This website has been translated by machine translation software and has not been subsequently revised by translators. Further information at: link. Hide
the accesskey _ mod _ content
-

Verification service and consulting Data: Interface

  • Start date Production:

    01/01/2007

    Functional description

    The service is provided with the following characteristics:

    Authentication : Identificación de los usuarios que acceden al servicio mediante certificado electrónico. 

    Authorisations management : Allows access to public employees and applications for only queries for those that have been enabled.

    Security . Todas las consultas se realizarán con plenas garantías de seguridad, confidencialidad y protección de datos: 

    • All requests will be signed (XMLDSig) with electronic certificate (X509 v3).
    • El sistema registrará todas las consultas realizadas, identificando siempre al empleado público y/o aplicación (mediante certificado electrónico), el momento de dicha consulta (sellado en tiempo) y la finalidad con la que se han realizado.
    • El sistema garantiza la integridad de los datos registrados mediante el uso de firma electrónica.
    • El sistema garantizará la confidencialidad de los datos intercambiados. Todas las comunicaciones que se realicen entre distintos organismos van sobre protocolo https (SSL) y además la red SARA proporciona, en el tramo troncal, medidas adicionales de cifrado de datos.

    Traceability : Every request and the corresponding reply is recorded in the system with the consequent electronic signature and time-stamping.

    Audit: All requests are identified with a unique identifier, which allows its subsequent recovery before any claims or audits of service.

    Delegated administration : para facilitar la gestión de usuarios (altas/bajas/modificaciones) el sistema permite que cada organismo pueda tener un administrador encargado de esta gestión. Para ello, se da la posibilidad de limitar la administración del sistema por organismos.

    Technical Description

    The current platform is defined as a oriented architecture
    services (SOA) based on the following elements:

    • Functions through web services and external presentation of the same expressed in WSDL.
    • Documents XML exchanged between web services (SOAP) and signed electronically through XMLDsig
    • Establishment of safe channels between participants through SSL protocol.
    • Utilización de certificados electrónicos emitidos por prestadores de servicios de certificación. 
    • Sealed in time (TSA) of the registers of petitions and answers.

    Use of other services

    The interface makes use of the following existing services:

    •  Esquemas de intercambio de información entre Administraciones, definido en el proyecto de Sustitución de Certificados Soporte Papel (SCSP) 
    • Validation services and certification @firma (Opens in new window)  
    • Services of time-stamping ( TSA (Opens in new window) )

    Standards:

    Use the following open standards in its latest stable version:

    Protocolos de transferencia de hipertexto:  RFC 2616: Hypertext Transfer Protocol -- HTTP/1.1

    Integration of data and applications:

      • Extensible Markup Language (XML)
      • Simple Object Access Protocol (SOAP) 1.1
      • Web Services Description Language (WSDL)
      • XML Schema Part 1: Structures & Datatypes 2: Part

    Security:

      • The SSL Protocol Version 3.

    Electronic signature

      • Advanced electronic signature, with electronic certificate issued in the name of the participant who meets specifications UIT X.509 v3, or later versions.

    XML-Signature Syntax and Processing (W3C Recommendation 12 February 2002)

    RFC 2459: Internet X.509 Public Key Infrastructure Certificate and CRL Profile

    Time-stamping

      • Includes a service of time-stamping (TSA) according to the standard RFC 3161 to certify all operations performed through the system.
General access point
General access point
Maintainer