Application Components

From DE4A
Jump to navigation Jump to search

An application component represents an encapsulation of application functionality aligned to implementation structure, which is modular and replaceable. An application component is a self-contained unit. As such, it is independently deployable, re-usable, and replaceable. (ArchiMate® Standard, Version 3.1, The Open Group)

Solution Building Blocks, or more precisely an implementation of the technical aspects of SBB, is represented as an Application Component in the DE4A architecture.


DE4A solution overview

Application Component Description Application Service
TBD This component offers the functionality needed to do identity matching in case normal record matching (see q below) is not successful. Through this component the U is presented with a UI in order to provide additional information in order to do the identity matching. Extended identity matching UI
Authorization Controller Application component to establish which evidence types can be exchanged between competent authorities and whether this is allowed under allowed under applicable Union or national law without user request and preview.
  • Authority check
  • Legal basis check
Data Encryption/Decryption Application component providing encryption and decryption functionality (symmetrical, asymmetrical or a combination thereof).
  • Message encryption
  • Message decryption
Data Exchange Component Shares the functionality that enables the secure exchange of messages, records, forms and other kinds of data between different ICT systems. This includes data routing, except endpoint discovery. Data Exchange Service
Data Service Lookup Application component for looking up the data service(s) that can be used to request an evidence. In case of VC it returns the URL of the evidence portal.
  • Inquire routing information
  • Verifiable Credential Issuer search
eProcedure Portal Back-end Alternative Channel
eProcedure Portal Front-end
eProcedure Rules Engine Application component taking care of matching procedural requirements with evidence and establishing available and missing evidence.
  • Requirements/evidence matching
  • Procedural requirements determination
  • Available evidence determination
Evidence Interchange Back-end Application component managing the tracking of evidence requests and supporting the removal of evidences.
  • Evidence status tracker
  • Evidence request tracker
Evidence Interchange Front-end Application component bundling UI and logic to handle the status overview and preview and approval of requested evidences.
  • Evidence status overview
  • Evidence Preview
  • Evidence exception UI
Evidence Portal Back-end Shares the functionality that enables the secure exchange of messages, records, forms, and other kinds of data between different ICT systems. This includes the DID connection handling and evidence related events (VC). Generation of persistent URL which will be communicated to the DC enabling the user to return to “the right place” at a later point in time (USI). Error handling connected to evidences and rendering the evidence so it can be previewed by the user.
  • Evidence validation and extraction
  • Data Exchange Service
  • Persistent URL generation
  • Error handler
Evidence Portal Front-end This application component implements UI functionality to handle exceptions connected to evidences as well as the preview of evidences. For VC this also includes the enabler of DID connection establishment with the user.
  • QR code (UI)
  • Evidence exception UI
Evidence Query Application component providing functionality to query an evidence registry for retrieving evidence and providing an interface to expose this functionality to the outside. Evidence lookup
Evidence Type Translator Application component taking care of translating one type of evidence in MS of DC to other (potentially multiple), equivalent, type of evidence in MS of DP by using a mapping of evidences. Cross-border evidence matching
Identity Management Component Implements the functionality of user authentication. ‘Electronic identification’ means the process of using person identification data in electronic form uniquely representing either a natural or legal person, or a natural person representing a legal person. ‘Authentication’ means an electronic process that enables the electronic identification of a natural or legal person, or the origin and integrity of data in electronic form to be confirmed.
  • Authentication initiation
  • User Authentication (UI)
Procedure Management Application component handling the session management for the user. eProcedure save and resume
Record Matching Application component that provides identity matching based on attributes. Provided attributes are matched against attributes in some local registry. Identity/record matching
Session Management Application component handling the session management for the user. Completing a request for a public service might take longer than one session, e.g. waiting for evidence to be exchanged between DP and DC. Furthermore, exception flows must be considered as errors may occur in the flow. Saving the (public) service request to continue at a later point in time is therefore important functionality making the user’s life easier. The component takes care of persisting the session so it can be resumed at a later point in time avoiding that the user has to start all over again but instead can take it from he/she left off. eProcedure save and resume
SSI Cloud Agent Back-end Application component managing the DID connections and handling the VC/VP related events.
  • DID connection invitation
  • DID connection response
SSI Edge Agent Back-end Application component managing the DID connections and handling the VC/VP related events. Available VC check
SSI Edge Agent Front-end Component building UI and logic to handle DID connections and the VC/VP related events. DID connection acceptance
Trust Service Provisioning Component Implements the functionalities encapsulating the trust services functionalities. A ‘trust service’ means an electronic service which consists of these functionalities: i) the creation, verification, and validation of electronic signatures, electronic seals or electronic time stamps, electronic registered delivery services and certificates related to those services, or ii) the creation, verification and validation of certificates for website authentication; or iii) the preservation of electronic signatures, seals or certificates related to those services.
  • e-Signature Creation Service
  • e-Signature Verification and Validation Service