Upload
avice-barbra-pitts
View
216
Download
0
Tags:
Embed Size (px)
Citation preview
F235110
Data Sharing & Standards Division
Launch Event
eCare Framework v1.0
19 May 2006
Data Sharing & Standards Division
Kerr DonaldsonStandards Branch Head
Data Sharing & Standards Division
Murray McVicarPolicy Branch Head
Data Sharing & Standards Division
Efficient Government Group
Peter RussellEfficient Government Group
Stuart MacDonaldData Sharing & Standards
Jonathan MooreShared Services & Funds
Craig RussellEfficient Government
StandardsPolicy
Implementation
MGF/EGFImprovement Service -
Customer FirstCitizen Smartcard
DNA
eGovernment AgendaOSIAF
Efficient Government Plan
Data Sharing & Standards Division
Data Sharing and Standards
Policy– Policy on data sharing – Support to policy colleagues on:
• Children’s services• Adults at Risk
– Governance arrangements including National Forum; Data Sharing Partnerships
– Communications including stakeholder relationships
Data Sharing & Standards Division
Data Sharing and Standards
Standards– Identity and Authentication– Performance measurement– Quality Assurance – Technology & Data Standards for the eCare
Framework
Data Sharing & Standards Division
Data Sharing and Standards
Implementation– eCare framework development– Procurement– Supplier relationships– Roll-out of national solutions
Data Sharing & Standards Division
eCare Framework
• Is a strategic approach to the sharing of personal data across Scottish public sector
• Comprises a set of technical, security and data standards, architecture and infrastructure
• Fully supported software products• Based on a federated model of data and identity
management (14 data sharing partnerships)• Managed service hosting and national network
infrastructure
Data Sharing & Standards Division
Vision for Improved Service Delivery
• Meeting the needs of the citizen, not the convenience of the service provider
• Looking beyond the normal boundaries for partnerships
• Culture of continuous improvement embracing quality and cost
• Aim of efficiency savings is to release cash for front line services
Data Sharing & Standards Division
Individual organisations improve internal processes by implementing re-engineered process and new technology
Multiple organisations standardise on agreed best practice process and technology
More efficient/effective internal processes in some organisations.
Reduced costs through joint procurement, development & training
Technology is deployed on a shared basis
Service provision is provided on a shared basis
Lead authority ?Public sector company ?Joint Venture ?Outsourcing ?
Benefits stream
More efficient/effective internal processes sector wide
Reduced costs through joint procurement, development & training
More efficient/effective internal processes sector wide
Reduced costs through shared hosting and maintenance of technology
Single most efficient/effective process used
Reduced costs through single procurement and implementation
Reduced costs through single deployment of technology
Reduced costs through staff and property rationalisation
More consistent cost/quality More consistent cost/quality Consistent cost/quality
Data Sharing & Standards Division
Succeeding through engagement
• We can only achieve this by working in partnership across the sectors;
• The agenda is complex, developing, and inter-connected;
• Sharing knowledge of what we are doing – and what we find others are doing - is vital; and
• The prize is big, so our work is challenging and worthwhile
• We need to ensure efficient support for the delivery of care to those most at risk
Data Sharing & Standards Division
Robbie HarrisSenior Technical Architect
F235110
Data Sharing & Standards Division
ConceptualArchitecture
Logical Architecture
Physical Architecture
Logical Solution
Physical Solution
Infrastructure Architecture
Infrastructure Solution
Infrastructure Policy
Server Infrastructure
Network Infrastructure
Software Platforms
Hosting Sites
Security Architecture
Security Architecture
Security Solution
Security Policy
Risk Assessment
Application Architecture
Application Solution
Application Policy
Data Architecture
Data Solution
CommonData Model
Data Policy
Support Architecture
SupportSolution
Support Policy
Service Operations
Local Support
Maintenance
Models
Development Standards
Development Process
Quality Plan
Q.A. Report
Local Design
Training Plan
Component Specification
Functional Specification
Logical Design
Physical Design
Technical Specification
Test Plan
Deployment Plan
Evaluation Methodology
evaluations
View I
View II
View III
Architectural Description
Vision Statements
Solution Overview
Logical
Conceptual
Implementation Optional
KEY
Physical
Architectural Area
Conceptual Solution
F235110
Data Sharing & Standards Division
ConceptualArchitecture
Logical Architecture
Physical Architecture
Logical Solution
Physical Solution
Infrastructure Architecture
Infrastructure Solution
Security Architecture
Security Solution
Application Architecture
Application Solution
Data Architecture
Data Solution
Support Architecture
SupportSolution
Architectural Description
Vision Statements
Solution Overview
Conceptual Solution
“address the technical barriers and costs to data sharing by agreeing a standard technical architecture. This will ensure that the technical implementation can re-use existing components; that data providers can maintain one interface for all their data partners rather than a separate interface for each data partner; and that common standards of security and authorisation can be systematically applied to all data exchanges.”
F235110
Data Sharing & Standards Division
Infrastructure Architecture
Infrastructure Policy
Server Infrastructure
Network Infrastructure
Software Platforms
Hosting Sites
Security Architecture
Security Architecture
Security Policy
Risk Assessment
Application Architecture
Application Policy
Data Architecture
CommonData Model
Data Policy
Support Architecture
Support Policy
Service Operations
Local Support
Maintenance
Development Standards
Development Process
Quality Plan Training PlanEvaluation
Methodologyevaluations
View II
“new risk management model, approved security architecture for government systems, a revised CSIA security policy, best practise guidance & standards”
F235110
Data Sharing & Standards Division
Infrastructure Architecture
Infrastructure Policy
Server Infrastructure
Network Infrastructure
Software Platforms
Hosting Sites
Security Architecture
Security Architecture
Security Policy
Risk Assessment
Application Architecture
Application Policy
Data Architecture
CommonData Model
Data Policy
Support Architecture
Support Policy
Service Operations
Local Support
Maintenance
Development Standards
Development Process
Quality Plan Training PlanEvaluation
Methodologyevaluations
View II
“consolidated network architecture for government. This would allow reduction in costs through aggregating demand and allowing individual agencies to use common network infrastructure seamlessly for intra-agency as well as inter-agency traffic.”
F235110
Data Sharing & Standards Division
Managed Service• Equivalent to existing architecture
– Not a central, monolithic solution, each partnership has their own messaging service & store
– Direct and straightforward migration for existing solutions
• Adapters must meet minimum interconnect requirements for GSX/NHSnet connections– Plus specific technical requirements for interconnect
to the eCare Framework – the technical aspects of which are covered by our security policy & architecture requirements
Data Sharing & Standards Division
James MacGregorTechnical Architect, Atos Origin
F235110
Data Sharing & Standards Division
eCare Managed Service
• Centrally hosted eCare Service
• Located in Atos new Tier IV Data Centre in Livingston
• Tier IV Data Centre – highest level of availability (Uptime Institute)
• Conforms to BS7799, ISO9001 and ITIL operational standards
F235110
Data Sharing & Standards Division
•
F235110
Data Sharing & Standards Division
Infrastructure
• Resilient Infrastructure– Load Balance Web Servers (blade)– Clustered SQL Server– Dual Firewalls / Switches– Offsite backups
• Staging Servers– To allow partners to verify releases
• GSX / N3 Connectivity
F235110
Data Sharing & Standards Division
Managed Service
• Solution designed to scale
• Service Available Summer 2006
• 24x7 Helpdesk
• Atos Origin technical support
F235110
Data Sharing & Standards Division
Infrastructure Architecture
Infrastructure Policy
Server Infrastructure
Network Infrastructure
Software Platforms
Hosting Sites
Security Architecture
Security Architecture
Security Policy
Risk Assessment
Application Architecture
Application Policy
Data Architecture
CommonData Model
Data Policy
Support Architecture
Support Policy
Service Operations
Local Support
Maintenance
Development Standards
Development Process
Quality Plan Training PlanEvaluation
Methodologyevaluations
View II
F235110
Data Sharing & Standards Division
Data architecture• Based on federated information, user and citizen identity
models. It reuses existing data holdings, user and citizen management facilities in order to create on-demand, persistent shared citizen records and facilitate sharing via joint multi-agency business processes. A ‘single, shared view of the citizen’
“one way to avoid the risks of a central, state-run monolithic database of the entire
population would be to have some sort of federated system”Richard Thomas, Information Commissioner, 3 February 2004
Data Sharing & Standards Division
Kerr DonaldsonStandards Branch Head
F235110
Data Sharing & Standards Division
Standards (Branch)
• Linkage between Information requirements of policy &
• Local business requirements &• Subsequent Development and
Implementation• In MGF-2, acted in Standards Design
Authority role for the eCare Data Architecture
F235110
Data Sharing & Standards Division
Why Data Standards?
Define common information content of MAS Basis for interoperability Same data has the same meaning for all
partners Allow valid comparison for performance
management, where appropriate Ensure compliance with DPA and other
regulatory frameworks
F235110
Data Sharing & Standards Division
Key principles• Ownership: policy and practice
– ARCG– IAF
• Collaboration– NCDDP– OSIAF
• Consultation• Loose coupling of data and technical
standards
F235110
Data Sharing & Standards Division
Information Models
Information Term Specifications
Functions (specific purposes
for which information is
used)
Application Profiles
(information profiles for
specific purposes)
Local Information Terms
Binding Types (technologies and
industry standards)
Bindings (how to implement specific
Application Profiles in
specific Binding Types)
Information Instances
Development ModelInternational and national (e.g. BS) standards
International and national (e.g. BS) standards
As per e-GIF TSC e.g. data models, XML Schema, WSDL
F235110
Data Sharing & Standards Division
Infrastructure Architecture
Infrastructure Policy
Server Infrastructure
Network Infrastructure
Software Platforms
Hosting Sites
Security Architecture
Security Architecture
Security Policy
Risk Assessment
Application Architecture
Application Policy
Data Architecture
CommonData Model
Data Policy
Support Architecture
Support Policy
Service Operations
Local Support
Maintenance
Development Standards
Development Process
Quality Plan Training PlanEvaluation
Methodologyevaluations
View II
F235110
Data Sharing & Standards Division
eCare Safe Haven
Agency Network
Messaging Zone
Framework Zone
Message
MessagingBusiness Logic
Data
DatabasesIndexes
SQL
Adaptor
IntegrationMessaging
SOAP
Agency System
System Business Logic and Data
The Messaging Service provides Agency Applications with an interface to the eCare Framework
eCare Safe Haven or DMZ is a secure perimeter network that connects the Agency networks with the network in which the eCare Framework’s hardware is located.
The Multi Agency Store is the repository used to store consented data for the purpose of information being shared between different agencies
An Adaptor is a software component that enables communications between agency systems and the eCare Framework […] the Adaptor can be a logical software component built into an agency system or on a separate physical machine
Agency Systems are MIS applications within the varying agencies that perform client/patient/person processing functions
F235110
Data Sharing & Standards Division
"This review has confirmed that the Framework has been written to high standard. The code conforms with previous versions of the Framework and has been produced to a high level of quality, following clear coding standards to provide a consistent well structured and easy to read style.
The code is complemented by the publication of Web Service Design specifications, which provide a valuable overview of each web service as well as a more detailed design. These documents are (like the code) written in an easy to read and consistent style, providing a solid foundation for development and testing.
The high level security review indicates that security has been designed up front and the Framework conforms to many of Microsoft’s security best practices, particularly with regards to securing Web Services.
Finally, the examination of the unit test documentation and results gives a good level of confidence of test coverage and in fact 390 individual test cases is an impressive effort.“
ACS Europe review of eCare Framework Release Candidate April 2006
Data Sharing & Standards Division
James MacGregorTechnical Architect, Atos Origin
F235110
Data Sharing & Standards Division
eCare Framework Product Set
• Matching Framework
• Messaging Framework
• eCare Viewer (optional)
• Matching Tools (optional)
F235110
Data Sharing & Standards Division
Documentation Set
• Messaging Integration Guide
• Messaging Admin Guide
• Matching Integration Guide
• Matching Admin Guide
• Viewer Tool Guide
• + Other National Documentation Set….
F235110
Data Sharing & Standards Division
Service Granularity
• Document Message Pattern• Coarse grained messages
– Simplify message sequencing– Reduce network performance overhead– Simplify transaction management
F235110
Data Sharing & Standards Division
Authentication & Authorisation
• Authenticate host application not user
• Implemented through WS-Security
• Support Role based authorisation
F235110
Data Sharing & Standards Division
Error Feedback
• Soap Fault
• Client Details – XML formatted error messages & codes
• ClientUtilities DLL (for .Net)
F235110
Data Sharing & Standards Division
Matching
Matching MAS
Messaging
eCare DMZ
Host Application
Agency Boundary
AutoMatcher
NHS Boundary
Adaptor
ManualMatcher
CHI
7. Index Created
1. New Service User
8. Match Notification
3. New MatchRequest
2. Poll for new service users
4. Store Request
5. Attempt Match
6. SearchCHI
F235110
Data Sharing & Standards Division
Data Sharing
MAS
Messaging
eCare DMZ
Host Application
Agency Boundary
Adaptor Viewer
1. Service UserInteraction
2. Store DisclosureAuthorisation
3. Store Service User Data
5. View SharedData
Host Application
Agency Boundary
Adaptor
4. Other Agencies Share Data
F235110
Data Sharing & Standards Division
Viewer
• What is the Viewer and what can you do?– Access MAS Data– No searching– Embed in web page– .Net User Control (Web Page)– No inherent authentication / authorisation
F235110
Data Sharing & Standards Division
Web Service / Embedded Viewer Demo…
F235110
Data Sharing & Standards Division
Matching Integration
• Supports 3rd Party Integration– GetMatchRequests– CreateMatch
• Indexes Created• Notifications Created
– StoreMatchStatus (Manual / Query / Fail)
F235110
Data Sharing & Standards Division
Adaptor Architectural Discussion
Discuss key adaptor design issues
F235110
Data Sharing & Standards Division
Common Application Architecture
• Mainframe / Midrange
• Client Server
• Distributed Architecture
• Browser based application
F235110
Data Sharing & Standards Division
Basic Adaptor Requirements
• Support Matching
• Publish data to MAS
• Support MAS Notifications
• Support inter-Agency processes
F235110
Data Sharing & Standards Division
Architectural Qualities
• Integration
• Availability
• Scalability
• Transactions
• Deployment
F235110
Data Sharing & Standards Division
Adaptor Integration
• Issue– How to identify data to publish in MAS
• Possible Strategies– Database triggers – possible unexpected impact– Integrate with application logic– Monitor database (last change date / last sent)– API
F235110
Data Sharing & Standards Division
Adaptor Integration
• Scenario– What happens if Disclosure is temporarily removed?
– Publish Subject to MAS – including associated person
– Remove Disclosure Authority in Host Application
– Delete associated person
– Re-apply disclosure
– MAS still thinks Associated Person relationship exists
• Potential Strategy– Track changes even while Disclosure off and apply to MAS
once
F235110
Data Sharing & Standards Division
Availability
• Issue– Line of Business applications must not be
impacted by eCare availability
• Possible Strategies– Queue service requests– Event based asynchronous processing– Avoid applications calling web services directly
(for publishing data)
F235110
Data Sharing & Standards Division
Scalability
• Issue – Be able to handle increased volume of
transactions
• Possible Strategies– Design adaptors to support parallel
processing (and hence allow hardware scaling)
– Support asynchronous processing of requests
F235110
Data Sharing & Standards Division
Transactions
• Issue– How to manage transactions across
distributed systems
• Possible Strategies– Careful design – beware of when to
acknowledge an eCare Notification– Implement compensating transaction
manager (set of “Undo” actions)
F235110
Data Sharing & Standards Division
Deployment
• How to deploy adaptors physically?– Central deployment is preferred model– Simplify connectivity and security– Simplified release management
F235110
Data Sharing & Standards Division
eCare Performance Testing
F235110
Data Sharing & Standards Division
Performance Test
• Atos performed number of tests for Frameworks 0.8
• 3 Scenarios– “Normal” Load– “Failure” Load– “Heavy” Viewer Load
F235110
Data Sharing & Standards Division
Performance Test
• Configuration– Minimum specification– Simulate 1000s of
Adaptors– Adaptor supports Store
and Retrieval of Demographics, Events, Processes and Status Episodes
– Random data generation
Windows 2003 SQL 2000 Xeon 3.2 GHz
Processor 4 GB of RAM
Database Server
Windows 2003 IIS6 Xeon 3.2 GHz
Processor 2 GB of RAM
WebServer
Generates Load
Load Client
Monitor Database / Web Server
Gather Performance stats
MOM Server
Generate Random Data for tests
Data Generator
GigabitSwitch
F235110
Data Sharing & Standards Division
Performance Test
– Normal Load Profile• User load: 100 Adaptors / Viewer Clients• Think time: 2 – 20 seconds• Duration: 60 minutes• Test Case Distribution
– GetPerson 70%– MatchRequest 5%– PollNotifications10%– PublishAssociatesAndLinkToSubject 5%– Update Person 5%– Publish Processes, Events & StatusEpisodes 5%
F235110
Data Sharing & Standards Division
Performance Test
– Overall Analysis• 20,000 Service Calls processed in 1 hour• No errors – all requests processed successfully
F235110
Data Sharing & Standards Division
Normal Load [% cpu]
0
5
10
15
20
25
30
35
26
/04
/20
06
09
:27
26
/04
/20
06
09
:50
26
/04
/20
06
10
:12
26
/04
/20
06
10
:33
ECARE-DB-01 - Processor - %Processor Time - _TotalECARE-WEB-01 - Processor -% Processor Time - _Total
Drop Page Fields Here
Sum of SampleValue
TimeSampled
Name
ObjectName
CounterName
InstanceName
F235110
Data Sharing & Standards Division
Normal Load [Requests Per Second]ECARE-WEB-01 - eCareMessagingService - RequestsPerSecond - _Total
0
1
2
3
4
5
6
7
8
9
10
26
/04
/20
06
09
:27
26
/04
/20
06
09
:57
26
/04
/20
06
10
:27
ECARE-WEB-01 -eCareMessagingService -RequestsPerSecond - _Total
Drop Page Fields Here
Sum of SampleValue
TimeSampled
Name
ObjectName
CounterName
InstanceName
F235110
Data Sharing & Standards Division
Performance Test
– Failure Load Profile• User load: Increase until failure• Think time: 2 – 20 seconds• Duration: Until failure• Test Case Distribution
– GetPerson 70%– MatchRequest 5%– PollNotifications10%– PublishAssociatesAndLinkToSubject 5%– Update Person 5%– Publish Processes, Events & StatusEpisodes 5%
F235110
Data Sharing & Standards Division
Performance Test
– Overall Analysis• Initial errors occurred under a load > 400
Adaptors / Viewers• Approximately equivalent to 10 to 16 Agencies• Test is pushing through high rates of data change
continuously – not real world!
F235110
Data Sharing & Standards Division
Increasing Load
UK001292 - eCareStressTest - Virtual Users
0
100
200
300
400
500
600
700
800
900
18/05/2006 09:28 18/05/2006 09:43 18/05/2006 09:57
UK001292 - eCareStressTest- Virtual Users
Drop Page Fields Here
Sum of SampleValue
TimeSampled
Name
ObjectName
CounterName
InstanceNameFirst
Failure 9.35
F235110
Data Sharing & Standards Division
Failure Load [% cpu]
0
20
40
60
80
100
120
18/05/2006 09:24 18/05/2006 09:46
ECARE-DB-01 - Processor - %Processor Time - _Total
ECARE-WEB-01 - Processor - %Processor Time - _Total
Drop Page Fields Here
Sum of SampleValue
TimeSampled
Name
ObjectName
CounterName
InstanceName
F235110
Data Sharing & Standards Division
Failure Load [Duration Service Call]
0
10
20
30
40
50
60
70
80
18/05/2006 09:26 18/05/2006 09:41 18/05/2006 09:56
ECARE-WEB-01 - eCareMessagingService - Averageduration of service call - acknowledgenotifications
ECARE-WEB-01 - eCareMessagingService - Averageduration of service call - geteventsforsubject
ECARE-WEB-01 - eCareMessagingService - Averageduration of service call - getnotifications
ECARE-WEB-01 - eCareMessagingService - Averageduration of service call - getperson
ECARE-WEB-01 - eCareMessagingService - Averageduration of service call - getprocessesforsubject
ECARE-WEB-01 - eCareMessagingService - Averageduration of service call - getstatusepisodesforsubject
ECARE-WEB-01 - eCareMessagingService - Averageduration of service call - storeevent
ECARE-WEB-01 - eCareMessagingService - Averageduration of service call - storeperson
ECARE-WEB-01 - eCareMessagingService - Averageduration of service call - storeprocess
ECARE-WEB-01 - eCareMessagingService - Averageduration of service call - storestatusepisode
Drop Page Fields Here
Sum of SampleValue
TimeSampled
Name
ObjectName
CounterName
InstanceName
F235110
Data Sharing & Standards Division
Performance Test Impact
• Primarily database optimisation (v 1.0)– Deadlock (locking hints)– Indexing– Archiving
F235110
Data Sharing & Standards Division
Viewer Test
• An informal viewer test indicated infrastructure up to 3000 viewers
• Processing in excess of 50 web service calls per second
• Processed over 30,000 web service calls in approximately 25 minutes
F235110
Data Sharing & Standards Division
Viewer Test [Number of Virtual Users]
0
200
400
600
800
1000
1200
1400
1600
1800
2000
18/05/2006 13:44 18/05/2006 13:54 18/05/2006 14:04
UK001292 - eCareStressTest -Virtual Users - uk001292\sthcinstance 00
UK001292 - eCareStressTest -Virtual Users - uk001292\stscinstance 00
UK001292 - eCareStressTest -Virtual Users - uk001292\stscinstance 01
UK001292 - eCareStressTest -Virtual Users - uk001292\sthcinstance 01
Drop Page Fields Here
Sum of SampleValue
TimeSampled
Name
ObjectName
CounterName
InstanceName
F235110
Data Sharing & Standards Division
Viewer Test [Number of Service Calls]
48000
50000
52000
54000
56000
58000
60000
62000
64000
18
/05
/20
06
13
:44
18
/05
/20
06
13
:49
18
/05
/20
06
13
:54
18
/05
/20
06
13
:59
18
/05
/20
06
14
:04
ECARE-WEB-01 -eCareMessagingService - Numberof Service Calls -geteventsforsubject
ECARE-WEB-01 -eCareMessagingService - Numberof Service Calls - getperson
ECARE-WEB-01 -eCareMessagingService - Numberof Service Calls -getprocessesforsubject
ECARE-WEB-01 -eCareMessagingService - Numberof Service Calls -getstatusepisodesforsubject
Drop Page Fields Here
Sum of SampleValue
TimeSampled
Name
ObjectName
CounterName
InstanceName
F235110
Data Sharing & Standards Division
Viewer Test [Requests Per Second]ECARE-WEB-01 - eCareMessagingService - RequestsPerSecond - _total
0
10
20
30
40
50
60
18
/05
/20
06
13
:44
18
/05
/20
06
13
:49
18
/05
/20
06
13
:54
18
/05
/20
06
13
:59
18
/05
/20
06
14
:04
ECARE-WEB-01 -eCareMessagingService -RequestsPerSecond - _total
Drop Page Fields Here
Sum of SampleValue
TimeSampled
Name
ObjectName
CounterName
InstanceName
F235110
Data Sharing & Standards Division
Infrastructure Architecture
Infrastructure Policy
Server Infrastructure
Network Infrastructure
Software Platforms
Hosting Sites
Security Architecture
Security Architecture
Security Policy
Risk Assessment
Application Architecture
Application Policy
Data Architecture
CommonData Model
Data Policy
Support Architecture
Support Policy
Service Operations
Local Support
Maintenance
Development Standards
Development Process
Quality Plan Training PlanEvaluation
Methodologyevaluations
View II
Data Sharing & Standards Division
Robert FormanImplementation Branch Manager
Data Sharing & Standards Division
Sharon GallProject Manager, Ayrshire & Arran
Data Sharing & Standards Division
Robbie HarrisSenior Technical Architect
F235110
Data Sharing & Standards Division
Next Steps…• Continued support and development of Release 1.n• Continued support and development of eCart• Bilateral (cross-border) inter-agency business
transactions through an eCare Message Routing Service• Architecture of Framework 2
– “Granularity” & Disclosure Model– National eCare Message Hub– Citizen Access– National Child Protection Messages– National Coordinated Support Plan– GIRFEC Pathfinder
F235110
Data Sharing & Standards Division
GP
NHS24
Acute
Social Care
Education
Housing
Police SCRAPrivate & Voluntary Sectors
e-Health
eCare Framework
Citizen Access
…
F235110
Data Sharing & Standards Division
Citizen AccesseCare Partnership
eCare Partnership
National Systems
eCareHUB
eCare Partnership
eCare PartnershipeCare Partnership eCare Partnership
…