This website has been translated by machine translation software and has not been subsequently revised by translators. Further information at: link. Hide
the accesskey _ mod _ content
-

Verification service and consulting Data: Interface

  • Start date Production:

    01/01/2007

    RoadMap:
    • Incorporar los servicios INE: Consulta del listado de histórico de municipios de residencia en un periodo.
    • Sustained and progressive incorporation of new data intermediated through the PID.
    • Module of audits and Control.

    Functional description

    The service is provided with the following characteristics:

    Authentication : Identificación de los usuarios que acceden al servicio mediante certificado electrónico. 

    Authorisations management : Allows access to public employees and applications for only queries for those that have been enabled.

    Security . Todas las consultas se realizarán con plenas garantías de seguridad, confidencialidad y protección de datos: 

    • All requests will be signed (XMLDSig) with electronic certificate (X509 v3).
    • El sistema registrará todas las consultas realizadas, identificando siempre al empleado público y/o aplicación (mediante certificado electrónico), el momento de dicha consulta (sellado en tiempo) y la finalidad con la que se han realizado.
    • El sistema garantiza la integridad de los datos registrados mediante el uso de firma electrónica.
    • The system will ensure the confidentiality of data exchanged. All communications between different agencies van on https protocol (SSL) and also the network SARA provides, in the trunk leg, additional measures of data encryption.

    Traceability : Every request and the corresponding reply is recorded in the system with the consequent electronic signature and time-stamping.

    Audit: All requests are identified with a unique identifier, which allows its subsequent recovery before any claims or audits of service.

    Delegated administration : to facilitate the management of users (high/low/modifications) the system allows each agency might have an administrator responsible management. For this, there is the possibility to limit system administration by agencies.

    Technical Description

    The current platform is defined as a oriented architecture
    services (SOA) based on the following elements:

    • Functions through web services and external presentation of the same expressed in WSDL.
    • Documents XML exchanged between web services (SOAP) and signed electronically through XMLDsig
    • Establishment of safe channels between participants through SSL protocol.
    • Use of electronic certificates issued by certification service providers.
    • Sellado en tiempo (TSA) de los registros de peticiones y respuestas.

    Use of other services

    The interface makes use of the following existing services:

    • Patterns of exchange of information between administrations, defined in the replacement project Paper Certificates (SCSP)
    • Validation services and certification @firma (Opens in new window)  
    • Services of time-stamping ( TSA (Opens in new window) )

    Standards:

    Use the following open standards in its latest stable version:

    Protocolos de transferencia de hipertexto:  RFC 2616: Hypertext Transfer Protocol -- HTTP/1.1

    Integration of data and applications:

      • Extensible Markup Language (XML)
      • Simple Object Access Protocol (SOAP) 1.1
      • Web Services Description Language (WSDL)
      • XML Schema Part 1: Structures & Datatypes 2: Part

    Security:

      • The SSL Protocol Version 3.

    Electronic signature

      • Advanced electronic signature, with electronic certificate issued in the name of the participant who meets specifications UIT X.509 v3, or later versions.

    XML-Signature Syntax and Processing (W3C Recommendation 12 February 2002)

    RFC 2459: Internet X.509 Public Key Infrastructure Certificate and CRL Profile

    Time-stamping

      • Se incluye un servicio de Sellado de Tiempo (TSA) según el estándar RFC 3161 para certificar todas la operaciones que se realizan a través del sistema.
General access point
General access point
Maintainer