The SPOCS eDelivery concept defines an interoperability layer to
interconnect secure and trustworthy eDelivery systems
the EU Member States. The different solutions are connected via
Gateways, which are Web Services
communicating via a common SOAP
profiling as specified by ETSI TS 102 640 SOAP
binding profile, part
of the ETSI
"Registered E-Mail (REM)" specification.
The picture below shows a snapshot of solutions connected mid 2012; Romania signalled plans to join in course of 2012.
SPOCS provides a generic Gateway where national eDelivery solutions
to be connected to via an adapter to facilitate the mapping of
domestic message format and packaging to the one used
The Gatways must account for the mapping of organisational, semantical and technical layers in the different eDelivery realms:
For the „SPOCS Interconnect“ interoperability layer, the Web
Services protocol stack has been chosen as the base
For serving the particular SPOCS requirements appropriate
or protocol extensions have
been designed, all based on SOAP,
WS-Addressing, WS-Security and
underlying mechanisms for message
SAML token profiled according STORK for authentication,
and other proven technologies.
A "normalized" message format is defined, enabling the mapping of domestic message structuring/packaging formats to the SPOCS interconnect one and vice versa. First of all, this concept addresses meta information related to the payload. Many automated processes rely on meta data for further processing and distribution outside the core transport infrastructure, thus provisions must be given for interoperable cross-solution mapping of such information.
In course of the SPOCS project, the protocol was standardised by ETSI ESI as TS 102 640 "SOAP binding profile" mentioned above.
According the REM specification, SPOCS eDelivery uses REM Evidences for control, proof or notification of the dispatched message flow. In a nutshell, evidences provide for a valid proof of end-to-end message delivery. Alike the message itself, evidences can be converted from/to the corresponding domestic format for delivery status control information.
National solutions use different mechanisms and token for attesting authenticity of end entities. For this purpose, SPOCS eDelivery uses SAML-Token as specified by the OASIS "Security Assertion Markup Language" specification, used in a profiling like provided by the STORK LSP. Again, alike for the message itself, SAML token can be converted from/to the corresponding domestic format/mechanisms for authenticity attestation.
National Gateways are seen as part of the national trust domains. A single Gateway in a trustworthy manner somewhat is acting "on behalf" of the eDelivery domains/realms using this specific instance to interconnect to foreign solutions; to establish trust between the solutions interconnected via Gateways, trust must be established between these different Gateways. eDelivery Gateways must be registered in a SPOCS Trust List according to ETSI TS 102 231, among other attributes exposing X509v3 certificates used by the Gateways for SSL handshake and message signing. This transport signature is checked by a receiving Gateway to control if the sending Gateway is a trusted one inside the SPOCS Interconnect trust circle.
The present documentation consist of following sections:
For support information please see Contact.