This website has been translated by machine translation software and has not been subsequently revised by translators. Further information at: link. Hide
the accesskey _ mod _ content
-

Verification service and consulting Data: Interface

  • Start date Production:

    01/01/2007

    RoadMap:
    • Incorporar los servicios INE: Consulta del listado de histórico de municipios de residencia en un periodo.
    • Sustained and progressive incorporation of new data intermediated through the PID.
    • Module of audits and Control.

    Functional description

    The service is provided with the following characteristics:

    Authentication : Identificación de los usuarios que acceden al servicio mediante certificado electrónico. 

    Authorisations management : Permite el acceso de los empleados públicos y de las aplicaciones sólo para realizar aquellas consultas para las que han sido habilitados. 

    Security . Todas las consultas se realizarán con plenas garantías de seguridad, confidencialidad y protección de datos: 

    • All requests will be signed (XMLDSig) with electronic certificate (X509 v3).
    • The system will register all the consultations, identifying the employee always public and/or application (through electronic certificate), the time of such consultation (sealed in time) and the purposes for which have been made.
    • The system ensures the integrity of the data registered through the use of electronic signature.
    • The system will ensure the confidentiality of data exchanged. All communications between different agencies van on https protocol (SSL) and also the network SARA provides, in the trunk leg, additional measures of data encryption.

    Traceability : Every request and the corresponding reply is recorded in the system with the consequent electronic signature and time-stamping.

    Audit: Todas las peticiones van identificadas con un identificador único, que permite su posterior recuperación ante posibles reclamaciones o auditorías del servicio.

    Delegated administration : para facilitar la gestión de usuarios (altas/bajas/modificaciones) el sistema permite que cada organismo pueda tener un administrador encargado de esta gestión. Para ello, se da la posibilidad de limitar la administración del sistema por organismos.

    Technical Description

    The current platform is defined as a oriented architecture
    services (SOA) based on the following elements:

    • Funcionalidades mediante servicios web y presentación externa de las mismas expresadas en WSDL. 
    • Documentos XML intercambiados entre los servicios web (SOAP) y firmados electrónicamente mediante XMLDsig 
    • Establishment of safe channels between participants through SSL protocol.
    • Utilización de certificados electrónicos emitidos por prestadores de servicios de certificación. 
    • Sellado en tiempo (TSA) de los registros de peticiones y respuestas.

    Use of other services

    The interface makes use of the following existing services:

    • Patterns of exchange of information between administrations, defined in the replacement project Paper Certificates (SCSP)
    • Validation services and certification @firma (Opens in new window)  
    • Services of time-stamping ( TSA (Opens in new window) )

    Standards:

    Use the following open standards in its latest stable version:

    Transfer protocols hypertext: RFC 2616: Hypertext Transfer Protocol -- HTTP/1.1

    Integration of data and applications:

      • Extensible Markup Language (XML)
      • Simple Object Access Protocol (SOAP) 1.1
      • Web Services Description Language (WSDL)
      • XML Schema Part 1: Structures & Datatypes 2: Part

    Security:

      • The SSL Protocol Version 3.

    Electronic signature

      • Advanced electronic signature, with electronic certificate issued in the name of the participant who meets specifications UIT X.509 v3, or later versions.

    XML-Signature Syntax and Processing (W3C Recommendation 12 February 2002)

    RFC 2459: Internet X.509 Public Key Infrastructure Certificate and CRL Profile

    Time-stamping

      • Includes a service of time-stamping (TSA) according to the standard RFC 3161 to certify all operations performed through the system.
General access point
General access point
Maintainer