Text size

Spacing

Contrast
Settings

 

Introduction of X-Road

Read a longer description, why Estonia needs X-Road and how it works:

Read more about X-Road from „The X-Road application guide“ (in Estonian).

Who needs X-Road and why?

What is X-Road?

X-Road is a system that ensures secure and direct data exchange between its members.

During data exchange, X-Road ensures its parties with:

  • Autonomy – an X-Road member defines, which data services it wishes to render and who gains access rights to the services;
  • Confidentiality – information reaches only the authorized parties;
  • Evidential value – using a digital signature enables proving the source of received data;
  • Interoperability – all X-Road members speak the same language, regardless of the technology or architecture a member is using.

X-Road consists of:

  • legal structure;
  • organizational structure;
  • protocol stack;
  • software realizing the protocol stack.

The legal and organizational structure of X-Road regulates the following:

  • who can or must be members of X-Road and how;
  • scope of partial liabilities, rights and obligations.

For whom is X-Road intended?

X-Road guarantees secure Internet-based data exchange that ensures evidential value

  • for the members of X-Road;
  • for the information that is exchanged via X-Road.

Membership of Estonian X-Road is available to legal persons that meet the requirements specified in Regulation No 105 of the Government of the Republic of 23.09.2016 “Data exchange layer for information systems” (in Estonian).

What is the purpose of X-Road?

1. What kind of data are forwarded via X-Road?

Messaging via X-Road is only performed within the pre-defined usage templates and data services. Description, development, maintenance and administration of data services is the right and obligation of members. The data format is uniquely predefined with the data service.

X-Road structure:

  • does not determine the necessity of service – that is determined by the provider of data service;
  • does not ensure the richness of content of the data exchanged via services – that is done by the provider of data service.

X-Road gives the provider of data services a universal tool for organizing secure data exchange equably with many parties.

2. Who can exchange data?

The provider of data services determines who are allowed to exchange data with them through the specific data service. In order to use data services, an X-Road member needs to have:

  • technical readiness – a data service client application;
  • access right given by the provider of data service for using a data service.

The basis for giving access rights is an agreement between the provider and user of the data service.

X-Road does not check the basis for giving access rights. X-Road ensures that:

  • only those members can use the services, who have received access rights from the provider of data services;
  • data exchanged via data services reach the relevant members without leaks and integrally (without deviations and with evidential value).

3. X-Road enables proving, if and when a specific data exchange took place

The X-Road protocol stack ensures the signing of all messages to be forwarded in the name of the sender by the sender. That means that, in order to prove the correctness of a message retrospectively, a member does not need a confirmation from any third party.

It is important to understand about X-Road that an e-stamp (in simpler terms: a signature) is only valid, if all the following elements exist:

  • a validity confirmation for the message compiler’s certificate (guarantee of the trust service provider that the applied certificate is valid and that the X-Road member is the one they claim to be);
  • the signed data of the message compiler (the message complier identifies their connection with the data to be submitted and shall define the earliest possible time of that connection);
  • the time stamp added to the message (when added, the receiver of the message shall confirm the latest time when the data existed).

Expenses incurred by a member for using a secure X-Road channel

An X-Road member shall incur:

  • expenses related to the management of security server, incl.:
    • costs related to acquiring and maintaining the secure signature-creation device (SSCD) (the member chooses the suitable and appropriate signature-creation device).
  • service fees for trust services required for the X-Road (the member chooses the suitable and appropriate trust services):
    • time-stamp service;
    • certification service;
    • validity confirmation service.
  • expenses related to data services:
    • expenses for developing interface components and local information systems;
    • expenses for maintaining interface components and local information systems.

Additional information about expenses can be found in „The X-Road application guide“ (in Estonian).

Why use the X-Road?

X-Road is the de facto data exchange standard in the public sector of Estonia. X-Road offers a uniform, cost-effective and high security to all exchanged data: confidentiality, uniformity, evidential value and minimum impact on availability.

The software to be created by the Information System Authority in compliance with the X-Road protocol stack is free of charge.

Only one X-Road and member activity is sufficient to be capable of exchanging data with all X-Road members – to save on time and equipment that would be used to develop systems, conclude and maintain bilateral agreements.


Did you get the answer to your question?

Added 08.02.2016
Updated 25.05.2017

Back to page "Data Exchange Layer X-Road"