Download the Access Domain Document doc format of    Final ETRM 5.1 Access Domain

Enterprise Technical Reference Model - Version 5.1

Effective Date: November 18, 2011

Access Domain Table of Contents



2. Domain: Access

2.1 Discipline: Presentation Channels

2.1.1 Technology Area: User Tools

2.2 Discipline: Publication Channels

2.2.1 Technology Area: Enterprise Portal

2.2.2 Technology Area: Enterprise XML Gateway



ETRM Document Organization

The ETRM specifies standards, specifications and technologies for each layer or area of the Service Oriented Architecture. For ease of reference, each area and its various components are organized into the following building blocks:

  • Domains: Logical groupings of Disciplines that form the main building blocks within the technical architecture.
  • Disciplines: Logical functional areas addressed within each domain as part of the architecture documentation.
  • Technology Areas: Technical topics that are relevant to each Discipline
  • Technology Specifications: Sets of product standards, protocols, specifications or configurations associated with each Technology Area.

 


2. Domain: Access

Description

The Access Domain addresses how information, transactions and services are delivered to and accessed by the Commonwealth's constituents and business partners.

Strategic Importance

The manner in which government information, transactions and services are delivered constitutes the public face of the Commonwealth. Accuracy, timeliness and efficiency are as important as consistent look and feel, ease of navigation and accessibility.

Related Trends

  • Separation of content from presentation allowing the same content to be delivered through a variety of access mechanisms providing a consistent look and feel
  • Secure access to information, transactions and services anywhere, any time
  • Distributed content management allowing content to be developed and refreshed by the most appropriate content owners throughout the organization instead of technical staff

Vision

The majority of government information, services and transactions can be accessed through web technologies using a variety of user tools such as web browsers, Personal Digital Assistants (PDAs), cell phones, and interactive voice response systems. Information, services and transactions are available to government's constituents and business partners at the time and location most convenient to them.

Roadmap

Current State

  • A majority of agency applications are mainframe or client-server based with limited access to transactions and data.
  • Much content is still organized and presented by agency organization versus user intention.
  • Web content includes both HTML-based agency sites where content and display are bound together with no distributed content management, and XML-based sites where content is separated from display, content management is distributed to the content owner, and content from related agencies is aggregated.
  • Agency web applications use their own presentation layers with no consistency across the enterprise.

Target State

  • The majority of government applications can be accessed using web technologies.
  • Content is organized and presented in a variety of ways to accommodate users' needs and preferences.
  • Content is separated from presentation and is delivered in a consistent fashion through the Mass.gov portal and community of interest subportals.
  • The Mass.gov portal and subportals provide a consistent presentation layer for all agency web-based applications.
  • The Enterprise XML Gateway enforces enterprise policies at the access point for XML and web service-enabled interactions.

Boundary

The Access Domain includes the mechanisms through which government information and services can be accessed and the channels used to publish them. The domain also addresses specifications for content and its transport. Security considerations for Access are addressed in the Security Domain. Format specifications for information content can be found in the Information Domain. Transport protocol specifications are described in the Integration Domain.

Related Policies

Associated Disciplines

  • Presentation Channels
  • Publication Channels

Access domain showing hierarchy of Disciplines and Technology areas as specified in the ETRM.




Access >

2.1 Discipline: Presentation Channels

Description

Presentation channels are mechanisms by which a user or a system is able to access the online information and services offered by the Commonwealth. A service may be exposed through one or more presentation channels, and each channel may use one or more technologies conforming to open standards.

Stakeholders/Roles

  • users of government information and services
  • content and service providers
  • application developers

Roadmap

While there's a significant amount of government information and services currently available online, most of it can only be used with a web browser. The target state is to support various standards-compliant access mechanisms, such as PDAs and cell phones, in addition to browsers. This will enable the end user to make use of the standards-based access mechanism of their choice from any location.

Enterprise Technology Solution

Not applicable

Relevant Standards Organizations

Additional information about the Standards Organizations listed below can be found in the Introduction section of the ETRM or by clicking on the hyperlink to the organization.

  • IETF - The Internet Engineering Task Force

Associated Technology Areas

  • User Tools
  • Interactive Voice Response (IVR) - TBD

Access > Presentation Channels >

2.1.1 Technology Area: User Tools

Description

User Tools can be defined as the applications that are used to deliver information directly to end-users. User Tools refer to applications that access the World Wide Web using HTTP, exclusively on behalf of direct human interaction. These tools are a subset of a larger class of applications referenced in technical literature as User Agents.

Web-enabled user tools include, but are not limited to:

  • Web browsers, including those available for desktop and laptop computers as well as mobile phones, PDAs and wireless devices;
  • RSS readers;
  • Screen readers; and
  • Braille browsers.

Technology Specification: Web Browsers

Description - Web Browsers are software programs that allow users access text, hyperlinks, graphics, audio, video and other multimedia on the Web. Browsers translate the hypertext markup language (HTML) to display Web pages.

Although most of the generally available browsers provide standard functionality for basic features, they may offer proprietary extensions for particular platforms. People using other browsers may not be able to use some or any features of sites using proprietary extensions.

Guidelines - Web sites should not include features that are tightly coupled with a specific type and version of browser. A number of web sites track and publish web browser usage statistics, including for instance http://marketshare.hitslink.com/report.aspx?qprid=0. Sites should be tested to make sure they work appropriately with frequently used web browsers.

Standards and Specifications - Web browsers must support the following industry standards:

  • Hypertext Transfer Protocol (HTTP)
  • Secure Hypertext Transfer Protocol (HTTPS)
  • Hypertext Markup Language (HTML)
  • Cascading Style Sheets (CSS), level 1
  • Document Object Model (DOM), level 1
  • ECMAScript

Technology Specification: Security Functionality

Description - Certain user tools incorporate security functionality that is required for many government services, such as being able to recognize digital certificates and being able to encrypt data exchanges.

Standards and Specifications -User tools must support 128-bit encryption and X.509 v.3 digital certificates in order to access secure services.


2.2 Discipline: Publication Channels

Description

Publication channels are mechanisms through which the Commonwealth creates, structures and presents informational and transactional services, in support of human and automated interactions.

There are two primary starting points for the delivery of the Commonwealth's informational and transactional services: web portals such as Mass.gov and the Enterprise XML Gateway.

Stakeholders/Roles

  • users of government information and services
  • content and service providers
  • application developers

Roadmap

Mass.gov was developed to serve as the Commonwealth's enterprise tool for accessing information and services. Its creation was the first step towards achieving a "single face of government" by creating a consistent user experience for all constituents and business partners.

Current efforts focus on consolidating stand-alone websites into subportal sites. This effort is commonly referred to as "portalization". Portalization includes converting content to XML, establishing a user-centric structure for presentation, and adopting the Mass.gov look-and-feel and branding. By replacing the hundreds of agency sites that exist with a small number of subportals, the Commonwealth can better support and improve civic engagement through increased usability and operational efficiency.

While Mass.gov provides a user-centric tool to access Commonwealth information and services; the Enterprise XML Gateway appliance provides a tool to support application/service-centric access. Part of effectively supporting application/service-centric access introduces the need to implement and achieve some level of policy management as part of the access model. The Enterprise XML Gateway efforts focus on establishing secure, structured patterns for applications to access information and services that are available within the enterprise environment. The Enterprise XML Gateway is able to enforce both security and governance policies such as encryption and digital signatures.

ITD is currently defining standard processes and configurations for the deployment of web services through the Enterprise XML Gateway.

Enterprise Technology Solution

Mass.Gov (www.mass.gov) is the primary interactive enterprise portal. The portal is managed by ITD's Mass.Gov Office and provides agencies with a shared solution for web portal functionality, delegated content management, search functionality and related services.

The Enterprise XML Gateway (wsgw.mass.gov) is the Commonwealth's automated enterprise portal and is managed by ITD, providing agencies with a shared solution for XML and web service deployment, as well as federated run-time policy configuration and management.

Relevant Standards Organizations

Additional information about the Standards Organizations listed below can be found in the Introduction section of the ETRM or by clicking on the hyperlink to the organization.

  • IETF - The Internet Engineering Task Force
  • ISO - The International Standards Organization
  • OASIS - Organization for advancement of structured information standards
  • W3C - The World Wide Web Consortium

Associated Technology Areas

  • Enterprise Portals
  • Enterprise XML Gateway

Access > Publication Channels >

2.2.1 Technology Area: Enterprise Portal

Description

Mass.Gov is the state's gateway to the interactive delivery of government information and services for citizens, residents, businesses, and public employees.

The Mass.Gov Portal makes available the following functionality:

  • Aggregation of information by constituency, topic, and subtopic - The Mass.Gov portal aggregates information by Resident, Business, Visitor, and Public Employee. Within these groups, information is presented by topic (e.g., Health, Safety, etc.) and further by subtopic (e.g., Protection and Patient Rights). This aggregation of state information makes it easier for users to find information and services according to their specific needs without the need to understand government bureaucracy.
  • Context-sensitive modules - The Mass.Gov design includes a series of modules for highlighting online transactions, news, related publications, etc., with items that specifically pertain to the constituency and topic of each page.
  • Enterprise Search - Mass.Gov provides a search engine that indexes all state-managed websites.
  • Delegated content management - Mass.Gov provides tools for publishing content for agency websites hosted at www.mass.gov.

Technology Specification: Web Portals

Description - Web Portals provide an information and process integration framework in the form of a web-based user interface. Web portals support de-centralized content contribution and management.

Guidelines - Agencies that are migrated to the portal with the assistance of the Mass.Gov office will use the enterprise portal software.

Standards and Specifications - Web Portals must comply with the standards and specifications listed in the ETRM for:

  • Portlets
  • Identity Management
  • Usability

Technology Specification: Portlets

Description - One of the standard ways of exposing the presentation tier of services (applications) to clients is through Portlets. Portlets are web components like Servlets and are specifically designed to be aggregated in the context of a composite page. In general, many Portlets are invoked within a single request of a Portal page to form the composite view for the client. In some cases the view may be dependant on user preferences or security permissions.

Guidelines - For J2EE based applications, agencies should use Portlets compliant with Java Specification Request (JSR) 286. A number of major vendors and open source products comply with JSR 286 specifications for Portlets. Agencies may also use C# portlets for exposing .NET services. Agencies should consider the Web Services for Remote Portlets (WSRP) specification in order to use Web Services to expose the functionality of the application through the Portal. WSRP provides a platform-neutral standards-based method of exposing Portlets but results in an additional layer of abstraction.

Standards and Specifications -

Migration Strategy - As agencies consider procuring or developing web applications, they should ensure that these applications support the standards listed above so that they will be able to integrate with the Enterprise Portal.

Technology Specification: Single Face Of Government

Description - Graphical user interfaces (GUI) are the aspects of a computer system or program that can be seen or otherwise perceived by the human user, and the commands and mechanisms the user uses to control its operation and input data. Most agencies have designed their own GUI's for providing information to their users. These GUI's are not necessarily consistent. A single face of government is the target state for GUI's in the Commonwealth, where citizens, employees and business partners interact with consistent user interfaces.

Guidelines - As Executive Department agency websites are portalized they will automatically adopt the Mass.Gov portal look and feel. Executive Offices and agencies that are not yet portalized should adopt the Mass.Gov agency banner according to instructions at http://www.mass.gov/itd. For the benefit of our state constituents and business partners, it is strongly recommend that agencies that are not part of the Executive Department also adopt the Mass.Gov look-and-feel including the banner design at the top and the general layout for displaying information.

The single face of government is the fundamental tenet of Mass.Gov and should be reflected in all branding. Single face of government is defined as a consistent web interface that provides access to all Massachusetts' government information and services without needing to understand the Commonwealth's organization.

Of utmost importance to achieving a single face of government is keeping the user experience consistent across all of state government. The visitor should always feel he or she is within the same umbrella portal site, even though transactions may be invisibly performed from disparate, back-end servers and databases.

Standards and Specifications - Enterprise GUI standards have not yet been documented as part of the portal migration project.

Migration Strategy - Agencies that have a need to redesign their websites should contact their Executive Offices for guidance.

Technology Specification: Usability

Description - One important aspect to ensuring that users are able to use and interact with the Commonwealth's web portals is by addressing usability. Mass.Gov's information architecture and look and feel is validated by usability testing. Usability tests are also conducted as part of the portalization process. The Commonwealth also addresses usability issues through the adoption and implementation of IT and web accessibility standards. Applications developed by or on behalf of the Commonwealth must follow the Enterprise IT Accessibility Standards and the Enterprise Web accessibility Standards for the following categories of Information Technology:

  • Functional Performance Criteria
  • Applications
  • Video and Multi Media (where applicable)
  • Documentation.

These standards help to ensure that Massachusetts information technology solutions are available and accessible to the widest possible audience.

Standards and Specifications -




Access > Publication Channels >

2.2.2 Technology Area: Enterprise XML Gateway

The Enterprise XML Gateway is the access point for XML and web services delivered by the Commonwealth.

The Enterprise XML Gateway is an XML-aware edge device, which makes available the following functionality:

  • Aggregation of web services by Communities of Interest - Patterns and conventions for web service deployment include the logical partitioning of services into logical Communities of Interest.
  • Message-based routing - The Enterprise XML Gateway can act as the recipient of incoming requests and route them to protected internal resources.
  • Security policy implementation - Support for XML Denial of Service protection, virus scanning, schema validation, encryption, authentication, and authorization.
  • Layered security - Allows for federated identity and authorization management, as well as distributed service enablement using Secretariat-level XML Gateways.
  • Web service run-time policy enforcement - Enables the enforcement of web service specific policies such as the use of data encryption in support of privacy.

Technology Specification: XML-Aware Edge Devices

Description - XML-aware edge devices are appliances or software components that support the enforcement of XML-based security and policy enforcement for XML and web services.

Guidelines - Standards and Specifications - XML-aware edge devices must comply with the standards captured in the Enterprise Technical Reference model, including, but not limited to:

  • Extensible Markup Language (XML)
  • Simple Object Access Protocol (SOAP)
  • Web Service Definition Language (WSDL)
  • XML Schema
  • XPath
  • Extensible Stylesheet Language (XSL)
  • WS-Security
  • Security Assertion Markup Language (SAML)
  • XML Encryption
  • XML Signature
  • WS-Policy