...iv DEDICATION...v ACKNOWLEDGMENTS...vi TABLE OF CONTENTS...vii LIST OF FIGURES...ix LIST OF TABLES...ix LIST OF ABBREVIATIONS...x CHAPTER I...1 INTRODUCTION Background of Problem Definitions of Terms...5 CHAPTER REVIEW OF LITERATURE Determination of Main Policies and Targets Determination of Standards Web Services XML (extensible Markup Language) SOAP (Simple Object Access Protocol) WSDL (Web Services Description Language) UDDI (Universal Description, Discovery and Integration) XML Schema Interoperability Framework Legacy Systems...16 CHAPTER METHODS OF THE STUDY Main Problem and Sub Problems Main Research Question Sub-Questions Design of the Study The Current Situation The Data Interchange Model in E-government Outline of Data Interchange Model for Turkey Main Components of Data Interchange Model for Turkey...22 CHAPTER THE MODEL ARCHITECTURE Interoperability Framework Workflow in Data Interchange Model The Client Side Scenario The Agency Side Scenario...39 vii

9 4.3 Security Characteristics in Data Interchange Model Software Properties Assumptions and Limitations Assumptions Limitations...56 CHAPTER RESULTS AND CONCLUSIONS Results Answer Answer Answer Answer Answer Answer Answer Answer Conclusions Recommendations...62 REFERENCES...64 APPENDIX A...67 INTERNATIONAL STANDARDS USED IN THE PROPOSED MODEL...67 APPENDIX B...72 CENTRAL CENSUS MANAGEMENT SYSTEM PROJECT (MERNIS)...72 APPENDIX C...79 E-EUROPE AND E-EUROPE+ ACTION PLANS...79 viii

10 LIST OF FIGURES FIGURE 3.1 Model Outline Client-Agency Interactions SSL and Certification Mechanism Authentication Mechanism Portal Usage E-service Registry Usage Message Flow between Client, Registry and Provider User-Agency Interactions Agency-Agency Interaction Data Substitution Demographic Data Recording TCKIMLIKNO Searching VERGINO Searching and Recording Web Service Introduction Page Web Method of the Web Service Maliye Web Methods of the Web Service Mernis The web method GetMernisData The output of GetMernisData The web method SearchMernisData The Output of SearchMernisData Soap Request Soap Response...55 LIST OF TABLES TABLE 2.1 XML document SOAP Request SOAP Response Metadata Example XML Document (shiporder.xml) XML Schema Document (shiporder.xsd) SOAP Request SOAP Response 35 ix

11 LIST OF ABBREVIATIONS IF XML SOAP UDDI WSDL MS DBMS SSL TBD Interoperability Framework extensible Markup Language Simple Object Access Protocol Universal Description, Discovery, and Integration Web Services Description Language Metadata Standard Database Management System Secured Socket Layer Türkiye Bilişim Derneği x

12 CHAPTER I INTRODUCTION We live in an increasingly interconnected society, where the Internet has spawned tremendous improvements in efficiency and customer service. People use the telephone and the internet to get service 24 hours a day, seven days a week. In such a growing world, governments should transform themselves to give better services for citizens. In governments side, internet technologies become a key for new, technological government services. This approach, offering better government services using internet, created the concept of e-government [1]. It should be clear that, e-government is about transformation; technology is a tool. E-government is about transformation that helps citizens and businesses to find new opportunities in the world s knowledge economy. In addition, it can be considered that, e-government is a powerful tool for improving the internal efficiency of government and the quality of service delivery as well as enhancing public participation [2]. E-government is the use of the expertise, technology, and partnerships to integrate government services for the public by using power of the internet; it is not just a web page, which is simple HTML document on the web [3]. Until recent times, government, in general, has approached the task of providing services from an agency centric perspective. However, e-government views the world from a customer-centered perspective, a paradigm that precludes stovepipe services in which citizens must go to multiple agencies (and often multiple offices within an 1

13 agency) to do business with government. Providing services from a customer centered perspective means developing a single service interface regardless of what agency actually provides the service. By the E-government initiative, the primary goals for the governments are to: Make it easy for citizens to obtain service and interact with the government; Improve government efficiency and effectiveness; and Improve government s responsiveness to citizens [3, 4]. These three main targets can be explained in detail as the following outcomes that the e-government program seeks: Convenience and Satisfaction: Services provided anytime, anyhow, anywhere. People can have a choice of channels to government information and services that are convenient, easy to use and deliver what is wanted [5]. Integration and Efficiency: Services those are integrated, customer centered, and efficient. Information and services are to be integrated, packaged, and presented to minimize cost and improve results for people, businesses, and providers [6]. As an example, according to an IRS news release of April 26, 2002, 39.5 million Americans filed their 2001 income taxes electronically in 2002, 6.6 million of these used home computers a one-third jump from the previous year. People apply for passports and various licenses (for example, many states allow driver s license renewals via the Internet), and businesses apply for patents and permits, and supply wage reports and other required information to government agencies [7]. Participation: Participation in government. People and organizations are to be better informed and able to participate in government. The following approaches can be included in the meaning of participation: Aligning organization strategy and activities with the e-government strategy. Working with customers and stakeholders to learn how they can benefit from e-government. 2

14 Ensuring business plans (outputs, services, budgets) cater to the required activities. Integrating common foundations of e-government into the organization's business environment. Not all of these outcomes can be gained without the well-structured agencies that are responsible for giving customer centered services in e-government. Even if the government agencies can have their own infrastructures and specifications, the data/information should flow from an agency to another. This scenario is possible if the agencies can speak in the same language and understand each other. In e- government, this concept called as interoperability. By interoperating, agencies can: provide services and information electronically in the way that people want (convenience and satisfaction) work together electronically acting more like a single enterprise than a collection of individual agencies (integration and efficiency) make information available to people in ways that help them to participate in the processes of governance (participation) [8, 9] 1.1 Background of Problem E-government initiatives focus attention on a number of issues: how to collaborate more effectively across agencies to address complex, shared problems; how to enhance customer focus; and how to build relationships with private sector partners. Public administrations must address these issues if they are to remain responsive. These problems can be classified as follow. Citizens need to access government services or data/information at any time, anywhere, and by use of different types of technologies. Agencies need to work/understand with each other and prevent extra economic loads of storing same data/information in number of different places (agencies). 3

15 Businesses need to make efficient transactions with government using government web services and create new markets on the internet. Government agencies use old and technology dependent infrastructures. In this structure, interchanging data between two systems is difficult to realize. Inconsistent data definitions such as address, date, unique identifiers are the real problems for data interchanging. For instance, the government agencies and many of hospitals identify their clients or patients by use of different unique identifiers. Although Turkish people have unique identifier (TCKIMLIKNO), many of the government agencies do not use this number for identifying their clients. Shared data/information should have the same meaning for communicated agencies. It means that, there should be a consistency of semantics and syntax in data/information interchanging. In order to solve these types of technical problems, purchasing new systems, that are compatible with each other, is not a solution. Because, this type of approach requires lots of money and creates big economical load for the government agencies and government itself. These problems are caused by not only technological aspects but also legal difficulties and governmental procedures. In most cases, one of the most important problems is the absence of legal decisions for interchanging data between agencies. Agencies do not know how to share data/information with other agencies, and do not know what the sharing criteria in interchanging data/information are, which is the common opinion mentioned by the agencies, which participated into TBD meetings in Fall The e-government logic provides a solution for these problems providing a platform that has extensible, reusable, easy accessible, standardized, and secure structures at technological level and requires efficient managerial approaches. 1.2 Purpose of the Study Purpose of this study is to examine current approaches to e-government and develop an applicable data interchange model for Turkey based on current and 4

16 innovated technologies. This study also examines the advantages of the e- government project and the benefits of secure, layered, and integrated e-government infrastructures that make the adoption of e-government structure possible by other countries. 1.3 Definitions of Terms E-government: E-government is the use of electronic processes by citizens, businesses, and the government to communicate, to disseminate and collect information, to facilitate payments, and to carry out permitting in an online environment [10]. SOAP (Simple Object Access Protocol): SOAP is a lightweight XML-based protocol for exchanging structured and typed information. SOAP is the ingredient that provides functionality on remote machines without needing to know anything specific about those machines. (See section for details) WSDL (Web Services Description Language): When it comes to building a Web service, the Web Services Description Language (WSDL) is the most popular option for describing Web services. WSDL is the XML-based language for describing Web services [11]. (See section for details) UDDI (Universal Description, Discovery, and Integration): UDDI is a Web Service itself, and it allows businesses and individuals to publish information about themselves and the Web Services they are offering. It is conceived as a global directory service, open to everybody, simple to use, and comprehensive in its scope [12]. (See section for details) Web Service: A Web service is a unit of application logic providing data and services to other applications. Applications access Web services via ubiquitous Web protocols and data formats such as HTTP, XML, and SOAP, with no need to worry about how each Web service is implemented. Web services combine the best aspects of component-based development and the Web [13]. (See section for details) 5

17 Web Page: A HTML document on the web. Server: A machine that offers internet services. Client: A machine that operates on the user site. This term, sometimes can indicate the user or a computer program running on the user machine. Internet: A global network that includes the huge collection of computer networks on the world [14]. 6

18 CHAPTER 2 REVIEW OF LITERATURE Today we expect information and services to be online and available all times in our homes, schools, libraries, and work places. We have been quick to adopt the new ways of communicating both in business and in our personal life. Government is responding to these new demands [15]. E-government is all about government agencies that are working together to use technology so that they can better provide individuals and businesses with government services and information. E-Government is not a massive Information Technology (IT) project or a web page on the internet. Much of it is about establishing common standards across government agencies, delivering services more effectively, and providing ways for agencies to work together using technology [16]. E-government covers enhanced services for individuals and provides a better environment to build a knowledge-based economy and sustained prosperity. In addition, e-government makes it easier and cheaper to do business with government. Information systems have the potential to transform government and the services it provides to the public. However, it is not possible to work together to deliver joined up services without consistent policies and standards to underpin those systems. The well-defined web services make possible to achieve fast and efficient interaction of e-government components. There are main components that shape the e-government initiative and principles of data flow across the government sector. These main components are 7

19 Agency E-Citizen Portal E-Company Agency: Agency is the association in the government. Agency has its own services and shares these services with other agencies, companies and citizens. E-citizen: E-citizen is an individual. In e-government structure, citizens want to access any type of data/information about the government and try to make their government related works by using government agencies web services [17]. Portal: Portal is the place where people or companies find the ways to access other agencies web sites. In other words, portal provides a single point access to other part of the e-government structures [17]. It is a convenient way of finding out about government information and services from one place, without having to understand how government is structured and therefore which sites you need to use. In addition, government web site use is an important indicator proving whether government in general fulfills citizen expectations [18]. E-company: E-Company is the commercial institution that wants to offer its government related works via the internet and e-government structure. All of these components have great roles in the e-government initiative. Mainly, agency, e-citizen and e-company should be able to communicate with each other in secure ways and portal should provide a single point access to other agencies web sites. All agencies should be able to share data/information with other parties by using internet-based solutions. Agencies in e-government should be able to make data/information interchanging between each other and citizens by using common and consistent standards. This is one of the most important goals of an e-government project. In order to achieve seamless flow of data interchanging between agencies and other e- 8

20 government components, shared data/information should be same for all e- government parties. In order to achieve this goal, the special structure or platform is needed. At this point, the concept of interchanging data between e-government agencies becomes a problem that is absolutely needed to solve in E-government initiative. Transferring data from one agency to another, understanding the meaning of transferred data, processing this and producing other valuable information require interoperable, secure, adoptable and layered platform and all government agencies must have this framework structure for interoperability [19]. From now on, this platform will be called as Interoperability Framework (IF). The interoperability framework sets out the government s technical policies and standards for achieving interoperability [20, 21]. Clearly defined policies and specifications for interoperability and information management are also keys for staying connected to the outside world and aligned to the global information revolution. The IF provides all of these conditions. It is a fundamental framework policy for the e-government strategy [21]. The concept of interoperability is the core of the e-government initiative with respect to government. Interoperability can be explained as the ability of government organizations to share information and integrate information and businesses by use of common standards [22]. This ability, more precisely capability, clearly shows that the IF is a core and collective public sector asset, providing one of the common foundations of the e- government environment. It is critical to achievement of e-government goals, providing the capability for any agency to join with other electronically using known and agreed approaches to do so. This capability underpins several e-government objectives. In particular, use of the IF enhances the capability of agencies to integrate information and services across agency boundaries; and provide easy electronic access to government information and services for individuals and businesses [23]. 9

21 Governments should have interoperability framework to have better public services tailored to the needs of the citizen and business. If it is assumed that the legal and politic difficulties are overcome, main steps about producing government interoperability framework can be generalized as: determination of main policies and targets determination of standards and specifying core elements of interoperability framework 2.1 Determination of Main Policies and Targets IF, as a cornerstone of the e-government strategy, enables individuals to address the challenges of today s diverse systems and position themselves for new opportunities in the future. Adherence to the IF specifications and policies is mandatory. They set the underlying infrastructure, freeing up public sector organizations so that they can concentrate on serving the customer through building value added information and services. It should be for the organizations themselves to consider how their business processes can be changed to be more effective by taking advantage of the opportunities provided by increased interoperability. For governments, IF should be considered so that the data/information can be easily and securely accessible. In addition, IF should enable data/information flow between government agencies that have their own infrastructures and legacy systems. The legacy systems should not be the problem for data interchanging between government agencies. Agencies and other components of e-government should understand with each other independently from their technologies and legacy systems. 2.2 Determination of Standards In e-government structure, data/information should flow from one agency to another in the same meaning. All government components should talk in the same language. Otherwise, inconsistent dialogs, data/information redundancy problems 10

22 may occur. In order to overcome such problems common data dictionary should be created by taking opinions of all government agencies. With common data dictionary, providing secure, easy, standard, and fast data integration may be succeeded. In an e-government project, government aims to serve citizens, businesses and other government components by using well-defined web services. At this point, defining web services, registering these services and making agencies to speak in the same language are important issues. In most cases, to achieve these goals, new technologies, and international standards such as Web Services, XML, UDDI, SOAP, and WSDL are preferred Web Services To facilitate business processes, enterprise applications must communicate with one another and share data. Historically, is accomplished through proprietary specifications and data formats. However, the emergence of the World Wide Web and XML (extensible Markup Language) an open technology for data exchange has increased the possibility for interoperable system-to-system communication [24]. Web services are applications that communicate over open protocols such as HTTP using structured forms of XML such as the Simple Object Access Protocol or Remote Procedure Calls for XML. The success of web services is largely based on the continuous development of standards that ensure interoperability [25]. Web services are software programs that use XML to exchange information with other software via common Internet protocols XML (extensible Markup Language) XML is a widely supported, open (i.e., non-proprietary) technology initially released in 1996 by the World Wide Web consortium to facilitate data exchange. As the popularity of the Web exploded in the 1990s, the limitations of HTML (Hypertext Markup Language) became apparent. HTML s lack of extensibility (the ability to change or add features) and its inability to describe the data it formatted frustrated developers. XML is a complement of HTML. It is important to understand 11

23 that XML is not a replacement for HTML. In future Web development it is most likely that XML used to describe and carry data and focus on what data is, while HTML is used to format and display the same data and focus on how data looks [26]. XML is a cross-platform, software and hardware independent tool for transmitting information. The table 2.1 illustrates the basic example of the XML document, which can be used to define note data. <note> <to>sam</to> <from>mary</from> <heading>reminder</heading> <body>don't forget dinner!</body> </note> Table 2.1 XML document SOAP (Simple Object Access Protocol) SOAP is an XML-based protocol for exchanging information between computers. Although SOAP can be used in a variety of messaging systems and can be delivered via a variety of transport protocols, the initial focus of SOAP is remote procedure calls transported via HTTP. SOAP therefore enables client applications to easily connect to remote services and invoke remote methods. For example (as we shall soon see), a client application can immediately add language translation to its feature set by locating the correct SOAP service and invoking the correct method [27]. The purpose of SOAP is to enable data transfer between systems distributed over a network. When an application communicates with a web service, SOAP messages are the means through which the service is requested and provided. A SOAP message sent to a Web service invokes a method provided by the service, meaning that the message requests the service to perform a particular task. The service then uses information contained in the SOAP message to perform its function and return the results via another SOAP message. As an XML-based communication protocol, SOAP consists of a set of standardized XML schemas. The schemas define a format for transmitting XML messages over a network, including the types of data 12

24 that the message can include and the precise way in which the message must be structured so that the server on the other end can interpret it correctly. (e-gif UK, 2004) In the example below, a GetStockPrice request is sent to a server. The request has a StockName parameter, and a Price parameter returned in the response. The namespace for the function is defined in " address. The tables 2.2 and 2.3 illustrate the basic example of the SOAP request and response. <?xml version="1.0"?> <soap:envelope xmlns:soap=" soap:encodingstyle=" <soap:body xmlns:m=" <m:getstockprice> <m:stockname>ibm</m:stockname> </m:getstockprice> </soap:body> </soap:envelope> Table 2.2 SOAP Request HTTP/ OK Content-Type: application/soap; charset=utf-8 Content-Length: nnn <?xml version="1.0"?> <soap:envelope xmlns:soap=" soap:encodingstyle=" <soap:body xmlns:m=" <m:getstockpriceresponse> <m:price>34.5</m:price> </m:getstockpriceresponse> </soap:body> </soap:envelope> Table 2.3 SOAP Response WSDL (Web Services Description Language) Another standard that plays a crucial role in enabling Web services is WSDL. It is an XML format to describe how a particular Web Service can be called, what arguments it takes, and so on [12]. Every Web service published on the Internet accompanied by an associated WSDL file, which lists the service s capabilities, states its location on the Web, and provides instructions regarding its use. A WSDL file defines the kinds of messages a Web service can send and receive, as well as 13

25 specifying the data that a calling application must provide for the Web service to perform its task UDDI (Universal Description, Discovery and Integration) The third major Web services standard, UDDI, enables developers and businesses to publish and locate UDDI defines an XML-based format in which companies can describe their electronic capabilities and business processes; the specification also provides a standardized method of registering and locating the descriptions via the Internet. Part of the information that companies can supply is data regarding available Web services. Companies can store their information either in private UDDI registries, which are accessible only to approved business partners, or in public UDDI registries, which any interested party can access XML Schema XML Schema Published as a W3C Recommendation. XML Schemas define shared markup vocabularies, the structure of XML documents, which use those vocabularies, and provide hooks to associate semantics with them. XML Schema provides an essential piece for XML to reach its full potential. 2.3 Interoperability Framework The IF is a critical component of the e-government strategy, which implies development of a framework of policies and standards for achieving the capability for agencies to electronically interoperate on a consistent basis. IF is the key for many of the countries that try to create/design interoperable, easily accessible and secure government systems (Denmark, New Zealand). In all of these countries, the framework considered so that it covers the high-level policy statements, technical policies and management, implementation and compliance regimes. Standards and architectures for e-government applications contain technical directives and specifications for the development of e-government in the countries that work on the development of IF. The directives and standards aim at ensuring interoperability among the different IT systems of the public administration, thereby 14

26 enabling seamless communications and data sharing between all levels of government. In addition, this standardisation generates savings by reducing overall development costs and dramatically cutting the financial costs associated with noninteroperability of public sector systems. The policies and standards in the IF cover three key areas of technical policy, which are essential for interoperability. These are Interconnectivity, Data Integration, and Information Access. In all of these areas, the main trust of the specification has been to adopt the Internet and World Wide Web standards for all government systems. In most cases, to achieve this goal, some common technical approaches, listed below, are applied in the current interoperability frameworks that different governments designed/created for themselves. Metadata Standard (MS) MS defines the structure and rules governing metadata used by the public sector [28]. XML Schema Structure XML Schemas may be used to support an environment in which data is always in same meaning [29]. Data Standard Catalogue Sets out the rationale, approach and rules for setting and agreeing the set of Government Data Standards [30]. E-Service Registry E-Service registry considered as a structure that is responsible for storing e- government web services [31]. All of these technical approaches applied in many of the e-government systems for similar purposes [33, 34]. Even if these technical standards are used for the same purposes in current systems, some differences are observed. For example, the New Zealand uses the layered model and common technical standards for IF, while the UK uses the e-gif Registry approach for IF, but both countries uses XML, metadata standards, XML Schema standards, data standards catalogue architecture and other international open standards. 15

27 Even if the e-government initiatives have some differences in technical meanings, the main purpose of IF, for all governments, is to identify significant technology standards that have been deployed on a large scale across the e- government initiatives so as to ensure overall technical consistency. As such, it provides a guideline for public agencies as they develop new ICT projects. In this case, all government agencies are encouraged to adhere to the framework in order to avoid a multitude of bilateral interoperability agreements and to allow for a seamless flow of data exchange between administrations. In addition, the general framework recommendations should include the use of open standards and the redesign of administrative processes taking advantage of available technology. The policies and specifications, placed in IF, should be focused on the following high-level principles [35]: Effectiveness: e-government should not be limited to put existing services online, it should also enable the delivery of entirely new services. Efficiency: integrating local, regional, and national administrations should cut costs and improve access to information. Flexibility: citizens and companies should have multi-channel access to e- government services 24 hours a day, 7 days a week [35]. 2.3 Legacy Systems The concept of "legacy systems" is the critical point of the e-government project. The legacy systems are the systems that used by the agencies or other associations. For example, currently used database management system in a certain agency can be called legacy system. It is possible that the different agencies will use different legacy systems. Therefore, the IF should offer a medium in which all of these different types of systems can talk with each other. The associations or agencies may made big investments for these legacy systems and their currently used systems in the past. For the success of the e- government project, dropping these legacy systems and purchasing new structures for all agencies requires lots of money. This type of approach is a big economical 16

28 load for the governments. Therefore, The IF and other e-government systems should be independent of the legacy systems. 17

29 CHAPTER 3 METHODS OF THE STUDY This chapter reveals the main question of the study and related sub-questions. The methods of the study and research design are also discussed in this chapter. In addition, the proposed data interchange model for Turkey, the appropriate components of this model and the workflow are also presented. 3.1 Main Problem and Sub Problems Main Research Question The main purpose of this study was to offer e-government data interchange model for Turkey and to investigate the advantages of this model across the government Sub-Questions In this research, answers to the following questions were sought. Question 1. What is the e-government concept? Question 2. What are the main advantages of the e-government? Question 3. What are the main components of e-government data interchange Model? Question 4. What are the main technologies that can be used for e-government Data Interchange Model? Question 5. What is the current state of data interchange between government agencies in Turkey? 18

30 Question 6. What should be the key strategies for developing a data interchange model for Turkey? Question 7. Is the proposed model different from other models? If yes, what are the advantages that shared with other models, and the additional advantages? Question 8. Is there any international approach about the e-government initiative and the information society that is taken into consideration by Turkish Government? (See the answers of these questions in section 5.1 on page 57) 3.2 Design of the Study In this research, a data interchange model is offered for Turkey. In addition, the mechanisms for the concept of secure data interchanging are considered. For the purposes of the study, firstly, the concept of e-government investigated. Then, the current approaches in the world for e-government initiative were taken into consideration and studied. Afterwards, the new technologies used in current e- government models were investigated and studied. The specific agencies in Turkish government shared their opinions and approaches regarding e-government in meetings (TBD, Fall 2004). During the discussions, predefined the agencies were asked questions to find out limitations, technical deficiencies, and legal difficulties. In these discussions, agencies explained their current structures, workflows, technical infrastructures, and legacy systems. After these meetings across the government, the technical components of the e-government model were considered and necessary elements of the model were specified based on the standards. Finally, all of the agencies feedbacks, recommendations, limitations and technical deficiencies were taken into consideration and a data interchange model was developed for Turkey by use of international standards and new technologies (Section 3.4.1). After that, small application software was produced for demonstration of the data interchanging in government model. 19

31 3.3 The Current Situation The government includes many agencies. These agencies have their own policies and legacy systems. At a technical level, they have different types of operating systems, network infrastructures, data formats, and database management systems. In the current architecture, generally, the same data/information is stored by the agencies in different semantics. Because of this problem, generally, the agencies may not understand each other even if they try to share the same data/information. The concept of legacy system is the other important point for e-government initiative. Agencies have made big investments for their systems and storage areas (database systems) and set up their network infrastructures and database architectures. Therefore, dropping the current structures, legacy systems creates big economical loads for both government and its agencies. Because of this, the data interchange model for e-government agencies should be designed so that the legacy systems and current technologies can still be utilized within the new structure. 3.4 The Data Interchange Model in E-government The main purpose of this research was to offer a secure data interchange model in e-government for Turkey (Figure 3.1). This section presents an overview of the data interchange model and infrastructure of this model Outline of Data Interchange Model for Turkey In this model, data flow logic between the e-government components is designed based on the international standards. The proposed model for Turkey consists of several components as shown in Figure

32 DBMS B Data Agency Interface Response E-company Web Service Agency X Direct Request Ask E-government Network Data Access Government Metadata Standard XML Schema Standard Government Data Standards Catalogue E-service Registry (UDDI Registry) Interoperability Framework (IF) S E C U R I T Y G O V E R N M E N T Data Web Service DBMS A Data Agency Y Agency Interface Access P O R T A L Response Ask Figure 3.1 Model Outline E-citizen The Figure 3.1 shows the interaction of the e-government components with each other. According to this model, the data can flow from/to agency-agency and the client-agency. A client can be an e-company, an e-citizen, or another agency. In this model, the clients are able to request specific data/information from the agencies by use of the e-government portal or by use of agencies web sites directly. As seen in Figure 3.1, the agencies may have different types of technologies like database management systems, web services, or network infrastructures. It means that, this model consists of diverse systems, which does not create a communication problem between the e-government units because of the adoptable and extensible interoperability framework structure and the other platform independent technologies 21

33 such as XML, web services. There is an extremely important point that must be clear. The web service and the web page are different things technically. A web page is a HTML document on the web or internet just like e-government portal (see in Figure 3.1), but a web service is a software program, which is capable of exchanging information with other software programs over HTTP. The model in Figure 3.1 includes two web services in different agencies. These web services are just software programs that may be written in different programming languages but understand each other, because the entire web services produce data based on the XML document to be exchanged and the XML document is a platform independent. Another important point for this data interchange model is the agency interface approach. The one of the most important benefit of this model is saving the currently used systems. As a sample, by agency-interface approach, there is no need to make modifications on different databases (diverse systems) in agency X and agency Y in figure 3.1. Instead of making large scale of modifications on all database architectures in the agencies, this model supports an interface mechanism and keeps the legacy systems (Section 2.3). These technologies and the framework structure provide an efficient data communication in e-government network. The technical details of the framework architecture and the workflow of the model presented in sections 4.1 and Main Components of Data Interchange Model for Turkey Agency: The agency is a government association. In this model for Turkey, the agency can have its own web services and legacy systems such as different types of databases. The E-government agencies are able to interact with other agencies, citizens, companies. In addition, agencies can share their data/information by using web services on the WWW. E-Citizen: The E-Citizen is an individual. E-Citizens can access any permitted data/information about the e-government and make their government related works or processes by using governments web services. Portal: Portal is the door for e-government services. It is a place where the individuals or companies find the ways to access government agencies web sites. In 22

34 other words, portal provides a single point access to other part of the e-government structures or e-government agencies. It is an appropriate way for finding government information and services from one place. For a state government, the web portal serves as the integrated gateway, or main user interface, into the website. It provides both external constituents and internal government personnel with a single point of contact for online access to state information and resources. Through this gateway, millions of web users can access the vast landscape of information, services, and applications available on the state web sites [32]. E-Company: The E-Company is the commercial institution that wants to make its government related works via the internet and e-government structure. 23

35 CHAPTER 4 THE MODEL ARCHITECTURE In this chapter, the technical architecture of the IF and the workflow in data interchanging model are presented. 4.1 Interoperability Framework The IF, which includes the high-level policy statements, technical policies, implementation and compliance regimes, covers the exchange of information between government systems and the interactions between: Government and e-citizen Government and e-company (worldwide) Government and agency Government and other governments In order to provide these types of interactions, the interoperability framework should consist of important core elements. These elements play key roles for providing secure, seamless, and fast data/information interchanging across the government. The core elements of interoperability framework can be listed as: Metadata Standard XML Schema Structure Data Standard Catalogue E-Service Registry 24

36 Metadata Standard (MS) The metadata is data about data. Search engines can use it when they search the web or an intranet looking for information on a particular subject. The usage of metadata concept is the mandatory for accessing any type of data/information about the government since the other e-government players like e-citizens, agencies, e- companies usually want to reach specific government resources. In the data interchange model proposed for Turkey, the metadata descriptions should be defined for all resources that someone might search for via the web. A metadata record should describe, manage, and catalogue these resources in a consistent and efficient way that makes data/information easily accessible. It also means that people searching government websites are more likely to get relevant and meaningful hits when they search for government information. A metadata record should be made up of a number of separate elements. People should use these elements when they want to search government resources. As a sample, the author, title, and publisher can be elements about the book that is to be searched in government resources. Creator, function and availability can be other elements about the service that is given by the government agencies. The table 4.1 shows the example metadata descriptions and their explanations. Metadata DATE.CREATED: ISSUED: T11:00 Meaning For a press release approved and sent to editors on 2nd December 2002 but not available for public viewing until 11:00 a.m. the following day DATE.ACQUIRED: T15:37 For an received on 3rd July 1997 CREATOR: Assistant Director; Technology Strategy Team, Office of the e-envoy, Cabinet Office ukgovtalk@e-envoy.gov.uk For a resource for which chief responsibility for content rests with the Assistant Director Table 4.1 Metadata Example 25

37 Metadata standard should define the structure and rules governing metadata used by the public sector. This standardization is essential since the data/information interchanged in e-government and citizens should be able to find government information and services without having knowledge of the structure of government. In addition, agencies may use the metadata standard for the definition and discovery of government services and resources. The Metadata standard should be based on the internationally recognized Dublin Core standard, but has additional elements and refinements to meet the specialist needs of the public sector. In the model, the metadata standard should be developed and managed according to following principles: It should be independent. It should not be software, application, or project based. It should be simple to use by those with widely varying experience of preparing resource descriptions. It should be compliant with other government standards and policies, such as the data standards catalogue. It should be compliant with international standards. It should be extensible. XML Schema Structure Many of operations occurred in e-government initiative require data interchanging. While data/information is flowing from one agency to another across government, the meaning of the data should not be changed. Data should have same meaning for communicated parties. At this point, the inconsistent data definition is a critical problem. In order to solve this problem across the government, XML Schema may be used that support an environment in which data is always in the same meaning. XML Schemas can be used for data integration, validation, and management and may be placed in data standards catalog. With this approach, data can be defined once and used many. So, data standards catalog structure may be considered 26

38 as the huge list of data definitions based on XML Schemas. The tables 4.2 and 4.3 illustrate the basic examples of the XML document and its schema definition. <?xml version="1.0" encoding="iso "?> <shiporder orderid="889923" xmlns:xsi=" xsi:nonamespaceschemalocation="shiporder.xsd"> <orderperson>john Smith</orderperson> <shipto> <name>ola Nordmann</name> <address>langgt 23</address> <city>4000 Stavanger</city> <country>norway</country> </shipto> <item> <title>empire Burlesque</title> <note>special Edition</note> <quantity>1</quantity> <price>10.90</price> </item> <item> <title>hide your heart</title> <quantity>1</quantity> <price>9.90</price> </item> </shiporder> Table 4.2 XML Document (shiporder.xml) The XML document above consists of a root element, "shiporder" that contains a required attribute called "orderid". The "shiporder" element contains three different child elements: "orderperson", "shipto" and "item". The "item" element appears twice, and it contains a "title", an optional "note" element, a "quantity", and a "price" element. The top line: xmlns:xsi=" tells the XML parser that this document should be validated against a schema. The line: xsi:nonamespaceschemalocation="shiporder.xsd" specifies where the schema resides (here it is in the same folder as "shiporder.xml"). 27