Prerequisites and Challenges - Study on cloud and service oriented architectures for e- governm

The analysis above of existing structures for public service delivery reveals common prerequisites and challenges. Each of these approaches clearly indicated that a need for open, published standards and agreements is crucial. With many players involved and a dynamic playground, it is important to clearly

55 state the ground rules. Communication between different actors in the cloud of public services requires common data models, for example, in line with each party’s architecture.

Besides standards, a service catalogue describing the available services, their content, quality and SLAs is of utmost importance to agree on expectations from both the supplier and consumer side.

Service descriptions should also list their dependencies on other (basic) services. It enables users to assess the impact of the disruption of the dependent services. NORA states a clear definition of the service catalogue and its components as a corner stone of its platform.

Data security is of crucial importance when making public services available in a ‘cloud of public services.’ When electronic data is interchanged within and between public agencies, data protection requirements must be considered and implemented by way of suitable technical and organizational measures. Personal data, in particular, may not be gathered, processed or disclosed for any purpose other than the use explicitly contemplated by law. Data security is not the main focus of this study as it is considered an Infrastructure Service, rather than a Business service, and is the subject of a separate 2009 report on European Interoperable Infrastructure Services (EIIS)⁵⁰.

Users, whether citizens, businesses or administrations, will only use a service if they have a certain level of trust in these services. Appropriate data security and transparency in the operations and data contained in public services as part of a ‘cloud of public services’ will improve this trust. Citizens and administration should have a full view of which data is treated by whom and for what reason. An audit trail is a functionality which allows the logging of all access and changes to data which is also identified in the EIIS study as an essential Infrastructure Service. This functionality can for example be found in the Belgian FSB. The implementation of an audit trail in the context of a ‘cloud of public services’ can be challenging. One of the characteristics of a ‘cloud of public services’ is that a dynamic reuse and combination of services should be possible (services are interlinked and depend on each other, creating different layers of dependency). Tracing data manipulations across a complex stack of services therefore requires a clear approach to audit trail and logging.

Making public services openly available electronically for reuse by public administrations and third parties often requires process redesign, which in turn may have implications for the legal framework.

The methodology for identification of services and the service taxonomy proposed in this study can form essential elements to support such process redesign. Analysing existing processes and organisational structure behind the delivery of public services and proposing new more efficient services that allow for the reuse of electronic public services in a ‘cloud of public services’ is a first step. This analysis likely results in a number of issues for which legal and institutional changes may be necessary before the new services can be implemented.

The example of the CBSS shows how redesign of processes requires legislative action in order to be made a reality. This is a particular challenge which may be encountered in many different settings depending on the extent to which current legislation prevents new ways of service provision.

Legislation can form both an obstacle and an enabler. For the ‘cloud of public services’ in which many different actors potentially make use of public services, an appropriate legal framework which establishes the appropriate level of security, liability and transparency serves to establish trust between the different actors as well as a clear framework in which public service can be reused by the different actors. The legal implications need to be tackled in order to enable service delivery in line with the concept of a ‘cloud of public services’. Obtaining sufficient political support to modify the legal framework can be a critical success factor. In Belgium, the ASA/DAV is part of the Chancellery of the Prime Minister, ensuring the right level of political buy-in, which eases the modification of legislation.

In addition, a common element observed in existing implementations of service delivery based on the concept of a ‘cloud of publics services’ is the need for coordination. In Belgium for example the services for registering new businesses were made available on the FSB through the eDepot business start-up project. It was established through cooperation between a large number of different parties (including the Royal Federation of Belgian Notaries, FEDICT, the National Register, Belgian Enterprise Database, Department for Justice, Department for Finance and the Belgian Official Gazette). These different involved parties signed an agreement of collaboration which the DAV facilitated through consultation and cooperation with other stakeholders. This shows the clear need for changes in the mindset of organisations as well as their personnel in terms of agreeing on new ways of working through cooperation. The human factor involved should not be overlooked. As demonstrated by the

50 European Interoperable Infrastructure Services - Study on potential reuse of system component, (Deloitte, 2009).

56 Belgian example, providing incentives for organisations to take on new working practices through the use of tariffs as a disincentive to continue the ‘old’ way of working may prove necessary.

4.5.1 Migration strategies

Moving towards a ‘cloud of public services’ clearly entails several prerequisites and poses a number of challenges. Nevertheless, this migration can be facilitate particularly by focussing on different sub-domains (by gradually developing new services for the cloud of public services per sub-domain) and basing new services on already existing public services embedded in existing legacy systems.

Focusing on different sub domains

Within the reality of a multifaceted and heavily departmentalised public administration, it may prove workable to focus on a number of separate domains thereby reducing the complexity of the implementation of a ‘cloud of public services.’ Such sub-domains can be identified according to a function (for example, Social Security, Finance or Health), related to the implementation of a new law or directive, or based on public services which are linked through life events. It is essential in the selection and definition of a domain that existing functionalities are tightly connected, and will therefore have greater dependencies on each other than the services outside of that domain. Focusing on sub-domains therefore provides a clear rationale for more effective and more integrated service delivery.

An approach based on division will result in a series of domain specific ‘clouds of public services’, which initially can be segregated but will gradually move towards a more integrated set of ‘clouds of public services.’ Both the Belgian and Dutch examples of approaches to online service delivery (FSB and NORA) have a layered architecture which integrates different sub domains, but which is federated at a higher level. These approaches illustrate individual efforts towards using services as building blocks for new services shared between different actors within a single sub-domain, for example social security (the CBSS in Belgium), business registration (the eDepot in Belgium) or civil registration ( the German Administration Services Directory (DVDV)). The examples show that a clear focus on a sub-domain can result in a highly successful implementation which can be gradually expanded to other domains.

The Open Group’s Service Integration Maturity Model (OSIMM) described in Chapter 1 specifies:

A model against which the degree of service integration maturity of an organization can be assessed

A process for assessing the current and desired degree of service integration maturity of an organization, using the model

Whilst the first objective enables the extent to which services are offered in an open and interoperable way to be assessed, the second describes a common approach for migrating towards the ‘cloud of public services.’ The seven levels of maturity and seven dimensions across which it can be assessed suggest a gradual, phased or incremental approach to service integration. Indeed, the OSIMM is intended to help an organisation, whether a public administration or a third party, ’to create a roadmap for its incremental transformation towards more mature levels of service integration, in order to achieve increasing business benefits associated with higher levels of maturity.’

The 2010 report on ‘User expectations of a life events approach for designing e-Government services’⁵¹ also provides a possible roadmap for migrating to a SOA-approach to eGovernment. The roadmap includes an envisioning phase in which the vision, the principles, the standards, the methods are set and tested. Three alternatives are suggested for this phase: describing and implementing a finite set of life events, government as a platform, and dynamic public service mediation. When the vision and a tested – and agreed – set of principles, methods and standards are formalised, an implementation phase could start. It would consist of the installation of the platform, developing and providing services, marketing these services, and evaluating and adjusting the vision, methods and standards.

Reusing existing public services

51p. 28-30, User expectations of a life events approach for designing e-Government services, Deloitte 2010

57 The architectural prerequisites of SOA allow for the reuse of existing implementations of public services by adding a service layer and exposing this to a ‘cloud of public services.’ This approach is a common strategy for reusing functionality captured in existing ‘legacy’ systems.⁵² The example of the migration of the Belgian Crossroads Bank for Enterprises (CBE) is a point in case, where the functionality in the current mainframe system is being converted into a SOA-approach, which is expected to be finalised in 2012. This reuse approach has two advantages. Firstly, it allows a service to be built based on an existing implementation with a minimum of effort. Secondly, it creates an abstraction layer between the service and its underlying implementation, which will ease the migration towards a top down service based environment at a later stage.

Whether dividing the cloud into different sub domains or reusing existing public (legacy) services, the migration towards a ‘Cloud of public services’ represents a paradigm shift, which provides the potential of new opportunities. In this context, implementation should go hand in hand with practical examples, which often prove the best way of convincing stakeholders of its importance and potential.

As discussed in more detail in Chapter 4.7, real life examples exist that provide a strong rationale in favour of migrating towards openly provided public services which can reused by different actors and combined to create new services.

The above migration strategies could also be applied to the provision of cross-border services at the EU level. Services could be selected within specific domains based on a clear rationale for more integrated service delivery and made operational in ‘clouds of public services’ at the EU level. While gradually expanding their range and scope, existing implementations of cross-border public services could also be reused via the addition of a service layer and exposure to the ‘cloud of public services.’

As demonstrated in Chapter 3, a number of parallels between the identified ‘Fundamental Services’ in Belgium, Italy and Sweden can be drawn. For the ‘Starting Up’ Life Event, at the level of Basic Logic Services, the setup of the company is, for example, verified in all countries. At the level of the Basic Data Services, new businesses are for example required to register, file a deed of incorporation and notify the commencement of activities with the Business Registry in all three countries. Even though the actual content of the services across the different Member States differs depending on the legislation in place and different institutional realities, by taking the life events approach it becomes clear that within a specific domain of public services (e.g. starting up a business), cooperation between Member States can be envisaged based on existing services.

Generally, it can be said that there is much scope for services provided in a ‘cloud of public services’

to be reused by public administrations and third parties, both within and between Member States. This is particularly apparent in the domains in which clear similarities can be observed between the building blocks of public services identified. As discussed in Chapter 4.1, there is however an inverse relationship between domain specificity and the potential for reuse. Public services related to tax, for example, are less likely to be reused in other contexts than public services related to businesses in general. This would need to be taken into consideration when investigating the potential for cross-border service reuse at the EU level. Nevertheless, by moving towards the establishment of services online as building blocks, their mere availability will both encourage the development of new services as well as provide a rationale for the continuous development of new services based on already existing ones.

In document Study on cloud and service oriented architectures for e- government Final report (Page 63-66)