Good Practices in Social Security. Automatic generation of secure Web services for data exchange A case of the National Social Security Fund

Transcription

1 Good practice in operation since: 2017 Good Practices in Social Security Automatic generation of secure Web services for data exchange A case of the National Social Security Fund National Social Security Fund Tunisia Published

2 2 Summary The services of the National Social Security Fund (Caisse Nationale de Sécurité Sociale CNSS) interact with each other and with other institutions, contributors and insured persons. They exchange data, which are either provided or used by the CNSS information system. These exchanges create standardization and security problems. In light of this, the CNSS has created a computer-based tool that generates automatically and on demand generic, standard and secure Web services in the implementation of its various roles in these exchanges. A generic Web service, the settings of which are determined by an SQL query and the choice of a security policy, has initially been developed. It is used by the tool to initiate a new service for a given business functionality in a few clicks. The issue or challenge What was the issue or challenge addressed by your good practice? Please provide a short description. The CNSS undertakes various data exchanges internally between its various services, and also externally with its partners: other social funds, contributing businesses and insured persons. These exchanges take place through various media: access points (ad hoc), s and magnetic, optical or paper media sent by courier or by registered post. In them, the CNSS information system may be either a supplier or a user of the data exchanged. The use of the media described above creates standardization problems. This is because, regardless of the medium used, the CNSS must agree in advance possibly with an external partner on the format of the exchange: the structure (syntax) of the exchanged data and their meaning (semantics). This task can be highly complex and involve exchanging a large amount of documentation. Furthermore, most of the media used raise questions about security: How can the origin of the exchange be identified with confidence (authentication)? How can it be proved afterwards that an exchange actually took place (traceability)? How can it be ensured that the exchanged data have not been damaged during the exchange (integrity)? How can it be ensured that only the recipient of the exchange is authorized to read the contents (confidentiality)? Addressing the challenge What were the main objectives of the plan or strategy to resolve the issue or challenge? List and briefly describe the main elements of the plan or strategy, focusing especially on their innovative feature(s) and expected or intended effects. In order to implement the CNSS s role in the exchange of data between its own services or with external partners, the following main objectives were set: A standard framework should be available for the exchange of date, independent of technologies and/or platforms, whether internally (between the various services of the CNSS) or externally (with its partners). This objective was motivated by the need to support exchanges with heterogeneous information systems, whether with external partners of the CNSS or within the CNSS information system itself, in order to ensure interoperability between new and old applications.

3 3 Properties such as authentication, integrity, confidentiality and traceability of exchanges must be guaranteed. These security needs are important whether exchanges are internal or external, because satisfying them has the effect of empowering the different parties and creating an atmosphere of trust among them. The costs of the study and of creating the tools allowing for data exchanges needed to be simplified and minimized. This would allow the CNSS to strengthen its collaboration with its external partners but also to improve the integration and urbanization of its own information system. To achieve these objectives, the CNSS chose to use Web services, which represent a good solution for the standardization and securing of exchanges: Firstly, because they allow us to encapsulate existing business functions and display them via standard and self-described interfaces. (In the case of the CNSS, most of the business expertise is uniformly implemented in databases in the form of stored functions and procedures which, it was felt, would greatly simplify the task). Secondly, because the use of so-called SOAP-oriented Web services provides the benefits of a rich set of (widely used and recognized) standards addressing security and implementing cryptographic techniques (encryption and electronic signature) to guarantee the confidentiality, integrity and authentication of exchanges. With this in mind, it was decided to develop the automatic generator of secure Web services. In concrete terms, the first step was to develop a Web service pattern with the task of executing a given SQL query. To use such a service, a client must call it up, specifying its own values for the query parameters. The service then executes the query with the parameters supplied by the client, and returns a matrix containing the results. This pattern comes in several versions, each corresponding to a given security policy, for instance: a security token authentication: username/password; the signing of the query body (respectively response body) by the service; the encryption of the query body and response body by the service; the signing and encryption of the query body and response body by the service. The next step was to develop a Web services generator that would accept an SQL query, a choice of given security policy and a set of security parameters as its input and generate the corresponding Web service by manipulating the patterns described above. Targets to be achieved What were the quantitative and/or qualitative targets or key performance indicators that were set for the plan or strategy? Please describe briefly. The following objectives were set to validate the solution obtained: The tool must be used to introduce a new integration between two existing applications in the CNSS s application set. The tool must be used to standardize an integration (already in place) between two existing applications in the CNSS s application set.

4 4 A quality objective associated with the previous point was to prove that the effectiveness, reliability and cost in terms of the development of the new integration are better. The tool must be used to display a data access point intended for an external partner (for example, another social security fund). The tool must be used to generate a Web service to be used by a mobile application (for example, insured persons or managers of contributing companies). A quality objective associated with the two preceding points was to submit the Web services obtained to a security analysis. This was necessary given that the services were intended for use in an extranet (and on the Internet). The tool should be used by a manager familiar with the CNSS information system to generate a Web service corresponding to a need of his/her service. Evaluating the results Has there been an evaluation of the good practice? Please provide data on the impact and outcomes of the good practice by comparing targets vs actual performance, before-and-after indicators, and/or other types of statistics or measurements. The solution described in this document was evaluated against a subset of the objectives described in the previous section. As part of a project to set up a medical information system for the CNSS polyclinics, the tool was used to create a new integration between an existing computer application (pharmacy management developed with Oracle Forms) on the one hand and a new application (medical practice management developed with Java JEE that will use the automatically generated Web service to consult medicine stocks) on the other. Automatically generating the Web service in question has saved time and development costs. In order to offer CNSS insured persons the ability to look up career information and their pension estimate, the CNSS developed mobile applications exclusively using the Web services generated by the tool. A security analysis was conducted on the Web services used by the mobile applications described above. The result was conclusive: no attack on the confidentiality or integrity of the data has been encountered. In the context of data exchanges with the National Health Insurance Fund (Caisse Nationale d Assurance Maladie CNAM), Web services concerning the data needed to grant entitlement to care were created using the tool. This new mode of exchange will make it possible to avoid the exchange problems currently encountered in terms of data reliability and timing. The remainder of the objectives that were defined and have not yet been validated will be validated in the very near term: validation scenarios are currently being looked at. Lessons learned Based on the organization s experience, name up to three factors which you consider as indispensable to replicate this good practice. Name up to three risks that arose/could arise in implementing this good practice. Please explain these factors and/or risks briefly.

5 To replicate the good practice described in this document, it is essential to: 5 understand the purpose of the standards, especially as regards all aspects of security, and ensure a standardized context as much as possible: sharing the same references helps maintain interoperability; favour the re-use of existing tools over reinventing the wheel: this reduces costs and takes advantage of the maturity of existing software in the market. However, some risks must be taken into account before using this good practice: The use of Web services to standardize exchanges must have a clear justification and thus correspond to a real need. It would, for example, be counterproductive to use Web services to integrate the modules of the same computer application. Training should be provided for the technical executives who will implement this good practice. While the standards and their implementation are fairly well documented and freely accessible, they are relatively difficult to assimilate and to handle.