STRATEGIC framework has integrated the SEMIRAMIS results with the aim of providing trusted and secure components to cloud services provided by the public administrations. The cross-border attribute exchange service has been integrated in the cloud Certificate of Residence Service provided by both the StariGrad and the Genoa municipalities.

European public administrations need to be adapted to a dramatic changing world where the necessity to communicate each other to exchange information, not only at local or regional level but also in a cross-border scenario, are increasingly growing. In this sense the public bodies are covering the increased citizens’ demands of online services. In this context ICT helps the administrations to provide more secure and trusted services.

Leveraging SEMIRAMIS outcomes the Certificate of Residence service can improve the secure access to information and the exchange of information in cross–border scenarios.Current situation

During the project the SEMIRAMIS components were updated for a better integration with the services of the pilots. In order to allow working in a cloud environment provided by the STRATEGIC infrastructure, the SEMIRAMIS components were also configured.

Based on the description of trust and security components provided in D2.3 Framework Architecture and Technical Specifications [1], a prototype comprising two components, the Federation Proxy (FP) and the Identity Aggregator (IA), was implemented .

In a second phase these two components were improved including:

  • Policy management, allowing the use of “attribute release” policies applicable to the FP, which establishes which attributes may not be released by the federation.
  • Integrity of the data: achieved using a more secure connection through HTTPS connections between the different components.

At this moment, the SEMIRAMIS components, i.e. IA and FP are deployed and running on the cloud environment owned by each municipality (Genoa and StariGrad).

 Public administration leveraging SEMIRAMIS

Public administrations can leverage the trust chain and the flexibility SEMIRAMIS infrastructure provides for exchanging information and attributes between each other.

The following figure outlines the different possibilities that SEMIRAMIS components allow. The FP component allows public bodies belonging to a specific European federation to establish a trust interaction between different countries across Europe. It means, for instance, that any Italian municipality joined to the Italian Municipality Federation can exchange data with other municipality belonging to the Serbian Municipality Federation, as the pilot developed during the STRATEGIC project shows.

image017

Figure :SEMIRAMIS Architecture overview

The IA not only allows the public bodies to interact with the FP for a cross-border interaction, but allows the public body to interact with other public administration belonging to the same federation in the same country. Indeed allows a public administration interacts with another joined public administration belonging to a different federation. For instance, an Italian municipality such as Genoa can exchange data with the municipality of Rome based on the already established trust relationship. Based on the same trust relationship the municipality of Genoa can exchange data with an Italian University. This communication between different federations is not limited to the country boundaries; thanks to the IA can establish a trusted relationship with both the IA and the FP component.

SEMIRAMIS’ integration on STRATEGIC

Besides the SEMIRAMIS services components (IA and FF) an additional component called IA client is provided for integrating the Certificate of Residence (COR) service into the SEMIRAMIS service. This client must be embedded into the COR service for accessing the IA component and facilitates the developers’ implementation work.

Additionally, mock attribute provider and authentication services are also provided to the pilots for both testing and implementation purposes.

Even though the integration process for developers comprises just a few steps, in order to facilitate the integration of SEMIRAMIS components a training session with developers and technical staff is recommended. In this way a couple of technical session has been developed with the two pilot partners, clarifying and supporting the integration process.

Conclusions and Lessons learnt

After the integration of the SEMIRAMIS components into the Certificate of Residence services, is worth to describe the lessons learnt during the integration process. For this purpose feedback from pilot partners were asked for improving future integrations:

  1. The most valuable support for both partners was the training session provided by Atos to the pilot partner’s technical staff;
  2. The resources and mock applications available for the integration process, also provided by Atos, were highly helpful, avoiding extra implementation effort that could have delayed the piloting;
  3. The documentation provided was good enough to start and develop the integration process. The documentation was updated during the integration phase in a regular basis;
  4. A fluid communication between partners for solving the arisen issues has been developed; this has facilitated the integration process saving time and effort in both sides;
  5. It was difficult to plan, at the beginning of the project the synchronization of Trust and Security solutions implementation and related services developed in pilots. Also, the training session was out of phase with the service implementation.

Both issues were overcome thanks to the communication established as indicated in the previous point;

  1. The configuration of SEMIRAMIS components should be developed by the administrator of the cloud infrastructure. An additional training session to the municipality technical staff should be scheduled for this purpose.
  2. The cross-border scenarios are examples of applications/services that public administrations can use through the STRATEGIC platform.
  3. The main part of discussions between partners involved was related with the list of attributes and data provided by each municipality to each other, and the user definition for piloting and testing (real vs fake users, finally was agreed to use real users but fake data).

Future enhancements

Due to the trust and security components have been developed in a modular way, extensions and enhancement of these features could be implemented in future developments beyond the STRATEGIC project.

  1. D2.3-STRATEGIC Framework Architecture and Technical Specifications