| Next revision | Previous revisionLast revisionBoth sides next revision |
| en:nap_dokument:pravidla_tvorby_a_udrzby_vlastni_ctyrvrstve_architektury_jednotlivych_uradu [2021/06/01 14:42] – created Tomáš Šedivec | en:nap_dokument:pravidla_tvorby_a_udrzby_vlastni_ctyrvrstve_architektury_jednotlivych_uradu [2021/08/17 14:29] – [IS VS Physical and Communication Infrastructure Rules] Tomáš Šedivec |
|---|
| First and foremost, user interfaces of ISVs and operational systems must be ergonomically optimal to best support appropriate user roles and their performance of external and internal government functions. | First and foremost, user interfaces of ISVs and operational systems must be ergonomically optimal to best support appropriate user roles and their performance of external and internal government functions. |
| |
| * The authority must have all its forms primarily in the authenticated zone of the [[nap:portaly_verejne_spravy_a_soukromopravnich_uzivatel_udaju|portal]] and allow pre-filling of data from the [[nap:linked_datovy_fond|PPDF]] using [[nap:elektronicka_identification_pro_klienty_verejne_spravy|guaranteed client identity]] | * The authority must have all its forms primarily in the authenticated zone of the [[nap:portaly_verejne_spravy_a_soukromopravnich_uzivatel_udaju|portal]] and allow pre-filling of data from the [[:en:nap:propojeny_datovy_fond|PPDF]] using [[nap:elektronicka_identification_pro_klienty_verejne_spravy|guaranteed client identity]] |
| * Agency and local portals will be expanded from informational to transactional | * Agency and local portals will be expanded from informational to transactional |
| * Transactional portal content (forms or portal application user interfaces) must be integrated (federated) with PVS - [[nap:portal_obcana|Citizen Portal]] | * Transactional portal content (forms or portal application user interfaces) must be integrated (federated) with PVS - [[nap:portal_obcana|Citizen Portal]] |
| The principle of [[nap:notification|notification]] is fundamentally of the **pull** type and without passing data during [[nap:notification|notification]]. Thus, the agenda using the data requests a list of subjects or objects for which the data has changed in the past period (typically one day). It then uses this list to actively query the data source to retrieve data according to its permissions. This ensures that during [[nap:notifications|notifications]] no data can be passed that the agenda does not have permission to. At the same time, when querying a natural or legal person, an entry is created in the basic registers and the right holder concerned is informed that the agenda has updated the data about him in its data stem. | The principle of [[nap:notification|notification]] is fundamentally of the **pull** type and without passing data during [[nap:notification|notification]]. Thus, the agenda using the data requests a list of subjects or objects for which the data has changed in the past period (typically one day). It then uses this list to actively query the data source to retrieve data according to its permissions. This ensures that during [[nap:notifications|notifications]] no data can be passed that the agenda does not have permission to. At the same time, when querying a natural or legal person, an entry is created in the basic registers and the right holder concerned is informed that the agenda has updated the data about him in its data stem. |
| |
| In case the OVS uses more than one own (local) agency information system and uses reference and agency master data, a local master data management solution must be implemented which, after the initial identification, keeps the agency master data up-to-date by receiving [[nap:notifications|notifications]] from the PPDF and does not burden the [[nap:linked_datovy_fond|linked data pool]] with continuous on-line queries. Personal data obtained in this way is stored outside other agency information systems and is only used by individual systems when necessary. This ensures the separation and security of personal data with unquestionable auditing of access to personal data. | In case the OVS uses more than one own (local) agency information system and uses reference and agency master data, a local master data management solution must be implemented which, after the initial identification, keeps the agency master data up-to-date by receiving [[nap:notifications|notifications]] from the PPDF and does not burden the [[:en:nap:propojeny_datovy_fond|linked data pool]] with continuous on-line queries. Personal data obtained in this way is stored outside other agency information systems and is only used by individual systems when necessary. This ensures the separation and security of personal data with unquestionable auditing of access to personal data. |
| |
| |
| |
| |
| KIVS/CMS is a system whose primary purpose is to provide a controlled and registered connection of information systems of state and local government entities to services (applications) provided by information systems of other state and local government entities with defined security and SLA parameters, i.e. access to eGovernment services. KIVS/CMS can thus be called a private network for the performance of public administration on the territory of the state. KIVS/CMS as a private network of public administration uses dedicated or leased network resources for secure interconnection of public administration officials (PIAs) working in public administration agencies with their remote agency information systems, for secure network interconnection of agency systems with each other and for secure access of individual PIAs to the Internet. | KIVS/CMS is a system whose primary purpose is to provide controlled and registered interconnection of information systems of state and local government entities to services (applications) provided by information systems of other state and local government entities with defined security and SLA parameters, i.e. access to eGovernment services. KIVS/CMS can thus be called a private network for the performance of public administration on the territory of the state. KIVS/CMS as a private network of public administration uses dedicated or leased network resources for secure interconnection of public administration officials (OVS) working in public administration agencies with their remote agency information systems, for secure network interconnection of agency systems with each other and for secure access of individual OVS to the Internet. |
| |
| Connection to the CMS can be implemented via: | OVS and SPUUs access eGovernment services, such as [[en:nap:propojeny_datovy_fond|connected-data-fund,]] exclusively via CMS in one of four possible ways: |
| |
| * Non-public KIVS operator (Regional networks, Metropolitan networks, ITS of the Ministry of Interior and others) | - Through the Regional Networks (currently in the Vysočina, Pilsen, Karlovy Vary, Zlín and partly Pardubice regions + others if built). |
| * Public KIVS operator (KIVS operator competition through the central contracting authority of the Ministry of the Interior) | - Through [[en:nap:metropolitni_site|metropolitan networks]] connected e.g. to the [[nap:its|Integrated Telecommunication Network (ITS) of the MVČR]]. |
| * IPsec VPN | - Through the Communication Infrastructure of Public Administration (KIVS) using commercial offers competed through the Ministry of the Interior. |
| * SSL VPN | - Via the public Internet, via a secure VPN SSL or VPN IPSec tunnel. |
| |
| Only the first 2 options - Non-public and public KIVS operator - are allowed for OSS, thus communication between individual OSS is conducted exclusively via KIVS/CMS, i.e. individual OSS are obliged to access public administration information systems (ISVS) only via KIVS/CMS. | If the Authority wishes to use the KIVS, i.e. to compete through the central contracting authority of the Ministry of the Interior, it is necessary to define the requirements in accordance with [[https://www.mvcr.cz/clanek/komunikacni-infrastruktura-verejne-spravy-278660.aspx|catalogue sheets]] and then implement the purchase in the dynamic purchasing system. CMS services can also be used via [[en:nap:narodni_datova_centra|National Data Centres]]. |
| | |
| | Only variants 1 to 3 are admissible for the Public Procurement Service (PPA), so that communication between the PPAs is conducted exclusively via the KIVS/CMS, i.e. the individual PPAs are obliged to access the Public Administration Information Systems (ISVS) only via the KIVS/CMS. |
| |
| With the exception of the so-called operational information systems, which are listed in Section 1(4)(a) to (d) of Act No 365/2000 Coll., on public administration information systems (ZoISVS), Section 6g(3) of this Act imposes an obligation on the administrators of ISVS to provide public administration information system services through the CMS. Public administration bodies are obliged to use the electronic communication networks of the CMS by means of Section 6g(4) ZoISVS. | With the exception of the so-called operational information systems, which are listed in Section 1(4)(a) to (d) of Act No 365/2000 Coll., on public administration information systems (ZoISVS), Section 6g(3) of this Act imposes an obligation on the administrators of ISVS to provide public administration information system services through the CMS. Public administration bodies are obliged to use the electronic communication networks of the CMS by means of Section 6g(4) ZoISVS. |