Interoperability
The goal of interoperability is to enable independently developed systems to co-operate over a communications infrastructure. It allows different kinds of applications do what they do best, while supporting cross-organisational business processes. The complexity of the systems and applications to integrate will often dictate an adherence to standards and agreement on use of those standards so that the systems can operate in consort.
Integration requirements such as authentication and session management are typically centralised to service all of the integrated systems. Web services or off-the-shelf brokering technologies may be employed to handle cross-language integration problems. Data integration will be required where data is collated from multiple different systems.
Departments and external customers (vendors, businesses and citizens) have many different requirements and a wide variety of standards and systems. Typically, this includes proprietary, custom and in-house developed systems. Occasionally these systems require integration with legacy systems that prevent the use of more modern and simpler approaches to integration.
Consider the following interoperability best practices when integrating systems:
- Design using object and services modelling techniques
- Use technology independent techniques whenever possible
- Build common dictionaries using metadata to describe system data and entities
- Use mature and stable standards
- Use gateways and protocol converters to resolve protocol mismatches.
Standards
Shared services integration is business-to-business integration (B2B), where the applications from one organisation directly interconnect with the applications of other organisation across a shared network. Interoperability is key and a lack of appropriate standards makes integration difficult and costly if not impossible.
Choosing standardised technologies over proprietary ones helps to safeguard your investment by providing a solid roadmap for the future and because the software/equipment is not vendor-specific, the Local Authority can shop around for products and costs that best suit their requirements.
It is important that local authorities strike a balance between components of the integrated systems that are rigidly standardised and those that are flexible enough to allow for innovation and tailored implementation by the different stakeholders and users within and outside the organisation. For example, a particular department may have significant investment in a proprietary data storage technology. It may prove less expensive to integrate that system than try enforce large-scale redevelopment to meet a particular standard.
At the application integration layer, there are a number of existing and emerging standards. Internet-based technologies, such as TCP/IP, HTML, are prevalent in the networking world and have become de facto standards. eXtensible Markup Language (XML) and Web services are also becoming ubiquitous and fall into the same category. XML defines a common alphabet for constructing words and documents that enable conversations between applications to take place. The emerging family of Web services standards such as Simple Object Access Protocol (SOAP) and Web Services Description Language (WSDL) are conventions for passing XML documents between applications. While XML is relatively established, Web services are still emerging and XML document-passing conventions can still be highly proprietary.
Often, the network infrastructure is not discussed as part of the integration effort. However, it is important that minimal requirements of throughput, Quality of Service (QoS), reliability and performance are agreed between the Local Authority and external stakeholders. These requirements will be determined according to the characteristics of the services that are to be enabled over the infrastructure.
At the network infrastructure level, Wi-Fi, WiMAX, 3G and HSDPA (or 3.5G) are the prevalent standardised technologies. The major operational differentiators between these technologies are throughput, range and capacity for mobility. Also, the level of maturity of the associated standards, the product roadmaps for each technology and regulatory issues around licensed spectrum allocation must be factored into the selection process for the local authority. Each standard has been designed with a particular use in mind, so the technology choice will be guided by project requirements. Each standard is optimised as follows:
- 3G - for cellular voice and moderate data-rate applications
- WiMAX - for mobile internet and IP services
- HSDPA (or 3.5G) for data services over cellular networks.
The local authority should look at implementing a standardised network infrastructure. Given budget and timeline restrictions, integration may be required with existing pre-standard or proprietary equipment but this should be minimised.
Security
In their shared services initiatives, local authorities must make provision to protect their own data and the privacy and confidentiality of their networked transactions and those of their customers and partners. This has to be addressed both at the infrastructure and the application layers. The following characteristics of a shared services infrastructure and current environmental trends further underline the necessity to properly address these challenges:
- Greater levels of integration with a variety of business entities both internally and externally
- Increased use of open systems based infrastructures
- The integration of existing or “legacy” systems with future systems
- Growing sophistication and complexity of integrated distributed computing systems
- Growing sophistication of rogue hackers and the criminal community.
Security must be planned into the integrated systems at the reengineering design phase. Planning for security, in advance of deployment, will provide a more complete and cost effective solution and will ensure that security services are supportable.
Security is not a once-off exercise but rather an ever-evolving process. It takes continual work and education to help the security processes keep up with the demands that will be placed on the systems. By definition there are no communications systems that are 100% secure. Residual risks must therefore be taken into account and managed. In particular, local authorities should focus to how best to secure confidential data and transactions insofar as is technologically possible in their shared services environment. Further, they should set out a policy of ongoing risk assessment with actions plans and risk mitigation strategies for any security shortcomings.
Increased use of open systems based infrastructures Use technology independent techniques whenever possible | 
