Download the Introduction Domain Document doc format of    Final ETRM 5.1 Introduction

Enterprise Technical Reference Model - Version 5.1

Effective Date: November 18, 2011

ETRM Introduction Table of Contents



1. Introduction

1.1 Building Blocks

1.2 Vision

1.3 Target State

1.4 Roadmap

1.5 Summary of Domains, Disciplines, and Technology Areas

1.6 Summary of Technology Specifications

1.7 Conceptual Architecture

1.8 Referenced Standards Organizations

1.9 Designation of Standards/Specifications as Enterprise Standards



 

ENTERPRISE TECHNICAL REFERENCE MODEL - VERSIONING UPDATE

Version 5.1 of the Enterprise Technical Reference Model:

  • MINOR UPDATES TO THE INTEGRATION DOMAIN:
    • NEW LANGUAGE REGARDING INTERCHANGE AS A REPLACEMENT FOR COMMBRIDGE
    • REGISTRY/REPOSITORY SERVICES IMPLEMENTED BASED ON AN HP SYSTINET PLATFORM
    • TECHNOLOGY SPECIFICATIONS ADDED INCLUDED WS-ADDRESSING, SOAP MESSAGE TRANSMISSION OPTIMIZATION (MTOM), INTERCHANGE AND FTP
  • MINOR UPDATES TO THE APPLICATION DOMAIN:
    • MORE STANDARDS WITHIN THE WS-INTEROPERABILITY BASIC PROFILE 1.1 ARE LISTED EXPLICITLY
  • MINOR UPDATES TO THE SECURITY DOMAIN:
    • WS-SECURITY UPDATED TO VERSION 1.1 FROM 1.0

 

ETRM VERSION 5.1 FOR THE MOST PART RETAINS THE FORMAT INTRODUCED IN THE PREVIOUS VERSION.

THE DEVELOPMENT OF THE ARCHITECTURE IS A WORK IN PROGRESS AND THERE ARE STILL AREAS THAT ARE NOT COVERED IN THIS VERSION. WHERE POSSIBLE, PLACEHOLDERS HAVE BEEN INCLUDED TO INDICATE WHERE ADDITIONAL CONTENT WILL BE DEVELOPED IN FUTURE VERSIONS.

IN ADDITION, OPEN STANDARDS ARE CONTINUALLY EVOLVING WITH THE DEVELOPMENT OF UPDATED SPECIFICATIONS FOR EXISTING STANDARDS AS WELL AS THE PROMULGATION OF NEW STANDARDS. FOR THIS REASON, NEW SPECIFICATIONS AND STANDARDS ARE REVIEWED AND EVALUATED ON AN ONGOING BASIS. THE ETRM IS ON A REGULAR SIX-MONTH REVIEW SCHEDULE HOWEVER MODIFIED OR NEW STANDARDS CAN BE CONSIDERED FOR INCLUSION AT ANY TIME WHEN NECESSARY.

 



1. Introduction

The Enterprise Technical Reference Model (ETRM) provides an architectural framework used to identify the standards, specifications and technologies [1] that support the Commonwealth's computing environment. The ETRM uses the concepts of Domains, Disciplines, Technology Areas and Technology Specifications to define the enterprise architecture. This framework borrows from the National Association of State Chief Information Officers (NASCIO) Enterprise Architecture Tool Kit as well as the work done by the federal government's Federal Enterprise Architecture Program. The Commonwealth appreciates and has benefited from the foundational work conducted by NASCIO and the federal government in this area.


Many of the terms used in the ETRM are defined in the document itself. In addition, the following Internet dictionaries may be used to obtain definitions of unfamiliar technical terms:
 

1.1 Building Blocks

The ETRM specifies standards, specifications and technologies for each layer or area of the Service Oriented Architecture. For ease of reference, each area and its various components are organized into the following building blocks:

  • Domains: Logical groupings of Disciplines that form the main building blocks within the technical architecture.
  • Disciplines: Logical functional areas addressed within each domain as part of the architecture documentation.
  • Technology Areas: Technical topics that are relevant to each Discipline
  • Technology Specifications: Sets of product standards, protocols, specifications or configurations associated with each Technology Area.

Items shown in gray, in the image below, will be addressed in future versions of the ETRM.

The Domains, Disciplines, Technology Areas and Technology Specifications are defined and described in detail in this document. Tables in sections 1.5 and 1.6 provide a summary of the Domains, Disciplines and Technology Areas as well as a summary of the Technology Specifications for each Technology Area.

The Commonwealth of Massachusetts Technical Architecture

 

1.2 Vision

Adopting a consistent architectural framework against which agencies' information technology development efforts can be reviewed and validated will further the following enterprise goals:
 

  • Ease of integration of applications, application services and data to enable inter-agency collaboration and sharing.
  • Increase level of application interoperability within the Commonwealth, with other states and municipalities, and with the Federal government.
  • Better responsiveness to changing business needs and rapidly evolving information technologies.
  • Faster deployment of new applications.
  • Efficient sharing and re-use of current information technology assets.
  • Expand the consideration of possible alternatives as part of a best value evaluation of potential information technology solutions.
  • Reduce the level of resources and costs required to develop, support and maintain government applications.
  • Enable the consolidation of the state's information technology infrastructure to reduce costs, improve service levels, and increase operational flexibility across the enterprise.

1.3 Target State

Implementation of the ETRM will result in a Service Oriented Architecture for the Commonwealth that uses open standards solutions where appropriate and industry interoperability best practices to construct and deliver online government services. Agencies are expected to migrate towards compliance with the ETRM as they consider new information technology investments or make major enhancements/replacement to existing systems.

1.4 Roadmap

The Commonwealth is transitioning from siloed, application centric and agency centric information technology investments to an enterprise approach where applications are designed to be flexible, to take advantage of shared and reusable components, to facilitate the sharing and reuse of data where appropriate and to make the best use of the technology infrastructure that is available. The technology specifications and standards detailed in this document are required to achieve the desired target state of a Service Oriented Architecture. These specifications and standards are required for all new IT investments.

Given the current state, there will be a period of transition required to fully implement the target architecture. Each Domain and Discipline detailed in this document includes a high-level roadmap that addresses current state - where we are today - and target state - where we need to get to - for each Domain and Discipline of the architecture. In addition, migration strategies that agencies need to consider and put in place now in order to make progress towards the target architecture are included for Technology Areas as appropriate.
 

1.5 Summary of Domains, Disciplines, and Technology Areas

 


Below is a listing of Domains and their respective Disciplines and Technology Areas Items in bold will be addressed in future versions of the ETRM.

Domains

Disciplines

Technology Areas

Access

Presentation Channels

User Tools

Interactive Voice Response (IVR) (TBD)

Publication Channels

Enterprise Portal

Enterprise XML Gateway

Information

Data Interoperability

XML Specifications

Community of Interest XML

Data Management

Metadata

Data Formats

Open Formats

Other Acceptable Formats

Records Management

Records Formats (TBD)

Records Metadata (TBD)

Archiving (TBD)

Application

Design and Development

Development Model

 

Development Methodology

Application Composition

Orchestration Services

 

Choreography Services (TBD)

Integration

Registry Services

Web Service Registry

Enterprise Service Bus

Messaging Services

 

Transformation Services (TBD)

Management

Web Service Management

Enterprise Service Management

Systems Management

Virtualization of Resources (TBD)

 

Enterprise Systems Management (TBD)

Security

Identity Management

Identity Repository

 

Identity Assertion

Web Service Security

Authentication

 

Encryption

 

Message Header

1.6 Summary of Technology Specifications





Below is a listing of the various Technology Specifications corresponding to each Technology Area including standards, protocols, specifications and configurations. Items in bold will be addressed in future versions of the ETRM.

Technology Areas

Technology Specifications

ACCESS

User Tools

  • Web Browsers must support
    • HTTP
    • HTTPS
    • HTML
    • CSS, level 1
    • DOM, level 1
    • ECMAScript
    • 128 bit encryption and X.509 v.3 digital certificates

Enterprise Portal

  • Web Portals must support
    • Portlets
    • Identity Management
    • Usability
    • Single Face of Government
    • Usability
    • Portlets must support
    • Java Specification Request (JSR) 286 for J2EE based applications
    • C# Portlets for .Net based applications
    • Web Services for Remote Portlets (WSRP) v. 2.0 for web services

Enterprise XML Gateway

  • XML-aware Edge Devices

 





INFORMATION

XML Specifications

  • Extensible Markup Language (XML) v. 1.0 or v 1.1 when necessary
  • XML Schema Part 1: Structures and XML Schema Part 2: Datatypes
  • Extensible Stylesheet Language (XSL) v. 1.1
  • XML Query Language (XQUERY) v. 1.0
  • XML Path Language (XPath) v. 2.0

Community of Interest XML

  • Global Justice XML Data Model (Global JXDM) v. 3.0.2

Metadata

  • Web Service Description Language (WSDL) v. 1.1

Open Formats

  • OASIS Open Document Format For Office Applications (OpenDocument) v. 1.1
  • Ecma-376 Office Open XML Formats (Open XML)
  • Plain Text Format
  • Hypertext Document Format v. 4.01
  • Portable Document Format v. 1.7

Other Acceptable Formats

  • Rich Text Format v. 1.7

APPLICATION

Development Model

  • Interoperability Basic Profile (WS-I Basic Profile) v. 1.2
  • Interoperability Basic Security Profile (WS-I Basic Security Profile) v. 1.0
  • Simple SOAP Binding Profile 1.0
  • Attachments Profile 1.0

Development Methodology

  • Unified Process (UP)

Orchestration Services

  • Web Services Business Process Execution Language (WS-BPEL) v. 2.0

INTEGRATION

Web Service Registry

  • Universal Description, Discovery and Integration (UDDI) v. 2.0

Messaging Services

  • Java Messaging Service (JMS) v. 1.1
  • Simple Object Access Protocol (SOAP) v 1.1
  • WS-Addressing 1.0
  • SOAP Message Transmission Optimization Mechanism (MTOM)

Protocols

  • Hypertext Transfer Protocol (HTTP)/1.1
  • Secure Hypertext Transfer Protocol (HTTPS) - SSL, minimum 128 bit key length

MANAGEMENT

Enterprise Service Management

  • WS-Policy 1.5
  • WS-SecurityPolicy 1.2

 

 

SECURITY

Identity Repository

  • Lightweight Directory Access Protocol (LDAP) v. 3.0

Identity Assertion

  • Security Assertion Markup Language (SAML) v. 1.1

Web Service Authentication

  • XML Signature

Encryption

  • XML Encryption

Web Service Message Header

  • WS-Security v. 1.0


1.7 Conceptual Architecture

The ETRM defines a conceptual architecture partitioned into layers that correspond to the six ETRM domains:

visual representation of the conceptual architecture

  • Access : information, transactions and services are delivered to and accessed by the Commonwealth's constituents and business partners via the Portal and Application Gateways.
  • Security : approach, methodology and technology components necessary to provide the appropriate level of protection for the information assets of the Commonwealth, its constituents and business partners, relying on identity management and web services security.
  • Integration : how information, transactions, security, systems management and Business Services are integrated across agencies as well as business partners. Key components of the Integration Domain are shared services, such as the Enterprise Service Bus and Registry Services.
  • Applications : implementations of business functions such as SSN verification and electronic payment processing as well as enterprise applications such as management reporting & accounting, administration, facilities, procurement, and HR.
  • Information : enabling data sharing where appropriate within the bounds of security and privacy considerations.
  • Management : increased visibility and control over all types of Commonwealth assets and services, monitoring and improving business performance.

1.8 Referenced Standards Organizations

The ETRM identifies Technology Specifications, most of which are standards that are created and maintained by Standards Organizations. This section contains additional detailed information about each of the Relevant Standards Organizations that have been referenced in the ETRM, including:

  • Organizational details, such as constituent members
  • Maturity models for published work, such as distinguishing work in progress from a finalized approved standard
  • Web site link for the Standards Organization

Each ETRM Discipline lists Relevant Standard Organizations that relate to the Technology Specifications for the Discipline. This section consolidates background information on all the referenced Standards Organizations.

Standard Organizations are listed in alphabetical order:

  • Ecma International - Ecma International is an international standards organization responsible for a wide range of standards on Information Communication Technology (ICT) and Consumer Electronics (CE). Ecma International is widely recognized for its work "fast tracking" specifications in international standards bodies like the ISO.

More information on Ecma International can be found at http://www.ecma-international.org/

  • IETF - The Internet Engineering Task Force (IETF) is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. It is open to any interested individual. The actual technical work of the IETF is done in its working groups, which are organized by topic into several areas (e.g., routing, transport, security, etc.). More information on the IETF can be found at http://www.ietf.org/home.html.

The IETF publishes a number of internet standards-related publications, typically referred to as REQUESTS FOR COMMENTS:

  • REQUEST FOR COMMENTS (RFC): Each distinct version of an Internet standards-related specification is published as part of the "REQUEST FOR COMMENTS" (RFC) document series.
  • The status of Internet protocol and service specifications is summarized periodically in an RFC entitled "Internet Official Protocol Standards". This RFC shows the level of maturity and other helpful information for each Internet protocol or service specification
  • BEST CURRENT PRACTICE (BCP): BCPs are RFCs that standardize the results of community deliberations about statements of principle or conclusions about what is the best way to perform some operations or IETF process function.
  • INTERNET STANDARD: Some RFCs document Internet Standards. These RFCs form the 'STD' subseries of the RFC series. When a specification has been adopted as an Internet Standard, it is given the additional label "STDxxx", but it keeps its RFC number and its place in the RFC series.

For a full description of the current IETF Internet Standards Process, refer to http://www.ietf.org/rfc/rfc2026.txt

  • ISO - In 1946, delegates from 25 countries decided to create an international organization "to facilitate the international coordination and unification of industrial standards". The new organization, International Organization for Standardization (ISO), officially began operations on 23 February 1947. The International Standards Organization is a network of the national standards institutes of 148 countries with a Central Secretariat in Geneva, Switzerland, that coordinates the system. More information about ISO can be found at http://www.iso.org.
  • OASIS - Organization for advancement of structured information standards is a not-for-profit, international consortium that drives the development, convergence and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. OASIS produces worldwide standards for security, Web services, conformance, business transactions, supply chain, public sector, and interoperability within and between marketplaces. More information about OASIS can be found at http://www.oasis-open.org.
  • OMA -The mission of the Open Mobile Alliance is to facilitate global user adoption of mobile data services by specifying market driven mobile service enablers that ensure service interoperability across devices, geographies, service providers, operators, and networks, while allowing businesses to compete through innovation and differentiation. More information about OMA can be found at http://www.openmobilealliance.org.
  • OMG - The Object Management Group (OMG) is an open membership, not-for-profit consortium that produces and maintains computer industry specifications for interoperable enterprise applications. OMG membershipincludes virtually every large company in the computer industry, and hundreds of smaller ones. OMG is responsible for developing specifications for the Universal Modeling Language (UML). For additional information go to http://www.omg.org/gettingstarted/gettingstartedindex.htm

For a full description of the working document maturity process, refer to http://www.omg.org/technology/documents/spec_tutorial.htm.

  • W3C - The World Wide Web Consortium was created in October 1994 to lead the World Wide Web to its full potential by developing common protocols that promote its evolution and ensure its interoperability. W3C has around 400 Member organizations from all over the world and has earned international recognition for its contributions to the growth of the Web. More information about W3C can be found at http://www.w3.org.

The W3C does not refer to its finalized specifications as 'standards'. Instead, the W3C has defined a set of maturity levels, which are explained below:

  • WORKING DRAFT: A document that is published for review by the community
  • CANDIDATE RECOMMENDATION: Documents that have been widely reviewed and which can be used to gather implementation experience.
  • PROPOSED RECOMMENDATION: A mature technical report that has been sent to the W3C Advisory Committee for final endorsement.
  • W3C RECOMMENDATION: A specification that has received the endorsement of the W3C Members and the Director. W3C RECOMMENDATIONS are similar to the standards published by other organizations.
  • MEMBER SUBMISSION: documents developed outside of the W3C process by members to propose technology or other ideas for consideration by the Team.
  • W3C NOTE: W3C has stopped using the unqualified maturity level "NOTE". A W3C NOTE was used as a dated, public record of an idea, comment, or document. W3C NOTES used to be published on the Web site at the discretion of the Director and could be published at any time. The publication of a NOTE did not imply endorsement of its contents by W3C.

For a historical explanation of the W3C NOTES refer to: http://www.w3.org/Consortium/Process/Process-19991111/process.html#Notes

A number of specifications currently exist today that are labeled as NOTES. The W3C has elected to not update those documents.

For a full description of the current W3C Process, including definition of W3C artifacts' maturity levels, refer to http://www.w3.org/2005/10/Process-20051014/tr.html

  • WS-Interoperability - The Web Services Interoperability Organization is an open industry effort chartered to promote Web Services interoperability across platforms, applications, and programming languages. More information about WS-I can be found at http://www.ws-i.org.

1.9 Designation of Standards/Specifications as EnterpriseStandards

The ETRM is a living document, where open and/or de facto industry standards are continually evaluated for recommendation as Enterprise Standards. ITD's Policy and Architecture unit keeps a "watch list" of current Enterprise Standards as well as emerging standards. The Enterprise Architecture Council (EAC) may recommend additions to the watch list.

The decision process outlined below is used to determine when standards should be recommended for adoption or deferred for review at a later date. Recommended revisions and additions to Enterprise Standards are presented to the EAC for discussion and consideration. Enterprise Standards recommended by the EAC are then put through an internal and public review process before being designated by the CIO as Enterprise Standards for Executive Department agencies.

Definitions Relevant to Decision Process

Open Standard - Specifications for systems that are publicly available and are developed by an open community and affirmed by a standards body. Hypertext Markup Language (HTML) is an example of an open standard. Open standards imply that multiple vendors can compete directly based on the features and performance of their products. It also implies that the existing information technology solution is portable and that it can be removed and replaced with that of another vendor with minimal effort and without major interruption. ( Enterprise Open Standards Policy)

Open Format - The Commonwealth defines open formats as specifications for data file formats that are based on an underlying open standard, developed by an open community, affirmed and maintained by a standards body and are fully documented and publicly available. ( ETRM, Information Domain)

De Facto Industry Standard - A de facto standard is a technical or other standard that is so dominant that everybody seems to follow it like an authorized standard. ( Wikipedia)

The key criteria used for recommending an Enterprise Standard include determining whether

  • There is existing or growing support around the use of the standard
  • The standard interoperates with other relevant Enterprise Standards
  • The standard can be adopted without causing negative business impact.

The Decision Process

The Decision Process consists of multiple steps. The first step is to determine whether the standard being considered meets the criteria of an Open Standard. This determination is made based on definition contained in the Enterprise Open Standards Policy. Consideration of an open standard that lacks industry support is deferred to a later date. Specifications that are neither Open Standards nor de facto standards may be tracked in the Standards Watch List for further consideration. Only open standards that have industry support and de facto standards are considered further in the Decision Process.

Next, the Decision Process includes research into the ability of the standard being considered to interoperate with other relevant Enterprise Standards. Adoption of certain standards - or versions of certain standards - in the ETRM is often deferred pending industry interoperability testing, such as that performed by the WS-I.

The final phase of the Decision Process includes business validation for the inclusion or exclusion of the standard. This is based on compelling business reasons to adopt or consideration of negative business impact, which would lead to deferring adoption.

The Decision Process is depicted in the following diagram.

Decision Process for Recommending a Standard/Specification as an Enterprise Standard


 


[1] This document is not to be interpreted to require any agency to acquire or use goods bearing any particular trademark or trade name or subject to any patent. Any references herein to a particular trademark, trade name, or patent are included only because there is no other sufficiently precise or intelligible way of describing agencies' procurement choices. Such references are to be interpreted to permit agencies to use any number of optional technologies including the specified trademarked, trade named or patented formats referenced herein or their equivalents.