Difference between revisions of "Conclusions and major achievements of initial iteration"

From DE4A
Jump to navigation Jump to search
Line 6: Line 6:
  
 
[Work in progress]
 
[Work in progress]
 
Intermediate report providing preliminary conclusions.
 
 
* Onderzoeksconclusies voor iteratie 1 zijn volgens mij  onder meer:
 
** Intermediation pattern is passend voor deze zakelijke eProcedures.
 
** eIDAS is randvoorwaardelijk, maar is werkbaar met alleen een full-powers validation.
 
** Bij grootschalige uitrol is het ontbreken van genotificeerde eID’s voor ondernemingen de bottleneck.
 
** Harmonisatie van evidence is tijdrovend, maar focus op kleine dataset bleek te helpen als eerste stap.
 
** Door het via eIDAS grensoverschrijdende communiceren van nationale business register nummers is er betrouwbare record matching bij de DO (business registers) mogelijk.
 
* Onderzoeksconclusies voor iteratie 2 zijn volgens mij  onder meer:
 
** Er is behoefte aan fine-grained powers validation op een later moment. De SEMPER specificaties zijn daarvoor passend gebleken.
 
** Er is noodzaak voor het kunnen ontvangen van notificaties over wijzigingen in business registers (data changes), maar ook in notificatie over business events. Voor de pilot is een kleine set gedefinieerd die in deze setting werkbaar lijkt.
 
** Er is noodzaak voor het definiëren van een standaard voor communicatie over business events. BRIS is een goed startpunt gebleken, maar nog niet dekkend voor SDG. Voor de pilot is een kleine set gedefinieerd die in deze setting werkbaar lijkt.
 
  
 
Major achievements:
 
Major achievements:
Line 29: Line 16:
 
Main lessons learned until now:
 
Main lessons learned until now:
  
* DE4A common components to support SDG have proven to be deployable and can be integrated to national infrastructures. Alle DBA partners managed to do so.
+
* DE4A common components to support SDG have proven to be deployable and can be integrated to national infrastructures. All DBA partners managed to do so without running into any major technical or legal difficulties.
 +
* Based on extensive tests and analysis, the intermediation pattern is useful for the business procedures as defined in the SDG. The need for receiving notifications about changes in business register entries was validated during analysis and design, regarding both changes in company data and company-concerned events. Analysis shows that this need cannot be fulfilled by BRIS. For the DBA pilot, a small set of events and changes has been selected for piloting, using the Subscription and Notification pattern.
 
* Member States establish their own maximum velocity for implementing the OOP TS, and velocities differ.
 
* Member States establish their own maximum velocity for implementing the OOP TS, and velocities differ.
 +
* Establishing a harmonized evidence definition that matches  the needs of Data Evaluators and can be provided by Data Owners proves exhausting and time consuming. Focusing on a limited set increases feasibility and secures progress.
 
* Applying a step-by-step approach for implementing the SDG infrastructure, increasing complexity gradually, has proven to aid with focus and managing the implementation.
 
* Applying a step-by-step approach for implementing the SDG infrastructure, increasing complexity gradually, has proven to aid with focus and managing the implementation.
 
* Establishing an implementation project on Member State level, involving necessary competent authorities and setting priority over all these authorities, will ease the implementation of the SDG in Member States.
 
* Establishing an implementation project on Member State level, involving necessary competent authorities and setting priority over all these authorities, will ease the implementation of the SDG in Member States.
* Member States need to establish a notified eID and eIDAS infrastructure before, or at the same time of implementing the SDG infrastructure.
+
* Member States need to establish a notified eID for companies, a mandate check mechanism and eIDAS infrastructure before, or at the same time of implementing the SDG infrastructure.
 +
** Using eIDAS for the cross border exchange of company_ids, makes reliable record matching at the Data Evaluator possible, preventing unintended extra registration and securing data quality.
 +
** Fine grained powers validation for mandate checks should be the ultimate goal and SEMPER specifications match the requirements for this goal. Starting with a simpler full-powers validation turns out to be a feasible and useful first step.
 
Established infrastructure will be a good basis for future piloting activities (in iteration 2). The infrastructure can be extended with additional patterns and power validation mechanism (meaning there will not be a new infrastructure, but functionality wil be added to the established infrastructure).  
 
Established infrastructure will be a good basis for future piloting activities (in iteration 2). The infrastructure can be extended with additional patterns and power validation mechanism (meaning there will not be a new infrastructure, but functionality wil be added to the established infrastructure).  
  

Revision as of 09:29, 2 February 2022

Back to Doing Business Abroad main page

Back to main page of D4.7 Initial Running Phase Report

Back to previous Chapter: 4. Pilot Procedures

[Work in progress]

Major achievements:

  • Developed international infrastructure for cross-border exchange of company evidence by all DBA partners, by deploying and integration DE4A common components to business registers and service providers
  • Developed international infrastructure for croon-border authorization and authentication but most DBA Member Status, using eIDAS pilot nodes
  • Collected proof of proper operation of the cross border infrastructure for authentication, authorization and evidence exchange
  • Established an internationally supported evidence definition, for exchange of company-information between business registers and service providers.
  • Established design, architecture and assessment of infrastructure for cross border subscription and notification on company events, to be piloted in 2nd iteration

Main lessons learned until now:

  • DE4A common components to support SDG have proven to be deployable and can be integrated to national infrastructures. All DBA partners managed to do so without running into any major technical or legal difficulties.
  • Based on extensive tests and analysis, the intermediation pattern is useful for the business procedures as defined in the SDG. The need for receiving notifications about changes in business register entries was validated during analysis and design, regarding both changes in company data and company-concerned events. Analysis shows that this need cannot be fulfilled by BRIS. For the DBA pilot, a small set of events and changes has been selected for piloting, using the Subscription and Notification pattern.
  • Member States establish their own maximum velocity for implementing the OOP TS, and velocities differ.
  • Establishing a harmonized evidence definition that matches the needs of Data Evaluators and can be provided by Data Owners proves exhausting and time consuming. Focusing on a limited set increases feasibility and secures progress.
  • Applying a step-by-step approach for implementing the SDG infrastructure, increasing complexity gradually, has proven to aid with focus and managing the implementation.
  • Establishing an implementation project on Member State level, involving necessary competent authorities and setting priority over all these authorities, will ease the implementation of the SDG in Member States.
  • Member States need to establish a notified eID for companies, a mandate check mechanism and eIDAS infrastructure before, or at the same time of implementing the SDG infrastructure.
    • Using eIDAS for the cross border exchange of company_ids, makes reliable record matching at the Data Evaluator possible, preventing unintended extra registration and securing data quality.
    • Fine grained powers validation for mandate checks should be the ultimate goal and SEMPER specifications match the requirements for this goal. Starting with a simpler full-powers validation turns out to be a feasible and useful first step.

Established infrastructure will be a good basis for future piloting activities (in iteration 2). The infrastructure can be extended with additional patterns and power validation mechanism (meaning there will not be a new infrastructure, but functionality wil be added to the established infrastructure).


This is a preliminary conclusion. The next deliverable (final report) will provide final conclusions, based on all executed cases with all DE/DO combinations and all patters / power validation methods that have been executed until Q3 2022. But if things are only piloted once, than these are final onclusiions. But in DBA probably limited.