| Next revision | Previous revision |
| en:nap:komunikacni_infrastruktura_verejne_spravy [2021/06/01 12:37] – created Tomáš Šedivec | en:nap:komunikacni_infrastruktura_verejne_spravy [2021/08/17 14:24] (current) – Tomáš Šedivec |
|---|
| ===== Description of the Public Administration Communication Infrastructure ===== | ===== Description of the Public Administration Communication Infrastructure ===== |
| |
| KIVS/CMS is a central functional unit whose primary purpose is to provide a controlled and registered connection of information systems of state and local government entities to services (applications) provided by information systems of other state and local government entities with defined security and SLA parameters, i.e. access to eGovernment services. | KIVS/CMS is a central functional unit whose primary purpose is to provide a controlled and registered connection of information systems of state and local government entities to services (applications) provided by information systems of other state and local government entities with defined security and SLA parameters, i.e. access to eGovernment services. It consists of 2 main components, on the one hand **Central Point of Service (CMS)** and then the networks that are connected to it (KIVS). For the purpose of this description, the CMS/KIVS is taken as a single entity, i.e. a separate and distinct infrastructure serving the networking and secure interconnection of eGovernment. |
| KIVS/CMS can thus be called a private network for the performance of public administration on the territory of the state. | |
| KIVS/CMS as a private network of public administration uses dedicated or leased network resources for secure interconnection of public administration officials (PIAs) working in public administration agencies with their remote agency information systems, for secure network interconnection of agency systems with each other and for secure access of individual PIAs to the Internet. | |
| |
| Connection to the CMS can be implemented via: | <wrap info>KIVS as a separate term is also used as a specific connectivity option to the CMS. When using CMS/KIVS, it refers to the whole, which generally includes any connection method, see below.</wrap> |
| | |
| | KIVS/CMS, as a private public administration network, uses dedicated or leased network resources to securely connect public administration officials (OVS) working in public administration agencies to their remote agency information systems, to securely network agency systems to each other, and to securely connect individual OVS to the Internet. |
| |
| * Non-public KIVS operator (Regional networks, Metropolitan networks, [[nap:its|ITS Ministry of Interior]] and others) | The OVS accesses CMS services via the CMS portal at [[https://www.cms2.cz/]]. The portal address is only accessible from the internal KIVS/CMS network, i.e. only after the VCS is connected by one of the options below. If the address is accessed from outside the internal KIVS/CMS network, the user will only reach the [[https://www.mvcr.cz/clanek/komunikacni-infrastruktura-verejne-spravy-a-centralni-misto-sluzeb-584441.aspx?q=Y2hudW09Ng%3d%3d|MRC website]]. |
| * Public KIVS operator (KIVS operator competition through the central contracting authority of the Ministry of the Interior) | |
| * IPsec VPN | |
| * SSL VPN | |
| |
| Only the first 2 options - Non-public and public KIVS operator - are allowed for OVS, thus communication between individual OVS is conducted exclusively via KIVS/CMS, i.e. individual OVS are obliged to access public administration information systems (ISVS) only via KIVS/CMS. | OVS and SPUUs access eGovernment services, such as [en:nap:propojeny_datovy_fond|connected data pool,]] exclusively through the CMS in one of the four possible ways: |
| | |
| | - Through the Regional Networks (currently in the Vysočina, Pilsen, Karlovy Vary, Zlín and partly Pardubice regions + more if built). |
| | - Through [[en:nap:metropolitni_site|metropolitan networks]] connected e.g. to the [[en:nap:its|Integrated Telecommunication Network (ITS) of the MVČR]]. |
| | - Through the Communication Infrastructure of Public Administration (CIPA) using commercial offers competed through the Ministry of the Interior. |
| | - Via the public Internet, via a secure VPN SSL or VPN IPSec tunnel. |
| | |
| | If the Authority wishes to use the KIVS, i.e. to compete through the central contracting authority of the Ministry of the Interior, it is necessary to define the requirements in accordance with [[https://www.mvcr.cz/clanek/komunikacni-infrastruktura-verejne-spravy-278660.aspx|catalogue sheets]] and then implement the purchase in the dynamic purchasing system. CMS services can also be used via [[en:nap:narodni_datova_centra|National Data Centres]]. |
| | |
| | Only variants 1 to 3 are admissible for the Public Procurement Service (PPA), so that communication between the PPAs is conducted exclusively via the KIVS/CMS, i.e. the individual PPAs are obliged to access the Public Administration Information Systems (PIS) only via the KIVS/CMS. |
| |
| ==== View of CMS/CIVS ==== | ==== View of CMS/CIVS ==== |
| |
| {{ nap-document:communication.png |}} | {{ nap-dokument:komunikace.png |}} |
| |
| |
| * Ensure a secure network environment to ensure interoperability within the EU | * Ensure a secure network environment to ensure interoperability within the EU |
| |
| The Central Service Point, as a part of the public administration communication infrastructure, is a system whose primary purpose is to provide a controlled and registered connection of information systems of public administration entities to services (applications) provided by information systems of other public administration entities with defined security and SLA parameters, i.e. access to eGovernment services. | OVS accesses CMS services through the CMS portal at [[https://www.cms2.cz/]]. The portal address is only accessible from the internal KIVS/ CMS network, i.e. only after the OVS is connected by one of the possible options below. If the address is accessed from outside the internal KIVS/CMS network, the user will only reach the [[https://www.mvcr.cz/clanek/komunikacni-infrastruktura-verejne-spravy-a-centralni-misto-sluzeb-584441.aspx?q=Y2hudW09Ng%3d%3d|MRC website]]. The Central Service Point, as a part of the public administration communication infrastructure, is a system whose primary purpose is to provide a controlled and registered connection of information systems of public administration entities to services (applications) provided by information systems of other public administration entities with defined security and SLA parameters, i.e. access to eGovernment services. |
| |
| CMS can thus be called a private network for the performance of public administration on the territory of the state. | CMS can thus be called a private network for the performance of public administration on the territory of the state. |
| ==== Connecting to CMS ==== | ==== Connecting to CMS ==== |
| |
| CMS as a private network of public administration uses dedicated or leased network resources for secure connection of public administration officials (PGOs) working in public administration agencies with their remote agency information systems, for secure network connection of agency systems with each other and for secure access of individual PGOs to the Internet. | KIVS/CMS, as a private public administration network, uses dedicated or leased network resources to securely connect public administration officials (OVS) working in public administration agencies to their remote agency information systems, to securely network agency systems to each other, and to securely connect individual OVS to the Internet. |
| | |
| | OVS and SPUUs access eGovernment services, such as [en:nap:propojeny_datovy_fond|connected data pool,]] exclusively through the CMS in one of the four possible ways: |
| |
| Connection to the CMS can be implemented via: | - Through the Regional Networks (currently in the Vysočina, Pilsen, Karlovy Vary, Zlín and partly Pardubice regions + more if built). |
| - Non-public KIVS operator (Regional networks, Metropolitan networks, [[nap:its|ITS of the Ministry of Interior]] and others) | - Through [[en:nap:metropolitni_site|metropolitan networks]] connected e.g. to the [[en:nap:its|Integrated Telecommunication Network (ITS) of the MVČR]]. |
| - Public KIVS operator (KIVS operator competition through the central contracting authority of the Ministry of the Interior) | - Through the Communication Infrastructure of Public Administration (CIPA) using commercial offers competed through the Ministry of the Interior. |
| - IPsec VPN | - Via the public Internet, via a secure VPN SSL or VPN IPSec tunnel. |
| - SSL VPN | |
| |
| Only the first 2 variants - Non-public and public KIVS operator - are allowed for OSS, thus communication between individual OSS is conducted exclusively via KIVS/CMS, i.e. individual OSS are obliged to access public administration information systems (ISVS) only via KIVS/CMS. | If the Authority wishes to use the KIVS, i.e. to compete through the central contracting authority of the Ministry of the Interior, it is necessary to define the requirements in accordance with [[https://www.mvcr.cz/clanek/komunikacni-infrastruktura-verejne-spravy-278660.aspx|catalogue sheets]] and then implement the purchase in the dynamic purchasing system. CMS services can also be used via [[en:nap:narodni_datova_centra|National Data Centres]]. |
| |
| | Only variants 1 to 3 are admissible for the Public Procurement Service (PPA), so that communication between the PPAs is conducted exclusively via the KIVS/CMS, i.e. the individual PPAs are obliged to access the Public Administration Information Systems (PIS) only via the KIVS/CMS. |
| === IPsec and its pitfalls === | === IPsec and its pitfalls === |
| |
| With the exception of the so-called operational information systems listed in Section 1(4)(a) to (d) of Act No 365/2000 Coll., on public administration information systems (ZoISVS), Section 6g(3) of this Act imposes an obligation on the administrators of ISVS to provide public administration information system services via the CMS. Public administration bodies are obliged to use the electronic communication networks of the CMS by means of Section 6g(4) ZoISVS. | With the exception of the so-called operational information systems listed in Section 1(4)(a) to (d) of Act No 365/2000 Coll., on public administration information systems (ZoISVS), Section 6g(3) of this Act imposes an obligation on the administrators of ISVS to provide public administration information system services via the CMS. Public administration bodies are obliged to use the electronic communication networks of the CMS by means of Section 6g(4) ZoISVS. |
| |
| As the services of the so-called [[nap:reference_interface|reference interface]], as defined in § 2(j) of ZoISVS, are published through the CMS, the obligation imposed in § 5(d) of ZoISVS, i.e. the obligation of ISVS administrators to ensure that the links of the ISVS they administer to the ISVS of another administrator are made through the CMS, is also related to the CMS. | As the services of the so-called [[en:nap:referencni_rozhrani|reference interface]], as defined in § 2(j) of ZoISVS, are published through the CMS, the obligation imposed in § 5(d) of ZoISVS, i.e. the obligation of ISVS administrators to ensure that the links of the ISVS they administer to the ISVS of another administrator are made through the CMS, is also related to the CMS. |
| |
| In view of the characteristics of the CMS, as well as the legal aspects described above, it may also be added that the use or non-use of the CMS is a relevant factor for assessing the fulfilment of the related legal obligations, in particular the obligations in the field of cyber security or protection of personal data, as well as the obligation of sound and economic management of public funds and the obligation to prevent damage. | In view of the characteristics of the CMS, as well as the legal aspects described above, it may also be added that the use or non-use of the CMS is a relevant factor for assessing the fulfilment of the related legal obligations, in particular the obligations in the field of cyber security or protection of personal data, as well as the obligation of sound and economic management of public funds and the obligation to prevent damage. |