HamburgGateway, Germany

Similar documents
Annex 7 - Critical Success Factors

TRAVELEX GLOBALPAY. Managing all your payment needs online

OneList Approvals Technical Overview

umantis Successful talent management begins with people

Portal Strategy Delivers Rapid Returns for Print and Promotional Solution Provider

RISER: CHALLENGES OF A TRANS-EUROPEAN ACCESS TO RESIDENT REGISTERS

CHALLENGES (BARRIERS) IN ADOPTING THE ELECTRONIC COMMERCE SYSTEM IN LIC OF INDIA

Child Benefit Service (Ireland)

Integrating SAP and Microsoft Dynamics AX Using Two-Tier Enterprise Resource Planning

14. E-Commerce Applications and Infrastructures

German Administration Services Directory

VDI. Citrix Cloud Services Adrian Fish

Management Information Systems - Enterprise Systems

PaintCare Inc. Request for Proposal Salesforce Implementation

DEVELOPING APPLICATIONS USING MICROSERVICES AND MICROSOFT AZURE SERVICE FABRIC 1

Meeting Management Solution

ORACLE HOSPITALITY CLOUD CONSULTING SERVICE DESCRIPTIONS October 19, 2017

Asset Tracking Solutions. Partial Controls and Features

Pillar II. Institutional Framework and Management Capacity

SAP Hybris Commerce, cloud edition and SAP Hybris Commerce, Edge cloud edition Supplemental Terms and Conditions

Making business life easier

Information Services and Technology FY Performance Plan

Speech of Commissioner Günther H. Oettinger

Proxama PIN Manager. Bringing PIN handling into the 21 st Century

OSS TENDER PORTAL MANAGEMENT SYSTEM (ASP.NET)

SEEC PALLET CONTROL SYSTEM

UniWeb. Our electronic banking services system available directly on the Internet

This topic focuses on how to prepare a customer for support, and how to use the SAP support processes to solve your customer s problems.

This is agreement is governed by the PSC Master Services Agreement (MSA) (named Master Services Agreement ) found at:

Data Interchange plc. Issued: 8 November Copyright Data Interchange Plc Peterborough, England, October 2005.

How to Tackle Core (Legacy) System Challenges using APIs

Azure IoT Suite. Secure device connectivity and management. Data ingestion and command + control. Rich dashboards and visualizations

TAS CASHLESS 3.0 FOCUS ON. The absolute framework for electronic payment management. CASHLESS 3.0: the ultimate. payment experience

Orientation Towards the Future Through Innovation

2.1. Introduction The P&SC strategy is to move to two simple Invoicing models.

Securing Your Business in the Digital Age

The Complete Outsourcer s Billing Solution

Your 5 Step Guide to the Apprenticeship Levy Funding System (TAS) How to allocate your levy to your apprentices

e-prior Facilitating interoperable electronic procurement across Europe Technical Overview

Professional Enterprise Content Management

Ensim and the Ensim logo are registered trademarks of Ensim Corporation. All other trademarks are the property of their respective owners.

Yes, You DO Need Visual IVR Frequently Asked Questions

Frequently Asked Questions on Secure Usage of Remote Support Platform for SAP Business One (RSP)

DAT 100 Microsoft s s Data Platform Vision

PEOPLE POWER IMAGINE TECHNOLOGY BUILT AROUND YOU A QUIET REVOLUTION IN

SYSEX Preparatory Report

SWIFT for Corporates Get ready for a truly global treasury

WIGAN & LEIGH COLLEGE

egovernment adoption Cases based on ebxml

X Infotech Banking. Software solutions for smart card issuance

PPF PRODUCT SHEET: PAYTEQ PAYMENT FOUNDATION

EPAY VIRTUAL. Guide for programme administrators

Driven by a passion to develop our customers, SuperOffice has become one of Europes leading providers of CRM solutions.

Solution Pathway Series. Applying Microsoft tools to support the full life cycle of Grants Management

Ariba Network Enabling Business Commerce in a Digital Economy

General Electric Power Supplier Summit. The Benefits of Collaborative Business Commerce with General Electric Power

IBM Business Process Manager on Cloud

CREDIT CARD MERCHANT POLICY. All campuses served by Louisiana State University (LSU) Office of Accounting Services

IBM Payments Gateway

xassets Enterprise Overview xassets Enterprise enables browser based asset and service management solutions for organizations of all sizes.

UniWeb. Our electronic banking services system available directly on the Internet

IBM Business Process Manager on Cloud

WEB-BASED COLLECTIONS MANAGEMENT FOR MUSEUMS

HP World 2001 How to build Mission-Critical Mobile ecommerce Solutions. John Mennel Vice President Products Platform Business Unit 724 Solutions

MICROSOFT BUSINESS SOLUTIONS GREAT PLAINS

JAS Job Approval System. The way it works

Digital Collaboration in Sweden. Presentation at meeting between ISA and Sweden Brussels, October 22, 2014

IBM United States Software Announcement , dated August 21, 2018

IDEAS Product Overview

Research on the Application Integration Model for the Agricultural Enterprise of Integrative Production and Marketing

Association of Serbian Banks Reduces Gyro Clearing of Cheques to Less Than One Hour

ExtendTime A completely automated IP Telephony time and attendance solution that immediately realizes an organizational return on investment.

MEETS MOBILE MAINFRAME. Access information anytime, anywhere

BS&A Software Application Design Approach

What is Castleton Agile?

An advanced, world-class Field Service Management System

Procure-to-Pay Automation for Microsoft Dynamics AX

IT Support made simple

Pro Series Manufacturing

Financials Datasheet

Refinery Technical Service Site

NATIONAL E-PROCUREMENT PROJECT GUIDANCE NOTES

Auditing e-government

Business Manager. Enhancements Version January

General user conditions for supplier s applications and the AUMA supplier portal

On-Demand Solution Planning Guide

MOBILIZING ORACLE APPLICATIONS ERP. An Approach for Building Scalable Mobility Solutions. A RapidValue Solutions Whitepaper

IBM Business Process Manager on Cloud

The digitally coherent public sector

BlackBerry User Guide

The Business Process Environment

Home Member State 100. Croatia EU28+ Mystery shoppers have assessed the PSCs from the perspective of three scenarios:

IBM Tealeaf Customer Experience on Cloud

(Legislative acts) DIRECTIVES

Asset Management. Visit us at: or call SCAN

THE PAYMENT SERVICES DIRECTIVE II (PSD II) Liberalisation of electronic payment transactions

Thank you for your commitment to providing Henkel with quality materials and services.

PIE Corner stone of Integration PIE. Corner stone of Integration

REPORT FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL

Transcription:

Prepared for the egovernment Unit DG Information Society and Media European Commission Good Practice Case HamburgGateway, Germany Case Study 11 January 2007 Case study prepared by Ralf Cimander and Herbert Kubicek (ifib, Germany), in cooperation with Dr. Ursula Dankert, Ministry of Finance, FH Hamburg and Uwe Störmer, Dataport; both from Germany. egovernment Unit DG Information Society and Media European Commission

Table of Contents 1. HamburgGateway... 2 1.1 Case Summary 2 1.2 Problem addressed 4 1.2.1 Specific Problem 4 1.2.2 General Background 6 1.2.3 Policy context and strategy 8 1.3 Solution 9 1.3.1 Specific Objectives 9 1.3.2 Implementation 10 1.4 Features making it a candidate for good practice exchange 16 1.4.1 Impact 16 1.4.2 Relevance of the case for other administrations that could learn from the experience 17 1.4.3 Transferability 17 1.5 Results 18 1.6 Learning points and conclusions 20 1.7 References and links 22 Annex 1: Assessment Questionnaire for the MODINIS Case Descriptions... 23 GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 1

1. HamburgGateway 1.1 Case Summary The city and state of Hamburg (FHH: Freie und Hansestadt Hamburg) in the late 90s started one of the most ambitious IT-programs in Germany whose main goal was to modernise the local public administration by developing egovernment solutions and re-organising administrative processes. Since 2001, the Senate of Hamburg adopts an annual egovernment Roadmap for the review of accomplished tasks and the presentation of the upcoming work which builds the framework for egovernment in Hamburg. As a result, it was recognised that a Gateway fits Hamburg's requirements best. Hence, the 'HamburgGateway' portal was developed in 2002 with first services provided in August 2003. The HamburgGateway is an egovernment infrastructure which provides a single point of contact for online services to all customers. Online services added to existing legacy applications enable communication and data exchange with the HamburgGateway. All services offered online are accessible with only one account, which means a great benefit for all users. As a city and state, Hamburg provides a wide range of services for different customers, i.e. citizens, business and administration, and its employees. For most administrative tasks, existing IT-applications are already in place. However, Hamburg's goal was to offer services online to its customers while using the existing legacy applications. With HamburgGateway, an infrastructure has been created that serves as access point for all customers to all online services of the city and the state of Hamburg. With its strong two-level authentication, it ensures privacy and security for the customer and at the same time offers the security required for the application and the network of the Hamburg Government. As there is only one access point for the customer, the specific section of the administration or related institution offering the service does not need to be visible. Moreover, all sites have the same design and user interface. As in other European countries, the diffusion of qualified digital signatures is very low and their use is very rare among the majority of potential customers since the prescribed cards and directory services are expensive and difficult to use. So a specific objective of the city and state of Hamburg was to allow the implementation of legally binding and secure online transactions at a large scale by offering simple access to their eservices without additional costs as quickly as possible. So for eservices of which the state and the city are in charge and which require authentication of the applicant, the legal act has been amended by the State Parliament. HamburgGateway now allows for legally binding online services based on a one-time registration - at the portal (for citizen eservices which do not require authentication), - at the customer centre where a proof of identity has to be submitted to the service personnel, - or in case of being a company or another administration, a special contract has to be signed. Actually, the HamburgGateway is the working implementation of a multi-client and scalable infrastructure called GovernmentGateway. Hamburg was the starting point of the development of this GovernmentGateway which is currently also in implementation in Schleswig-Holstein and in development in Rheinland-Pfalz (Rhineland-Palatinate). There the same infrastructure will be used, only the user interface will be different. In terms of interoperability, with the HamburgGateway, a centralised infrastructure has been employed which links the different back-offices and their legacy applications of the participating authorities with the user administration system at the top of the Gateway. Hence, the interoperability requirement to overcome was/is to link the different legacy applications with their GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 2

different formats and structures to a common point of access which in addition serves for the secure transmission of requests and the authentication of the users. By November 2006 more than 60,000 citizens, 7,150 companies and 18,700 employees of public administrations have registered at the HamburgGateway. GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 3

1.2 Problem addressed 1.2.1 Specific Problem First analyses for an egovernment master plan for Hamburg were conducted in 2001. After a short period of time it became apparent that every department needed an access point for its customers if they wanted to offer online services. It was obvious that one access to all services would be the most customer-friendly and at the same time the most efficient way for all service suppliers, i.e. the different government departments. It has been acknowledged that the customers need an easy-tohandle platform, without additional costs, which protects their privacy and the security of their data. The departments, on the other hand, need to be able to continue using their existing legacy applications whilst ensuring the security of data, applications and the data network of Hamburg. The access point needs to be online 7 days a week, 24 hours a day. Also, a provision is necessary to supply answers and give notices to the customers and for related services such as online payment. Since not all legacy applications are available online at all times, a solution designed to capture the inquiries and process them as soon as the legacy application becomes available again needed to be implemented. Altogether, customers of the HamburgGateway are citizens, businesses as well as the public authorities and their employees. As public services containing transactions are provided via a single access point for customers through an identification module, interoperability is required between the back-offices, respectively its services and the HamburgGateway providing user access. Beside user identification and authentication on different security levels, the Gateway also enables secure processing of transactions between the users and the respective back-office. Payment by an external provider is also enabled via the HamburgGateway which warrants the reliable processing of fees and other payments. Service Single point of access to online services for citizens and businesses There is a wide operational field of services involving different administrations Specific problems addressed Provision of a commonly used infrastructure that can link the customer requests through a single point of access to the existing legacy application of the back-office in charge of the respective service Warrantee of security and privacy issues despite the centralisation of user authorisation Warrantee of the continuation of the use of the existing legacy applications though the digitisation of the services Since not all legacy systems work 24/7 a week, a solution for temporary storage of inquiries had to be found GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 4

IOP requirement 1 IOP between the Gateway and the legacy application in question BO: Back-office (legacy application) IOP requirement 2 IOP supporting auxiliary services: Two auxiliary services are applicable to different services: commonly used payment and identification and authentication system is used for all online services that include transactions Fig. 1: Interoperability requirement With the GovernmentGateway, a centralised infrastructure has been employed which links the different back-offices and their legacy applications of the authorities that participate in HamburgGateway with the user administration system at the top of the Gateway. The Gateway provides a range of special adapters to convert, route and link the user requests to the respective legacy application of the back-office in question and enables the secure processing of transactions. The development of interfaces to legacy systems that are not yet integrated will be supported by the HamburgGateway. Therefore, in terms of interoperability, in particular the Organisational Model, the HamburgGateway functions as a kind of clearinghouse. Considering this centralised clearinghouse as the front-office and the link between the single point of access and the back-office applications, the area of public service provision where interoperability has to be achieved is in the front-office to back-office processes. Basic organisational model employed Communication is via a centralised infrastructure managing access and workflows between customers and authorities (clearinghouse) Service delivery model IOP between front-office and back-office GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 5

1.2.2 General Background In the last 15 years, Hamburg has built an infrastructure for the demands of the different administrations of the city and state. For almost every task which is processed by more than one department, Hamburg developed a common solution (i.e. infrastructure), hosted by Dataport, the service provider for the states of Hamburg and Schleswig-Holstein (among others). The Free and Hanseatic City of Hamburg is one of the three city states of the Federal Republic of Germany and the second largest city of Germany with about 1.75 million inhabitants on 755.3 square kilometres; it is the sixth largest city of the European Union. Today, Hamburg consists of seven districts, each with a district parliament of its own. Every district is divided into several quarters, a total of 104 in Hamburg. Some quarters in the core of the district are administered directly by the district office; for other quarters of the district there are quarter offices. Altogether 15 quarter offices were set up. In the North of the Elbe river, Hamburg borders on Schleswig-Holstein which is the second smallest territorial state of Germany with 2.82 million inhabitants on about 15,800 square kilometres. Germany Schleswig-Holstein Hamburg Types and level of agencies involved Department responsible for controlling the use of ICT in public administration under the State Ministry of Finance of the city and state of Hamburg Dataport, the service provider for Hamburg and Schleswig- Holstein (among others) for maintenance and further developments Microsoft as developer of the Gateway which collaborates with Dataport in case of further developments Departments of Hamburg's local and regional administration interested in online transactions via the HamburgGateway Working group, consisting of ITexperts of the public authorities for the definition of functional requirements for the HamburgGateway Figure 2: Location of the city and state Hamburg in Germany The HamburgGateway was developed by Microsoft and implemented by Microsoft together with Dataport on behalf of the State Ministry of Finance. The department responsible for controlling the use of ICT in public administration of the city and state of Hamburg is in charge of GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 6

the HamburgGateway project. Beside the management of investment funds and the coordination of the annual ICT-action plan (IuK-Gesamtplan), this department is responsible for all ITinfrastructures and IT-projects of the state, in coordination with Dataport. Dataport is a public body started as a merger of the entities responsible for data processing and Information and Communication Technologies (ICT) for the government in Schleswig Holstein (DZ- SH) and for the government of Hamburg (LIT and the ICT section of the 'Hamburger Senatsamt für Bezirksangelegenheiten') in January 2004. Together with Microsoft, this public body is responsible for the development and maintenance of the HamburgGateway infrastructures. Dataport employs 1,200 people and operates 24 hours a day and 7 days a week. The public entities interested in providing their transactional services via the HamburgGateway have to make the respective request to the department responsible for controlling the use of ICT in public administration. This department verifies the request and if applicable initiates the implementation of the service. In addition, it covers the costs caused by the adaptation of the Gateway infrastructure whereas the interested public entities cover the costs of the linkage of the Gateway with their legacy application. In general, a working group consisting of IT-experts of the public authorities discuss and set up the functional requirements of the Gateway. For most of the processes departments have to comply to, there are existing applications which support these processes. The applications use different hardware, a variety of operating systems and, in most cases, custom-developed software. It is simply not possible to rewrite these legacy applications in order to present them online. Therefore, a technical solution was needed, allowing to continue the use of these applications, while making them available online to the customers. The city and state of Hamburg owns its physical data network. It was an essential requirement to preserve the security of the network and all related applications. GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 7

1.2.3 Policy context and strategy Because of the federal structure in Germany, a broad range of applications to process similar tasks for different administrations in Germany are in place. To this date, there are only few services with existing agreements between different administrations to use and further develop the same application or to employ the same service supplier. Only recently, co-operations across the borders of states and different departments have begun. In Hamburg, they started in the beginning of the nineties with building up an infrastructure for the use across different departments of the city and state and expanding the approach to solutions in the different departments. It took some time, but in the meantime evolved into an established approach to discuss the professional requirements and not the most wanted technology. For the government of Hamburg, the customer plays the leading role. They already unified the design of the Internet sites of the different departments some years ago. Now, all online information is accessible under the same address in a corporate design. Therefore, for the customer, it is easy to navigate, and information can be accessed easily. The same idea applies to the access for transactions. There needs to be only one single access point, regardless of the supplier of the service, i.e. department of the administration. The Gateway offers access to services which do not require any identification as well as to services requiring identification or authentication of the user. This means, a once-only registration at the portal enables access to online transaction requiring user identification; a once-only authentication procedure at the office (citizens) or by a specific contract sent by fax (businesses and other (non-hamburg) public administrations) enables the use of online transactions which require identification or authentication. In this regard, a different but more user-centred approach as followed by the federal government has been chosen for the authentication of the customers by applying for transactional online services. In terms of egovernment, the federal government places emphasis on qualified digital signatures. However, these are so far hardly accepted and diffused among the customers. The "Verwaltungsverfahrensgesetz" (Administrative Procedures Act) of the city and state of Hamburg and its dedicated Ordinance allows for the replacement of written form and signature by authentication by the Gateway in cases where the law of the city and state of Hamburg is concerned. This law has been amended in this regard in close cooperation with the data protection officer of Hamburg. Certainly, in cases where the federal law is concerned, digital signatures are still required; this functionality will be provided for the respective services in the future. The policy of the senate as stated in its egovernment Roadmaps, with the latest of 2006 (e.g. Bürgerschaft der Freien und Hansestadt Starting position A broad range of applications serving the same tasks in different authorities are in place due to the federal structure of Germany; i.e. they are hardly interoperable. Co-operations to overcome this situation had to start Single authorities were ready for provision of their services via Internet and were in need of technology for efficient and secure online delivery Legal framework Amendments of the "Verwaltungsverfahren sgesetz" (Administrative Procedures Act) and its dedicated Ordinance allows for replacement of written form and signature by authentication by the Gateway in cases where the law of the city and state of Hamburg is concerned "Hamburger Datenschutzgesetz" (Data Protection Act of Hamburg) Other framework conditions "egovernment Fahrplan" (egovernment roadmap) "IuK-Drucksache" (communication on ICT in public administration) Basic infrastructure is centrally paid by the project owner; linkage to the Gateway has to be paid by the participating public entities GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 8

Hamburg: E-Government Service für Bürger und Wirtschaft, Mitteilung des Senats an die Bürgerschaft, Drucksache 18/4498 vom 13.06.2006) is that in the coming years, Hamburg aims to make all services available online that are technically feasible and are beneficial both for the customers and the administration resp. government (win-win-situation). Thereby, the HamburgGateway as an infrastructure will serve as the single access point for all applications. The HamburgGateway is the central element for the implementation of the egovernment Roadmap of the city and state of Hamburg. The Ministry of Finance fully paid for the development and implementation via its ICT-action plan (IuK-Gesamtplan) and covers the running costs for maintenance. The use of the HamburgGateway is free of charge for the associated public authorities. They only have to cover the costs for the linkage of their own legacy application to the Gateway infrastructure. This attractive financial offer to the public entities shall, of course, be the enabler of a wider acceptance of the Gateway and hence improve the outreach of the project. 1.3 Solution 1.3.1 Specific Objectives HamburgGateway's prime objective has been to provide a technical infrastructure enabling complete transactions (including payment) via Internet and to implement a single entry point to all egovernment services with a standardised access and secure technology. Still, as long as the demand for transactional eservices is not more clearly articulated and as long as further applications for which there is a real demand potential will yet have to be created, the critical mass for the interest to obtain electronic signature smart cards is lacking. Like in many other European countries, such cards are far from being broadly available in Germany up to now. Therefore an aim of the HamburgGateway was to utilise a technology with high penetration and consequently low access barriers in Hamburg. So a specific purpose of the government of the city and state of Hamburg was to offer simple access to their eservices without additional costs as quickly as possible that allows the implementation of legally binding and secure online transactions at a large scale. Another important objective of the HamburgGateway is the protection of investments. For most administrative tasks, ITapplications are already in place. Hamburg's goal was to offer services online to its customers while using the existing legacy Objectives to be achieved Provision of a technical infrastructure enabling complete transaction (incl. payment) via Internet Implementation of a single point of entry to all egovernment services Provision of an identification and authentication infrastructure that allows legally binding transactions without the use of qualified digital signatures Protection of investments by use of existing legacy applications though the digitisation of the services GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 9

applications and not the replacement of existing and well working technologies and programmes. These objectives are based on the assumption that egovernment can only be successful if the services are accepted and used by the customers. Therefore it is preconditioned that services: are easy to handle, do not require additional skills, do not need complex technical facilities on customer side, do not cause additional costs, are available and accessible anytime, and warrant the security of data. Objectives to be achieved Implementation of an easy to use system which doesn't require additional skills or technical facilities on customer side and which doesn't cause additional costs; but which is available anytime and warrantees data security 1.3.2 Implementation The HamburgGateway is the single key infrastructure for all departments of the city and state of Hamburg to make existing and new government services available on the Internet. Amongst others it offers the following key features: Authentication of a customer; Reliable online processing of payment; Secure processing of transactions; Secure availability of responses; Possibility for further use of existing legacy applications; Security of applications and the data network. The authentication of the customers works with password and user ID. The Gateway offers different security levels for diverse customer groups. For private customers there are two different levels: With level one the customers register online and can start working right away with a limited set of services. To reach level two, they need to visit a customer centre in addition, where a proof of identity has to be produced to the service personnel. The second level is relevant for those applications, where the administration has to be sure of the identity of the person. For registration of businesses and other administrations, there is a different concept: A master user registers the company and chooses the services the company wishes to use. For each service a contract with the government needs to be exchanged by fax. Afterwards the master user can grant access to other users of the company. The provider of each service (i.e. the different departments) can choose between different security levels and customer groups according to the requirement of their application. GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 10

Internal users of the government of Hamburg get enrolled by the internal group policies, so individual registration is not necessary. The infrastructure (GovernmentGateway) can and will be further developed according to the upcoming requirements. One example will be the integration of the processing of electronic signatures in the beginning of 2007. At the moment, and with the prospect of gateways for different local governments, a kind of trust relation between the gateways is planned so that customers only have to register once. The configuration of the HamburgGateway is as follows: Figure 3: Configuration HamburgGateway Workflow description The GovernmentGateway system is subdivided into presentation, base, and adapter levels, with a firewall separating each level from the other. Presentation level: This level is based on Microsoft ASP.NET, a set of technologies in the Microsoft.NET Framework for building open standard Web applications and XML Web services. The presentation level contains the portal's user interface and is responsible for navigation, display, and receipt of data. This is where users can find all available departmental procedures and where they can authenticate themselves. GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 11

The user interface is implemented according to the guidelines of web content accessibility W3C. The system architecture ensures that the web-servers do not lock up when subjected to many requests at once. The servers forward the information requests and can always process new queries. After the input has been checked, the request is transferred to the base level. Case capitalises mainly on following layers of IOP Technical IOP: Provision of a secure technical infrastructure and its access points for authorities and clients Syntactic IOP: Adapters for transformation of requests into the format of the respective legacy software based on SOAP, XML and other industrial standards Organisational IOP: Introduction of the Gateway architecture; Legalisation of legally binding transactions based on the Gateway authentication mode Base level: This level controls the transactions and logs access information including specialised handling and technical logging as well as authorisation. The queuing process runs in a cluster of several computers to process inquiries asynchronously and to even out workloads. The base level also manages users, stores inquiry results, and generates notification e-mail to users. If the specialised process requires a fee, this level sends a message directly to the collection office by way of the payment interface*. Servers for management and help-desk applications also run at this level. The core of this level is a set of database servers as well as application servers. Adapter level: The base level sends the inquiry on to the adapter level, which transmits the request to back-end systems such as SAP, Microsoft SQL Server, or, as in case of the first service (Registration Information), to an IBM host system. There will be an GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 12

adapter for every back-end system developed on Microsoft.NET technology and run on Webservers. The adapter level is also responsible for workflows (e.g. one request needs to go to multiple legacy applications). The communication within the Gateway between components and applications is based on open standards such as SOAP, HTML, XML and webservices. Each access by a logged-in user is provided as a SSL encrypted connection to the Gateway. *) Payment for chargeable services is carried out by an external payment solution provider. Fees may be paid via direct debiting (ELV) or credit card (VISA and MasterCard). In addition, in order to provide fast processing of transactions, companies may leave their bank details directly at the payment provider. Warranty of security and privacy As described, a special adapter will be developed for each legacy application existent in the back-end of the respective back-office which links the base level with the legacy application. Normally these legacy applications inside the internal network of Hamburg are linked with the requests in an asynchronous manner. In the best way, the customer receives a prompt answer; i.e. for her or him, the case handling looks like a synchronous one. This means that customer requests can be received at all time independent of the downtimes of legacy applications. The separation of the Gateway architecture into different security areas, so-called demilitarised zones, and the back-end systems by different firewalls in addition is an important feature in the high level security concept of the Gateway. Hence, unauthorised access will be denied since ports will only be opened if required from a functional point of view. For each eservice to be integrated, a risk analysis is carried out and the service is designed and implemented in cooperation with the data protection officer. Warranty of security and privacy Uncoupling of the Gateway and the legacy systems denies unauthorised access to the customer requests and data (requests will be handled asynchronously but looks like a synchronous one for the user) independent of downtimes of legacy applications. Gateway architecture is separated in different demilitarised zones and the backend systems by different firewalls eservices are designed and implemented in cooperation with the data protection officer GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 13

Resources The Software plus any updates and Hardware in use in the GovernmentGateway are: - Windows Server Enterprise Edition Windows Server Enterprise Edition can be recommended for servers with applications such as networking, messaging, stock and customer administration systems, databases and e-government/ecommerce websites. Windows Server Enterprise Edition has proven very reliable and powerful and therefore provides great economic benefits. The main difference compared to the Standard Edition is the support of highperformance servers and clusters required here. Thus large amounts of data can be processed, and the system is protected against failure. - Windows Server Web Edition With the Windows Server Web Edition, the next generation of web applications on Windows server operating systems can be developed and operated effectively. The solutions of the GovernmentGateway benefit from the improvements in the Internet Information Server (IIS) 6.0 as well as in the Microsoft.NET Framework. - Visual Studio.NET Visual Studio.NET includes new versions of Microsoft Visual Tools which can be used by developers to create highly effective solutions. For reasons of practicability, only the languages VB.NET and C# are used for ASP.NET developments. Supporting infrastructure employed GovernmentGateway, providing the technical connectivity among the governments resp. its back-offices and the customers A central user administration based on a SQL server manages access to the Gateway Standardised interfaces for information systems and dialogue applications The Gateway also functions as clearinghouse, transforming the incoming requests into XML-messages - Internet Security and Acceleration Server The ISA server provides secure, fast and easily administered Internet links. The software integrates an extendable multi-step company firewall and a scalable high-performance web cache. Networks are protected against unauthorized access and administrators are warned against sabotage. - Application Center With the application center, the administration of server groups is as easy as that of a single computer. With the help of standard PC hardware, the application capacity can easily be extended or decreased thus reducing complexity and operating cost. - SQL Server 2003 The SQL server is the comprehensive database and analysis offer quickly providing scalable and business-critical solutions. - Hardware Fujitsu Siemens Computers Primergy F200, F250 and R450. GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 14

Financial Resources The HamburgGateway is the central element for the implementation of the egovernment Roadmap of the city and state of Hamburg. The Ministry of Finance fully paid for the development and implementation via its ICT-action plan (IuK-Gesamtplan) and covers the ongoing costs for maintenance. The use of the HamburgGateway is free of charge for the public authorities; they only have to cover the costs for the linkage of their legacy application to the Gateway infrastructure. Due to the complexity of the project, the specific costs can hardly be figured out. Nevertheless, the investment cost for the first phase of the project can be estimated at 1 million. The global budget for egovernment initiatives and IT-projects in Hamburg is about 150 Million per annum. Awareness and Marketing The marketing of services is a new issue for administrations, since administrations offer services only available at this one supplier. Part of a good customer-friendly service is a marketing strategy for the new service to raise the awareness of citizens and businesses. For example Hamburg now advertises for the online information service for Hamburg residents. The best marketing of the HamburgGateway are its benefits for authorities as well as for citizens and businesses in terms of efficiency and its user friendliness/usability. Financial issues Basic infrastructure is paid for by the Ministry (project owner); the using public authorities only have to pay for the linkage to this infrastructure Awareness and Marketing Public administrations are not used to drive awareness of their services and have to learn in this regard. Hamburg now advertises its online services. However, the best marketing of the Hamburg Gateway are its benefits for authorities, citizens and businesses GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 15

1.4 Features making it a candidate for good practice exchange 1.4.1 Impact The HamburgGateway is very well received by the customers, i.e. citizens, companies and other administrations, and the feedback is very positive. All departments of the city and state of Hamburg are working towards the same goal and not only does the HamburgGateway provide an exceptional service to their customers, it is also a very cost efficient way to bring the existing services online, since all the common functionality has been developed only once for all departments. By October 2006, more than 20 services are provided. There are 13 Services for business customers, 8 for private users, 4 for administrations and 2 for the employees. There are even more services under development right now and, because of the very simple way to connect the back-end applications with the HamburgGateway infrastructure, the rate of launching new services is even increasing. The infrastructure was developed in a way that allows the concept as well as the application itself to be adopted by other cities and states in a very easy and efficient way. The states Schleswig-Holstein and Rheinland-Pfalz (Rhineland-Palatinate) are already developing their own Gateways on the infrastructure GovernmentGateway. The main difference of the different Gateways is their side layout. By November 2006, registered users at the HamburgGateway are as follows: 60,000 private customers on security level one, i.e. only requiring online registration (22,000 in June '05), 840 private customers on security level two, i.e. requiring onetime proof of identity at public administration, 7,150 (from 3,100 in June '05) companies resp. other administrations with 9,200 (4,700) company users, and 18,700 (13,000 in June '05) employees of the government of Hamburg are using the services. Utilisation numbers of the first service "Registry information service on Hamburg resident" (by November 2006): 2 million answers in total for the government of Hamburg; start of the service August 2003; 5,000 answers in total for private customers; start of the service October 2003; 110,000 answers in total for business; start of the service October 2003; 170,000 answers for administrations outside Hamburg; start of the service December 2004. The numbers are still increasing each month. Outreach Several departments of the city and state of Hamburg are linked to the Gateway and offer their services via the Gateway. Potentially, all public authorities could be users By November 2006: ca. 25 online services Schleswig Holstein and Rheinland-Pfalz are currently developing their own Gateway infrastructures Performance (by November 2006): 60,000 private customers security level one 840 private customers security level two 7,150 companies and other administrations with 9,200 users 18,700 government employees Performance of the first "Gateway-service" (Registry information on Hamburg residents): 2 million answers for government requests 5,000 answers for private customers 110,000 answers for businesses 170,000 for requests from governments outside of Hamburg GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 16

1.4.2 Relevance of the case for other administrations that could learn from the experience Everybody who wants to provide e-government services to customers has to make a decision how (s)he will offer the services and what (s)he needs to do to get the customers to use this offering. In Germany there has been a discussion concerning the electronic signature for quite some time now. A number of federal states consider the electronic signature a prerequisite to offer government services online. Hamburg chose a different way without the signature and with features that the customers are used to (e.g. going to a customer centre to verify their identity is what they are used to from opening a bank account). This led to a fast and cost efficient software development, a high usage rate and a simple process to bring more services online. The provision of a generally used entry mask provides the link to the legacy application of the concerned back-office and hence enables the unchanged use of this legacy application and is important for the protection of investments inside the public administration. In addition, the Gateway-infrastructure of Hamburg can also be used by other governments, as the experience gained with starting e- government services. Innovativeness Offering quick and simple access to the platform incl. legally binding transactions via a special user administration avoiding the obligate use of not well accepted digital signatures Reproducibility for other services also outside of Hamburg guaranteed by open processes Protection of investment by considering the different legacy applications in the back-offices 1.4.3 Transferability This architecture of load-balanced and clustered servers divided into multiple security zones (3 DMZ's) ensures a secure and highly available solution which could easily grow (scale up and out) as needed for all public services which do not by law require qualified digital signatures. The solution has been developed as a multi-client infrastructure; therefore one infrastructure could host multiple clients with complete separate user administration, services and user interface. This potentially reduces the costs for multiple governments, who like to share the infrastructure. Actually, this multi-client capable and scalable infrastructure is named GovernmentGateway. Every implementation could and should have its own working name, so consequently the name of the implementation in Hamburg is HamburgGateway. In Schleswig- Holstein, preparations are in progress for a Schleswig- HolsteinGateway. That means the same infrastructure will be used, only the user interface will be different. The first service that will be presented is a shared service for Hamburg and Schleswig-Holstein, the online shop and geographical information system. A co-operation between the data processing centre of the federal state of Rheinland-Pfalz (Rhineland-Palatinate) and Dataport has been agreed. The GovernmentGateway will also be used for the local Transferability Technical IOP: Use of a commonly used infrastructure providing secure identification and authentication Syntactic IOP: Requests entered into entry mask on portal and transformed by adapters using industrial standards like SOAP and XML which are key enabler of semantic IOP providing framework conditions for possible integration of these messages into the respective legacy applications Organisational IOP: Amendment of legalisation for legally binding transactions without qualified electronic signatures GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 17

and regional government in this state. Dataport offers other local governments to use the existing GovernmentGateway infrastructure as their access infrastructure for their customers, as it is a multiclient infrastructure. It would be very beneficial if other customers used Dataport as well, because the operational costs for all participants would decrease. But customers, who would like to use the software and run it in their own data processing centres, can also benefit, since everybody participates in the further corporate development of the infrastructure. The HamburgGateway can also be used by other entities with public duties. E.g. the courts and the Hamburg State Office for Transportation are currently planning to use the infrastructure for their purposes and services which then will be provided under the same roof of the Hamburg administration. Hamburg is willing to go into further co-operations and is also prepared to share their experience of how to get people to participate and what to do when starting an e-government infrastructure. That includes showing the GovernmentGateway and sharing the experiences and implications. A co-operation can also be formed between Dataport and other data processing centres. Transferability The basic infrastructure, the GovernmentGateway can be implemented also by other federal states; only the userinterface will be different Schleswig Holstein is currently implementing its own Gateway which will be linked with the Hamburg one Rheinland-Pfalz is also preparing its own Gateway in cooperation with Dataport Other entities with public duties are planning to get integrated in the gateway 1.5 Results To choose a solution without using qualified electronic signatures (as far as this is legally possible) is seen by the administration of Hamburg as a good decision since the situation concerning the distribution of such signatures has not changed in the last few years. There are still only very few people private or in companies who use digital signatures. Therefore, an access point without this feature assists the usability and acceptance of the customers. To build a single infrastructure is seen as the right choice for the administration of the city and state of Hamburg. Many of the services that are now being planned can benefit from the services already in place. It is also considered the right choice for the customers. They can use one single access point to all online services of the different departments of Hamburg. The time it needs for new services to go online will further decrease so there will be a variety of services for the customers in short time. The use of the already existing IT-infrastructure and applications founds the right conditions for e-government. On the other hand, the design and implementation phase of a new service is always a good time to revise the organisational processes. With the online services there will be a distinct division between back-office and front-office. Impact High acceptance of the online services provided via the Government Gateway due to more customer friendly access functionalities Multi-channel approach to public services puts the customers at the centre of public service provision The Government Gateway is a main asset for the ongoing project of reorganising public services and its provision in Hamburg GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 18

The infrastructure is a main asset for the ongoing project of reorganising departmental and local services in Hamburg. One of the main drivers to develop the HamburgGateway was to put the customer at the centre. The HamburgGateway constitutes one pillar of the multiple-access strategy for administrative services of the city and state of Hamburg. The key concept is to let the customer choose the type of access he wishes. There is the option of going to a customer centre, place a call to the Hamburg Service (call centre) or to use the Hamburg Service via Internet (HamburgGateway). The online service gives the customer the possibility to get the desired service at any time. With a user interface according to the web content accessibility guidelines an easy access for people with disabilities is available. For some services the fee for the online service is lower than the fee in the customer centre (the fee only needs to cover the costs). So not only are answers provided faster at a time chosen, some services are also lower-priced. In addition, the customers value the online services because of their time-saving properties, and transactions can be completed without waiting time. Altogether, this makes the HamburgGateway a compelling choice for a customer to get the services (s)he needs and truly puts the customer at the centre. The HamburgGateway makes a huge impact in terms of cost and quality of service. This can be illustrated by the take-up of the Registry Information Service: Benefits Transactions can be completed more timeefficient and without waiting time Requests are being processed faster Lower fees for some of the online-services than for the traditional ones More timely receipt of better quality requests In case of the Registry information service, in conservative estimations, about 3,250 working days have been saved within the last two years One request for registry information is being processed within an average time of 30 seconds In the "traditional" process of this service, the query arrives by fax or traditional mail. The officer in charge then has to transfer the data from paper into the application and start the request. Then the printed answer has to be sent back to the requestor and the payment has to be processed. One could assume that the total number of requests for this service has increased with the online service, because of its simplicity and availability. So, in conservative estimations by the Hamburg administration they assume that by taking only 2/3 of the total number of online requests (around 780,000 by November 2005) and a minimum of three minutes per request you already get a saving of 650 weeks of working time (26,000 hours or 3,250 days). For businesses and citizens, there are benefits regarding costs and time. One online request costs only 3, the fee for the traditional way is 6. The customer gets the online answer in an average time of 30 seconds or less. GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 19

1.6 Learning points and conclusions Critical success factors for IOP Importance of regulations and organisational questions As in most IT-projects, the real challenge lies in issues like regulations and organisational questions. The real problems more or less start, when the technical side is working. In this case the infrastructure was working fine and Hamburg started to plan for more applications to use the infrastructure. As in many IT projects where Internet is being used, there is a high risk concerning the security of data in transmission and storage. The HamburgGateway deals with such risks by providing secure access to services and transmission for the enclosed public authorities which therefore do not have to deal with such issues by themselves. Start in time with cooperation of all relevant actors Plan for enough time for cooperation tasks and negotiations with the various actors in the preparations before the real technical development and implementation starts. In particular important are the user participation, data security and legal formality, e.g. by enactments. Clear vision Where a clear vision exists of what should be achieved, in what way and possibly also when, the overall objectives are obvious and measures to be taken more comprehensible for people concerned with re-organisation processes. Hamburg has this clear vision for egovernment aiming at coordinating developments from the outset based on the annually "updated" egovernment roadmap adopted and supported by the senate. In this regard, the consideration of the requirements of handicapped people plays a crucial role. I.e. any developments with respect to the HamburgGateway have to take care of the requirements stated in an Ordinance for handicapped people, in particular people with visual impairments (Barrierefreie Informationstechnik-Verordnung (BIT-VO)). Top priority is given to e-government The topic of egovernment is established on high political level, i.e. adopted by the senate of Hamburg. In the case of the HamburgGateway, the IT infrastructure has been centrally paid and its maintenance is also centrally paid via the IT-plan of Hamburg. This central decision on egovernment and the payment of the central infrastructure is a warrantor for the success of the project. Regulations and organisational questions are of paramount importance, more than technical issues Start in time with the involvement of all relevant actors in order to avoid unforeseeable delays Clear vision in egovernment based on an annually updated egovernment Roadmap Place egovernment on a high political level to guarantee best support in terms of political importance and financial support GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 20

Critical success factors for IOP Orientation by acknowledged architectures for technology Interoperability within the system and with other systems can better, if not only, be achieved by adhering to standards which are already acknowledged and proved their functionality like SOAP and XML. Reflection of new technical possibilities The organisation needs to reflect new technical possibilities, which often means changing the processing and the working habits of people. Protection of investment by use of interfaces In order to protect investments made in the technical infrastructure of the back-offices that now have to co-exist with new technologies or are faced with new requirements, interfaces enabling the required data conversions can bridge this lack of connectivity without changing the old system. This seems to be the only way for a rather quick change to online access of public services. Orientation on the clients The kind of service and its design is an important factor for the attractiveness of its use by the clients. Clients most likely will only use services which are useful and attractive for them. To foresee usability tests with prospective clients is hence to be seen as vital for the success of the service(s). With the self-explanatory entry mask the HamburgGateway implemented such an element which is of high use and attractiveness to its clients. Therefore to put the client's wishes at the centre will be warrantor for the use of services. Need for marketing of services The marketing of services is a new issue for administrations, since administrations offer services only available at this one supplier. Part of a good customer-friendly service is a marketing strategy for the new service to raise the awareness of citizens and businesses. For example Hamburg now advertises for the online information service for Hamburg residents. Orientation on acknowledged architectures for technology helps achieving IOP particular concerning extensions of the system to others Reflection of new technical possibilities could lead to changes in processes and working habits Provide interfaces (adapters) to bridge the lack of technical connectivity due to the formats processed by legacy applications used by the involved back-offices Clients will only use services which are useful and attractive for them. Hence services should be offered based on the needs of your clients Raise awareness of the services by an appropriate marketing strategy GP-Case: HamburgGateway, Germany 01-2007, vs. 1.0 21

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback