Text size

Spacing

Contrast
Settings

 

Introduction to X-Road (part 2)

Anto Veldre, Analyst

Previous part: Introduction to X-Road (part 1)

Mutually complementing views?

Official manuals describe the workings of the X-Road in great detail. In this document, we will provide simplified description of the X-Road aimed at facilitating simple engagement with the X-Road technology.

One issue with understanding complex objects is that your perspective depends on your location with respect to the object. If you approach from a different angle, it could look completely different.

Blind men and an Elephant

Source: Charles Maurice Stebbins & Mary H. Coolidge, Golden Treasury Readers: Primer, American Book Co. (New York), p. 89.

The essence of the X-road is a pipe transport system, or, if you prefer a stellar stargate system, to ensure connectivity among participants. Thus, the first step to engaging with the X-Road is to hook into the pipe system, i.e. get membership of the X-Road Club. After your building has been outfitted with piping, you can make requests of the pipe system’s other constituent members. Still there is a limitation: you only can request data from those with whom you have a usage agreement.

In other words, your organization’s membership in the X-Road will give you access to the pipeline transmission system. But only via agreements with each particular data provider will your organization be able to access other members’ data. Further, and more importantly, you will be able to access the data of another X-Road member only in accordance with the terms of your agreement with them. Here are several examples of the types of extra terms data providers might impose on those seeking access to their database: 1) each request must be submitted with the personal number (isikukood) of the person initiating it; 2) before even letting a person make requests on behalf of an organization, his/her identity must be 100% proven.  This condition is easy to meet in Estonia because of the authenticated identities provided by Government accepted certificates.

We will now examine X-Road usage scenarios, various participants’ roles, and the legislatice and technological aspects of the X-Road and its use.

Usage patterns

The absolute majority of X-road users are passive users. Occasionally they make requests against databases and registers but they do not possess their own databases. Or if they do, then it is a local database which is not be shared with other X-Road members.

The most important X-Road users are data service providers. They make their data accessible for other members or, alternatively, collect new data from others. All state registers are data service providers. “Providing data” has two sides: a technical one and a legal one. To keep an official database, even if one does not share its data, an organization must register the database with RIHA. RIHA is a local abbreviation for the State Information System’s administration system.

It is possible to simultaneously share and request data from others via the X-Road. For example, an organization might be requesting data from databases A and B, while at the same time collecting data from a citizen and recording it in its own database, C. Once recorded, that information in Database C can be shared with other X-Road members, including the institutions responsible for databases A and B. Last but not least, it becomes possible, based on the personal code of that citizen, to make a complex simultaneous request against databases A, B, and C and to get a joint answer containing data from all three.

It is possible for users to simultaneously read and update X-Road data. The X-Road can also support complex queries that involve querying e.g. 37 related databases. The request a policeman makes while issuing a speeding ticket, for example, is among these. By the way, we call a finished question-answer cycle an interaction.

Identificators

Identificators have a special role keeping an e-State up and running. Citizens and residents are each assigned a unique personal number (isikukood). Dogs and cats, important objects like real estate, agreements, outgoing mails, are also all assigned unique numbers.

Personal numbers are the most important identifiers in an e-State; these IDs are the only correct way to distinguish numerous Mr Smiths from one another. People identify each other using facial and voice recognition but robots and computers cannot do so; for them, a numeric identificator is a must.

Enon robot

Source: http://www.flickr.com/photos/granick/211744073/, Author: Ms. President (Flickr User)

Participants

  • The Estonian X-Road has a Centre. Today, this centre is maintained by the State Information System Authority, the successor of the Estonian Informatics foundation. The centre accepts new members, issues the access credentials (certificates) that are needed to access the X-Road services, defines the X-Road Code of Conduct, and monitors the actual usage patterns using a special software. The Centre has assigned people and pre-defined procedures for managing the X-Road’s structure.
  • Members / participants – any legal entity (even private entrepeneurs) whose membership application has been approved may use the X-Road. A member's computer can only access the X-Road resources in accordance with its legal agreements with other members’. This feature is very similar to the serial number check used to limit accsss to some popular software programs.
  • A completely new class of Actors is Trust Service Providers (i.e. those who provide services like timestamping, certification etc). Trust Service Providers do not provide data via the X-Road. Instead, they offer some standard cryptographic service that raises the trustworthiness of the data provided by someone else.

As a result of the X-Road’s distributed architecture, the Centre’s involvement is not necessary for proxying or answering data requests. The role of the Centre is to distribute the list of X-Road data service providers. Provided an institution is not being advertised in this X-Road “phonebook” it remains invisible to other X-Road members.

The X-Road legal framework has two levels. After obtaining membership in the X-Road, an institution or company is assigned codes, numbers and certificates for identification and authentification. It then becomes sighted: it is able to “see” the interface servers and request the interface templates of other participants. However this visibility is very limited; X-Road members can only see a very generic overview of other X-Road users’ interface templates.

With the exception of some sample-databases made available for testing purposes, actually using a database (a Register) requires making a detailed agreement with the database’s owners. Let's summarize the legal procedures an organization must go through to use another organization’s data via the X-Road. Imagine a municipality wants to process captured cats and reunite them with their owners. The municipality must:

  • Become a member of the X-Road by entering into a contract with RIA, Estonia’s Information Authority.
  • Make an agreement with the Pet Register. In order to make this agreement the organization will have to provide an estimate of the number of requests per day.
  • Make an agreement with the Population Register. Making this agreement will require proving that the organization’s access to the personally identifiable information contained in the Population Register is necessary for completing a public task.  For capacity planning purposes, estimates of the number of anticipated requests must also be provided to the Population Register.
  • Secure the technological and operational ability to interact via the X-Road. This means obtaining servers, installing the X-Road software, and maintaining the system. In some cases it is possible to outsource this technical work to someone more capable outside the organization.

Techno, Techno, Techno... Tehnological Aspects of X-Road Participation

After the legal requirements of interacting with the X-Road have been met, one must tackle the technical aspects of communicating via the X-Road.

Connectivity diagram

The connectivity diagram, Author: Anto Veldre

That Magical Security Server

Regardless of your X-Road membership type, you cannot avoid interacting with a security server.

The name “security server” is probably a too generic and thus not very helpful for understanding how the device actually works. A security server is actually a OSI Level 7 Application Gateway that reworks and redirects “requests”. “Requests” are those requests for data asked in the X-Road dialect by the information system of a X-Road member. It is the security server that enumerates possible target databases, translates register names into IP addresses, encrypts the traffic, and produces the request statistics etc. Interestingly enough, the software behind the security servers is free and anyone can download and install it.

Even with a security server, one cannot access the X-road without the codes and certificates issued by the centre. From the user's perspective, the security server is a necessary, but not sufficient, component for X-Road access. In order to access the X-Road, the security server must be properly configured.

The Security Server packages data requests in a cryptographically sound way so that the request is only accessible by the intended recipient.  The security server also protects requests sent over the X-Road from eavesdropping, unauthorized change, loss and duplication.

An interesting fact: a single institution or organization could have multiple security servers. An organization with a high volume of requests might do this to distribute its request load and ease the burden on a single server. Alternatively, an organization might want to rent security server space to smaller institutions.

Continue reading: Introduction to X-Road (part 3)


Did you get the answer to your question?

Added 08.02.2016
Updated 09.02.2016

Back to page "Introduction of X-Road"