The new ISTAT network for capturing interview data: the technological architecture

Transcription

1 The new ISTAT network for capturing interview data: the technological architecture Stefania BERGAMASCO*, Gabriele BUDANO*, Luciana QUATTROCIOCCHI and Antonio TOMA* *ISTAT - Information Technology Division *ISTAT - Social Statistic Department ISTAT - Via Cesare Balbo Rome Italy bergamas@istat.it, budano@istat.it,quattrociocc@istat.it,toma@istat.it 1. Introduction Abstract: ISTAT has recently activated a development project aimed to deploy the information system supporting the new continuos EU Labour Force Survey (LFS). To fulfil the EU LFS ISTAT is working for the adoption of a new data collection system based on a Computer Aided Personal Interview (CAPI) technique. A net of 350 professional interviewers recruited by ISTAT carries out the interviews. They have to interview households and afterwards have to send the interview data to head-office with a daily frequency. The purpose of this paper is to illustrate the communication system that is being developed. The communication system is based on a secure virtual private network (SVPN) for the interviewers based on the IP-Provider supplying PSTN, ISDN, GSM, GPRS technology for transmission. Keywords: network system communication, networking security, interviewers' network ISTAT has recently activated a development project aimed to deploy the information system supporting the new continuos EU Labour Force Survey (LFS). To fulfil the EU LFS ISTAT is working for the adoption of a new data collection system based on a Computer Aided Personal Interview (CAPI) technique. A net of 350 professional interviewers recruited by ISTAT carries out the interviews. The main tasks of the interviewers are the following: To receive weekly the file containing the list of households, the questionnaire updates and the formative and informative material; To contact the households; To carry out CAPI interviews; To transmit every day the files containing the data collected and the list of interviewed households; To communicate any problems about contacts and interview, notebook hardware and software. Besides, every interviewer is monitored by a regional supervisor and by ISTAT LFS head- 167

2 Stefania Bergamsco, Gabriele Bubano, Luciana Quattrociocchi and Antonio Toma office. So both the organisational and technological architecture can be modelled like three level distributed architectures[2]. In addition the monitoring system and the receiving system of data interviews have to be located on ISTAT Intranet, otherwise a real-time control of the continuous survey should not be possible. This brief description of the system functional requirements points out that the main issues about the deployment architecture is the availability and reliability of system communication and the networking security. To sum up, the targets of the architectural design are: faster data speed rate and always on mobility; instantaneous connection set-up; support for multiple protocols, including IP; security system in order to guarantee the data security and integrity and interviewer authentication. In the next chapters we describe the technological solutions that ISTAT is going to deploy. 2. The global architecture for the interviewers' network The role of the system communication is to connect the interviewers to the central part of the CAPI system, transfer data between CAPI database and the interviewers CAPI notebook In the following figure we describe the overall architecture of interviewers' network. Figure 1 The interviewers' network In the above representation we can see that the system is a complex system that we can subdivide in three main subsystems: A CAPI sever in which are stored questionnaire versions, data interviews, all information 168

3 The new ISTAT network for capturing interview data: the technological architecture related to monitoring and households' list. This CAPI server represents the heart of system; A multi-way connection from a physical point of view: the interviewers can connect by PSTN, ISDN, GSM and GPRS; this service is supplied by an Italian telecommunication company via an IP provider service; The SPVN: the network infrastructure that allows sending and receiving confidential data by strong authentication and strong encryption; this solution is tightly integrated in the ISTAT secure network project. 3. The communication system In order to obtain a whole solution for system communication able to provide a "transmission from everywhere", ISTAT is evaluating a service offered by an Italian telecommunication company WIND, which supplies a mobile office service based on GPRS technology integrated with the IP-provider WINDIP-VPN solution. Before to present the solution we have designed we introduce a glossary finalised to explain the architecture. Glossary GSM: Global System (for) Mobile (Communications) ADSL: Asymmetric Digital Subscriber Line PSTN: Public Switched Telephone Network ISDN: Integrated Services Digital Network GPRS: General Packet Radio Service GGSN: Gateway GPRS Service Node SGSN: Service GPRS Service Node HLR: Home Location Register PVC: Permanent Virtual Circuit ATM: Asynchronous Transfer Mode VPN: Virtual Private Network AAA: Authentication, Authorisation and accounting CPE: Customer Premises Equipment NAS: Network Access Server BAS: Broadband Access Server POP: Point Of Presence 3.1 The integrated GPRS and IP-PROVIDER solution GPRS is an enhancement to existing GSM that introduces packet data transmission, enabling always on mobility. This means that users can choose to be permanently logged on to , internet access and other services, but do not have to pay for these services unless sending or receiving information. GPRS is implemented by adding new packet data nodes and upgrading existing nodes to provide a routing path for packet data between the mobile terminal and a gateway node. The gateway node provides inter-working with external packet data networks for access to the Internet and Intranet. The GPRS is an ideal bearer for the IP-access which completes the bearers (PSTN, ISDN and GSM) already existing in mobile office [3]. The architecture we are going to implement is represented in the figure below. 169

4 C AB 1 2 3C * 0 # Stefania Bergamsco, Gabriele Bubano, Luciana Quattrociocchi and Antonio Toma IPWind Network Server AAA Wind Home Gateway Server AAA GGSN NAS BAS Username : user@ domain Password: pwd APN: nomeazienda. it GPRS Username : user@domain Password: pwd # tel : WindIP PSTN/ ISDN/ GSM Username : user@ domain Password: pwd ADSL Wholesale TI Figure 2 The integrated GPRS and IP-PROVIDER Solution 3.2 The communication equipment To deploy the communication system we have to start the following activities: To ask WIND for providing GPRS network. ISTAT will assign an pool of IP addresses enabling the access to GGSN node ISTAT has to set up a CISCO router connected through a leased line to the Pop Wind of Rome Sizing of access queue related to the percentage of contemporary connection in order to avoid bottlenecks. At the moment, we are developing a prototype of the communication system. The trial is aimed to gather data from interviewers using different physical connection and only one type of access system. In fact the interviewers independently from the communication system (GPRS o traditional way) have to fill a unique access form in which they will insert login and password. The equipment for the interviewers will be a GPRS mobile phone connected with their CAPI notebooks suitably configured with GPRS and traditional communication software[3][4]. 170

5 The new ISTAT network for capturing interview data: the technological architecture 4. The security issues All the information out-coming and in-coming flows of the interviewer network requires strong authentication between operators, data integrity and privacy because information exchanged are confidential. The technological solution finalised to guarantee network security we have designed is tightly integrated in ISTAT SVPN[1][3]. ISTAT SVPN is based on standard Ipsec and the Public Key Infrastructure, which allow a policy of permissions where external users can access ISTAT Intranet. The technical characteristics of SVPN are: At application level: Routing function separated by security ones Security at IP level (Ipsec) Complete transparency for user and application At hardware level strong authentication and strong encryption: Hardware random number generation Private Key based on RSA 1024/2048 bit Encryption 3DES with key up to 192 bit The extension of this global solution implemented by ISTAT to the new interviewers' network needs to set up the following security interviewer kit: A smart card where key and certificate are stored A smart card driver A CryptoIP software When the interviewers send data interviews or receive a version of the questionnaire or the households assigned, they need to be authenticated and the data have to be encrypted. Smart-card and Ipsec client provide these services. In this way, the interviewers, after the phase of strong authentication by the control of Certificate Revocation List (CRL) can directly transmit and receive information in strong secure way. The data are store in the internal server CAPI and the monitoring actors (regional supervisors and head-office) can control in real-time the field work[1][4]. The solution we are going to deploy is completely independent from the CAPI application and from the transmission network (PSTN, ISDN, GSM, GPRS) so that enhancement of CAPI software and communication system will not influence the security solution. Another security issue is concerned with the data collection incoming from the CATI Company that will carry out the CATI interviews for LFS. The households will be interviewed face to face with the help of notebooks at their first inclusion in the survey and by telephone, if possible, in the recall interviews using networked desktop microcomputer. The problem arises when we have to send and receive data form ISTAT to CATI Company[2]. The solution we have designed is the same adopted for the interviewers. We are going to provide a smart card and CriptoIp client to a one and only one workstation of the CATI Company. The access permission to our Intranet will be configured allowing data transfer between our central database and the CATI Company workstation. To sum up all the security issues related to network interviewers and CATI company are going to be solved by the architectural solution represented in the figure below. 171

6 Stefania Bergamsco, Gabriele Bubano, Luciana Quattrociocchi and Antonio Toma Figure 3 - The secure interviewers' network integrated in ISTAT-SVPN 5. Conclusion New telecommunication and networking security technologies undoubtedly help the deployment of the interviewers' network. From an organisational point of view some problems remain about the interviewers familiarity with security policy and the security process management. The management of such field operators needs to delegate other tasks to the regional supervisor like the distribution of the smart cards and their substitution in case of interviewers turnover. The other problem we have pointed out is the necessity to learn to interviewers some basic methods in order to guarantee the measure of security. Field worker, out of central control, can leave the active smart-card inserted into the notebook. So we think is extremely important to train interviewers on the aspect of security[1]. 172

7 The new ISTAT network for capturing interview data: the technological architecture References [1] Balla M. Italo, Guarino A., The secure network of ISTAT, Workshop on IT Security Management, Paris, 2001 [2] Bergamasco S., M. Gandolfo, S. Terracina, A. Toma, Action Workflow Analysis: A Methodology for Analysing Statistics Production Process, Q2001 [3] Budano G., Toma A., Servizio Mobile Office su GPRS, Internal Technical Document, 2001 [4] Budano G., Guarino A, Toma A., Integrazione del progetto rete sicura ISTAT con la nuova rete di rilevazione, Internal Technical Document,