Challenges and Role of Standards in Building Interoperable e-governance Solutions



Similar documents
SSDG Operational Manual Draft version: 0.1. Operational Manual For SSDG

Government of India Ministry of Communications & Information Technology Department of Electronics & Information Technology (DeitY)

Guidelines. for setting up. Dedicated Project Team. Page 1 of 14

Guidelines For Technical and Financial Support For Establishment of State Data Centre (SDC)

Guidelines for Capacity Building and Institutional Framework for e-governance under NeGP

G o v e r n m e n t o f I n d i a M i n i s t r y o f C o m m u n i c a t i o n s a n d I n f o r m a t i o n T e c h n o l o g y D e p a r t m e n t

Industry Consultation Note Cloud Management Office. Industry Consultation Note - Cloud Management Office (CMO)

Challenges of Multilingualism and Possible Approach for Standardization of e-governance Solutions in India

e Governance ULB Level Reform

Guidelines for Independent Third Party Audit and Performance Monitoring Of SWAN. Draft for discussion

SECURITY GUIDELINES INFORMATION SECURITY MANAGEMENT SYSTEM FOR COMPUTERISATION OF LAND RECORD

South India Regional Workshop on Software Principles for the Public Sector (1 2, Feb 2010) Hotel Monarch Luxur, Bangalore

F. No. 1(3)/2014 EG II. Ministry of Communication & Information Technology. Department of Electronics & Information Technology POLICY

National Cyber Security Policy -2013

COMESA Guidelines on Free and Open Source Software (FOSS)

edistrict Mission Mode Project Under the National egovernance Plan Pilot Implementation Guidelines

Grievance Management System through Call Centre

A Model for Component Based E-governance Software Systems

N e G P : M a s t e r e - G o v e r n a n c e T r a i n i n g P l a n

JOB DESCRIPTION. Core competency, experience, qualification and other skills required are as under :

Summary of e-governance Evaluations *

Draft Service Level Agreement between ECDC and Contractor

NeGP Infrastructure Components (State Data Centre, SWAN, SSDG)

Digital Continuity Plan

An Overview of ISO/IEC family of Information Security Management System Standards

e-governance Applications

Developers Integration Lab (DIL) System Architecture, Version 1.0

Cross Organizational Workflow Management Systems

Guidelines for Infrastructure & Application Hosting in SDC

Frequently Asked Questions (FAQ) Guidelines for quality compliance of. eprocurement System?


Learnings - E-District Pilot Implementation. 30th July 2009

How To Use Ncr Aptra Clear

RECOMMENDATIONS OF JOINT WORKING GROUP ON ENGAGEMENT WITH PRIVATE SECTOR ON CYBER SECURITY

Bandwidth Management Dynamics in India s E-Governance

IT Infrastructure and its Components for Citizen Service Delivery SRI HARSHA MADDALI

The case for service oriented architecture in realising trusted, interoperable, pan-european egovernment services.

QUALITY MANAGEMENT SYSTEMS REQUIREMENTS FOR SERVICE QUALITY BY PUBLIC SERVICE ORGANIZATIONS

.IN INTERNET DOMAIN NAME

Ghana Government Enterprise Architecture Implementation Plan

MAHAGOV CLOUD. Maharashtra State Data Center. December Directorate of Information Technology, Government of Maharashtra.

e-governance Approach in India The National e-governance Plan NeGP

Compliance Management of Company Law Compliances Approach and Technology Perspective

Description of Services for Support and Maintenance of erevenue License Solution (ICTA/GOSL/CON/CQS/2015/10)

Health Informatics Standardization: Relevance and Indian Initiatives

ENTERPRISE ARCHITECTUE OFFICE

egovernment Policies and Procedures

Michigan Criminal Justice Information Network (MiCJIN) State of Michigan Department of Information Technology & Michigan State Police

Towards an E-Governance Grid for India (E-GGI): An Architectural Framework for Citizen Services Delivery

POLICY FOR WEBSITE DEVELOPMENT, HOSTING AND MAINTENANCE Department of Information Technology GOVERNMENT OF PUNJAB

Michigan Criminal Justice Information Network (MiCJIN) State of Michigan Department of Information Technology & Michigan State Police

National. icr Policy

SLA BASED SERVICE BROKERING IN INTERCLOUD ENVIRONMENTS

Cloud Computing. What is Cloud Computing?

Enterprise Application Integration (EAI) Techniques

Evaluation of different Open Source Identity management Systems

FTP-Stream Data Sheet

A Generic Database Web Service

Department of Energy and Climate Change (DECC) Information Management Assessment Programme Action Plan

SOA IN THE TELCO SECTOR

Module 1: Facilitated e-learning

e-public Distribution Monitoring System e-pdms

DEPARTMENT OF TRANSPORT SOUTH AFRICA

Policy on Device Drivers for Procurement of Hardware for e-governance

EPA PARCELS PROJECT. Cadastral Data Exchange and RESTful APIs. Funded by US EPA Grant Prepared for EN2014

OBJECTIVE. National Knowledge Network (NKN) project is aimed at

Information Architecture

Business Operations. Module Db. Capita s Combined Offer for Business & Enforcement Operations delivers many overarching benefits for TfL:

Tentative Action Plan

NREGAsoft : Strengthening National Rural Employment Guarantee Scheme (NREGS) ( implementation

A Unified Messaging-Based Architectural Pattern for Building Scalable Enterprise Service Bus

Flinders University. Telehealth in the Home. Video Strategy Discussion Paper. 2 October 2013

Solution & Design Architecture

Guiding Principles for Public Software

LMS in India Market Research 2012 E-Learning system for Universities Product Name: Notebook 10/12/2012

Ministry of Information and Communication Technology

Performance Management Through E-Government

Contents QUALIFICATIONS PACK - OCCUPATIONAL STANDARDS FOR TELECOM INDUSTRY. Introduction. Qualifications Pack- Telecom Network Security Technician

TECHNOLOGY BRIEF: ENTERPRISE IT MANAGEMENT (EITM) Driving Nation-wide IT Enablement and e-governance Projects Through Enterprise IT Management

Chapter 1: Introduction

PROCUREMENT is one of

A Mission Impossible?

Deploying a distributed data storage system on the UK National Grid Service using federated SRB

Some Specific Parawise Suggestinons. 2. An application which collects and analyzes this data for further consolidation and,

ComplianceSP TM on SharePoint. Complete Document & Process Management for Life Sciences on SharePoint 2010 & 2013

Four Things You Must Do Before Migrating Archive Data to the Cloud

e-governance aims at providing citizen

ehealth Architecture Principles

Automated Building Plan Approval

E-Government Strategy Implementation

Service-Oriented Architecture and Software Engineering

Setting Up an AS4 System

Information Technology Department, Govt. of J&K. INFORMATION TECHNOLOGY DEPARTMENT Civil Secretariat Jammu/Srinagar

IHE IT Infrastructure Technical Framework Supplement

Avoiding the Accidental SOA Cloud Architecture

Introduction to CCTNS. (Crime & Criminal Tracking and Network System)

Things to Consider When Planning for Cloud-Based Data Protection

ACTION PLAN FOR LITHUANIAN PARTICIPATION IN THE INTERNATIONAL INITIATIVE OPEN GOVERNMENT PARTNERSHIP

Hardware. Maintenance

Guidelines for Indian Government Websites CH 02. Government of India Identifiers

Transcription:

24 Compendium of e-governance Initiatives CHAPTER in India 3 Challenges and Role of Standards in Building Interoperable e-governance Solutions Renu Budhiraja Director e-governance Group, Department of Information Technology Ministry of Communications and Information Technology Government of India renu@mit.gov.in ABSTRACT Standards lay the foundation for a sound e-governance architecture, which should be open and technology neutral bringing vendor independence. Standards based implementations can be customized easily thereby enabling faster deployment. Standards facilitate interoperability and enable joined up services. Today with e-enabling of the various government documents and data, long term archival formats which are vendor independent is critical. The author has tried to being out the areas of immediate concern in standardization in India, the methodology being adopted and the processes put in place. Further, while standards are critical in ensuring interoperable solutions, there is a need for government to go one step ahead by creating standards based core middleware infrastructure which can act as a catalyst in ensuring standards based architectures for any e-governance implementation. Next, important step for government is to have a mechanism in place to ensure compliance to the laid standards and standards based infrastructure. This would also help the users gain confidence that the e-governance solutions are secure, usable and meet regulations. The paper talks about various areas of compliance to be considered and the Government of India initiative in this direction. 1. Introduction Most often e-government initiatives suffer delays and encounter failures as the implementation agencies lack guidance in the above areas. The investments in e-governance tend to produce sub-optimal results in the absence of standards. It is therefore critical to lay down suitable policies, guidelines and specifications in the above areas to facilitate faster proliferation of e-governance applications. Further, with multiple players and agencies increasingly becoming involved in the e-governance initiatives, standards for e-governance in

Challenges and Role of Standards in Building Interoperable 25 India have become an urgent imperative. In the absence of such standards and suitable e-governance architecture, difficulties will be encountered when ICT systems from different organizations have to interoperate. 2. Challenges in the e-governance Solution Implementations Today Complex e-governance Projects An e-governance application is very resource intensive. It normally spread across multiple locations and supports multiple delivery channels. It is hence important to have solutions that are technology neutral, cost effective, easily replicable and scalable. Public Private Partnership (PPP) Considering the fact that government has limited internal technical skills and the cost of any e-governance solution is very high, PPP is the way to go. However, there are concerns w.r.t vendor lock-in and exit management (after the contact period or even before in case there are issues with the vendor) that need to be addressed. Sharing of data across various e-governance implementations (e.g., Unique ID, Passport, Land records, Police, etc.) One of the key benefits that a citizen is looking at from the e-governance initiatives is a single window access to various government services no matter which department is giving the service behind. To achieve this, there is a need to be able to seamlessly share data across the applications. Standards like XML, SOAP, Web services are required. Data accessibility and Preservation formats This is the most important concern of the government today to be able to preserve the government data in the format which does not tie you with one vendor software to retrieve the achieved data. Clear definition of Open Standards and the suitable format for e-governance is the direction which government is taking. Identifying commonalities across states/depts. to devise re-usable Services, processes, forms. Etc. Process standardization is also very important, more so with multiple players trying to implement the same solution, there is a need to provide the requisite standards and also lay the necessary compliance mechanism.

26 Compendium of e-governance Initiatives in India Localization/multi-language support (Unique ID integrating vernacular language databases) The e-governance has an impact only when the services to the citizens are made available in their respective language. However, this is a challenge that needs to be addressed by laying clear standards and guidelines w.r.t the fonts, storage, input etc Security Issues While there are clear standards like ISO 27001 and ISO 20000 for IT security management and IT service management which are presently being used by various e-governance applications however it has been seen that the concerns of the respective departments which regard to the Data and Application security and control are still not adequately addressed. Reasons include lack of adequate knowledge and understanding on the various management controls on these standards by the departments, policies like Access control and Security not made very comprehensive, the Controls in the International Standards need to be made more prescriptive as per our requirements, and also the RFP should highlight the concerns of the government department with respect to the requisite strategic controls clearly. 3. Government of India Initiatives with Respect to Standardization 1. Formulation of standards 2. Standards based middleware infrastructure National e-governance Service Delivery Gateway (NSDG) 3. Compliance and Certification framework and infrastructure We would now take the above in more detail 3.1. Formulation of Standards Department of Information Technology (DIT), Ministry of Communications and Information Technology, Government of India (GoI) is driving the National e-governance Plan (NeGP) which seeks to create the right governance and institutional mechanisms and implement a number of Mission Mode Projects at the Centre & State government. Standards in egovernance are a high priority activity, which will ensure sharing of information and seamless interoperability of data and egovernance applications under NeGP. DIT had constituted a Core group on Standards to arrive at an Institutional Mechanism and Processes to be put in place and recommend key areas for standardization. The Core group had examined various aspects of the Standards-setting exercise and made suitable recommendations.

Challenges and Role of Standards in Building Interoperable 27 Some of the key priority areas of immediate concern that have been identified for standardization are: 1. National Policy on Open Standards for e-governance 2. Interoperability Framework for Data Access, Presentation including Data Preservation, Publication, Archival, e-forms, etc. 3. Enterprise Architecture framework for NeGP 4. Indian Languages related issues with respect to storage, browser, fonts, keyboard, data dictionary, etc. 5. Network and Information Security Standards 6. Metadata and Data Standards for e-governance Applications 7. Digital Signature interoperability 8. Finger Prints Institutional Mechanism and Processes Setup As regards the institutional mechanism and processes are concerned, an apex body has been constituted under the chairmanship of Secretary, DIT, with senior representatives from Government, NASSCOM, Bureau of Indian Standards (BIS), etc., with a mandate to approve, notify and enforce the standards formulated by various Working Groups and to oversee that they are in accordance with international practices in this regard. National Informatics Centre (NIC) is the DIT arm with a presence in all the States and Districts in the country. It has a large pool of technical officers. NIC provides a range of services to all the government departments at the Centre, States and Districts. National Informatics Centre (NIC) has been entrusted with the task of steering the Standardization activity. A separate e-governance Standards Division has been created by NIC for this. It has been found that there is a need for core domain experts in the above areas to generate the drafts which can be deliberated in the WGs with members from industry, academia etc. Hence, an Open Technology Centre (OTC) setup in Chennai by NIC is setting up these expert groups. Once the standards are deliberated in the WGs and published for public comments, they would be submitted to the Apex Body. Once the Apex Body approves the standards developed by Working Groups, STQC will be responsible for release of these approved Standards on the web and make them available to all the stakeholders for free download. STQC will further ensure conformance & certification (where required) of these standards. A separate e-governance Division has been created by STQC for this purpose. Subsequent to the issuing of these initial standards, STQC will be responsible for enhancement of these standards and liaise with the national & international standardization bodies for harmonization and acceptance of these standards. (STQC Standardisation, Testing and Quality Certification, is the Directorate of DIT with offices across the country. It provides Services in Quality & Information Security with specialization in Testing, assessment and evaluations using International Standards to Indian industry and users)

28 Compendium of e-governance Initiatives in India The e-governance Division of NIC and STQC function in close coordination with e-governance PMU of DIT, which is responsible for overseeing their working. Fig. 1 Policy on Open Standards for e-governance GOI has decided to use Open Standards in e-governance implementations. Though largely the Principles of Open Standards are the same across various international organizations and countries, some of the critical issues w.r.t licensing, support for multiple standards, etc., differ based on the National interest and requirement. Hence, a clear Policy on Open Standards for e- Governance in India covering the mandatory and desirable Characteristics of an Open Standard is required. In the above context, GOI constituted a Specialist Committee comprising of members from the government and academia to arrive at the necessary and desirable characteristics of an Open Standard. Based on the recommendations of the Specialist Committee, a draft Policy has been prepared. After wider consultation on the draft, government will announce the National Policy on Open Standards. The key objective of this Policy is: To ensure interoperability and facilitate data interchange. To enable Government Data and Documents to be stored in open file format To reduce over-reliance on proprietary technologies/products A website on Standards has been constituted which apart from publishing the various activities being carried out by the NIC, Working Groups and other players also facilitates closed collaboration and interaction with the various stakeholders. The Website address is http://egovstandards.gov.in.

Some Drafts on Standards Challenges and Role of Standards in Building Interoperable 29 Technical Standards Interoperability Framework for e-governance applications nearing completion (Publishing, e-forms, archival, authoring, presentation, data integration etc.) Enterprise Architecture Framework for NeGP at an initial stage Metadata and Data Standards Generic Data elements including their formats, applicable horizontally to various e-governance applications under finalisation Conformity Assessment Framework for audit, compliance and certification of e-governance application by a 3rd party prepared Network and Information Security e-governance Information Security Standard - Based on IS/ISO/IEC 27001 plus drafted suited to the e-governance applications Localization and Language Technology Standards Draft recommendations on the OS support, content creation, resources and tools, Search Engine supporting local language, localized application 3.2. National e-governance Service Delivery Gateway (NSDG) Middleware for Interoperability The National e-governance Plan (NeGP) of the Govt. of India aims to make all Government services accessible to the common man in his locality, through common service delivery outlets and ensure efficiency, transparency and reliability of such services at affordable costs to realise the basic needs of the common man. One of the goals of the Government to meet this vision is the need to cooperate, collaborate and integrate information across different departments in the Centre, States and Local Government. Government systems characterised by islands of legacy systems using heterogenous platforms and technologies and spread across diverse geographical locations, in varying state of automation, make this task very challenging. The National egovernance Service Delivery Gateway (NSDG), a MMP under the NeGP, can simplify this task by acting as a standards based messaging switch and providing seemless interoperability and exchange of data across. Vision of NSDG The emergence of many e-governance applications for different departments to provide online services to citizens, businesses and government would require increasing interactions amongst departments and with external agencies at various levels in Government.

30 Compendium of e-governance Initiatives in India Fig. 1 Departments would need to develop connectors/adaptors for point to point connections between departments creating a mesh as shown in figure and also tight coupling between applications. This would lead to applications difficult to maintain and upgrade in case of version change and change in government policies and business rules. The National e- Governance Service Delivery Gateway (NSDG) is an attempt to reduce such point to point connections between departments and provide a standardized interfacing, messaging and routing switch through which various players such as departments, front-end service access providers and back-end service providers can make their applications and data inter-operable. The National e-governance Service Delivery Gateway (NSDG) aims to achieve a high order of interoperability among autonomous and heterogeneous entities of the Government (in the Centre, States or Local bodies), based on a framework of e-governance Standards. It is envisaged to have constellation of Gateways across the country with a National Services Directory to resolve and the addresses of the Gateways and the government services they serve. Gateway Standards The gateway achieves integration amongst diverse set of applications built on varying platforms through compliance with a set of e-governance Specifications- Interoperability Interface Protocol and Interoperability Interface Specifications (IIP/IIS) that are based on open standards such as the W3C XML and SOAP specifications. The entire set of Gateway specifications developed for the Gateway messaging and support/common services are Interoperability Interface Specification (IIS) Interoperability Interface Protocol (IIP) Inter Gateway Interconnect Specification (IGIS)

Challenges and Role of Standards in Building Interoperable 31 Gateway Common Services Specification (GCSS) 3.3 Compliance and Certification Framework and Infrastructure One of the important aspect for a successful g-governance solution is to gain confidence of the users that the solutions are secure, usable and meets regulations. This assurance can be provided by assessing quality and security conformance to the users requirements (RFP), best practices, international standards etc. To achieve this it is important that systems are evaluated by Third Party (Vendor independent) which is impartial, technically competent and transparent in their operations. Compliance audits give assurance that the project meets the: Requirements, standards and specification Software, IT Infrastructure Non IT Infrastructure Service Level Agreements (SLA) Avoid large scale post-testing modifications Key areas of Compliance to be covered in an e-governance Solution before and after Go-live. 1. The quality of software to a Quality Model addressing requirements of functionality, interoperability, security, reliability, usability, performance scalability, maintainability etc. 2. Solution development and deployment process 3. Security of e-governance information system addressing technological, management and operation control by means of ISMS assessment, penetration testing, vulnerability assessment etc. 4. The effectiveness of the management of IT Services for compliance with the service level agreements and other associated processes. 5. Compliance of IT and non-it infrastructure with the user requirements. 6. Compliance with applicable standards and best practices 7. Policies and procedures with respect to data centre, back-up, storage, DR 8. Compliance with applicable regulations (IT Act, RTI Act, DOPT Rules and domains specific (Ministries) Act and Rules) To ensure compliance in the above areas, the RFP must be documented very well ensuring the scope of work with respect to the third party compliance audit is covered adequately. In terms of modality of execution, this could be got done either by the user department or the solution provider. However, it would be best if done by the user department as this would eliminate any bias in the selection of the third party auditor. Many a times various e-governance applications do not include the cost of such compliance audits as a part of the project cost which normally is less than 10% of the total project cost. It would also be a good idea to ask the auditor to provide various certifications like 9126, ISO 27001, ISO 20000 etc. to the e-governance solution. This will help in generating further confidence. The compliance audits should be done on regular basis.

32 Compendium of e-governance Initiatives in India Under the NeGP, various Mission Mode Projects are going ahead independently for end to end compliance audits of their e-governance solutions. Some of them are getting it done by a single agency while others are getting it from multiple agencies. Considering the fact that this is critical for the successful implementation of any e-governance solution, GOI is in the process of initiating Conformity Assessment Centres across the country. The objective of the project is to develop techniques, methodologies and framework for assessing conformity of e-governance solution to the user requirements, best practices and the applicable regulations. It is also intended to provide conformity assessment services through a network of competence centres spread over nationwide. STQC which is a Directorate of DIT with offices across the country is already is being strengthened to provide these services. 4. Conclusion While Standards are key to the successful implementation of e-governance projects ensuring interoperability and integrated services, Compliance audits will ensure the requisite confidence in these e-services. References 1. STQC Project proposal on Conformity Assessment Centre 2. DIT s approach paper on Standards.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information