Welcome to the CEF eDelivery Live Webinar for the PNR community - European ...
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Welcome to the Ground Rules for the Live Webinar
CEF eDelivery Live Webinar Please mute your microphone
before the webinar starts
for the PNR community To chat with other participants
and submit questions, please
use the Chat function to the
right of your screen
To connect your audio go to
the Quick Start tab and
connect your audio (dial-in,
27 March 2019 dial-out or connect via
Start 15:00 (CET) computer)
CEF eDelivery Live Webinar for the PNR community
Agenda
Welcome 5'
Ines Costa – DIGIT
1 Introduction to the PNR Directive 15'
Christiana Aposkiti and María Duro Mansilla – DG HOME
2 Introduction to CEF eDelivery 20'
Adrien Ferial – DIGIT
3 Case study – Implementation of AS4 in the Netherlands 15'
Mark van der Harst – Ministry of Justice and Security (NL)
4 CEF eDelivery Service Offering 15'
Adrien Ferial – DIGIT
5 Q&A 20'
All
Highlights of the webinar
DURING
?
Ask questions Download the
presentation
AFTER
Download the Interact with our
webinar recording online community
4
1 Introduction to the PNR Directive Christiana Aposkiti and María Duro Mansilla – DG HOME
Introduction to the PNR
Directive and the PNR
Implementing Decision
CEF eDelivery Live Webinar for the PNR community, 27 March 2019
Christiana Aposkiti and María Duro Mansilla, European Commission, DG HOME D1Overview Introduction to the PNR Directive - (EU) 2016/681 The Directive’s transposition into national law The PNR Implementing Decision - (EU) 2017/759
The PNR Directive: Key dates
To be To be
Adopted
transposed reviewed
on
by by
27.04.2016
25.05.2018 25.05.2020PNR are ….
Used by the
Collected by
authorities for
airlines for their
law enforcement
business needs
purposesThe Directive's key elements Purpose limitation: terrorism and serious crime Passenger Information Unit" (PIU) as key entity List of data elements Mandatory for extra-EU flights, optional for intra-EU flights Strong data protection safeguards
The role of the PIU
COLLECTING PROCESSING DISSEMINATIN
G
• Proactively
• Upon request
Rules
Competent
Authorities
PNR • domestic
• international
Watchlists
PIU
PIU
• for action
Historical • for intelSituation as of 27 March 2019
Commission implementing decision
(EU) 2017/759 Air carriers need to select from the
list in Annex and identify to the
Member States the common
protocol and data format that they
intend to use.
Establishes a list of data
formats and
transmission protocols to
be used by airlines when
transferring PNR data to
Member StatesImplementing Decision: Key dates
To be
Adopted Applicable
reviewed
on
by
28.04.2017 28.04.2018
28.04.2021A pragmatic balance …
Promotion
of open
standards
State of
the
industryAirlines can choose …
Data formats
• EDIFACT PNRGOV
• XML PNRGOV
• EDIFACT PAXLST (for API transferred separately)
Protocols
• IBM MQ
• IATA Type B
• AS4Resources - ICAO Convention - Annex 9 – Facilitation - API guidelines - PNR guidelines - PNR Directive - PNR Implementation plan - PNR Implementing Decision - List of PIUs (OJEU) - List of Competent Authorities (OJEU) - API Directive
Thank you! DG HOME D1 (Police Cooperation & Information Exchange) European Commission HOME-PNR@ec.europa.eu
2 Introduction to CEF eDelivery Adrien Ferial – DIGIT
PNR Implementing
• Directive (EU) 2016/681 requires the Commission to draw-
Act on the common up a list of common protocols and supported data
protocols and data formats to be used by air carriers when transferring
passenger name record (PNR) data to Member States.
formats to be used by
air carriers when • The air carriers need to select from that list and identify to
the Member States the common protocol and data format
transferring PNR data to that they intend to use.
Passenger Information
Units (28 April 2017)
Transmission protocols for the transfer of
PNR data:
Following Directive (EU)
— IBM MQ;
2016/681 on the use of passenger — IATA Type B;
name record (PNR) data for the
— AS4 Profile of ebMS 3.0 Version 1.0, OASIS
Standard, published on 23 January 2013.
prevention, detection, investigation Implementation of AS4 according to the e-SENS AS4
and prosecution of terrorist offences Profile developed by the e-SENS Large Scale Pilot,
current identifier and version: ‘PR - AS4 - 1.10’. As from
and serious crime. 2017, the Connecting Europe Facility will continue to
maintain and improve these implementation guidelines.The CEF building blocks are funded by the Connecting Europe Facility
CEF Regulation
The Connecting Europe Facility (CEF) is a regulation
that defines how the Commission can finance
support for the establishment of trans-European
networks to reinforce an interconnected Europe.
TRANSPORT CEF Digital
€26.25bn Building blocks &
Digital Service
CEF Telecom Guidelines
Infrastructures The CEF Telecom guidelines cover the specific
€970 M * objectives and priorities as well as eligibility
TELECOM criteria for funding of broadband networks and
(DG CNECT) Digital Service Infrastructures (DSIs).
Broadband
€170 M
CEF Work Programmes
Translates the CEF Telecom Guidelines in
general objectives and actions planned on a
yearly basis.
ENERGY
21 €5.85bn
* - 100 M Juncker PackageCEF enables the European Digital Transformation
1 Sectorial Projects Justice, home affairs and Science and
Business
Employment and
citizens' rights Technology Social Rights
eJustice Portal ODR Open Data BRIS EESSI etc.
2 Building Blocks
IDENTIFY with
eID
SIGN with
eSignature
EXCHANGE with
eDelivery
INVOICE with
eInvoicing
TRANSLATE with
eTranslation
Typically
'deployment' projects
3 Grants at national level
(up to 75% of
eligible cost)
22The eDelivery Use-Case
DOMAIN-
NEUTRAL
USE CASE
ORIGINAL SENDER FINAL RECIPIENT
internet
Consumer
Protection Procurement Justice
Examples of
DOMAIN-
SPECIFIC
USE CASES
Complaints Invoices Claims
Exchange of Exchange of Exchange of
complaints invoices claimseDelivery Messaging Infrastructure based on the 4-Corner Model
Static discovery
Required component
Optional component
ORIGINAL SENDER FINAL RECIPIENT
C1
Party A CORNER C4 CORNER
Party B
Applications
Layer
SENDER
Backend Backend ADRESSEE
1 or 1 or
several NOTIFY NOTIFY several
CORNER C2 C3 CORNER
Transport Layer
Messaging and
(Q)TSP
(Q)TSP SENDER ADRESSEE
SEND RECEIVE
Access Access
Connector Connector
ADRESSEE Point AS4 Point SENDER
ACKNOWLEDGE
Networking
Layer
InterneteDelivery workflow
1 Submit
Sender sends message to sending AP
2 Send
Sending AP processes message
a) Validation and compression of the user
message;
b) Signing of the compressed message;
c) Encryption of the signed compressed
message.
3 Receive
Receiving AP processes message
a) Receives and decrypts the encrypted
message;
b) Verifies the sender’s signature;
c) Decompresses the decrypted message;
d) Validates the original user message;
e) Sends the acknowledgement to the sending
AP;
f) Archives the user message.
4 Deliver
recipient receives message from receiving APWhy AS4?
General benefits
Specifications
Payloads
Message metadata
Security
Reliable messaging
Implementation
Configuration
eDelivery AS4 Profile Specific Benefits
eDelivery AS4 comparative BenefitsCEF eDelivery
specifications
COMPONENT KEY SPECIFICATIONS
The approach employed by eDelivery
is to promote the use of existing
Access
eDelivery AS4 profile of the ebMS3/AS4 OASIS Standards
technical specifications and standards Point
rather than to define new ones.
Service eDelivery Profile based on the OASIS BDXL Specification
Metadata
The profiling work of eDelivery on Locator (SML) eDelivery ebCore Party ID Profile
these standards, i.e. constraining
configuration choices, is equally taken Service
Metadata eDelivery Profile based on the OASIS BDX-SMP
on board. Even though eDelivery Publisher Specification
makes software available (SMP)
implementing these specifications, the
use of commercial software or other
Open Source software projects is also
possible.More information: https://ec.europa.eu/inea/
CEF eDelivery Call 2019-1
Call publication 14 February 2019
Deadline for the submission of 14 May 2019
proposals (17:00 Brussels time)
Budget Indicative 1 Million EUR
Co-funding rate 75%
Indicative duration of the actions 18 monthseDelivery onboarding-race
COMMITMENT GATE
SET UP
PROSPECTING ELICIT DESIGN SELECT DEPLOY OPERATE
PHASE requirements eDelivery infrastructure eDelivery solutions eDelivery solutions eDelivery solutions
CyberSec eHealth (AS4) eTranslation / ELRC eHealth (SMP) ODR EU-CEG
CEF DG CNECT DG SANTE DGT DG SANTE DG JUST DG SANTE
DSIs ePayments EESSI eProcurement (*) PNR (regulated)
ECB DG EMPL GROW | DIGIT DG HOME
BRIS e-Justice | eCodex
DG JUST DG JUST
ELRC
DGT
Customs Single Window CISE TACHOnet ICS2 DECIDE (upgrade)
Other DG TAXUD DG MARE DG MOVE DG TAXUD SG
Policy ECRIS eTransport Docs eEvidence EPREL
DG JUST DG MOVE DG JUST DG ENER
Projects
Maritime Single Window NIVA project IRI EUDAMED 3
DG MOVE REA/AGRI/CNECT NEW DG JUST DG GROW
Central Clearance
Import DG TAXUD
IRMA
DG HOME
e-enforcement academy
DG JUST
IMI
DG GROW
Inland Waterway
Transport DG MOVE
FLUX TL
DG MARE NEW
Member X-Road Utdataprojektet e-Impact NOBLE project PEPPOL
TOOP (once-only)
NIIS NEW DIGG (CEF Transport)
State (Postal Services) (upgrade to AS4)
Development of NL e-Boks
led projects Slovenia Supreme iADAATPA
eDelivery gateway Nets and PostNord
(including Logius.nl Court's communications Pangeanic’s
CEF grants) Laurentius consortium
Other European Data Parliamentary Q + European Citizens' CIxP ENTSOG
Protection Supervisor Trialogue + OP Initiative The European Council (Gas operators)
institutions
European Aviation Parliament European Union eDocX2017
Safety Agency SafeSeaNet Agency for Railways DG HOME (EMCDDA)
European Anti-Fraud EMSA NEW European Chemicals
Office Agency
Eurojust
IMMC (*) Also part of PEPPOL
Parliament NEWRoadmap to deploy CEF eDelivery
Domain Owner Participants in eDelivery Messaging Infrastructure
ELICIT DESIGN SELECT DEPLOY INTEGRATE OPERATE
PHASE
requirements eDelivery eDelivery eDelivery eDelivery
infrastructure solutions solutions with backend(s) with partners solutions
Technical Documentation List of Software Connectivity
Service Desk Service Desk
Specifications (COD, SOD, … ) solutions Testing
Training and CEF eDelivery
Onboarding Design message SML Service
deployment Community
CEF TEAM exchange model
Self-Assessment
PKI Service
tool
Open source Open source
Design discovery
model Assess OSS
Attend • projects Hosting
YOUR TEAM workshops Integrate with •
Design security
• Customise/ eDelivery Maintenance
model extend solution
Complete self- Access Point Participate in
assessment • Deploy • Connectivity
tool Design integration Commercial solution components Perform testing Commercial solution
• approach • Integration •
Assess Vendors Hosting
Identify • Configure testing Perform Pre-
•
business Participate in the Buy solution components • production
Fees
requirements writing of a SDD Perform Pre- testing
• Custom built production Custom built
•
Carry out testing
feasibility study PoC (optional) Hosting
Build solution •
Maintenance3 Case study – Implementation of AS4 in the Netherlands Mark van der Harst – Ministry of Justice and Security (NL)
Case study – Implementation of
AS4 in the NetherlandsSteps to get connected • Technical PHASE – Gathering and providing information (AS4 Connectivity kit) – Getting messages send from C1 to C4 • Functional PHASE – Analyse the contents of the PNR data – Check PNR for completeness (Characteristics) • Go Live
Technical PHASE
• AS4 Connectivity kit (contents)
– Introduction AS4
– AS4 key elements
• Party
• Service
• Actions
• ConversationId
• Payload
– Infrastructure
– Connectivity forms (exchange certificates and end-points)Example AS4 key elements
• Party
The party information of the sending and receiving party:
Type: urn:oasis:names:tc:ebcore:partyid-type:iata - Party type for the connecting carrier
urn:osb:oin - Party type for MemberstatePNR system
ID: For the carrier this is the 2 character IATA airline code.
NL – Party id of MemberstatePNR system
• Service
The service on which carriers interact with MemberstatePNR system:
Type: urn:ebv:services
Service: SupplyTravelData:1:0
• Actions & Roles
The actions available on the SupplyTravelData service. Each action defines the roles involved in the interaction:
Action: SupplyTravelData - Used when sending pushes to MemberstatePNR system
SupplierTravelData - Role of sending party = carrier
ReceiverTravelData - Role of receiving party = MemberstatePNR system
RequestTravelData – Used when GOVREQ request for travel data is initiated by MemberstatePNR system
RequestorTravelData - Role of requesting party = MemberstatePNR system
SupplierTravelData - Role of sending party = carrier
Agreements are not used yetTechnical PHASE
Example Pmode (1)
Example Pmode (2)
Example Pmode (3)
Functional PHASE
• Analyse the contents of the PNR data
• Check PNR for completeness (Example Characteristics)
Booking details
Change in the number of passengers in booking
Travel agency code
Contact information
Contact address
Email
Telephone number
Itinerary
Final destination
First departure location
Seat
Luggage information
Number of bags
Number of bags opposite movement
Security number
Total weight luggage
Personal details
Date of birth
First name
Last nameAccess Points • Domibus • Axway B2Bi • IBM Datapower • Microsoft BizTalk with AS4 adapter
Challenges
• Configuration of the Certificates and CA’s
– Like client server authentication
• Configuration of the Access Points
– Like actions/service/roles etc.Go live Questions?
4 CEF eDelivery Service offering Adrien Ferial – DIGIT
CEF eDelivery Service offering
SOFTWARE OPERATIONS SERVICES STAKEHOLDER MANAGEMENT SERVICES
Sample
software Onboarding Community
Managed Testing Supporting
maintained by services (for management
services services services
the EC (with stakeholders) services
documentation)
Access Point (AP) Public Key Training & Self-assessment tool Developers
Connectivity testing
Infrastructure (PKI) Deployment (reuse approach) Community
Service Metadata
Publisher (SMP)
Service Metadata Service Metadata Onboarding of new
Service Desk
Locator (SML) Locator (SML) Conformance testing stakeholders
STANDARDS
(example) TECHNICAL SPECS OF EU-WIDE INITIATIVES
OF ESOs
Available
Coming soon Access point SMP SML Security control Connector
specifications specifications specifications guidance specification
Service offering Service Level eLearning, videos, CEF Digital platform
Description (SoD) Arrangements (SLA) success stories CEF eDelivery service offering,
All services are described in an SoD Documents that describe Some services feature multimedia and more about the building
describing its purpose, the users for Service Level Targets to be such as eLearnings, instructional block, can be found online
which it is for, its benefits and the reached when delivering videos or success stories to help
process to obtain it Building Block Services. grasp what the service is about CEF Digital >Operations services
Managed services Back to Service offering >
OBJECTIVE OF THE SERVICE
USERS
Sample software centrally hosted and managed by the EC, based on sample
Policy Domains
implementations that are based on technical specifications of CEF eDelivery.
The European Commission develops, maintains and provides software as a service for the
following components of a CEF eDelivery solution:
• Public Key Infrastructure (PKI) STATUS
• Service Metadata Locator (SML) Service
Documentation
These services facilitate the re-use of CEF eDelivery by different Policy Domains.
More info
CEF Digital >
BENEFITS
• Reduced cost of hosting the service, which is sustained by the European Commission
• Full support by the European Commission Get started
• Defined and agreed Service Levels
Contact us >Operations services / Testing service
Connectivity testing Back to Service offering >
OBJECTIVE OF THE SERVICE
USERS
Test if a newly installed AS4 Access Point, conformant with the CEF eDelivery
Software Providers
specifications, can successfully communicate with the sample AS4 Access Point hosted by
the European Commission. If successful, these tests confirm that the new Access Point is Service Providers
in all likelihood correctly deployed and configured.
The CEF Support Team facilitates the Connectivity Testing by making available a sample STATUS
AS4 Access Point in a cloud environment, as well as providing guidelines and support Service
during the testing process.
Documentation
More info
CEF Digital >
BENEFITS
• Confirm that newly deployed AS4 Access Points can successfully communicate with a neutral organization i.e. the
sample Access Point of the European Commission;
Get started
• Testing anywhere at anytime
• Testing supported by professional staff of the European Commission Contact us >Operations services / Testing service
Conformance testing Back to Service offering >
OBJECTIVE OF THE SERVICE
USERS
Verify that an implementation of the CEF eDelivery Access Point and SMP specifications, a
Software Providers
software package either commercial or Open Source, conforms to the specifications of the
CEF eDelivery Access Point. Service Providers
The following specifications are tested within the scope of this service:
• eDelivery AS4 Profile STATUS
• eDelivery SMP Profile Service
The CEF eDelivery Team provides ready to use test cases, a testing platform, and supports Documentation
the users of the CEF eDelivery Conformance Testing service during the entire testing
process.
More info
CEF Digital >
BENEFITS
• Confirm and assure your users/customers that your software package or implementation of the CEF eDelivery
Access Point conforms to the CEF eDelivery specifications
Get started
• Testing anywhere at anytime
• Testing supported by professional staff of the European Commission Contact us >More information on CEF Digital
eDelivery AS4 conformant solutions Conformant Solutions >
Domibus
Flame
Holodeck
IBM
Laurentius
Mendelson
RSSBus
iFenix
Axway
EESSI AS4.NET
eefacta Server
Bizbrains
Edicom Asx server
Navitasoft
Data Interchange
SEEBURGER
B2BRouter
Conformant
DCS EIP
Ongoing
ADES
Integration cloudSoftware
Sample software maintained by the EC Back to Service offering >
OBJECTIVE OF THE SERVICE
USERS
Standard software implementations of the technical specifications of CEF eDelivery. The
European Commission maintains and develops sample software that is openly available to Software Providers
be re-used. The following components of a CEF eDelivery solution are provided: Service Providers
• Access Point Policy Domains
• Service Metadata Publisher (SMP)
• Service Metadata Locator (SML) STATUS
Service
Through the "Operational Management Board", CEF eDelivery stakeholders define the
evolution of these solutions, by suggesting features that are then developed by the CEF's Documentation
team.
More info
CEF Digital >
BENEFITS
• Released under an open source license
• Viable solutions for use in production environment Get started
• Fully supported by the European Commission
• Based on market-driven technical specifications
Contact us >Operations services
Supporting services Back to Service offering >
OBJECTIVE OF THE SERVICE
USERS
The CEF eDelivery team offers:
Policy Domains
• Service Desk – a Single Point of Contact (SPOC) to address questions, incidents, Software Providers
requests and changes reported by the Users with regards to the CEF eDelivery service Service Providers
offering.
• Training and deployment support - Training sessions about the technical STATUS
specifications underpinning the components of CEF eDelivery, the services offered by Service
the Commission and its sample implementations, and interactive sessions to support in
the deployment of the solution. Documentation
More info
CEF Digital >
BENEFITS
• Day to day monitoring and business hours (8 am – 6 pm CET) service to maintain a high-level of availability and
capacity of the CEF eDelivery Managed Services
Get started
• Proactive incident detection and resolution
• Increased autonomy of the Public Administration in handling and maintaining the CEF eDelivery components Contact us >Stakeholder management services
Onboarding services Back to Service offering >
OBJECTIVE OF THE SERVICE
USERS
CEF offers onboarding services for new projects interested in re-using CEF eDelivery:
Service Providers
• Self-assessment tool - a survey that maps the requirements of the users to the CEF Policy Domains
eDelivery Service Offering. During the self-assessment, users assign different scores to
the relevant requirements of their business system and the eDelivery messaging
infrastructure. Based on the answers provided, the tool calculates how CEF eDelivery STATUS
can help users achieve their goals by indicating which services provided by CEF Service
eDelivery will allow them to meet their specified needs and requirements.
• Onboarding of new stakeholders – A direct contact point for all policy domains Documentation
interested in re-using CEF eDelivery, that will facilitate the understanding, adoption and
deployment of the solutions.
More info
CEF Digital >
BENEFITS
• Business-driven and time-efficient assessment
• Comparability – the self-assessment tool provides a benchmarking with use cases of other projects already re-using Get started
CEF eDelivery
• Direct and easy contact with the CEF eDelivery technical teams, through the onboarding services Contact us >Stakeholder management services
Community management Back to Service offering >
OBJECTIVE OF THE SERVICE
USERS
Develop, expand and engage with a community of developers contributing to the evolution
Developers
of CEF eDelivery’s open source sample implementations.
Among the 5 components that the CEF eDelivery team develops, CEF manages an online
community of developers interested in contributing to the code of the sample
implementations. STATUS
Service
Documentation
More info
CEF Digital >
BENEFITS
• Cost effective development
• Wide set of skills Get started
• Faster response to emerging requirements
Contact us >5 Q&A All
Find out more on CEF Digital
ec.europa.eu/cefdigital
#BIG
REUSE
Contact us
CEF-BUILDING-BLOCKS@ec.europa.eu
© European Union, 2017. All rights reserved. Certain parts are licensed
under conditions to the EU.
Reproduction is authorized provided the source is acknowledged.You can also read
