4.4 Document templates for describing services and architecture of the information system

4.4.1 Description of dataservice must include following data:

  1. Human-readable name of the service.
  2. WSDL description of the service.
  3. Functional description of the service. Here it should be described what the service allows to do, to whom it is targeted, whether personal data are processed or whether delicate personal data are processed during the service.
  4. Security level/security class required for using the service. Availability (K), Integrity (T), Confidentiality (S) Security grade (Low, Medium, High). Detailed information for selections is provided in ‘Guide of information systems security measures system ISKE’. X-Road members may apply security requirements through another system with security requirements similar or higher than ISKE.
  5. Conditions for the provision, use and changing a service, incl. whether/how (delicate) personal data or any other information with access restriction is processed, and whether the obligation to provide the service is specified in the law, a relevant legal act or an international contract;
  6. Exploitation requirements of the service must include at least:
    1. operating time of the service;
    2. maximum duration of single interruption;
    3. maximum time of response to request (ensured in at least 90% responses);
    4. number of requests in a minute or the number of requests per client in a minute.

 

Descriptions of services and subsystems are provided on RIHA page. When creating a new service, data should be entered also to RIHA page. Relevant guidelines are available in RIHA training materials. The maintenance of new versions of WSDLs of dataservices is the task of service owners. It must be ensured that WSDL located in the security server corresponds to the service description WSDL in RIHA.

Description of subsystem: see user manual 4.1 https://moodle.ria.ee/mod/page/view.php?id=288

Last modified: Monday, 8 May 2017, 3:32 PM