welcome to the ground rules for the live webinar cef
TRANSCRIPT
Welcome to the CEF eDelivery Live Webinar for the PNR community
27 March 2019Start 15:00 (CET)
Ground Rules for the Live Webinar
Please mute your microphone before the webinar starts
To chat with other participants and submit questions, please use the Chat function to the right of your screen
To connect your audio go to the Quick Start tab and connect your audio (dial-in, dial-out or connect via computer)
CEF eDelivery
Live Webinar for the PNR community
Agenda
Welcome 5'
Ines Costa – DIGIT
1 Introduction to the PNR Directive 15'
Christiana Aposkiti and María Duro Mansilla – DG HOME
2 Introduction to CEF eDelivery 20'Adrien Ferial – DIGIT
3 Case study – Implementation of AS4 in the Netherlands 15'Mark van der Harst – Ministry of Justice and Security (NL)
4 CEF eDelivery Service Offering 15'Adrien Ferial – DIGIT
5 Q&A 20'
All
Highlights of the webinar
?
Ask questions Download the presentation
Download the webinar recording
Interact with our online community
DURING
AFTER
4
1
Introduction to the PNR DirectiveChristiana Aposkiti and María Duro Mansilla – DG HOME
Introduction to the PNR Directive and the PNR Implementing Decision
CEF eDelivery Live Webinar for the PNR community, 27 March 2019
Christiana Aposkiti and María Duro Mansilla, European Commission, DG HOME D1
Overview
Introduction to the PNR Directive - (EU) 2016/681
The Directive’s transposition into national law
The PNR Implementing Decision - (EU) 2017/759
The PNR Directive: Key dates
Adopted
on
27.04.2016
To be
transposed
by
25.05.2018
To be
reviewed
by
25.05.2020
PNR are ….
Collected by airlines for their business needs
Used by the authorities for
law enforcement purposes
The Directive's key elements
Purpose limitation: terrorism and
serious crime
Passenger Information Unit" (PIU) as
key entity
List of data elements
Mandatory for extra-EU flights,
optional for intra-EU flights
Strong data protection safeguards
PIU
PNR
COLLECTING
Rules
Watchlists
Historical
PROCESSING DISSEMINATING
PIU
Competent
Authorities
• Proactively
• Upon request
• for action
• for intel
• domestic
• international
The role of the PIU
Situation as of 27 March 2019
Commission implementing decision (EU) 2017/759
Establishes a list of data formats and transmission protocols to be used by airlines when transferring PNR data to Member States
Air carriers need to select from the list in Annex and identify to the Member States the common protocol and data format that they intend to use.
Implementing Decision: Key dates
Adopted
on
28.04.2017
Applicable
28.04.2018
To be
reviewed
by
28.04.2021
A pragmatic balance …
Promotion of open
standards
State of the
industry
Airlines can choose …
Data formats
• EDIFACT PNRGOV
• XML PNRGOV
• EDIFACT PAXLST (for API transferred separately)
Protocols
• IBM MQ
• IATA Type B
• AS4
Resources
- ICAO Convention- Annex 9 – Facilitation- API guidelines- PNR guidelines- PNR Directive- PNR Implementation plan- PNR Implementing Decision- List of PIUs (OJEU)- List of Competent Authorities (OJEU)- API Directive
Thank you!
DG HOME D1 (Police Cooperation & Information Exchange)
European Commission
2
Introduction to CEF eDeliveryAdrien Ferial – DIGIT
PNR Implementing Act on the common protocols and data formats to be used by air carriers when transferring PNR data to Passenger Information Units (28 April 2017)
Following Directive (EU)
2016/681 on the use of passenger
name record (PNR) data for the
prevention, detection, investigation
and prosecution of terrorist offences
and serious crime.
Transmission protocols for the transfer of PNR data:
— IBM MQ; — IATA Type B; — AS4 Profile of ebMS 3.0 Version 1.0, OASIS Standard, published on 23 January 2013. Implementation of AS4 according to the e-SENS AS4 Profile developed by the e-SENS Large Scale Pilot, current identifier and version: ‘PR - AS4 - 1.10’. As from 2017, the Connecting Europe Facility will continue to maintain and improve these implementation guidelines.
• Directive (EU) 2016/681 requires the Commission to draw-up a list of common protocols and supported data formats to be used by air carriers when transferring passenger name record (PNR) data to Member States.
• The air carriers need to select from that list and identify to the Member States the common protocol and data format that they intend to use.
The CEF building blocks are funded by the Connecting Europe Facility
TRANSPORT€26.25bn
ENERGY€5.85bn
TELECOM(DG CNECT)
Broadband€170 M
CEF Digital Building blocks &
Digital Service Infrastructures
€970 M *
CEF RegulationThe Connecting Europe Facility (CEF) is a regulation that defines how the Commission can finance support for the establishment of trans-European networks to reinforce an interconnected Europe.
* - 100 M Juncker Package
CEF Telecom GuidelinesThe CEF Telecom guidelines cover the specific objectives and priorities as well as eligibility criteria for funding of broadband networks and Digital Service Infrastructures (DSIs).
CEF Work ProgrammesTranslates the CEF Telecom Guidelines in general objectives and actions planned on a yearly basis.
21
CEF enables the European Digital Transformation
eJustice Portal
Justice, home affairs and citizens' rights
ODR Open Data
Science and Technology
Business
BRIS etc.
Employment and Social Rights
EESSI
Building Blocks2
Typically 'deployment' projects at national level (up to 75% of eligible cost)
IDENTIFY with
eID
SIGN with
eSignature
EXCHANGE with
eDelivery
TRANSLATE with
eTranslation
INVOICE with
eInvoicing
22
Grants3
Sectorial Projects1
The eDelivery Use-Case
Complaints
Consumer Protection Procurement Justice
ClaimsInvoices
Exchange of complaints
Exchange of invoices
Exchange of claims
Examples of DOMAIN-SPECIFIC
USE CASES
internet
DOMAIN-NEUTRALUSE CASE
ORIGINAL SENDER FINAL RECIPIENT
eDelivery Messaging Infrastructure based on the 4-Corner ModelStatic discovery
SEND RECEIVE
NOTIFY
Backend Backend
Internet
1 or several
ORIGINAL SENDER FINAL RECIPIENT
1 or several
C2 C3CORNER CORNER
C1CORNER C4 CORNER
AS4
NOTIFY
Party A Party B
ACKNOWLEDGE
AccessPoint
AccessPoint
Connector Connector
(Q)TSP (Q)TSP
SENDER
ADRESSEESENDER
ADRESSEE
ADRESSEE
SENDER
Required component
Optional component
Netw
orkin
gLayer
Messag
ing
an
d
Tran
sp
ort
Layer
Ap
pli
cati
on
sLayer
eDelivery workflow
1
2
3
4
SubmitSender sends message to sending AP
SendSending AP processes messagea) Validation and compression of the user message;b) Signing of the compressed message;c) Encryption of the signed compressed message.
ReceiveReceiving AP processes messagea) Receives and decrypts the encrypted message;b) Verifies the sender’s signature;c) Decompresses the decrypted message;d) Validates the original user message;e) Sends the acknowledgement to the sending AP;f) Archives the user message.
Deliverrecipient receives message from receiving AP
Why AS4?
General benefits
eDelivery AS4 Profile Specific Benefits
Specifications
Payloads
Message metadata
Security
Reliable messaging
Implementation
Configuration
eDelivery AS4 comparative Benefits
CEF eDelivery specifications
The approach employed by eDelivery
is to promote the use of existing
technical specifications and standards
rather than to define new ones.
The profiling work of eDelivery on
these standards, i.e. constraining
configuration choices, is equally taken
on board. Even though eDelivery
makes software available
implementing these specifications, the
use of commercial software or other
Open Source software projects is also
possible.
eDelivery AS4 profile of the ebMS3/AS4 OASIS StandardsAccessPoint
Service Metadata
Locator (SML)
Service Metadata Publisher
(SMP)
eDelivery Profile based on the OASIS BDXL Specification
eDelivery ebCore Party ID Profile
eDelivery Profile based on the OASIS BDX-SMP
Specification
COMPONENT KEY SPECIFICATIONS
More information: https://ec.europa.eu/inea/
Call publication 14 February 2019
Deadline for the submission of proposals
14 May 2019(17:00 Brussels time)
Budget Indicative 1 Million EUR
Co-funding rate 75%
Indicative duration of the actions 18 months
CEF eDelivery Call 2019-1
e-enforcement academyDG JUST
European Citizens' Initiative
eDelivery onboarding-raceSET UP
PHASE
Otherinstitutions
CEF DSIs
Other Policy Projects
Member State led projects(including CEF grants)
DESIGN eDelivery infrastructure
CIxPThe European Council
eProcurement (*)GROW | DIGIT
DEPLOY eDelivery solutions
eHealth (SMP) DG SANTE
EESSI DG EMPL
BRIS DG JUST
e-Justice | eCodexDG JUST
SELECT eDelivery solutions
ODR DG JUST
PROSPECTING
ECRIS DG JUST
ELICITrequirements
CISE DG MARE
TACHOnet DG MOVE
OPERATE eDelivery solutions
EU-CEG DG SANTE
PEPPOL (upgrade to AS4)
DECIDE (upgrade)SG
ePaymentsECB
NOBLE project(Postal Services)
TOOP (once-only)
Parliamentary Q + Trialogue + OPParliament
IRIDG JUST
PNR (regulated)DG HOME
European Data Protection Supervisor
EPRELDG ENER
e-Impact(CEF Transport)
CyberSecDG CNECT
eTranslation / ELRC DGT
Customs Single WindowDG TAXUD
eEvidenceDG JUST
eTransport DocsDG MOVE
Maritime Single Window DG MOVE
COMMITMENT GATE
eDocX2017 DG HOME (EMCDDA)
ICS2DG TAXUD
EUDAMED 3DG GROW
UtdataprojektetDIGG
eHealth (AS4) DG SANTE
(*) Also part of PEPPOL
Development of NL eDelivery gatewayLogius.nl
ENTSOG(Gas operators)
Slovenia Supreme Court's communications Laurentius
Central Clearance Import DG TAXUD
European Aviation Safety Agency
European Union Agency for Railways
IRMA DG HOME
IMIDG GROW
European Chemicals Agency
European Anti-Fraud Office
Inland Waterway Transport DG MOVE
e-BoksNets and PostNord
ELRC DGT
iADAATPAPangeanic’sconsortium
X-RoadNIIS
Eurojust
SafeSeaNetEMSA NEW
FLUX TLDG MARE NEW
NIVA projectREA/AGRI/CNECT NEW
NEW
IMMCParliament NEW
ELICIT requirements
Technical Specifications
Onboarding
Self-Assessment tool
Training and deployment
DEPLOY eDelivery solutions
Connectivity Testing
Service Desk
PKI Service
CEF eDelivery Community
SELECT eDelivery solutions
List of Software solutions
SML Service
OPERATE eDelivery solutions
Service Desk
PHASEwith backend(s)
CEF TEAM
with partners
Open source
Commercial solution
Custom built
Attend workshops
•Complete self-
assessment tool•
Identify business
requirements•
Carry out feasibility study
Assess OSS projects
Customise/ extend solution
Build solution
Integrate with eDelivery
Access Point•
Perform Integration
testing•
Perform Pre-production
testing
Participate in Connectivity
testing•
Perform Pre-production
testing
Assess Vendors
Buy solution
Deploy components
•Configure
components
INTEGRATE
YOUR TEAM
Open source
Hosting•
Maintenance
Hosting•
Maintenance
Hosting•
Fees
Commercial solution
Custom built
Domain Owner
Roadmap to deploy CEF eDelivery
Participants in eDelivery Messaging Infrastructure
DESIGN eDelivery infrastructure
Documentation (COD, SOD, … )
DESIGN eDelivery infrastructure
Documentation (COD, SOD, … )
Design message exchange model
Design discovery model
•Design security
model•
Design integration approach
•Participate in the writing of a SDD
•PoC (optional)
3
Case study – Implementation of AS4 in the NetherlandsMark van der Harst – Ministry of Justice and Security (NL)
Case study – Implementation of AS4 in the Netherlands
Steps to get connected
• Technical PHASE
– Gathering and providing information (AS4 Connectivity kit)
– Getting messages send from C1 to C4
• Functional PHASE
– Analyse the contents of the PNR data
– Check PNR for completeness (Characteristics)
• Go Live
Technical PHASE
• AS4 Connectivity kit (contents)
– Introduction AS4
– AS4 key elements
• Party
• Service
• Actions
• ConversationId
• Payload
– Infrastructure
– Connectivity forms (exchange certificates and end-points)
Example AS4 key elements
• PartyThe party information of the sending and receiving party:Type: urn:oasis:names:tc:ebcore:partyid-type:iata - Party type for the connecting carrier
urn:osb:oin - Party type for MemberstatePNR systemID: For the carrier this is the 2 character IATA airline code.
NL – Party id of MemberstatePNR system
• ServiceThe service on which carriers interact with MemberstatePNR system:Type: urn:ebv:servicesService: SupplyTravelData:1:0
• Actions & RolesThe actions available on the SupplyTravelData service. Each action defines the roles involved in the interaction:Action: SupplyTravelData - Used when sending pushes to MemberstatePNR system
SupplierTravelData - Role of sending party = carrierReceiverTravelData - Role of receiving party = MemberstatePNR system
RequestTravelData – Used when GOVREQ request for travel data is initiated by MemberstatePNR systemRequestorTravelData - Role of requesting party = MemberstatePNR systemSupplierTravelData - Role of sending party = carrier
Agreements are not used yet
Technical PHASE
Example Pmode (1)
Example Pmode (2)
Example Pmode (3)
Functional PHASE
• Analyse the contents of the PNR data
• Check PNR for completeness (Example Characteristics)Booking details
Change in the number of passengers in booking
Travel agency code
Contact information
Contact address
Telephone number
Itinerary
Final destination
First departure location
Seat
Luggage information
Number of bags
Number of bags opposite movement
Security number
Total weight luggage
Personal details
Date of birth
First name
Last name
Access Points
• Domibus
• Axway B2Bi
• IBM Datapower
• Microsoft BizTalk with AS4 adapter
Challenges
• Configuration of the Certificates and CA’s – Like client server authentication
• Configuration of the Access Points– Like actions/service/roles etc.
Go live
Questions?
4
CEF eDelivery Service offeringAdrien Ferial – DIGIT
CEF eDelivery Service offering
Service offering Description (SoD)
All services are described in an SoDdescribing its purpose, the users for which it is for, its benefits and the process to obtain it
eLearning, videos, success stories
Some services feature multimedia such as eLearnings, instructional videos or success stories to help grasp what the service is about
Service Level Arrangements (SLA)
Documents that describe Service Level Targets to be reached when delivering Building Block Services.
CEF Digital platform
CEF eDelivery service offering, and more about the building block, can be found online
CEF Digital >
SOFTWARE STAKEHOLDER MANAGEMENT SERVICES
Onboarding services (for
stakeholders)
Community management
services
Self-assessment tool (reuse approach)
Onboarding of new stakeholders
Supporting services
Testing services
Training & Deployment
Service Desk
OPERATIONS SERVICES
Managed services
Conformance testing
Sample software
maintained by the EC (with
documentation)
Public Key Infrastructure (PKI)
Service Metadata Locator (SML)
Connectivity testingDevelopers Community
Service Metadata Publisher (SMP)
Service Metadata Locator (SML)
Access Point (AP)
Available
Coming soon SML specifications
SMP specifications
(example) TECHNICAL SPECS OF EU-WIDE INITIATIVES
Access point specifications
Security control guidance
STANDARDS OF ESOs
Connector specification
Sample software centrally hosted and managed by the EC, based on sample implementations that are based on technical specifications of CEF eDelivery.
The European Commission develops, maintains and provides software as a service for the following components of a CEF eDelivery solution: • Public Key Infrastructure (PKI)• Service Metadata Locator (SML)
These services facilitate the re-use of CEF eDelivery by different Policy Domains.
Policy Domains
USERS
STATUS
Documentation
Service
OBJECTIVE OF THE SERVICE
BENEFITS
• Reduced cost of hosting the service, which is sustained by the European Commission
• Full support by the European Commission
• Defined and agreed Service Levels
Operations services
Managed services Back to Service offering >
More info
Get started
Contact us >
CEF Digital >
Operations services / Testing service
Connectivity testing
Test if a newly installed AS4 Access Point, conformant with the CEF eDelivery specifications, can successfully communicate with the sample AS4 Access Point hosted by the European Commission. If successful, these tests confirm that the new Access Point is in all likelihood correctly deployed and configured.
The CEF Support Team facilitates the Connectivity Testing by making available a sample AS4 Access Point in a cloud environment, as well as providing guidelines and support during the testing process.
BENEFITS
• Confirm that newly deployed AS4 Access Points can successfully communicate with a neutral organization i.e. the sample Access Point of the European Commission;
• Testing anywhere at anytime
• Testing supported by professional staff of the European Commission
STATUS
Documentation
Service
OBJECTIVE OF THE SERVICE
Software Providers
Service Providers
USERS
Back to Service offering >
More info
Get started
Contact us >
CEF Digital >
Operations services / Testing service
Conformance testing
Verify that an implementation of the CEF eDelivery Access Point and SMP specifications, a software package either commercial or Open Source, conforms to the specifications of the CEF eDelivery Access Point.
The following specifications are tested within the scope of this service:
• eDelivery AS4 Profile• eDelivery SMP Profile
The CEF eDelivery Team provides ready to use test cases, a testing platform, and supports the users of the CEF eDelivery Conformance Testing service during the entire testing process.
Software Providers
Service Providers
USERS
STATUS
Documentation
Service
OBJECTIVE OF THE SERVICE
BENEFITS
• Confirm and assure your users/customers that your software package or implementation of the CEF eDelivery Access Point conforms to the CEF eDelivery specifications
• Testing anywhere at anytime
• Testing supported by professional staff of the European Commission
Back to Service offering >
More info
Get started
Contact us >
CEF Digital >
More information on CEF Digital
Conformant Solutions >eDelivery AS4 conformant solutions
Conformant
Ongoing
Domibus
Flame
Holodeck
Laurentius
Mendelson
RSSBus
IBM
ADES
Integration cloud
eefacta Server
iFenix
Axway
EESSI AS4.NET
Bizbrains
Edicom Asx server
Navitasoft
Data Interchange
SEEBURGER
B2BRouter
DCS EIP
Software
Sample software maintained by the EC
Standard software implementations of the technical specifications of CEF eDelivery. The European Commission maintains and develops sample software that is openly available to be re-used. The following components of a CEF eDelivery solution are provided: • Access Point • Service Metadata Publisher (SMP)• Service Metadata Locator (SML)
Through the "Operational Management Board", CEF eDelivery stakeholders define the evolution of these solutions, by suggesting features that are then developed by the CEF's team.
Back to Service offering >
More info
STATUS
Documentation
Service
OBJECTIVE OF THE SERVICE
Get started
Software Providers
Service Providers
Policy Domains
USERS
BENEFITS
• Released under an open source license
• Viable solutions for use in production environment
• Fully supported by the European Commission
• Based on market-driven technical specifications Contact us >
CEF Digital >
Operations services
Supporting services
The CEF eDelivery team offers:
• Service Desk – a Single Point of Contact (SPOC) to address questions, incidents, requests and changes reported by the Users with regards to the CEF eDelivery service offering.
• Training and deployment support - Training sessions about the technical specifications underpinning the components of CEF eDelivery, the services offered by the Commission and its sample implementations, and interactive sessions to support in the deployment of the solution.
STATUS
Documentation
Service
OBJECTIVE OF THE SERVICE
Policy Domains
Software Providers
Service Providers
USERS
BENEFITS
• Day to day monitoring and business hours (8 am – 6 pm CET) service to maintain a high-level of availability and capacity of the CEF eDelivery Managed Services
• Proactive incident detection and resolution
• Increased autonomy of the Public Administration in handling and maintaining the CEF eDelivery components
Back to Service offering >
More info
Get started
Contact us >
CEF Digital >
Stakeholder management services
Onboarding services
CEF offers onboarding services for new projects interested in re-using CEF eDelivery:
• Self-assessment tool - a survey that maps the requirements of the users to the CEF eDelivery Service Offering. During the self-assessment, users assign different scores to the relevant requirements of their business system and the eDelivery messaging infrastructure. Based on the answers provided, the tool calculates how CEF eDelivery can help users achieve their goals by indicating which services provided by CEF eDelivery will allow them to meet their specified needs and requirements.
• Onboarding of new stakeholders – A direct contact point for all policy domains interested in re-using CEF eDelivery, that will facilitate the understanding, adoption and deployment of the solutions.
STATUS
Documentation
Service
OBJECTIVE OF THE SERVICE
Service Providers
Policy Domains
USERS
BENEFITS
• Business-driven and time-efficient assessment
• Comparability – the self-assessment tool provides a benchmarking with use cases of other projects already re-using
CEF eDelivery
• Direct and easy contact with the CEF eDelivery technical teams, through the onboarding services
Back to Service offering >
More info
Get started
Contact us >
CEF Digital >
Stakeholder management services
Community management
Develop, expand and engage with a community of developers contributing to the evolution of CEF eDelivery’s open source sample implementations.
Among the 5 components that the CEF eDelivery team develops, CEF manages an online community of developers interested in contributing to the code of the sample implementations. STATUS
Documentation
Service
OBJECTIVE OF THE SERVICE
Developers
USERS
BENEFITS
• Cost effective development
• Wide set of skills
• Faster response to emerging requirements
Back to Service offering >
More info
Get started
Contact us >
CEF Digital >
5
Q&AAll
Contact us
© European Union, 2017. All rights reserved. Certain parts are licensed under conditions to the EU. Reproduction is authorized provided the source is acknowledged.
Find out more on CEF Digitalec.europa.eu/cefdigital
REUSE
#BIG