SADKN Portal Guidelines Report

SADKN Portal Guidelines Report, SAARC Disaster Management Centre

Page 1 of 124 SADKN Portal Guidelines Report

Table of Contents

Executive Summary ...... 3

Project Background ...... 6

Vision, Objectives and Outcomes ...... 8

Disaster Management Phases and Outcomes ...... 17

Information Flow: Information creation, capture, dissemination and availability ...... 27

Handholding guidelines for SADKN portal development and establishment ...... 32

SADKN Portal: Operational Guidelines ...... 40

SADKN Portal: Technical Guidelines ...... 64

An Approach to Development: Open Source and Proprietary Solutions ...... 76

Key Recommendations ...... 79

Annexure I - Brief On Gateway Specifications ...... 84

Annexure II – A brief on GIS interface ...... 86

Annexure III – A brief write-up about CMS ...... 91

Annexure IV - SADKN Portal: Search Methodology ...... 94

Annexure V - List of features ...... 95

Annexure VI - Comparison of Open Source Database Options ...... 98

Annexure VII – Hardware Specifications ...... 107

Annexure VIII – An Indicative Costing for SADKN Portal Development & Hosting ...... 121

Annexure IX – An Indicative OPEX for Software ...... 123

Annexure X – An Indicative Country-wise Costing for National Focal Point (NFP) ...... 124

Page 2 of 124 SADKN Portal Guidelines Report

Executive Summary

The SAARC countries are one of the most vulnerable regions to natural disasters, experiencing a wide variety of natural hazards, including floods, cyclones, earthquakes, droughts, storm surges and tsunamis. The region, which is home to 641 million people living in extreme poverty, accounts for a majority of the total number of deaths caused by natural disasters globally and shares a disproportionate burden of the global loss of life from disasters: more than 70 per cent of the casualties from major disasters in the world since the year 2000 have occurred in this region and the top most affected countries worldwide, in terms of the number of victims, are from this region

The impact of disasters can be substantially reduced if people at all levels from government officials to individuals at the community level are informed of the risks and know how to behave in case of emergency and early warning reception. A culture of disaster prevention and resilience can be attained through human and institutional capacity-building in disaster risk reduction. The sharing of information, indigenous knowledge, research results, best practices and lessons learned on hazards and vulnerabilities is the key to improving capacities Information and communications technology and disaster risk reduction. A regional network of networks on knowledge- and information-sharing and analysis, facilitated by SADKN, with the active participation of all SAARC countries, could increase the access of members to lessons learned, knowledge, and analysis.

With an objective of Disaster Risk Reduction and Management SAARC Disaster Management Centre (SDMC) has taken an initiative of creating a network known as SAARC Disaster Knowledge Network (SADKN). This web-based interface would provide an opportunity to the people of SAARC countries to have an exposure to latest Information and Communication Technology for Disaster Risk Reduction and Management activities and initiatives. SADKN aims at establishing an environment, which will encourage people of South Asia to create, learn, organize, share, and reuse knowledge.

This network would comprise of a central SADKN portal which would act as a central disaster management related portal for the SAARC (Nepal, Bhutan, Maldives, Pakistan, Afghanistan, Sri Lanka, Bangladesh and India) Countries, National Focal Agencies, participating organizations which could be research and academic institutes, ministries at central, state and local level, NGOs, etc from different SAARC countries. These member associates would provide inputs on various aspects of Disaster management and Disaster risk reductions and provide an interface to the citizens of the SAARC region for Disaster related activities and updates. SADKN portal would be the key focal point this virtual network and would play the pivot role of collaborating and coordinating among different stakeholders of the initiative.

Page 3 of 124 SADKN Portal Guidelines Report

The project has been classified in two phases or tiers. Current phase of the project comprises of formulating guidelines for the portal which would further be circulated among the SAARC countries and participating agencies for reference during portal creation or upgrade.

The report has been drafted in to three volumes. Volume I broadly define the unit, form, format and frequency of information to be shared by the member associates. Volume II broadly gives a brief about the information management life cycle and information flow and role of various participants in this regard. It also provides a handholding approach for the maintenance related activities for the SADKN portal. Volume III of the report consists of technical specifications and operational guidelines for SADKN portal development and establishment.

A tentative cost for this portal Development, implementation and hosting entirely done by SDMC is estimated to be approximately USD 90000 (with open source software) or USD 165000 (with proprietary software)

(USD = United States Dollar)

Page 4 of 124 SADKN Portal Guidelines Report

Volume I

Page 5 of 124 SADKN Portal Guidelines Report

Project Background

Global Natural Disaster Risk Hotspots project generated a global disaster risk assessment for two disaster-related outcomes: mortality and economic losses. This assessment showed that Asia, in particular East and South Asia, is at high risk for hydrological disasters, droughts, and landslides. Tropical cyclones occur more frequently in the Asian and Pacific region than in any other part of the world and are usually accompanied by severe flooding.

In addition, the impacts of climate change will be particularly acute in Asian and Pacific countries. Climate variability and extreme events pose significant challenges for economic sectors in the region—such as agriculture, water resources, health and tourism—endangering food security, accelerating the erosion of coastal zones and increasing the intensity of natural disasters, therefore impeding national efforts.

This virtual network of networks known as South Asian Disaster Knowledge Network (SADKN) has been envisaged to provide a common platform to exchange, share, and acquire Disaster related knowledge through the SADKN web portal. One of the key goals envisaged under the SADKN project is development of state-of-the-art web-based interface to organize information, knowledge, and experience on Disaster Management. This web-based interface would provide an opportunity to people of SAARC countries to have an exposure to latest Information and Communication Technology for Disaster Risk Reduction and Management activities and initiatives. SADKN aims at establishing an environment, which will encourage people of South Asia to create, learn, organize, share, and reuse knowledge.

SADKN, apart from these would also act as a platform for the following: • Knowledge sharing and analysis with the participation of relevant regional and sub- regional organizations • Strengthening policies and informed decision-making on disaster risk reduction and climate change adaptation • Promoting comprehensive preparedness planning to mitigate the impacts of disasters and the development of cost-effective and accessible technologies to support early warning at the national to community levels using a multi-hazard approach • Promoting regional cooperative mechanisms and regional resource-sharing arrangements for disaster risk reduction, including on information, communications and space technologies, to improve disaster preparedness and response in the region • Building capacities to assess the socio-economic impacts of disasters and to evaluate the financial and economic costs and benefits of disaster risk reduction for more effective resource mobilization • Encouraging development of legal and institutional arrangements, including innovative financial mechanisms

Page 6 of 124 SADKN Portal Guidelines Report

• Integrating disaster risk reduction into national, sub-national and sectored development planning • Encouraging the setting of voluntary targets for resource allocation, including by the private sector • Building capacities to evaluate financial and economic costs and benefits of disaster risk reduction to promote greater investments in reducing disasters in the region • Promoting comprehensive preparedness planning to mitigate the impacts of disasters • Promoting resource-sharing arrangements in the region • Calling on the international donor community to increase its funding support for regional and national activities for disaster risk reduction and the implementation of the Hyogo Framework for Action • Strengthening regional cooperation mechanisms for implementing the above-mentioned regional activities on disaster risk management and risk reduction

Page 7 of 124 SADKN Portal Guidelines Report

Vision, Objectives and Outcomes

“To develop a world class Disaster Management network for SAARC countries, to provide a common platform for information sharing and develop a knowledge base to reduce the disaster risk and minimize the impact of disasters in South Asia.”

The objective • To create an one stop source of information on disaster management in SAARC • To create a network of government, research/ academic institutions, non-government organizations, in SAARC Asia on disaster management • Provide immediate access to documented and published information contributed by the networking organizations in the field of disaster management • Provide an organized collaborative Knowledge base (K-base) to organize and locate information easily • Establish an environment, which will encourage people of SAARC to create, learn, organize, share and reuse knowledge

Outcome • Provide platform for regional co-operative mechanism and resource sharing arrangement • Strengthening support for reducing disaster risk in the member countries • Providing rehabilitation and reconstruction assistance following disasters • Provide Country Partnership Strategy Guidelines • Assistance in sustainable institutional structures and good governance • Assistance in Risk identification, monitoring, early warning, and public awareness • Assistance in technical and physical risk mitigation • Building resilience, promoting innovation, knowledge, and education • Risk sharing and risk transfer • Assistance in preparedness, effective response, and sustainable recovery

Page 8 of 124 SADKN Portal Guidelines Report

SADKN Portal: A Gateway to Information on Disaster Management SADKN web portal will act as the central point and be the common platform for knowledge sharing among the SAARC Countries. SADKN portal will provide SAARC countries with ready access to clear, understandable, user-friendly information about emergency management and the Government organizations and updates about the disaster and other services like that of weather forecast etc, that are integral to managing disaster among SAARC countries.

The portal will be the gateway for information access including information on major hazards, both present and historical including tropical cyclones, earthquakes, tsunamis, volcanoes, floods, and wildfires. The portal will contain the information on a cyclone in Bangladesh which had a destructive impact on the masses, etc. SADKN will provide decision makers with the needed geospatial context for assessing risks and communicating about natural hazards and the exposure that people and infrastructure have to these hazards. It will contain the entire range of the disaster management life cycle from hazard assessment, to early warning, to response and recovery operations.

The portal will provide information on the following questions thus creating the sharing of knowledge for the purpose of creating learning effects among the SAARC countries

• The proneness of a region to a particular disaster • The occurrences and intensity of the disaster • The location of the affected area, and the level of current hazards • Number of people likely to get affected • Severity of the disaster on the infrastructure

It has been envisioned that information flow across SADKN happens in a unified form and format keeping in line with the international convention for such information. Information flow can be mapped in terms of unit, form, and frequency and it is recommended that the flow of information happens in a prescribed unit, form, and frequency.

Unit: Unit of information is the relevance of information available compared to the information required. It is highly important for all the SADKN stakeholders to understand what information is to be sent or posted on SADKN portal under different situations or different phases of disaster i.e. Pre disaster, Post disaster and During disaster. It is of critical importance to have information availability pertaining to the specific disaster event in context. For example, information should be available to the common citizens of the SAARC region regarding flood alerts and flood disaster management steps whenever there is a possibility of flood. Unit of information can be gauged under the following three levers

Page 9 of 124 SADKN Portal Guidelines Report

Timeliness: Refers to the time when information is sent or received. Availability of timely information is the crucial cog in disaster management domain. For example: timely alert or information for an impending disaster to the administration, local communities, citizens, etc can help in mitigating disaster impact and go a long way in disaster risk reduction. Tsunami warning system developed after the devastating 2004 Tsunami, has been of great help in alerting the ship crews, coastal population, etc regarding any tsunami update.

Scope: It is the completeness of the information. It intends to give a holistic view of the situation or the disaster. Incase of a flood, it should contain information about the coordinates or location details of the impacted areas, etc.

Actionable: the information should be actionable upon; it is one of the main criteria of the unit of information. Suppose a rehabilitation activity is being carried for a disaster like flood in Patna district, Bihar, India, the exact coordinates of the location will be required by a helicopter pilot to drop food and essential commodities for the victims of the flood. In absence of the geographical co ordinates, the timely and effective relief measures cannot be under taken effectively

Forms of the information: The format of the information can be of many types like that analog, digital, maps, tabular. The format of the information largely depends upon the source of information. Suppose the source of information is satellite, it will be in the form of maps

Format: The format of information can be of various types like, web enabled information, public domain information which is available to all the members of the SADKN portal or to whoever logs on to the SADKN portal, or restricted access information, only for the members with valid access ids etc. Since the nature of the information could be different, like some information could be highly secret but is very important to be shared with some expert group. In that case the information could be sent under restricted access format, which would be accessed only be the members with restricted access permissions.

Frequency: The frequency for updating largely depends on the severity of the disaster. The severity is a function of the area being affected, the loss of economy and lives caused and the lifecycle of the disaster. When talking about the frequency, for earthquake alerts rapid maps could be provided early i.e. within 2 hours time but the detailed mapping could not be provided in 2 hours as it requires more time. Though rapid maps are informative but lack detailed information, whereas the detailed map contains lots of information but they are not available in short period of 2 hours. Serial Number Type of disaster Frequency

1. Earthquake 2 hrs by rapid mapping 2. Flood 6hrs 3. Draughts 7-14 days 4. Cyclone 30 minutes

Page 10 of 124 SADKN Portal Guidelines Report

Volume II

Page 11 of 124 SADKN Portal Guidelines Report

SADKN will be a Knowledge Portal consisting of Regional Chapters and National Chapters for all the SAARC countries which will be designed, developed, hosted and maintained by SDMC. The member countries will assist in updating the content and maintaining the national chapters through remote login facilities provided at the NFP through a client system. The NFPs will collect information from the participating institutions, organizations of their respective countries. Thus the SADKN portal will be designed, developed, hosted, maintained, and upgraded by the SDMC while the content of the national chapters would only be updated and maintained by National Focal Points (NFPs) of the respective countries.

An Implementation Agency (IA) would be hired by SDMC for portal design, development and content management. MoUs will have to be signed in between the SDMC and partner countries NFPs for regular provision of data and information. The NFPs will be required to select a fulltime consultant, known as National Focal Point Coordinator (NFPC) who would be assigned the task of data collection from the partner organizations, data digitization and validation and would be under the direct control of the NFPs of those respective countries. The data would be updated through the remote login from the client machine on the respective National chapters which in turn will be mirrored on the main SADKN portal. The NFP will be provided with a dedicated client machine along with printer and scanner to perform the routine tasks and the cost of the same will be borne by the SDMC. The NFPs would also be required to sign MOUs with the participating organizations for sharing of data and knowledge on disaster and risk management in the format specified by SDMC. The people in the SAARC countries and elsewhere would be able to access the information by simply typing the url of the state-of-the-art-portal.

The SADKN Portal is explained in the next sections in details.

Information Services: Information services are the category of services in providing the static and dynamic data regarding a particular disaster in a country in past as well as in present. In the first phase the portal will be a basic informational portal but later the information services like dynamic weather forecast, satellite mapping, and other services can be incorporated. It will also provide the basis of usage of funds and other relief services provided by different communities and organization for post disaster activities. The real time availability of information on disaster management will be available in the later phases

Transaction Services: Transaction services include managing donations and other relief activities from different communities and organizations. The transaction service will not be available in the first phase of the portal development, but will be incorporated in later phases. The Portal should provide a set of MIS reports to the identified Stakeholders for the purpose of monitoring prioritized services which can be accessed through the Internet.

Page 12 of 124 SADKN Portal Guidelines Report

SADKN Portal would be hosted at Government Data Centre or Commercial Data Centre and it is highly recommended that this model is adopted rather creating a new data centre for the purpose of hosting the SADKN portal. Functionally, the portal should be accessible through Internet or Mobile devices. All these delivery channels should access the application through a Firewall and using secured communication.

The SADKN Portal (along with the National & Regional Chapters) along with would cater to the following needs of the SAARC Countries:

• Policies and Guidelines : The SADKN web portal would have the policies and guidelines on disaster management of all the SAARC countries. The policies and guidelines would be containing the National level policy on disaster management, guidelines on disaster management, the national strategy ion disaster management, national plans on disaster management etc of all the SAARC countries.

• Classification of disasters: The SADKN portal would contain Documents, Research papers, Reports, white papers, Plan of actions etc on different disasters from all the SAARC countries. Natural Disasters:
Earthquake
Floods
River Erosion
Cyclone
Tsunami

Page 13 of 124 SADKN Portal Guidelines Report

Landslide
Forest fire
Droughts, etc

Man Made Disasters/ Human Induced disasters:
Nuclear disaster
Chemical disaster
Mine disaster
Biological disaster
Environmental disasters, etc

• Capacity Building & Training: The portal would support detailed Documents and Manuals in country specific language, pictures / photographs, small video films, information on the nearest training centers or contact details of the agencies providing free training etc. Besides these the other features to be covered are o Trainings of volunteers contribute towards creating response capacity on a larger scale. o Training of trainers’ sessions helps to build local capacity in empowering the communities and having the capacity at the local level. o Trainings along with manuals/kits/equipment help communities to retain the messages and practice their skills. o Involving the Government and utilizing their expertise contributes towards ownership and sustainability.

The training documents, manuals, short films on training modules could be provided on varied topics like, search and rescue, disaster assessment response, emergency first aid and distribution of first aid kits, livestock management, livelihood diversification, health and hygiene and distribution of health & hygiene kits, soil and water testing, agriculture management, etc

• Early warning system: Details of various early warning systems could be posted on the SADKN portal. The details could be provided by various stakeholders of the SADKN portal. Also the participating research and scientific agencies, and other expert agencies associated with the National focal agency of each of the SAARC country could provide details on detecting a early warning signal in there respective field of expertise. Other features on the related topic includes;

Establishment of emergency management committees/and their capacity building

Rehearsals/simulation of emergency response scenarios is an effective way of retaining early warning information

Development of village evacuation & flood management plans

Page 14 of 124 SADKN Portal Guidelines Report

Development of district disaster management plan

Installation of water level indicators & gauges

Distribution of loud speakers

• Infrastructure Support: The details to build safer earthquake and flood resistant infrastructures could be provided on the portal. Various other details on the infrastructure development in the earthquake, landslide, cyclone, flood prone regions could also be provided

• Advocacy & Public awareness: For increasing the public awareness SADKN portal could contain the details on the following: Media sensitization workshops

Details on awareness sessions for students, communities & other stakeholders

Seminars and workshops details for key stakeholders

Details on Public theatre, role plays and drama etc.

• Small Scale mitigation works details: The details on small scale mitigation works could be provided in documented form on the SADKN portal. The details could be provided in works like, How to build emergency shelters quickly

How to establish Establishment of water and testing laboratory

Construction of wells & installation of hand pumps

Benefits and ways of Tree plantation

Construction of retaining walls

Integrated water efficient schemes

Flood protection wall

Debris flow protection work

Rain water harvesting techniques

• Mapping & Data Computerization: The SADKN portal would contain tools for computing and preparing, Generating hazard & vulnerability Maps

Preparing an inventory of all hazards faced by the community in the target area

Preparing and storing baseline data available on most hazardous sites for further investigation and mitigation

Page 15 of 124 SADKN Portal Guidelines Report

Storing historic profile of hazards and their impacts

Detecting vulnerable population and elements at risk to each hazard

The other related topics that would feature on the SADKN portal are:
Role of NGOs
Role of corporate
Facilitation of Co-ordination
Research & Dissemination
Institutional Strengthening
National chapters

Page 16 of 124 SADKN Portal Guidelines Report

Disaster Management Phases and Outcomes

Disaster Management comprises of numerous activities involving multitude of stakeholders and organizations which have to coordinate and work together for the task at hand. Time constraint adds an additional dimension to the Disaster Management paradigm. Some of the key components and constraints which need to be given adequate attention during the SADKN realization are listed as follows: • Involvement of stakeholders at various levels • Time constraint • Facilitation for decision making authority by providing relevant and timely information • Changing environment from time to time, dynamism of the situation • Nature, frequency and location of the disaster

This section provides an overview of the Disaster Management with respect to the following phases: • Pre-Disaster • During Disaster • Post Disaster

Pre Disaster SADKN has been envisaged as a common platform for sharing of information, knowledge and experience among the numerous participants and stakeholder nations. This would also enable the citizens of SAARC region in freely communicating and collaborating with each other for disaster related domain and at the same time provide a window to them for interacting with domain experts and institutes.

Some of the core outcomes as envisaged under the Pre Disaster paradigm are listed in the following table.

Outcomes Activities / Tools Creating awareness among • RSS feeds regarding Disaster related information stakeholders especially citizens • e-Newsletters, e-mails alerts, etc • Communities, blog for group discussion, online polls, etc • Games, quiz modules related to disaster information for youth and children • Community driven initiatives for creating awareness using the SADKN platform

Page 17 of 124 SADKN Portal Guidelines Report

Common Platform for • Knowledge base including reports, documents, Information and Knowledge articles Sharing related to Disaster • White papers on various aspects of Disaster Management Management • Blogs, Group Discussion Forums • Archive & History section containing details about all major disaster events • Repository on Life cycle of various disasters • Access to Expertise knowledge on disasters including latest R&D results Capacity Building • Specialized Online training modules based on the Life Cycle of specific disasters • Option for Live Chat with Experts on different types of Disasters • Specific documents related to different disasters indicating Dos & Don’t • Use of techniques like flash animation, video feeds, webcasts, etc indicating specific steps to be undertaken in case of specific disaster • Information on Community based camps for Disaster Management Training in nearby localities, areas, etc • First Aid training modules • Undertaking new Research & Development initiatives for Disaster Management involving stakeholders at various levels Disaster Risk Reduction • Key learning from previous experiences including Dos & Don’t during specific cases of disaster • Information on Projects / Schemes undertaken for Disaster Risk Reduction for specific disaster events like INCOIS for Tsunami Warning System, etc

Page 18 of 124 SADKN Portal Guidelines Report

The basic intent of developing the SADKN portal is sharing of information, knowledge, and experiences of various stakeholders and participants among various groups of people including citizens of the SAARC countries. Stakeholders of SADKN portal can post information on their areas of expertise on their associated portals related to Disaster Management and Risk Reduction which would be available for all the users. Information sharing can happen through any relevant piece of information on disaster management through documents, case studies, blogs, discussion forums, live chat with experts, archives, trends of various events, findings of scientific, and research institutes etc. Recent News updates and new posting could be sent as an email alerts to the users registering for the service.

Another key objective of SADKN would be capacity building and creating awareness among citizens of the SAARC countries for disaster risk reduction and management through online trainings, web seminars and educational videos (based on flash technology and video feeds). Special online games and quiz activities should be used as an option for inculcating awareness among the children and youth.

Information available on SADKN portal in good times shall keep stakeholders informed to plan better for future Page 19 of 124 SADKN Portal Guidelines Report

During Disaster Communication during the disaster is the key aspect in managing a disaster. During emergency situations, the information can be provided by the respective associate members of the National Focal Agency to the SADKN Portal. The following table lists the core outcomes under the During Disaster paradigm.

Outcomes Activities / Tools Disaster Management • Link for Missing Person Registry Module • Link for Shelter Registry Module • Link for Volunteer Registry Module • Centralized Help Module for information on o Blood donation camps o Money donation options o Miscellaneous help • Expertise inputs and guidance for tackling the disaster incident • Link for disaster specific Dos & Don’t activities Information Sharing • Latest information on the specific disaster incident • Updated news about the disaster events across the world • Email / SMS alerts to the Nodal Officers of the identified agencies involved in the each country about the disaster incident • Option for Live Chat with Experts on specific disaster information and guidance Coordination & Facilitation • List of identified Organizations / Institutes / Communities having capability and expertise for handling the specific disaster incident type along- with contact details and the Nodal Officer details • Updates about various initiatives, steps, etc undertaken at Government / Organizational / National Focal Agency / Community level for disaster incident management • Information on hospitals / primary health centers / police stations / civil defense camps / schools / stations (railway & bus) etc in and around the disaster affected region • A centralized information demand-supply dashboard for resource requirements (food, medicine, medical supplies, money, volunteers, clothing, camps, etc)

Page 20 of 124 SADKN Portal Guidelines Report

Page 21 of 124 SADKN Portal Guidelines Report

Post Disaster During the Post Disaster scenario, major efforts are concentrated on the rehabilitation and construction activities. However, it is of utmost importance to analyze the causes of the disaster and if possible, take preventive and corrective steps as necessary to avoid any future recurrence of the incident.

The following table lists the core outcomes under the Post Disaster paradigm

Outcomes Activities / Tools Disaster analysis • MIS reports, graphs, etc to present the available information for analytical purposes related to the disaster incident • Common platform for numerous stakeholders to seek and provide relevant analysis and inputs which can be further utilized by the competent authorities (including Respective Government, SDMC) to take an informed decision and plan for the future Rehabilitation • Latest information on the specific disaster incident • Option for Live Chat with Experts on specific disaster information and guidance such as Civil construction experts, Medical experts, Post disaster trauma experts, etc • Help module for information and details on o Blood donation camps o Money donation options o Missing person registry module o Volunteer registry module o Shelter registry module • Information and contact details of the involved agencies and organizations along-with details of Nodal officers Coordination and Facilitation • List of identified Organizations / Institutes / Communities having capability and expertise for handling the specific disaster incident type along- with contact details and the Nodal Officer details • Updates about various initiatives, steps, etc undertaken at Government / Organizational / National Focal Agency / Community level for disaster incident management

Page 22 of 124 SADKN Portal Guidelines Report

• Information on hospitals / primary health centers / police stations / civil defense camps / schools / stations (railway & bus) etc in and around the disaster affected region • A centralized information demand-supply dashboard for resource requirements (food, medicine, medical supplies, money, volunteers, clothing, camps, etc)

For disaster risk reduction the participation of all the stake holders of the SADKN portal will be highly important and crucial. Customized MIS reports should be a critical component of the portal for analyzing the data collected and extracting meaningful information for benchmarking purposes. If the probability of occurrence of a disaster event in an area is found to be high based on the study by an expert group then this information can be further used for risk reduction and disaster mitigation. The knowledge group and experts in all the areas could analyze these findings and after discussions can come up with a solution for common benefit. Expert findings can be shared on the portal after data analysis, recent trend analysis and based on prior

Page 23 of 124 SADKN Portal Guidelines Report

experience. A risk mitigation plan can be proposed by various experts and the local area authorities could take a well informed decision to avert the natural event or to minimize its effect.

Hence during the crucial times the SADKN portal will provide single platform to all the stakeholders for having discussions and arriving at the best suited plan for Risk reduction.

A piece of crucial Information in advance on SADKN portal can help the stake holders in taking a informed decision in advance and help in risk reduction

SADKN platform should facilitate interaction and have simultaneous dialogue with all related expertise dealing with disaster management in SAARC countries and this initiative has been thoughtfully envisaged as a tool to store, retrieve, disseminate and manage information related to disaster management.

Page 24 of 124 SADKN Portal Guidelines Report

Information Management Life Cycle

Currently knowledge and experiences of disaster practitioners remain in isolated silos with individual or institutional domain. There is an urgent need of an organized common platform to capture, organize and share this knowledge and to create a versatile interface among policy- makers in the Government and disaster managers’ at all administrative level (National/State/District/Sub-District/ Community). SADKN initiative is a conscious effort for Disaster Risk Reduction and Disaster Management at Regional, National, Provincial and sub- provincial level. Numerous organizations / agencies / institutes have been envisaged to be part of the initiative which however, due to gap in information coordination and sharing cannot be realized.

Information creation, storage, retrieval, availability and dissemination would play the key role in Disaster Management. Generally, three perspectives in Information cycle management have been envisaged across the globe by various experts • Management • Application • Organization

Management focuses on capturing, organizing and facilitating information. This would involve participation from all the participating members in the SADKN initiative including Government departments, agencies, R&D and academic institutions, expert individuals, international communities, etc.

Page 25 of 124 SADKN Portal Guidelines Report

Application focuses on effective retrieval of relevant content through advanced searches and mining to conduct knowledge-related work and tasks and on the use of the results for discovery. Information should be updated and stored at the SADKN system and network of portals by the participating members and associates as described in the ensuing section.

Organizations focus on learning, sharing and collaboration. This is the education component and would lead to creating awareness and capacity building for disaster management paradigm which would be facilitated by availability of information about disaster preparedness, dos’ and don’ts in emergency, disaster management plans, policies and guidelines available in various domains related to disaster management.

Information management is not only about capturing best practices and experiences people have and store it in a database with a hope that it will be useful later.

Information management is all about getting the right kno wledge, in the right place, at the right time

This initiative aims at connecting all participating government departments, statutory agencies, research organizations/ institutions to share collectively and individually their expert know-how’s. The exchange should be facilitated through online interaction, e-workshops, documentation of experiences, sharing information on SADKN Portal etc.

Page 26 of 124 SADKN Portal Guidelines Report

Information Flow: Information creation, capture, dissemination and availability

Information sharing among SAARC is the most important aspect of the SADKN portal; hence information flow should start from the gathering of information and further creating and uploading the information on the portal and thus making the information available to the different stakeholders. The information available with the different countries can be made available by digitizing and uploading the available hardcopy of the journals, reports, research papers, and white papers thus creating a database based on the available information (digitizing the hard copy available). The information stored in the database will be made available to the citizens of the SAARC countries through the SADKN Portal.

The information flow will happen from the lowest level (member associates) of the SADKN network to the highest level (SADKN portal) and this would be a measure of the success of the project and the associated envisaged objectives. The information is provided to the SADKN Portal by the respective NFP. The flow of information occurs from the respective agencies to the NFP.

Nature of information should be categorized with respect to three critical parameters, namely, location, disaster type and disaster frequency. Such categorization would help in analyzing and finalizing the information in terms of unit, form, format and frequency of update. These terms have already been defined in volume I of the guidelines.

Information in the predefined format, unit and at specified frequency should be uploaded to the main SADKN portal in the form of a .pdf file. Specifics of the unit, form, format and frequency of the information have been defined in the volume I of guidelines.

Every associate member organization / agency / institute should clearly identify a nodal officer. Nodal officer should report to the PMU and would facilitate and coordinate on behalf of his / her organization / agency / institution with National Focal Point, PMU and other participating members. Nodal officer would serve as the single point of contact on behalf of his / her organization and should be in the capacity of taking key decisions with respect to information sharing and support for realizing the SADKN initiative.

Page 27 of 124 SADKN Portal Guidelines Report

Apart from the organizational nodal officer, a team of dedicated and qualified resources from the organization should also be identified whose role would be to update the requisite information on the SADKN portal. This team would report to the Nodal officer from the respective organization / agency / institute. Before publishing the data and information on the SADKN portal, Nodal officer should review the same and provide approval for uploading the information on the portal.

Information can be classified in to critical / non-critical information and public / restricted information. Information identified as public should be published in the open space of the SADKN portal and would be available to all the users. Such information can include training manuals on disaster management, warnings on bad weather situations, etc..

Information in the SADKN network should be classified as Critical and Non Critical

A clear Memorandum of Understanding (MoU) should be entered with the participating agencies / members and National Focal Point and SDMC in this regard. Information which can be shared by the associated members should be clearly demarcated and be a part of the MoU.

Page 28 of 124

SADKN Portal Guidelines Report

It is important to motivate and encourage the participants to proactively participate in this initiative and efforts of such members should be recognized and applauded. An incentive based scheme should be adopted for such purposes.

Incentive / Scheme Target Audience Frequency Individual Certificate of Merit based on contribution Individuals Every 3 months to Knowledge base / News / Concepts papers / Innovations / Citizen Journalism Certificate of Merit based on contribution to Organizations / Every 3 months Knowledge base / News / Concepts papers / Agencies / Institutions Innovations Recognition as Champion in Disaster Management. Individuals 6 months This should be awarded to individuals who have been nominated more than once for Individual Certificate of Merit Recognition as Most Contributing Group in Disaster Organizations / 6 months Management paradigm. This should be based if the Agencies / Institutions associate group / organization has been nominated more than once for Group Certificate of Merit Medal of Honor for individuals and groups who have Individuals and Yearly been awarded Champion Certification and Most Organizations / Contributing Group in Disaster Management more Agencies / Institutes than twice. This should be followed by a 3 month / 6 month / 9 month / 12 month membership of the National Focal Agency group. In case of organizations, nodal officer from the organization should be nominated for this honorary membership SADKN Merit Certification and Medal of Honor for Individuals and Yearly individuals and organizations who have contributed Organizations / immensely and have been conferred all the above Agencies / Institutes mentioned certificates for recognition at a Regional Forum

Page 29 of 124 SADKN Portal Guidelines Report

In phase I of portal development and SADKN implementation, information would be made available at pre-defined frequencies and in pre-defined formats at the main portal by the respective member associates. The following figure provides a holistic view of the envisioned scenario.

In the first phase, it is recommended that an informational portal is developed with very basic features such that a start is made at the regional level in the SADKN initiative. This portal should be gradually upgraded to more advanced level of functionalities and a phased approach should be adopted for the same.

Page 30 of 124 SADKN Portal Guidelines Report

Once the system achieves stability after integration of advanced features like sms alerts, missing person registry, etc SADKN portal would be integrated with similar initiatives across the globe like systems in Europe, US, Africa, etc. This should be done after signing MoU by SDMC and SADKN teams with the respective international networks.

For any disaster event, information should be posted by the identified person at the associated portal of the SADKN network. Each bit of information posted should be classified in critical and non-critical category during the time of entry. Any entry classified in the critical category shall be reflected at SADKN portal immediately and should trigger an alert management system wherein an SMS alert and Email alert are sent to the relevant stakeholders of various participating agencies.

Information on disaster events should be available on a real time basis along with disaster relief efforts, do’s and don’ts, etc on the portal. Emergency contact data and helpline numbers should flash on the portal along-with contact numbers and addresses of the local area Hospitals, Police department, Fire stations, NGO’s etc which can be referred to by users. Users should be able to register for the missing person service after entering the relevant details in the online form. Similarly, shelter and relief work information should be available to all the users and departments like NGO, Police, Hospitals, Fire offices, Forest offices, Government agencies, etc on the portal. Weather forecasts and predictions along-with expert analysis for next 24 hours should be available on the SADKN web portal.

Page 31 of 124 SADKN Portal Guidelines Report

Handholding guidelines for SADKN portal development and establishment

Entire system of portal development and implementation has been conceptualized in four phases and is depicted in the following diagram

The following table depicts the relative roles and responsibilities of PMU and the identified Implementation Agency (IA) during the four phases of development and establishment of the portal.

Phase Program Management Unit (PMU) Implementation Agency (IA) Conceptualiza • Assistance to the IA in understanding / • Carrying out brief (8-10 tion assessing the need for various functions days) preliminary study of web portal through internal surveys/ • Conducting meeting with IA for monitoring interviews for finalizing and overseeing the progress of work functionalities and need of • Review of draft portal in the developer’s the web portal environment and its finalization • Participating in the meetings called by PMU / SADKN Agency for discussions directly and indirectly related to the web portal development • Preparation of draft web portal for the purpose of its review by PMU / SADKN agency Development • Providing assistance in obtaining relevant • Preparation of brief progress data for IA reports on a weekly, monthly • Review the progress of IA through basis for review by PMU conducting periodic review meeting (report format to be provided • Facilitating and conducting acceptance by PMU testing in coordination with IA and Audit • Application Development as agency per the project scope and • Suggesting changes / modifications as agreed SLA applicable after the UAT • Carrying out suggested modifications in the portal

Page 32 of 124 SADKN Portal Guidelines Report

• Finalization of the SADKN web portal after the UAT and security when it is felt that all the features have audit been added / implemented with reference to the SADKN portal project scope Support / • Review the progress of the IA through • Carrying out final testing of Maintenance conducting periodic review meetings all the functionalities like • Conducting dry runs of the various search engine, payment functionalities in the web portal gateway, automated alert • Reviewing the results of testing and system, etc security audit of portal by the identified • Preparation of user manuals, Audit, Compliance and Certification training manuals, trouble- agency shooting guides etc • Finalization of topics to be covered in the • Arranging for training training sessions to be conducted by the sessions and handholding IA team for the identified staff of • Arranging training sessions, to be associated member with an conducted by IA team, in terms of aim of developing skills to identifying the staff who should undergo perform basic maintenance training for portal administrator, data entry and system handling staff etc and arranging for space and capabilities photocopies of training manuals, user • Providing helpdesk / manuals provided by the IA telephonic / email support to • Assessment of the quality of training the associated member • Review of the technical problems organizations for technical reported, ability of the SADKN web portal problems to serve its primary objectives related to • Provision for one dedicated Disaster Management phases (During resource from the Disaster activity period, No Disaster developing team until PMU period, Capacity building initiatives) declares the portal to be • Assessing the performance of the SADKN stable portal for the stated objectives of the project Exit • Assessing the internal capacity of the • Finalization of terms and associated member organization for conditions and charges in handling portal administration and case of renewal of contract everyday trouble shooting. Accordingly a • In case of non renewal of decision to either renew or terminate contract, handling over all contract should be taken at the end of the the relevant documents, term defined in the SLA of the IA reports etc for smooth • Finalization of terms and conditions etc in maintenance of web portal

Page 33 of 124 SADKN Portal Guidelines Report

case of renewal of contract of the IA • Appointing suitable resources for the various responsibilities to be handled in running the SADKN web portal smoothly

An overview of steps involved in Portal maintenance

A web portal grows with time with the addition of new contents and features. A portal therefore requires regular monitoring and maintenance to ensure that the quality is maintained and it meets the expectations of the user/visitors.

The PMU should sign a Service Level Agreement with the portal maintenance agency. The SLA should clearly mention all the terms and conditions, procedures and policies to be followed. Portal Maintenance Team should also ensure smooth hand holding activities.

Portal maintenance team The portal maintenance team would comprise of a portal maintenance manager who would be reporting to the PMU and would be responsible for overall maintenance of the SADKN system and portal. The portal maintenance team would provide complete handholding support for the entire SADKN system and portal.

The maintenance team should ensure that the SADKN portal function completely as per the functional specifications. They should ensure especially during the disaster time that all the alerts and related news are regularly updated, they should ensure that the time taken for portals for getting uploaded and downloaded as quickly as possible. They should provide the necessary handholding support to all the members and partners of the SADKN.

The portal maintenance manager / (or appointed person) should coordinate with the PMU and other members in order to ensure a smooth and proper flow of information. The coordination is also required to formulate policies concerning the management of content / data on the portal through its entire life cycle (creation, moderation, approval, publishing and archival).

The maintenance team would be also responsible to take care of the feed back and query mail responses to the visitors of the SADKN portal. The portal maintenance team would be responsible for overall portal performance, security and system availability.

The SADKN system and portal should be monitored and maintained for the following parameters: • Content management • Traffic analysis • Security audit

Page 34 of 124 SADKN Portal Guidelines Report

• Functionality check • Broken links review • User Feedback • Content management The maintenance team should ensure that there is smooth and proper flow of content from the ground agency to the site. It should also take care of the content quality and user satisfaction issues. The maintenance team should also ensure that obsolete data is removed / deleted and old data is archived as per the policy

• System review The maintenance team ensures that the SADKN portal is thoroughly reviewed and maintained to rule out the presence of any broken links or error. The maintenance team should set a mechanism for periodically validating links to related information. An automated report should provide a list of broken links on the portal which could be immediately corrected

• Traffic Analysis The maintenance should regularly monitor and maintain the SADKN site traffic to analyze the usage patterns as well as visitor’s profiles and preferences. A periodic report on the same should be sent to the PMU

• Performance The maintenance team should ensure that the SADKN site down time is optimized for a variety of network connections as well as devices. The maintenance team tests all important pages of the SADKN portal for this

• Feedback Feedback from the visitors is the best way to judge the performance of any website and to make necessary improvements. The maintenance team should put a proper mechanism in place to carry out the changes and enhancements as suggested by portal users

• System availability The maintenance team should ensure that the portal is available for visitors at all times 365X24X7

• Security audit The maintenance team should perform security audits on regular basis to conform that the SADKN portal is free from all kind of virus/security threats

Page 35 of 124 SADKN Portal Guidelines Report

Volume III

Page 36 of 124 SADKN Portal Guidelines Report

The SAARC Disaster Management Centre (SDMC) has taken up a project known as South Asia Disaster Knowledge Network (SADKN). The main objective is to develop a state-of-the art web- based interface consisting of Regional and National Chapters to organize information, knowledge and experience on disaster and its management at SDMC which can be accessed by the citizens of all the member countries. The member countries will have considerable participation in the maintenance and updation of the nations chapters in the SADKN portal. A NFP will be identified in the member countries along with a consultant (NFPC), which will be required to network itself with all the participating organizations having its Nodal officers. The NFPs would be able to gather information and upload the same on the National Chapters through remote login facility provided by SDMC on client-server architecture. The SADKN will thus emerge as a platform, which will encourage people of South Asia to create, learn, organize, share and reuse knowledge. It will be a network consisting of Government, private, inter-government agencies, international agencies, and NGOs dealing with all types and stages of disaster. The Governing Body of SAARC Disaster Management Centre (SDMC) has given the direction that the SADKN shall be developed in two parts:

1. The Regional Chapter which shall be designed, developed, hosted and maintained by the SDMC. 2. The National Chapters which shall be designed, developed, hosted and maintained by the SDMC in collaboration with the Member Countries of the SAARC. The Content of the National Chapters shall be maintained and updated by the Member Countries through remote login facilities provided to the National Focal Points (NFPs).

The SDMC shall appoint an Implementation Agency to design, develop, and maintain the regional and national chapters which shall be hosted in SDMC.

Page 37 of 124 SADKN Portal Guidelines Report

Technical Summary

Portals A portal represents a web site that provides a single point of access to applications and information. From an end user perspective, a portal is a web site with pages that are organized by tabs or some other form of navigation. Each page contains a nesting of sub-pages, or one or more port lets—individual windows that display anything from static HTML content to complex web services. A page can contain multiple port lets, giving users access to different information and tools in a single place. Users can also customize their view of a portal by adding their own pages, adding portlets of their choosing, and changing the Look And Feel of the interface. Technically speaking, a portal is a container of resources and functionality that can be made available to end-users. A portal presents diverse content and applications to users through a consistent, unified web-based interface. Portal administrators and users can customize portals, and content can be presented based on user preferences or rule-based personalization. Each portal is associated with a web application that contains all of the resources required to run portals on the web.

Web Sphere Portal Web-Sphere Portal is quickly becoming a standard infrastructure platform for building enterprise- class applications. But it provides much more than just this: Web-Sphere Portal delivers integrated content and applications, plus a unified, collaborative workplace. Thus we can look at WebSphere Portal from two different angles. On one hand it is a development platform for new applications, and on the other it enables the integration of existing applications and processes.

Weblogic Portal WebLogic Portal supports development of portals through Workshop for WebLogic, which is a client-based tool. We can also develop portals without Workshop for WebLogic through coding in any tool of choice such as JBuilder, vi or Emacs. Portals can be written in Java or JSP, and can include JavaScript for client-side operations.

Microsoft SharePoint Like most portal products, SharePoint allows visitors to create custom views of the Web site. Microsoft's first portal application was called Digital Dashboard. This product introduced the concept of Web parts — boxes of information on a page that represented a summary or overview of information. (Other vendors referred to these items as "portlets.") By assembling multiple parts on a page, each user could customize his view of the portal to contain the information that pertained to them. In theory, every visitor of the site could have different content at the same URL. However, the technology behind the Digital Dashboard was not up to the task, and it never made it out of the beta stage. Portal Server has been upgraded to run on the .Net framework and is now referred to as SharePoint Products and Technologies. The "Product" is SharePoint Portal

Page 38 of 124 SADKN Portal Guidelines Report

Server 2003 (SPS) and the "Technologies" are Windows SharePoint Services (WSS). A significant point about these two is that WSS is included with the Windows Server 2003 license. Any organization that is licensed for Windows Server 2003 can also host Websites that are based on WSS. Microsoft SharePoint, is limited to exactly ONE option for operating system (Microsoft Windows), database (SQL Server), web server (Microsoft IIS), and application server (Windows).

JBoss JBoss Enterprise Portal Platform delivers web-based composite applications and high- performance web presences. It uses enterprise standards to support a wide range of development approaches that maximize flexibility and choice for enterprise web user interfaces. JBoss Enterprise Portal Platform meets the demands of internal and external end users who require access to and interaction between back-end applications, SOA services, and Web 2.0 applications. Based on an open, reliable framework, JBoss Enterprise Portal Platform can meet the development and operational demands of the smallest tactical mashup-style application all the way up to the largest mission-critical web sites. JBoss Enterprise Portal Platform supports the new Java Portlet 2.0 specification (JSR-286) as well as other enterprise portal standards. JBoss Enterprise Portal Platform is LDAP 3.0 compliant and supports Red Hat IPA, Sun, and MS Active Directory. JBoss Enterprise Portal Platform supports multiple single sign-on solutions including CAS, OpenSSO and JOSSO.

Page 39 of 124 SADKN Portal Guidelines Report

SADKN Portal: Operational Guidelines

1. Establishment of Project Management Unit (PMU) As the project initiating step, it is of vital importance and highly recommended that the Project Management unit (PMU) be established. The basic responsibility of PMU would be to monitor the progress of the project and review the work of the agencies involved with the project.

Project Management unit is the guiding committee for the implementation till the roll out of the project. The PMU should contain people with expertise on various domains like that of: • Technology expert • Domain expert • Support staff

The project management unit will have various responsibilities like monitoring activity and managing the contents and various other activities related to the project. The PMU will report directly to the SDMC. PMU will engage in various activities mentioned below

Page 40 of 124 SADKN Portal Guidelines Report

(i) Identification of stakeholders, their roles, and responsibilities in SADKN implementation A large number of stakeholders at the regional, national and local levels shall be responsible for the development and growth of this knowledge portal. o SAARC DISASTER MANAGEMENT CENTER (SDMC) The SAARC Disaster Management Centre (SDMC) shall be responsible for the conceptualization, design and implementation of the SADKN in collaboration with the various other stakeholders of this project. The specific functions and responsibilities of the SDMC for the implementation of this project shall be as under :- i) Conceptualize, design, develop and give overall discretion to the project. ii) Host the SADKN portal with necessary hardware, software, content and related institutional mechanism. iii) Develop technical and operational guidelines for the implementation of the project iv) Enter into agreement with the National Focal Point of the Member Countries for the implementation of the Project. v) Mobilize resources for the implementation of the project. vi) Provide necessary financial grant to the Member Countries for the implementation of the Project. vii) Select appropriate agency for the design, development and maintenance of the portal viii) Provide necessary remote access to all the stakeholders for accessing the SADKN portal with its regional and national chapters ix) Coordinate with SAARC, UN ISDR and Member Countries for project implementation x) Provide clear guidelines on the type, unit, format or form of information required from the Member Countries and Partner Organizations xi) Provide templates and guidelines for the content writing of the National Chapters. xii) Provide necessary support, guidance and assistance to all other stakeholders for information sharing and other related issues. xiii) Devise appropriate incentive scheme to recognize the good work done by the stakeholders. xiv) Resolve difference of opinion, if any, between the stakeholders. o IMPLEMENTATION AGENCY

The SDMC would select an implementation agency for the design, development, and maintenance of the SADKN portal. The implementation agency shall perform the following activities: i) Prepare the Project plan for SADKN portal ii) Design and Develop the SADKN portal with its regional and national chapters as per agreed terms and conditions.

Page 41 of 124 SADKN Portal Guidelines Report

iii) Conduct system study and prepare the Project Initiation report after an initial assessment of the requirements iv) Prepare the SRS, Design document, UAT document, Database Schema v) Prepare the Application development as per the system project scope vi) Deploy the application at the identified data centre vii) Perform maintenance and support related activities in the Post Go-Live scenario as per the agreed SLA terms and conditions o NATIONAL FOCAL POINTS (NFP) The following National Focal Points of the Member Countries shall be the nodal institutions for the implementation of the project in the respective Member Countries:

TABLE 1: NODAL INSTITUTION OF MEMBER COUNTRIES MEMBER COUNTRY NATIONAL FOCAL POINT

Afghanistan Afghan National Disaster Management Authority Bangladesh Disaster Management Bureau Bhutan Ministry of Home and Cultural affairs India National Institute of Disaster Management Maldives National Disaster Management Center Nepal Ministry of Home Affairs Pakistan National Disaster Management Authority Sri Lanka Disaster Management Center

Role and Responsibilities of NFP The National Focal Point shall have the following functions and responsibilities: i) Enter into agreement with the SDMC for the implementation of the project. ii) Identify the various government, non-government, scientific, technical, academic and other organizations engaged in the creation, dissemination and use of knowledge on disaster management in the Member Countries to be partners of the project. iii) Institutionalize the partnerships through agreement, MoU or any other instrument as deemed fit. iv) Encourage the partners to voluntarily contribute their knowledge resources for the portal through incentives, award or certificates, as desirable. v) Collect, compile and collate the knowledge from the partner organizations and then transmit the same to the SDMC for the development of the National Chapter.

Page 42 of 124 SADKN Portal Guidelines Report

vi) Assist the SDMC in the design and development of the National Chapter through expert comments, advice, suggestions, ideas, views etc. vii) After the portal is launched maintain and update the portal on a continuing basis as per technical and operational guideline regarding maintenance to be issued by the SDMC. viii) Nominate a senior functionary of the organization to be a Nodal Officer who will be responsible for coordination with the SDMC and other partners for the implementation of the project. ix) Appoint a Consultant who would be assisting the Nodal Officer in the discharge of the responsibilities of the NFP. x) Supervise, control, and monitor the activities of the Consultant. o APPOINTMENT OF CONSULTANT AT THE NFP Each NFP shall appoint a full time Consultant to assist the Nodal Officer in discharging the responsibilities of the NFP. The SDMC shall be providing financial support of maximum USD 750 towards the remuneration of the Consultant for a period of 12 months.

Eligibility of Consultant i) Good academic record preferably with Post Graduate degree ii) Experience of working in the disaster management field for a minimum period of three years iii) Minimum of two years work experience in IT related activities and basic understandings over database generation, internet, remote logins, web security, updating and sharing, Intellectual Property Rights (IPR) iv) Minimum two years of experience in content writing and management of web portals specially knowledge portals involving multi-stakeholders v) Good writing skills in English, as demonstrated in by published articles, papers etc. vi) Proficiency and skill in the use of basic word processing and design softwares.

Functions And Responsibilities Of Consultant i) Assist the Nodal Officer of the NFP in discharging the responsibilities of the NFP. ii) Collect, compile, digitize and transmit knowledge resources from the partner organizations to the SDMC on a regular basis for the development of the National Chapters as per the formats to be prescribed by the SDMC. iii) Write one page profile of partner organizations and transmit the same to the SDMC as per format to be prescribed in this regard. iv) Write the draft content of the portal as per formats/ templates to be prescribed by the SDMC v) Maintain and updating the National Chapter as per guidelines to be prescribed by the SDMC. vi) Respond to the e-mails, queries, questions discussions, and clarifications. From the user group in consultation with the partner organizations/ institutions. vii) Submit periodic progress reports to the SDMC in the prescribed formats viii) Perform all such functions that may be entrusted by the NFP and the SDMC.

Page 43 of 124 SADKN Portal Guidelines Report

o PARTNER ORGANIZATIONS (PO)

The National Focal Points shall identify the potential Partner Organizations of the portal, such as:- i) Departments/ Organizations of the Central, Provincial and Local Governments dealing with any aspect of prevention, mitigation, preparedness, response, relief, rehabilitation and reconstruction of any aspects of the natural or man made disaster. ii) Early warning agencies like Meteorological Department, Water commission, Flood Control Agencies, Drought Monitoring cell etc. iii) Scientific and Technical organizations like Geological Survey, Seismic observatories, Space Research Organizations, Remote Sensing agencies etc. iv) Engineering and architectural schools specialized in disaster resistant construction- design technologies. v) Academic institutes like universities ,school of social Sciences, management schools ,etc., Specializing on the various technical , social , economic aspects of the disaster management vi) Institutions of medical research, specialization on emergency health management, disaster medical and psychosocial care, etc. vii) National and non-governmental Organization (NGOs) working on different aspects of disaster risk reduction, relief and humanitarian assistance. viii) Country offices of international organizations and multi-lateral institutions like UNDP, World Bank etc. working on various aspects of disaster risk reduction and post disaster reconstruction activities. ix) Civil society and community based organizations working on disaster management. x) Electronic, print, and folk media. xi) Corporate sector working on disaster management through the mechanism of corporate social responsibilities, Business continuity practices and private public partnerships

Functions And Responsibilities Of POs The Partner Organizations shall share all such information, data, reports and other resources, including time series and real time data, as may be hosted in the public domain for the information and awareness for different user groups and for better management of disasters at all levels.

The Partner Organizations shall provide their expert opinion and advice on all such matters as may be referred to them by the NFP or the SDMC.

The Partner Organizations may also advise the NFPs regarding the design and development of the portal.

Nodal Officer At Partner Organizations

Page 44 of 124 SADKN Portal Guidelines Report

Every Partner Organization shall designate a Nodal Officer within the Organization for the implementation of the project. The Nodal Officer should preferably have knowledge and interest in disaster management and should have basic skill in data processing and transmission. The responsibilities of the Nodal Officer shall be as under: i) Communicate with the various wings within the Partner Organization regarding the knowledge resources that can be shared in the public domain for the National Chapter. ii) Provide all such resources to the NFPs on a regular basis in digitized format iii) Update such resources regularly. iv) Handle the queries, questions and clarifications on any matter that may be referred to the POs by the NFP or the SDMC for advice or comments. v) Perform all those relevant tasks as may be required and decided by the NFPs

Activities, deliverables and time limits of the stakeholders are defined in the table below:

Page 45 of 124 SADKN Portal Guidelines Report

TABLE 4: ACTIVITIES, DELIVERABLE AND TIME LIMITS FOR COMPLETION OF ACTIVITIES BY SRAKEHOLDERS

(D) TIME FOR STAKE (C) FORMAT OF (A) ACTIVITIES (B) DELIVERABLES COMPLETION OF HOLDERS DELIVERABLES

SL NO SL THE ACTIVITIES 1. SDMC Conceptualization and overall monitoring for Develop, maintain and Web portal Web portal should the development and maintenance of populate SADKN be designed and SADKN portal network in terms of developed within 4 state-of-the-art web months after portal selection of implementation agency

Selection of implementation agency for Tender notice Work order Within one month design, development, and maintenance of of issuance of the SADKN portal with its regional and guidelines national chapters Hosting of SADKN portal with necessary Training Document for Web portal Within 4 months of hardware, software and related content the proper use of the issuance of portal guidelines Coordinate with SAARC, UN ISDR and Coordination, monitoring Administrative Regular ongoing Member Countries for project implementation Get into a legal agreement or MoU with the Legal Agreement or Hard copy of Legal Within 1 month NFPs of member countries MoU Document Agreement or MoU from release of the Guidelines It should provide necessary remote access To be provided in Notification to all Immediately with

Page 46 of 124 SADKN Portal Guidelines Report

to all the member NFPs and Partner Technical Guidelines the NFPs/ POs the development Organizations for accessing the SADKN with details of the of the portal portal remote login access Provide clear guidelines on the type, unit, To be provided in Hardcopy of the Immediately after format or the form of information required Technical Guidelines guidelines the agreement from each partner between the NFP and the SDMC It should define and allocate specified space To be provided in To be in built in the With the to each member NFP on the SADKN portal. Technical Guidelines design development of the portal It should provide necessary support, Advisories As desirable During the course guidance and assistance to all other of the stakeholders of SADKN for information implementation of sharing and other related issues the project It should resolve differences, if any, between members of SADKN It should assist the NFP in forming an alliance with the partners in their countries It should lay down the guidelines to be Guidelines to be Hardcopy and Immediately after followed by all the NFP followed by NFPs Softcopy in the the signing of the PDF format agreement with the NFP. Prepare the Application development as per As per Technical Do Do the system project scope Guidelines

Page 47 of 124 SADKN Portal Guidelines Report

Perform maintenance and support related Maintenance of the Regular intervals activities in the Post Go-Live scenario as SADKN portal per the agreed SLA terms and conditions 2. NFP Enter into agreement with the SDMC for the Legal agreement Agreement Immediately implementation of the project.

Identify the various governments, non- Preparation of an Discussion/ With in one month government, scientific, technical, academic, inventory of a minimum negotiation with from the signing of and other organizations engaged in the of 20 potential partner the potential agreement with creation, dissemination, and use of organizations partner SDMC knowledge on disaster management in the organizations Member Countries to be partners of the project.

Institutionalize the partnerships through Agreement/ MoU etc Agreement/ MoU Within 3 months of agreement, MoU or any other instruments etc signing agreement as deemed fit with SDMC Collect, compile and collate the knowledge To be prescribed by To be prescribed During the course from the partner organizations and the SDMC by SDMC of development of transmit the same to the SDMC for the the portal development of the National Chapters.

After the SADKN portal is launched To be prescribed by To be prescribed After the SADKN maintaining and updating their respective SDMC by SDMC portal is launched national chapters on a continuing basis as per technical and operational guideline regarding maintenance to be issued by the

Page 48 of 124 SADKN Portal Guidelines Report

SDMC.

Nominate a senior functionary of the Administrative Order Administrative Immediately after organization to be a Nodal Officer who will Order the agreement is be responsible for coordination with the signed with SDMC SDMC and other partners for the implementation of the project.

Appoint Consultant who will assist the NFP As provided in the Appointment letter Within a month of in the performance of its functions and guidelines signing the responsibilities. agreement 3. Consultant Collect, compile, digitize and transmit As per formats to be To be submitted in Most of the knowledge resources from the partner prescribed by the soft copy resources shall be organizations to the SDMC on a regular SDMC. collected and basis for the development of the National transmitted within Chapters. 3 months and thereafter as and when the same are collected, Write one page profile of partner As per template to be Soft copy in word During the first organizations and transmit the same to the provided by the SDMC file month of the SDMC as per format to be prescribed in this consultancy regard.

Write the draft content of the portal as per As per template to be Soft copy in word As per schedule to formats/ templates to be prescribed by the provided by the SDMC file be prescribed by SDMC SDMC

Page 49 of 124 SADKN Portal Guidelines Report

Maintain and update the National Chapter As per detailed Through remote Regularly after the technical guidelines login and National Chapter password to be is launched provided by SDMC Respond to the e-mails, queries, questions As per guidelines to be As prescribed Regularly after the discussions, and clarifications. provided by SDMC National Chapter is launched Submit periodic progress reports to the In the prescribed As per prescribed Every month as SDMC formats formats prescribed

4. Partner The Partner Organizations shall share all Initially as the National PDF and other Static data shall be Organizatio such information, data, reports and other and regional Chapters format as transmitted within ns resources, including time series and real are under development prescribed 3 months of the time data, as may be hosted in the public such data shall be signing the domain for the information and awareness shared in digitized agreement. for different user groups and for better format. Subsequently Dynamic data management of disasters at all levels. after the portal is critical for disaster launched the data shall management shall be uploaded through be transmitted on remote access to be a real time basis, provided by the SDMC. as agreed. The Partner Organizations shall provide Expert opinion, advices E-mail, fax etc Earliest their expert opinion and advice on all such convenience matters as may be referred to them by the NFP or the SDMC.

Page 50 of 124 SADKN Portal Guidelines Report

5. Nodal Communicate with the various wings within Internal communications As per the practice As desirable Officer at the Partner Organization regarding the within the organization of the Organization Partner knowledge resources that can be shared in Institutions the public domain for the National Chapter.

Provide all such resources to the NFPs on a As prescribed As prescribed As prescribed regular basis in digitized format

Update such resources regularly. As prescribed As prescribed Static data once in a week. Dynamic data on a real time basis, as agreed. Handle the queries, questions and As prescribed On line As prescribed clarifications on any matter that may be referred to the POs by the NFP or the SDMC for advice or comments

Page 51 of 124 SADKN Portal Guidelines Report

o FINANCIAL SUPPORT TO NFPs The project budget has provision for providing financial support to the NFPs for procurement of hardware, engaging a Consultant and development of contents for the National Chapters.

The budget for procuring hardware includes a desk top computer, UPS, Scanner and Printer with a ceiling cost, as under:

TABLE 2: PROCUREMENT OF HARDWARE ITEMS TENTATIVE COST Desk top computer with window XP and PDF US $ 450

UPS, Scanner and Printer US$ 250

Total US$ 700

In case any other item or the above items with higher cost are procured, SDMC will not be able the pay the extra cost incurred in procuring these high-end items.

The country wise total financial support to be provided to NFP is given in the table below:

TABLE 3: COUNTRY WISE FINANCIAL SUPPORT TO NFP (ALL COST IN US$) Components Afghanistan Bangladesh Bhutan India Maldives Nepal Pakistan Sri Lanka Consultant @ 750 9000 9000 9000 9000 9000 9000 9000 9000 per month Hardware 1000 1000 1000 1000 1000 1000 1000 1000 (Desktop, Printer, Scanner, UPS) Content 2000 5000 2000 7000 2000 2000 5000 2000 Development Total 12000 15000 12000 17000 12000 12000 15000 12000

(iv) Disaster Knowledge Management including digitization, content creation and content development

a) Knowledge management and networking being the core issue, the project attaches importance to the collection, compilation, updation and digitalization of published reports,

Page 52 of 124 SADKN Portal Guidelines Report

maps, warning messages, research findings, policy notes, advisories and educational materials. These resources are to be collected from all the knowledge institutions within the country; to be made portable for sharing through SADKN and to be developed as a credible repository for National DKN. b) The consultant, under the supervision of NCP, may take up the above knowledge management and networking efforts for six months till the portal becomes fully operational. After that, it is expected that the portal will become a part of the disaster management activities with the commitment for continuous updation of the knowledge inputs for SADKN. The budgetary support to the extent of US$ 7000 is allocated for content creation and digitization.

Remote login: Remote login enables a user to connect to an internet host so as to use the portal interface.

Remote login uses simple sharing software which gives the user an access to the required portal from any Internet-connected device anywhere in the world. This software is installed at the other end which allows the authenticated user to access and administer the data available on the portal. This process can be well explained using an example of ‘Google Documents’. This service provides the user to access the Google databases using remote login to access, upload and edit the documents. The documents are securely accessed and administered only by the authenticated user using their secure passwords.

local

remote local

Page 53 of 124 SADKN Portal Guidelines Report

All the National Focal Points (NFP) of the SAARC countries would be provided with a remote login id and password to access the SADKN portal by SDMC. This remote login facility should be used by every participating member NFP to upload and update the respective section of the SADKN portal. Member NFP should be required to upload the data from their respective regions / member associates after proper review and content correction on the SADKN portal using the remote login facility.

Remote login would broadly ensure the following: • System security: Unauthorized access and potential threats to the systems would be checked and monitored through access control mechanism. Only identified members from the respective NFP / organizations / agencies would be provided with remote login facility • Content integrity: This would ensure that content update happens only through authorized access • Content availability: This would ensure access control to critical and classified content rather than public view Content and information would be available in a read only mode on the SADKN portal for public view. However data / content marked as critical / classified during upload by the respective NFP would be only available to authorized users.

The following points broadly illustrates the content upload and updation on the SADKN portal, • The nodal officers at the respective partner organizations/ institutions/ agencies/ departments of the respective NFPs should collect, gather and send the data to the respective NFPs nodal officer in the pre specified format • The nodal officer at the NFPs should thoroughly evaluate and validate the data received from the partner organizations/ institutions/ agencies/ departments • The nodal officer at the respective NFPs should access the SADKN portal by remote login facility provided to them by the SDMC and upload and update the data on the SADKN portal.

2. Identification of Implementation Agency (IA)

Selection Criteria a. Implementation Partner (Leading member in case of a consortium) should be a reputed firm in the IT industry with domain expertise in Software / Hardware & Networking / IT services / Distributed IT based service delivery. A copy of Memorandum of Articles of Association should be provided

Page 54 of 124 SADKN Portal Guidelines Report

b. IA should be registered in India under Companies Act 1956 (Leading member in case of a consortium), as evidenced by the certificate of incorporation issued by the Registrar of companies c. IA should have an ISO 9000 certification (Leading member in case of a consortium), as evidenced by a valid ISO 9000 certificate during the identification and selection process d. IA should have been in operation for a period of at least 5 years as of ddmmyyyy (Leading member in case of a consortium), as evidenced by the Certificate of Incorporation issued by the Registrar of Companies e. IA should have had an average annual turnover of Rupees xxx during the last 3 financial years (Leading member in case of a consortium), evidenced by the audited accounts of the company and duly accompanied with a certificate by the Chartered Accountant in this regard. IA shall be required to submit the audited balance sheets for the last three financial years f. IA (Leading member in case of a consortium) should be a profit making company, i.e., a company which earned net profits in each of the last three financial years (irrespective of the amount of profits) and shall submit the profit and loss statement for the last three financial years for evaluation g. IA (or consortium member) responsible for Software Development and System Integration should have SEI-CMM Level 5 certification and shall be required to submit the letter (or any other relevant evidence) certifying the same h. IA (or consortium) should have implemented at least three transactional portals for providing the information and transaction services online to citizens including integration with the disparate backend application systems. IA (or consortium) shall provide references to such portal solutions developed and implemented for their clients. IA shall provide work orders certified by the respective clients mentioning duration of project, scope of work, etc i. IA (all members in case of a consortium) shall not be under a declaration of ineligibility for corrupt or fraudulent practices. A self certified letter by the designated official of the IA (all members in case of a consortium) should be submitted in this regard

Page 55 of 124 SADKN Portal Guidelines Report

3. Selection of Technology Solution During selection of the Portal solution the following points should be kept in perspective • Features • Technology involved

Salient Features of SADKN Portal

i. Various stakeholders including common users should be able to access / share information and services over the Internet through SADKN Portal

ii. System should be available 24x7 and reliable. During management of any disaster event, system portal has been envisaged to operate as the focal point of all the disaster management activities and one-stop solution for various stakeholders affected by the disaster

iii. System should permit transactions through the front-end

iv. System design should be highly scalable, secure and reliable since this would be a mission critical application

v. Publishing Workflow should ensure that content is properly reviewed and approved prior to publishing by using a multi-step and role-based workflow

vi. Content Scheduling should ensure that content is always published on time and is never out of date by automating its publishing and archiving schedule

vii. Page Revision History should enable users to perform ad hoc audits with automatic storage of content revisions and page versions

viii. Authoring Tools for Functional Users should provide non-IT functional users with easy-to-use tools, helping them to create and publish rich and personalized content directly to Web sites from their browser and Word editor. This role-based, distributed publishing model should also incorporate multi-level workflow approval, automatic content scheduling and archiving, and content meta-tagging

ix. Search engine optimization for faster searches through common internet search engines i.e. Google, MSN , Yahoo, AOL etc

x. Graphics using flash objects or suggested tool for better visual appeal for online training and games features

xi. System should be universal accessible through devices like PCs, Laptops, PDA, mobiles, etc

Page 56 of 124 SADKN Portal Guidelines Report

xii. Ability to carry out public and private (internal to SDMC) surveys, in an open or anonymous mode, and compilation of results and generation of reports for the same

xiii. Stakeholder databases should be maintained by the respective backend Governments / Departments / Organizations

A larger number of viable alternatives between products on the server and desktop platforms have brought about a significant push for both open source and commercial software solutions to become more innovative, and for software providers to focus and improve substantially on emerging issues like security and reliability.

For development of the SADKN portal, various technologies options are available. The following table illustrates few options available.

Features Weblogic WebSphere Microsoft JBoss Liferay Share-point Supported IBM AIX, IBM AIX, HP Microsoft JBoss Enterprise Microsoft OS HP UNIX, UNIX, Microsoft Windows Portal Platform is Windows Windows 2003 Server, (95/98/NT/2000 100% pure Java (95/98/NT/2000 2003/2008/ SUN Solaris, /ME/XP/2003) and interoperable /ME/XP/2003), XP/Vista, Linux, etc. with most Linux (Fedora, Linux, SUN operating Novell), Apple Solaris etc. systems capable Mac OS X of (through running a Java 10.4.6), Sun Virtual Machine Solaris 10, BSD (JVM), including (FreeBSD, Linux, NetBSD, Windows, and OpenBSD) UNIX. Supported DB2, Oracle IBM DB2, MS SQL Server JBoss Enterprise Oracle DB 10g/11g, Oracle 11g, MS Portal Platform is Database, MS SQL SQL Server, interoperable with Microsoft SQL Server MySQL, any JDBC- Server, IBM 2005, PostgreSQL compliant DB2, MySQL, MySQL, database and is PostgresSQL, Sybase etc. certified on Firebird, MySQL, Hypersonic etc. PostgreSQL, Oracle, and MS

Page 57 of 124 SADKN Portal Guidelines Report

SQL Server

Supported Apache, Apache Server Microsoft Sun Java System Sun Java Web Server Microsoft V2.0.49, Internet Web Server System Web Internet V2.0.52, IBM Information Server Information HTTP Server Server (IIS) Server (IIS) V2.0.47.1/V6.0/ 5.0/6.0/7.0 5.0/6.0/7.0, V6.0.1/ V6.0.2, Sun Java IBM HTTP System Server for Web Server iSeries V6.0 , (Powered by Oracle Apache) V5R3, HTTP IBM Lotus® Server, Domino® Enterprise Server 6.5.4/ 6.5.5/ 7.0.1, Sun Java™ System Web Server V6.0 SP9, 6.1 Service Pack 3, Microsoft Internet Information Server 6.0 Supported Microsoft IE Microsoft IE Microsoft IE Microsoft IE, Microsoft IE, Browser 6.0/7.0 with 6.0/7.0 with 6.0/7.0 with Mozilla FireFox Mozilla FireFox SP1 or SP1 or higher, SP1 or higher higher, Mozilla FireFox Mozilla 1.0/1.5/2.0 FireFox 1.0/1.5/2.0. Supported JAVA JAVA .NET JAVA JAVA Technolog y

Selection of final solution amongst the plethora of options should be made based on the user and the stakeholder requirements. Proprietary solutions like Share Point, Web Sphere and Web Logic provide an integrated solution and are highly mature and stable

Page 58 of 124 SADKN Portal Guidelines Report

systems. However, all the proprietary solutions have cost involved which is high as compared to open source solutions. The exact costing can be done only once assessment of the user needs, system analysis and an assessment of IT maturity of the participating stakeholders is conducted.

Indicative cost estimation is provided in Annexure VII

It is suggested that portal solution should be selected in conformance with the specifications provided in the Technical Guidelines section. A list of features specific to portal is provided in Annexure V.

4. System Study Identified IA shall conduct the system study and prepare a Project Initiation Report. This report shall contain a detailed review of the existing systems, existing infrastructure, site survey, an assessment of key components (if any) like data centre, communication links and options, skilled manpower availability, geographic conditions, etc. This study should be conducted with the view of assessing of the existing situation based on which a detailed project plan for portal development and implementation can be formulated

5. Preparation of System Requirement Specification (SRS) Identified IA should prepare a detailed System Requirement Specification (SRS) Report. It is suggested that the SRS report should reviewed by the respective Project Management Unit (PMU) and any ambiguity with respect to the project scope is discussed with the IA. Application development should start only after PMU gives a sign-off on the SRS.

It should be ensured that the SRS document captures the following in detail: • System design and specifications • Application architecture • Application functionality • Application flow • Specific feature-wise details • Interface design • Database design

SRS document would be the reference benchmark based on which application development would happen.

Page 59 of 124 SADKN Portal Guidelines Report

6. Application Development It is suggested that the application development happens at the Implementation Agency’s development environment. This would help in keeping the costs of application development low and at the same time provide the best environment for application development in terms of tools and support.

It should be ensured that the application development happens in strict adherence with the identified solution in terms of technology and specifications.

Regular reviews and monitoring of the application development process should be ensured through monitoring mechanisms like weekly monitoring report, modular demos, etc of the application to the PMU.

It should be the responsibility of the IA that proper relevant documentation including user manual, online help module, test plans, etc are developed.

7. Application Testing and User Acceptance Testing (UAT) The primary objective of Application testing and User Acceptance Testing is to ensure the adherence to the requirements, standards and specifications prescribed in this guidelines. It is suggested that this activity is conducted by ensuring that the following are associated with clear quantifiable metrics for accountability: • Functional requirements • System availability • System performance • Security • Manageability • Standards and protocols

It is recommended that acceptance testing is conducted in two phases, namely, Pre Go-Live and Post Go-Live. The acceptance testing prior to the Go-live should be aimed at ensuring the conformance of the solution (including design, developed software etc) in accordance with the requirements defined for the solution. The Pre Go-Live testing should be performed in parallel with various phases of the project. Broadly this phase should contain the following levels of testing: • Unit testing • Module testing • Integration testing

Page 60 of 124 SADKN Portal Guidelines Report

Post Go-Live User Acceptance Testing (UAT) is suggested with an aim of complete testing of the integrated solution (SADKN Portal and Data Centre). Post Go-Live testing should include functional, performance, security & controls testing and should also include any other as may be required.

It should be ensured that IA addresses all the issues / gaps identified in the solution in both Pre & Post Go-Live testing phases and provides support for any technology related problem / issue.

8. Security Audit It is recommended that PMU should undertake an exercise of Testing, Acceptance and Certification of systems implemented for the project through an independent agency (referred to as Quality Assurance / Certification Consultant or Agency like STQC). The following methodology is suggested for this activity: • PMU should nominate a suitable neutral and technically competent Audit, Compliance and Certification Agency (or Consultant) for conducting acceptance testing and certification • Audit, Compliance and Certification Agency should define a set of guidelines following internationally accepted norms and standards for testing and certification in all aspects of project development and implementation covering software, hardware and networking including the processes relating to the design of solution architecture, design of systems and sub-systems, coding, testing, business process description, documentation, version control, change management, security, service oriented architecture, performance in relation to compliance with SLA metrics, interoperability, scalability, availability and compliance with all the technical and functional requirements • It is recommended that the Audit, Compliance and Certification Agency should be involved with project from the early development stage (not later that SRS development phase) to ensure that the guidelines are being adhered to. This would help to avoid large-scale modifications pursuant to testing done after the application is fully developed • It is expected from the appointed Audit, Compliance and Certification Agency that qualified and experienced professionals are engaged to perform specific tests on software, hardware, networking, security and all other aspects • It should be the responsibility and duty of the Audit, Compliance and Certification Agency to bring to the notice of PMU any deviations from the norms, standards or guidelines through established and appropriate processes like weekly monitoring reports, meetings, testing reports, etc

Page 61 of 124 SADKN Portal Guidelines Report

It should be noted that an involvement or guidance by the agencies (PMU, Audit agency) shall not absolve the Implementation Agency from the fundamental responsibility of designing, developing, installing, testing and commissioning the various components of the project to deliver the services in perfect conformity with the SLA

9. Portal Hosting: Go Live Stage Application deployment should be done only once the security audit is completed at the identified Data Centre

10. Data Centre A Data Centre is required for hosting the Portal solution and for the same purpose following two options is available: • Creation of SADKN Data Centre • Hiring the services of a Commercialized Data Centre

The following table presents a brief comparison between the two: Issue SADKN Data Centre Commercialized Remarks (SDC) Data Centre (CDC) Physical Vendor / Site should be Only vendor needs Setup identified for SkDC setup. to be identified Would involve huge from a list of CDC investment in terms of operators cost, time and manpower Data Security Very high Very high In case of CDC, data security remains with third party whereas in SDC, it remains with SDMC Maintenance A dedicated team is CDC team takes required for maintenance care of and support related maintenance activities related issues System Responsibility for system Responsibility will Availability availability will remain with remain with CDC SDMC Capital Huge costs involved Lease amount Overall costs for the project expenditure depending on the Data substantially lesser reduces in case of Centre Type than the setup cost Commercialized Data Centre

Page 62 of 124 SADKN Portal Guidelines Report

It is recommended that the External Data Centre is selected based on the highest security and safety norms and the selected should be ISO 27001 compliant.

11. Portal Maintenance It is suggested that the task of portal maintenance and support should be given to the Implementation Agency and a clear SLA should be agreed upon and legalized in this regard with a clear time period.

••• New Release / Upgrade It should be the responsibility of the IA to ensure that any gaps / issues with respect to the portal functioning are addressed to immediately and new release of the application or upgrade of the application is done ensuring the least downtime (if at all)

••• Change Management Activities It is suggested that all the Change Management and handholding related activities are a function of the IA and should be included in the SLA. Following list of activities should be included in the Change Management function of the IA: i. System Orientation training ii. Basic Computer training iii. Application training iv. Basic maintenance training

Page 63 of 124 SADKN Portal Guidelines Report

SADKN Portal: Technical Guidelines

This section presents the technical specifications and standards to be followed for portal development and implementation

Application Architecture

For the purpose of development of the SADKN Portal Solution, it is suggested that an ‘n’ tier architecture model should be adopted. The application architecture should follow industry standard protocols like HTTP, SOAP and XML for integration with backend department systems. This will enable the application to easily integrate with legacy systems and exchange information with the same. The application architecture will be broadly divided into three layers: i. Presentation Layer: The presentation layer will be a browser-based application ii. Business Logic layer: The Business Logic will be processed by the Application Server and Integration server deployed at the Datacenter iii. Data Layer: The data layer of the application provides clustering capabilities for failover and high availability at data center. The data stored in the database server can be retrieved as an XML document and the application can communicate this information with any system following open standards

Since the system has to integrate with applications across various stakeholder entities consisting of heterogeneous platforms and databases (e.g. integration of the application with the relevant databases, etc), application integration solution using web services standards can be adopted. With the given requirements of the Portal solution, a broad level specification for portal components is outlined in the ensuing section. Following are the portal components which are envisaged to be a part of SADKN Portal System:

Page 64 of 124 SADKN Portal Guidelines Report

S. No. Online Portal Component Brief Description of the Component

1. Portal Solution The portal solution and accompanying solution components must conform to open standards and must be a horizontal enterprise portal

2. Content Management Provides the content creation, management and version control capabilities for the content hosted in portal

3. User Management & Provides user management services and service enrolment Access Control features to enable business user to register with the portal and Management System to enrol for the services provided in the portal

4. Online Forms Provides electronic interface for information capturing purpose

5. PKI Services Provides secured mechanism for user identification, transaction integrity & security, non-repudiation

6. Security The portal and various other components such as hardware, data centre should possess security features that protect sensitive data from unauthorized access and modifications

7. Payment Gateway Provides interface to the external payment gateway for Services enabling the online payment services

Page 65 of 124 SADKN Portal Guidelines Report

The detailed specifications of the Components are outlined as below:

Portal Solution

S. No. Portal Specifications

1. Intelligent advanced caching techniques to enhance the portal performance by caching frequently accessed data in memory. Predictive caching based on techniques such as user behaviour and past portal access analysis is desirable

2. Ease of installation using graphical installation and configuration “quick start” tools and wizards

3. Preconfigured out-of-the-box functionality such as existing portal components and predefined personalization templates thus allowing a minimized go-live time

4. The Implementation Partner is required to propose and implement a strong management framework allowing portal administrators to monitor, reconfigure, manage, update, and control all platforms, hardware and software, of the portal site and associated services. The management framework should also allow administrators to monitor operations, report faults, alert administrators of failures, analyze access, usage, load …etc. to take appropriate actions whenever needed. The portal management tools and packages should be installed on the LAN

5. The proposed portal solution should be capable of accessing structured data via ODBC and JDBC as well as native SQL statements for specific database formats. As for unstructured data, the portal should be capable of providing a link to a piece of content in a particular format or an icon representing a piece of content formatted in a particular fashion

6. The portal should support both push services such as email based alerts and notifications as well as pull services such as display of RSS feeds from various popular news sources

7. The portal solution should be capable of interfacing with backend business application and other existing portals via a multitude of mechanisms such as, but not limited to, the following:

 Web services

 Application services through the service oriented architecture

 Composite applications

Page 66 of 124 SADKN Portal Guidelines Report

8. To achieve the above mentioned integration target, the portal solution must at least conform to the most recent approved versions of the following standards:

 WSDL

 UDDI

 XML

 JSR-168

 SOAP

 WSRP

9. The portal solution and accompanying components should possess workflow and business process management capabilities and should be open for interfacing with and be controlled by such packages via various mechanisms such as event triggers and messages

10. Portal solution should not mandate the use of additional client software for web access, other than a standard web browser such as internet explorer, fire fox etc. In case any specific application requires the use of such a component, it should be made available on the portal for a free download by the end-users

Page 67 of 124 SADKN Portal Guidelines Report

Content Management

S. No. Content Management Specifications

1. Provide content management, content aggregation, index/search, and categorization for local content. The SADKN Portal should enable basic content searching and delivery primarily focused on information related to government services

2. Content management framework should manage the process of content creation, revision and approval through a combination of work flow and version control technologies

3. Contributor, managerial rights and privileges must be managed according to the predefined roles for security and to ensure that participants are undertaking suitable and appropriate tasks

4. Content must be tagged with the Metadata to enable it to be retrieved more easily. The portal solution shall include Metadata directories for personalization and search functions to work effectively through creation of indexes and “cross-references” of the data (data assets) contained in each of the various databases associated with the portal

5. Access management and privileges for content management should be secured and advanced authentication technologies such as PKI shall be used for controlling access to the SADKN Portal content management

6. SADKN Portal content repositories must be managed, through versioning and version control, to ensure integrity and authority of the core content

User Management & Access Control Management System

S. No. User Registration & Access Control Management System Specifications

1. User Registration & Access Control management services should facilitate user registration with the SADKN Portal and should allow the users to enrol for various department services

2. User Management should be a directory services solution based on open industry standards such as LDAP

Page 68 of 124 SADKN Portal Guidelines Report

3. User authentication services must support common authentication mechanisms (Basic, User Id/Password, Certificates, Tokens, Smart Card) and standards (X.509, etc.) for functional users

4. Authentication Services should be able to integrate with leading PKI vendors and

Standards

5. Once authenticated, users should be allowed to access the services for which he/she has enrolled and for which Authorization Officer has approved

6. SADKN Portal should provide the Security & User administration interface (module) for Authorization Officer of an organization to enable management of access rights and privileges of other users in the organization

7. SADKN Portal should provide the Security & User administration interface (module) for Administrator to enable management of access rights and privileges of other users in the organization

8. The Passwords and other confidential information related to the users should be stored and transmitted in a secured and encrypted manner

9. Password Management services must enforce password restrictions, which include the criteria and limitations that can be placed on passwords to increase security. It should provide features such as periodic forced changes, not reusable, hard to guess, mixed characters along-with minimum password lengths, enforcement of alphanumeric password standards, password history logging and user lockout from failed login attempts

10. The auditing and logging solution should allow secure logging of events to a central location

Page 69 of 124 SADKN Portal Guidelines Report

Online Forms

S. No. Online Forms for various services

1. Create a central repository for all Government / NGO / Organization forms in use. The repository should include application forms in various printable formats ready for downloading and printing on paper. The portal should allow downloading forms in ODF and PDF formats

2. Index, categorize, and sort the forms for easy retrieval by service requesters. Online Forms section should be designed in a way that provides end users with a user friendly searching facility to search for the proper form in the event that the proper form fitting the required service is unknown to the requester

3. Categorization and grouping of the forms should follow the same structure as the presentation of the services on the site (e.g. life events model). Direct links for the section listing and describing the services to the Online Forms section should be created in the service delivery section of the portal. In the event that the user starts the process of locating the proper form from the Online Forms section, one should see a similar graphical representation of the service delivery model but tailored to allow direct access to the forms

4. Provide a mechanism for automatic uploading and updating of the forms hosted on the portal by the concerned entities. The uploaded forms should not appear immediately on the site for online filling until the various integration steps are completed unless they either do not require integration or follow the same integration requirements as older versions. However, the form can immediately appear for downloading as outlined below. The uploading process should possess the following features:

i. Only authenticated and authorized entities are allowed to upload forms

ii. Entities are only allowed to upload forms that the entity owns. Once a new form is uploaded, an automated indexing, content analysis, categorization, and sorting process is triggered to allow searching for the form on the site

iii. The portal should accept a standard application format preferably XML and use backend automated tools to translate from the standard format to other downloadable formats

iv. Once the form is uploaded, and if the form is integrated with other

Page 70 of 124 SADKN Portal Guidelines Report

backend systems, then a trigger must be sent to the site administrators to start the process of integrating the form with the backend systems through the portal if any such actions are required

5. Provide a mechanism for online filling of the appropriate forms. Filled forms should be forwarded to the concerned entity for processing electronica lly. The functionality should be available in various flavours:

i. SADKN Portal shall allow downloading forms for printing and filling by the service seeker

ii. SADKN Portal shall allow online filling of forms for data capturing purpose and for sending the filled forms via basic messaging protocols (e.g. via an email message as an attachment) to the concerned entity

iii. SADKN Portal shall allow for online filling and submission of the filled forms to backend applications for processing. This would be done through the proposed integration messaging infrastructure

6. During the infrastructure building process, more integration features will be made available to SADKN Portal and other backend application. This will provide the portal site with the ability to:

i. Allow digital signatures for authentication of content update / publish on the portal

ii. Allow donation payments on the portal site

iii. Populate the form with data from other backend applications and shared databases

7. The Implementation Partner must define and document the operational procedures required to operate this section of the portal and should define any change management processes that are required to implement updating of information / forms hosted by the portal (e.g. the Implementation Partner should define in clear terms how the operational staff would handle uploading and integrating a form with the portal once the system notifies the operators of a change in a form

Page 71 of 124 SADKN Portal Guidelines Report

PKI Services

S. No. PKI Services

1. SADKN Portal should support Digital Certificates issued by licensed CA's in India and should accept digital certificates based on criteria (Issuer, Class, Policy Identifiers)

2. Server SSL certificates should be used for authenticating servers and encrypting sensitive traffic between SADKN Portal, Gateway and other participating entities

3. Digital Signatures may be mandated for various transactions

Security

S. No. Security Specifications

1. Security should be regarded as an overall framework that encompasses facilities, people, systems and applications. Besides defining the security architecture for systems and data, the Implementation Partner must define:

i. The hosting and facilities security features and requirements

ii. Security processes to be applied on and by portal staff

iii. Security policies and procedures in conformity with ISO 27001, during the design phase

iv. Auditing procedures to ensure that the security design and features are implemented and enforced

v. Security alerting mechanisms

vi. Security response team to take immediate actions in case of a security breach

2. Authentication and single-sign-on mechanisms should be developed and embedded with SADKN Portal for authenticating purposes. This should be linked to the personalization sections of the portal site and authentication shall be carried on to other portals. The preferred solutions for authentication and single-sign-on should meet the following:

i. Authentication should be conducted using the standards based LDAP meta-directory server

Page 72 of 124 SADKN Portal Guidelines Report

ii. Authentication should be linked in the future to PKI

iii. Single-sign-on should use open standards

3. Portal solution should handle errors due to communication failure, hardware failure, etc and roll back the changes appropriately so that transaction consistency is maintained at all times

4. The solution should ensure guaranteed once only delivery, message routing, transformation, data compression, queuing and load balancing features and optimize both data-level and process-level integration. Specific capabilities of such a solution should include, but are not limited to, a robust and secure messaging infrastructure and graphical data transformation

5. Security design should provide for a well-designed identity management system, security of physical and digital assets, data and network security, backup and recovery and disaster recovery system

6. The portal security solution must provide for session settings such as idle or max session time-outs, session caching, concurrent sessions and other session control settings

7. System should be audited by a third party at the stage of acceptance testing stage pre-launch and periodically thereafter, at least once a year, to ensure that the security systems are intact and that the security policies are strictly being enforced

8. Following is an illustrative list of key security features which should be implemented:

i. Single Sign-On

ii. Encryption

iii. LDAP based authentication and authorization

iv. PKI services

9. The solution should provide for maintaining an audit trail of all the transactions and all entries into the system

Some of the additional features are as follows:

Data Centre / Server Level

10. The server operating system should be hardened to provide a high level of security according to industry best practices and vendor recommendations for hardened operating system

11. The physical location should possess sufficient physical security controls to limited physical access to the hosting site

Page 73 of 124 SADKN Portal Guidelines Report

Hardware Level

The Implementation Partner shall ensure the highest possible security levels in the 12. SAN design. The use of encryption and authentication is recommended whenever possible. Security devices and appliances such as firewalls, Intrusion Detection Systems, encryption modules, VPN support modules …etc must be used at key points and configured to provided optimum level of security

Data Security

Adoption of a security policy that is adherent to the ISO standards should be 13. ensured. Some of the key security guidelines are listed below: i. Grant privileges only to a user or application which requires the privilege to accomplish necessary work. Excessive granting of unnecessary privileges can compromise security ii. No administrative functions are to be performed by an application. For example create user, delete user, grant role, grant object privileges, etc iii. Privileges for schema or database owner objects should be granted via a role and not explicitly. Do not use the “ALL” option when granting object privileges, instead specify the exact privilege needed, such as select, update, insert, delete iv. Password protected roles may be implemented to allow an application to control access to its data. Thereby, end users may not access the application’s data from outside the application v. Access to Administrative or System user accounts should be restricted to authorized DBA vi. Do not grant system supplied database roles. These roles may have administrative privileges and the role privileges may change with new releases of the database vii. Database catalogue access should be restricted. Example: Use “USER_VIEWS” instead of “DBA_VIEWS” for an Oracle database viii. Privileges granted to PUBLIC are accessible to every user and should be granted only when necessary ix. Any password stored by applications in the database should be encrypted x. Applications should not “DROP”, “CREATE” or “ALTER” objects within the application xi. Utilize the shared database infrastructure to share cost whenever possible xii. Applications should not access the database with the same security as the owner of the database objects. For example on SQL Server do

Page 74 of 124 SADKN Portal Guidelines Report

not grant the “dbowner” role and on Oracle do not use the Schema userid to connect to the database. Setup another userid with the necessary privileges to run the application xiii. Database integrity should be enforced on the database using foreign keys not in the application code. This helps prevent code outside the application from creating orphan records and/or invalid data xiv. Do not hard code username and passwords in the application source code xv. Ensure external users have the least privilege possible xvi. Auditing of database functions/activities should follow the standards of the EA Standard "Auditing" xvii. The solution should use encrypted communication between its components and the back-end department applications. The solution should provide compatibility with industry standard encrypted network traffic, which may be used to transmit critical data (e.g. HTTP over SSL, and LDAP over SSL, etc)

Payment Gateway Services

S. No. Payment Gateway Services

1. Should provide the interface and access to the external payment gateway services provider and should be integrated with the SADKN Portal solution

2. Should facilitate payment (donation) through credit card, debit cards and online bank transactions

3. Payment Gateway services should provide complete audit functionality for tracking and monitoring/reconciling the financial transactions taking place through SADKN Portal

4. In case of unsuccessful transactions the Payment gateway should be able to refund the amount to the calling account

Page 75 of 124 SADKN Portal Guidelines Report

An Approach to Development: Open Source and Proprietary Solutions

Open Source v/s Proprietary Software

SADKN portal is envisaged as a mission critical application which has to interact in an environment where information is kept in heterogeneous formats in multiple databases situated at varying geographical locations. The envisioned portal solution aims at bridging the gaps between people, processes, applications and systems. It is suggested that adherence to follow various standards like IEEE standards (for development prescribed by the IEEE Standard Association to ensure follow of best practices and standards at every stage of the software development and implementation process); ANSI SQL 2003 standard for RDBMS; and Open standards for hardware platforms is ensured.

An open standard is a standard that is publicly available and has various rights to use associated with it

Open standards are meant to ensure interoperability between products from different vendors so that customers have the flexibility to put together best of breed solutions and, at least in theory, can swap out one vendor’s products for another’s if they become disenchanted with the first vendor on product quality or price. The best example of open standards at work is the Internet — virtually all of the technology specifications it depends on are open, as is the process for defining new ones In this write up an effort has been made to present a comparison between the technology paradigms in terms of open source and commercial software and the choices that may be chosen for application development for building XML based web-services for development of SADKN portal.

Open Source Software

Open source refers to a software licensing model where the source code of the software is typically made available royalty-free to its users, under terms allowing redistribution, modification and addition, though often with certain restrictions. Open-source programs are often, though not exclusively, developed through a collaborative effort in which a number of persons, often with no formal association with each other, contribute elements of the final software. While open source software is made available under a variety of approaches in licensing, these approaches have certain features in common. They rely on the copyright within the software to form the licensing contract. They each grant rights and permissions subject to conditions. In general, these conditions restrict how the software may be further changed or distributed, rather than imposing a

Page 76 of 124 SADKN Portal Guidelines Report

requirement that a fee be paid for it. There are two principal open source licensing approaches, the GNU General Public License (GPL) and the Berkeley Software Distribution (BSD) License. The most often cited examples of alternative open source applications include the Linux operating system, the OpenOffice suite (formerly Sun's Star Office, www.openoffice.org) and Mozilla's Firefox web browser.

Advantages • Low cost and no license fees • Open standards that facilitate integration with other systems • Option for customization in-house • It supports interoperability, at least with well publicized APIs • It is very well documented in many cases • Flexibility and customizability extensive active builder and user communities that forms a good technical support base • Many open source applications run on multiple platforms including Windows and Linux • The end-user of Open Source code has the ability to change and modify source to implement any extra "features" of security they may wish for a specific use, which can extend to the kernel level • No software piracy is involved

Disadvantages • Lack of professional support and trainings in many cases • Evolving developer communities • Lack of release co-ordination unless there is support from the organization which would be on a chargeable basis

Financial Implications

• Give away the program and charge for installation and support (used by many Linux distributions) • Customizations, support and maintenance are chargeable in many cases • Free version of the software might have less features that the paid one

Proprietary Software

Proprietary software refers to the model where the software developed by a commercial entity is typically sold or licensed to a customer in object or executable code, either directly or through channels. The commercial entity often provides support, training, updates and other similar services needed by customers to use that software. The source code of the software may be made available to certain users of the software through special licensing or other agreements, but is usually not distributed to the general public, and may not be copied or modified except in a

Page 77 of 124 SADKN Portal Guidelines Report

manner provided for in such agreements.Closed-source software vendors typically provide a "one-stop shop" for all support matters: since the vendor developed the software (and appropriately licensed any included components that were developed by others), the vendor also provides all necessary support functions. Nobody else can provide the level of support that the original vendor does, simply because nobody else has the requisite access to the source code (not just to understand how it works, but to make modifications and fix bugs). Commercial software providers typically adopt the traditional software licensing approach where permission to use the software is granted to a customer in return for a fee. The customer is usually permitted to use, reproduce or adapt the software according to the terms of the permitted activities under the license.

Advantages

• Reliable, professional support and training available • Packaged, comprehensive, modular formats • Regularly and easily updated • It supports interoperability, at least with well publicized APIs • It is very well documented

Disadvantages

• High Initial cost of the software and the licenses • It has closed standards that hinder further development • Proprietary software companies often change their licensing policies like Server based licensing, then to number of users based licensing and now recently to named-user licensing • Proprietary Solutions leads to piracy due to their high costs

Financial Implications

• High initial cost • Cost of implementation and extra licenses is not involved in base packages • The support and up gradation comes with a cost

Page 78 of 124 SADKN Portal Guidelines Report

Key Recommendations

Given the funds availability and the varying level of IT maturity of the participating countries in the SADKN initiative, it is imperative that a phased approach be adopted to realize the vision of SADKN. This section provides key recommendations in terms of a phased approach, technology selection and overall budget breakup.

SADKN Phase-wise Implementation Roadmap The ensuing section provides an illustrative view of the phase-wise approach for development of the SADKN portal.

Phase I II Year of Implementation One Two

Phase I In phase I, it is recommended that a basic informational portal should be established first. The purpose of this portal should be to only provide informational services and should have the following basic features: • About us • News • Knowledge Documents • Disaster Information and news • Calendar • Smart Search • Expertise Locator • Frequently Asked Questions • Site Map • Legal Terms • Communities • Weather Update • Document Based Education & Training • Notifications • Policies • Login for Authorized Users • Spread the word • Counter • Feedback Forum • Knowledge base

Page 79 of 124 SADKN Portal Guidelines Report

• Archive • Distance calculator • Locating a place • Real time disaster information update • Group discussion forum • Live chat sessions with domain experts on various disaster types • Education and training using flash animation techniques, video feeds, webcasts, etc • Centralized Help Module o Details of Disaster relief shelters / camps in disaster affected area o List of major hospitals / police stations / schools / railway stations / bus stations in the disaster affected area • e-Newsletters • Blogs

The very aim of this informational portal would be cerate awareness among the stakeholders in terms of usage, information sharing and interacting amongst the involved participants. The envisaged SADKN system and portal would be an entirely new concept to most of the members and participants in the SAARC region. Hence it is imperative that in phase I, only a basic system is developed. Once the system achieves the desired stability and maturity in terms of usage, reliability and availability during the earmarked time period of one year, it is recommended that phase II should be undertaken.

Phase II It is important to assess the system maturity and stability before undertaking the development of the advanced modules of the SADKN system and portal. It is assumed by the end of the year I, which would also include the implementation of the phase II, the existing system would achieve the desired outcomes of the SADKN vision of providing a common platform for collaboration and information among the participants, member associates and more importantly the citizens of the SAARC region. However, if it is felt that the level of IT maturity of the system and the users of the system is not as desired, phase I should be extended and a re-evaluation of the same should be done after every six months. Under phase II, more advanced features and functionalities of the SADKN portal would be developed and implemented.

An indicative list of such features and functionalities is given below: • Map Centre o Identification of disaster affected areas on maps o Identification of essential infrastructure on maps including hospitals / primary health centers / police stations / civil defense camps / schools / stations (railway & bus) etc in and around the disaster affected region • Integration with International Disaster Management Networks

Page 80 of 124 SADKN Portal Guidelines Report

• Advanced Modules o Shelter Registry o Volunteer Registry o Missing Person Registry • Centralized Help Module o Payment gateway integration for donation option o Blood donation camp registry • Demand-supply dashboard for resource requirements (food, medicine, medical supplies, money, volunteers, clothing, camps, etc) • Advanced disaster management and alert system • Analytical tools o Customized MIS reports o Detailed information on various disaster

Technology Selection During selection of technology / application solutions, it is recommended that open standards should be adhered to and the selection between open source and proprietary solutions should be made based on the fund availability and technology preference. The following table gives an illustrative list of options available. However this list is only indicative and other options may also be explored.

Features Weblogic WebSphere Microsoft JBoss Liferay Share-point Supported IBM AIX, IBM AIX, HP Microsoft JBoss Enterprise Microsoft OS HP UNIX, UNIX, Microsoft Windows Portal Platform is Windows Windows 2003 Server, (95/98/NT/2000 100% pure Java (95/98/NT/2000 2003/2008/ SUN Solaris, /ME/XP/2003) and interoperable /ME/XP/2003), XP/Vista, Linux, etc with most Linux (Fedora, Linux, SUN operating Novell), Apple Solaris etc systems capable Mac OS X of (through running a Java 10.4.6), Sun Virtual Machine Solaris 10, BSD (JVM), including (FreeBSD, Linux, NetBSD, Windows, and OpenBSD) UNIX Supported DB2, Oracle IBM DB2, MS SQL Server JBoss Enterprise Oracle DB 10g/11g, Oracle 11g, MS Portal Platform is Database, MS SQL SQL Server, interoperable with Microsoft SQL

Page 81 of 124 SADKN Portal Guidelines Report

Server MySQL, any JDBC- Server, IBM 2005, PostgreSQL compliant DB2, MySQL, MySQL, database and is PostgresSQL, Sybase, etc certified on Firebird, MySQL, Hypersonic, etc PostgreSQL, Oracle, and MS SQL Server Supported Apache, Apache Server Microsoft Sun Java System Sun Java Web Server Microsoft V2.0.49, Internet Web Server System Web Internet V2.0.52, IBM Information Server Information HTTP Server Server (IIS) Server (IIS) V2.0.47.1/V6.0/ 5.0/6.0/7.0 5.0/6.0/7.0, V6.0.1/ V6.0.2, Sun Java IBM HTTP System Server for Web Server iSeries V6.0, Oracle (Powered by HTTP Apache) V5R3, Server IBM Lotus® Domino® Enterprise Server 6.5.4/ 6.5.5/ 7.0.1, Sun Java™ System Web Server V6.0 SP9, 6.1 Service Pack 3, Microsoft Internet Information Server 6.0 Supported Microsoft IE Microsoft IE Microsoft IE Microsoft IE, Microsoft IE, Browser 6.0/7.0 with 6.0/7.0 with 6.0/7.0 with Mozilla FireFox Mozilla FireFox SP1 or SP1 or higher, SP1 or higher higher, Mozilla FireFox Mozilla 1.0/1.5/2.0 FireFox 1.0/1.5/2.0

Page 82 of 124 SADKN Portal Guidelines Report

Supported JAVA JAVA .NET JAVA JAVA Technolog y

Though hardware specifications for creating a new data centre are provided in annexure VII, it is strongly recommended that the portal application be hosted using the services of an external data centre (Government Data Centre / Commercialized Data Centre) rather than creating a new data centre. In case, no options are available in the member countries, services of data centers in India can be availed and SDMC should be able to help and guide the member countries in this regard. Government Data Centers provide services at a minimal or no cost to Government departments.

Budgetary Estimations Annexure VIII provides details of budgetary estimations vis-à-vis option 1 and option 2.

Option 1 has the provision of building a dedicated data centre for implementation of the SADKN. This would require an investment of huge amount of capital.

Option 2 considers only building of the portal whereas hosting of the SADKN portal would be at an external data centre.

The option of building up a dedicated data centre as envisaged under Option 1 would require a huge capital investment for building a data centre just for hosting a portal. Considering the available resources, Option 2 is recommended and has been finally selected. Annexure IX provides the country-wise breakup.

Page 83 of 124 SADKN Portal Guidelines Report

Annexure I - Brief On Gateway Specifications

The following are the interoperability standards. The Gateway Service Provider (GSP) should ensure that these standards that implementation of solution is in compliance with these standards. 1. Interoperability Interface Protocol (IIP) 2. Interoperability Interface Specifications (IIS) 3. Inter-Gateway Interconnect Specifications (IGIS) 4. Gateway Common Services Specifications (GCSS)

i. INTEROPERABILITY INTERFACE PROTOCOL (IIP) The objective of Interoperability Interface Protocol (IIP) and Interoperability Interface Specification (IIS) is to standardize on the protocol and to specify the interface nature for this communication to take place.

IIP is the communication protocol that the Service Access Providers, Service Gateway and the Service Providers need to comply with. This protocol is divided into two parts; one part is targeted towards the Service Access Providers and one for the Service Providers. IIP is an asynchronous request-poll-retrieval protocol, with provisions for synchronous communication, which supports requests to be sent and receive a response through a polling mechanism or synchronously. The foundation of the protocol is based on message types and context based processing of messages. There are mechanisms for sending a request, communicating acknowledgements, querying the state of a request, sending and communicating responses and to handle error situations. The message types supported by this protocol are listed below:

1. Submit Request – Used to send an service request 2. Submit Acknowledgement – Used to acknowledge submission requests 3. Submit Poll – Used for polling for responses 4. Submit Response – Used to package the service response 5. List Request – Used for querying submission state 6. Delete Request – Used for ending a submission session 7. Delete Response – Used as an indicator for submission session ending 8. Submit Error – Used for responding to errors

Exchange of IIP compliant messages is intended to be the primary mode of communication between the Service Access Providers and the Service Gateway as well as between the Service Providers and Service Gateway. It is to be noted above that not all messages are required to be supported by the Service Access Providers and the Service

Page 84 of 124 SADKN Portal Guidelines Report

Providers. Some of the above messages are mandated to be supported by the Service Access Providers and some for the Service Providers.

IIP provides the interoperable interface for communication and all the IIP messages are XML based, therefore readily usable by any application. ii. INTEROPERABILITY INTERFACE SPECIFICATIONS (IIS) IIS provides the technological specification for exchanging of the IIP compliant message. To this end IIS provides the following:

Mapping of the IIP message to a carrier protocol, SOAP

Provides guidelines for messaging, in terms of message size etc

Provides facilities for optimization, through batching mechanism etc.

IIS compliments IIP by translating the message exchange into a viable form of messaging mechanism, such that optimization can be achieved by the implementing application. In terms of carrier protocol, IIS follows SOAP, as standardized by W3C, such that wide industry support is available in forms of ready libraries and implementations. IIS is always used in conjunction with IIP; therefore it is uniformly applicable to the Service Access Providers, Service Providers and Service Gateway. iii. INTER-GATEWAY INTERCONNECT SPECIFICATIONS (IGIS) The primary aim of this standard is to provide the specifications and protocols required for construction of the Gateway Constellation. In this endeavour, the document provides specifications at the following levels:

Gateway Constellation Structure

Service Resolution and Service Information Propagation

Operational Guidelines for Gateway Constellation

Gateway Interconnect Protocol (GIP)

This specification defines the structure of the Gateway Constellation, the communication mechanisms between various gateways in the constellation, facilities to propagate a service request to its required destination and the policy guidelines applicable to each of the participating gateways in the constellation and the constellation as a whole. This specification is intended to provide the basis on which the Gateway Constellation will be realized. The specification and its associated protocol (s) may be realized with the help any suitable technology and means. In effect, this specification is a technology neutral specification, guideline and protocol enumeration for the Gateway Constellation.

Page 85 of 124 SADKN Portal Guidelines Report

Conformance to IGIS is required by any Gateway that needs to be a part of the Gateway Constellation.

Annexure II – A brief on GIS interface

GIS is an acronym for Geographic Information Systems. These technological systems measure data (spatial and non-spatial) based on geographic areas stores and organizes the data into sets and finally analyzes it in order to make an illustration of the data. The maps that are generated can be used to make better decisions and have greater efficiency when planning, managing and designing these geographic areas. GIS links location data with information such as human activity, weather and natural resources.

Web GIS

The concept of Web GIS is based on how the map is produced and responds to users' interactions over the Web. The publication and distribution of spatial data are increasingly important activities enabling organizations to share domain-specific dynamic spatial information over the Web. Web GIS add GIS functionality to a wide range of internet-based applications in government, business, research and education. It has several advantages such as worldwide access, dynamic data access and user-friendly interface.

An illustrative view of Web GIS architecture:

Application logic

Page 86 of 124 SADKN Portal Guidelines Report

Typical applications for GIS software include the evaluation of places for the location of new stores, the management of power and gas lines, the creation of maps, the analysis of past crimes for crime prevention, route calculations for transport tasks, the management of forests, parks and infrastructure, such as roads and water ways, as well as applications in risk analysis of natural hazards, and emergency planning and response. For this multitude of applications different types of GIS functions are required and different categories of GIS software exist, which provide a particular set of functions needed to fulfill certain data management tasks.

Suggested features for the Web GIS software:

Data Management It is suggested that the software provides for geodata services for data extraction, replication and synchronization, as well as a framework and tools for managing large spatial datasets in an RDBMS

GIS Web Services Software should support Web services including but not limited to Map, Image, Globe, locator and geo processing

Mapping It is recommended that it includes tools for creating rich browser-based Web mapping applications

Spatial Analysis It should support server-based analysis and geoprocessing, including vector, raster, 3D, and network analytics, as well as models, scripts, and tools

Publishing to Clients This would be a very key feature and hence it should support a broad range of clients and browser-based applications such as Google Maps or Microsoft Virtual Earth etc

Image Management It is suggested that the system should support the image management

Web Application Functionality It should support functionalities including but not limited to pan, zoom, identify features, measure distances, find addresses, query and search attributes

Advanced Spatial Analysis The system should support advanced spatial modeling and analysis, such as suitability analysis, cut-fill, line-of-sight, terrain modeling etc

Page 87 of 124 SADKN Portal Guidelines Report

Spatial Web Editing Functionality It should support spatial editing tasks for applications such as adding, modifying, and deleting map features like points, lines, and polygons

GIS Software Categories

Different types of GIS software exist with different functionality. Desktop GIS usually serve all GIS tasks and are sometimes classified into three functionality categories: ••• GIS Viewer ••• GIS Editor ••• GIS Analyst

Spatial Database Management Systems are mainly used to store the data but often also provide (limited) analysis and data manipulation functionality. WebMap Servers (UMN Server) are used to distribute maps and data over the internet.

Similarly, WebGIS Clients are used for data display and to access analysis and query functionality from Server GIS over the internet or intranet. Libraries and Extensions provide additional (analysis) functionality that is not part of the basic GIS software, for instance functions for network and terrain analysis, or functions to read specific data formats. Finally, Mobile GIS are often used for field data collection.

Selection of the final solution for implementing the Web GIS feature would depend on the features, functionalities and actions desired to be performed using the software. However, a feature integrating the SADKN portal with the GIS related information is highly recommended with the suggested features as mentioned above.

Another technology which can be used is the Mash-up Technology. A brief write-up about the same is presented in the ensuing section.

Mash-up technology Mash-up is a web application that combines data from more than one disparate source into a single integrated which remains oblivious to the underlying data model. The SAARC Disaster Management Centre Portals is envisaged to be used as a one stop medium for accessing various information for which various application-to-application communications would be required to access information and various services of departmental portals. Mash-ups exemplify web services technology, fusing data from two or more disparate Web applications to create an integrated experience informed by the original data sources with out the involvement of the underlying data model.

Page 88 of 124 SADKN Portal Guidelines Report

Mash Ups

Mash up depends on the logical layer to support point to point messaging. Messaging is a form of interoperability, which is guided by the different protocols defined by GOI (IIP, IIS etc) which can be XML based.

Page 89 of 124 SADKN Portal Guidelines Report

An illustrative view of Mash-up architecture

Comparison between Web GIS and Mash-up technology

Web GIS Map Mash-up Application and base map data in one Application data and map data separate database Server side map creation Client side Map centric Application centric Own map data required Application data displayed in a map like Google maps GIS knowledge required Elementary or minimal GIS knowledge required Large number of features are integrated Slow processing for higher number of features

Page 90 of 124 SADKN Portal Guidelines Report

Annexure III – A brief write-up about CMS

A content management system (CMS) is a computer application used to create, edit, manage, search and publish various kinds of digital media and electronic text. CMS is frequently used for storing, controlling, versioning, and publishing specific documentation. The content managed may include computer files, image media, audio files, video files, electronic documents, and Web content etc. These concepts represent integrated and interdependent layers. There are various nomenclatures known in this area: Web Content Management, Digital Asset Management, Digital Records Management, Electronic Content Management and so on. The bottom line for these systems is managing content and publishing, with a workflow if required.

A CMS should support the following features: • Identification of all key users and their content management roles • The ability to assign roles and responsibilities to different content categories or types • Definition of workflow tasks for collaborative creation, often coupled with event messaging so that content managers are alerted to changes in content (For example, a content creator submits a story, which is published only after the copy editor revises it and the editor-in-chief approves it.); • The ability to track and manage multiple versions of a single instance of content • The ability to capture content • The ability to publish the content to a repository to support access to the content (Increasingly, the repository is an inherent part of the system, and incorporates enterprise search and retrieval.); • Separation of content's semantic layer from its layout (For example, the CMS may automatically set the color, fonts, or emphasis of text.).

There are three main categories of CMS, with their respective domains of use: 1. Enterprise CMS - strategies, methods and tools used to capture, manage, store, preserve, and deliver content and documents related to processes 2. Web CMS - A web content management system (WCMS or Web CMS) is content management system (CMS) software, usually implemented as a Web application, for creating and managing HTML content. A WCMS facilitates content creation, content control, editing, and many essential Web maintenance functions. Most of systems use a database to store content, metadata, and/or artifacts that might be needed by the system. Content is frequently, but not universally, stored as XML, to facilitate reuse and enable flexible presentation options. A presentation layer displays the content to regular Web-portal visitors based on a set of templates. The templates are sometimes in the format of XSLT files. Administration is typically done through browser-based interfaces. Unlike Web-site builders

Page 91 of 124 SADKN Portal Guidelines Report

like Microsoft FrontPage or Adobe Dreamweaver, a WCMS allows non-technical users to make changes to an existing site with little or no training

There are three major types of WCMS: • Offline processing: These systems pre-process all content, applying templates before publication to generate Web pages. Vignette CMS and Bricolage are examples of this type of system • Online processing: These systems apply templates on-demand. HTML may be generated when a user visits the page, or pulled from a cache. Hosted CMSs are provided by such SaaS developers as AspireCMS, Bravenet, UcoZ, Freewebs and Crownpeak. Some of the better known open source systems that produce pages on demand are Mambo, Joomla!, Drupal, TYPO3, Zikula and Plone. DotNetNuke is a partially open source CMS that runs on asp.net and is free to download and install • Hybrid systems: Some systems combine the offline and online approaches, these are called as hybrid systems Some systems write out executable code (e.g. JSP, ASP, PHP,ColdFusion,Perl pages) rather than just static HTML, so that the CMS itself does not need to be deployed on every Web server. Other hybrids, such as Blosxom, are capable of operating in either an online or offline mode 1. Component CMS

Examples of open source CMS: Joomla! Joomla! is a free open source content management system for publishing content on the World Wide Web and intranets as well as a Model–view–controller (MVC) Web Application Development framework. The system includes features such as page caching to improve performance, RSS feeds, and printable versions of pages, news flashes, blogs, polls, website searching, and language internationalization. Joomla is licensed under the GPL. Each website requires a separate Joomla! Installation.

Mambo Mambo is a full-featured, award-winning content management system that can be used for everything from simple websites to complex corporate applications. It is used all over the world to power government portals, corporate intranets and extranets, ecommerce sites, nonprofit outreach, schools, church, and community sites. Advanced interface features include printable versions of pages, news flashes, blogs, forums, polls, calendars, website searching, language internationalization, and many others. Mambo is released under the terms of the GNU General Public License (GPL) Version 2. It is written with the PHP programming language and uses the MySQL database.

Drupal

Page 92 of 124 SADKN Portal Guidelines Report

Drupal is a free software package that allows an individual or a community of users to easily publish, manage and organize a wide variety of content on a website. The built-in functionality, combined with dozens of freely available add-on modules, will enable features such as Content Management Systems, Blogs, Collaborative authoring environments, Forums, Peer-to-peer networking, Newsletters, Podcasting, Picture galleries, File uploads and downloads. Drupal is built on top of a database abstraction layer that enables you to use Drupal with MySQL and PostgreSQL. Other SQL databases can be supported by writing a supporting database backend containing fourteen functions and creating a matching SQL database scheme

TYPO3 TYPO3 is a free Open Source content management system for enterprise purposes on the web and in intranets. It offers full flexibility and extendibility while featuring an accomplished set of ready-made interfaces, functions and modules. A number of database systems are supported by TYPO3 e.g. MySQL, Oracle, PostgreSQL, etc

POST NUKE PostNuke is software that creates an impressive, dynamic web site and provides the webmaster with a site they can administer with a minimal amount of HTML knowledge through a web browser. PostNuke's functionality can be increased by installing modules, blocks and themes. Features of POST NUKE include Template engine for theming, API, RSS feeds, Forums, Polls, Language internationalization, Galleries, Chat, Games, Reviews, Links... with many third parties add-on

Page 93 of 124 SADKN Portal Guidelines Report

Annexure IV - SADKN Portal: Search Methodology

Search functionality is one of the most extensively used features of a portal / website / search engine. It is one of the most user friendly features and saves a lot of time of the user by providing an efficient and quick way of identifying and locating what the user is searching for.

In case of SADKN portal, it has been envisaged that any user of the portal should be able to search and retrieve relevant even from any of the associate websites / portals. Hence, relevance of Search Methodology and options provided are important.

It is recommended that the following features should be available for the users on the SADKN portal: i. Search help / tips: shall provide information on the type of searches possible and hints on how to narrow down the search ii. Advanced search: This link shall pull up a more detailed and often more user-friendly search page that can help narrow searches from a plethora of information available within the SADKN network iii. Miscellaneous Search: Spell Checker should be provided to support search word keyed by giving options for the correct word incase a word is incorrectly spelt

Recommendation on types of Search Methods Following is a list of search methods which are recommended (but should not be limited only to) for the typical nature of the Search functionality with respect to the SADKN portal • Key Words search • Limiters and Operators search • Nesting • Subject-Matter Indices • Tree Research

Page 94 of 124 SADKN Portal Guidelines Report

Annexure V - List of features

Feature Description About Us Should contain the information about the organization and should have details of the establishment of the organization, nature of work they are doing, activities, etc News Should contain updated news for all the events as they happen. This feature is updated by the all the partners related to the portal Archive Should archive the updated information on the portal which can be used for future references Donate Should provide the option to the visitor individuals & organizations for donating money which can be further used for the disaster management as well as disaster relief Documents Should provide the option to access the documents for the referral purposes by the users of the portal such as annual reports, disaster management plan etc Emergency Office Should provide the links and information to contact the emergency services at the time of emergency Distance Calculator Should provide the option to the user to calculate distance between two locations Locating a place This is a special search tool that provides information about all important places of a country and is linked to Google earth for displaying the place on Google map or provides information in textual form Knowledge base K-base is a dedicated comprehensive database on disasters dealing with cause to consequences and is expected to be built by numerous contributors. The portal should enable the contributors to register themselves as members of the Portal, and participate in enriching the central repository. All disaster related the information will be classified under 8 themes: Earthquake, Flood, Cyclone, Drought, Landslides, Epidemic, NBC and Others, which are again segregated into various subcategories Disaster Information Should provide consolidated source of disaster-related information and services with the members’ countries. Information includes occurrences of different hazards, its geographic distribution, vulnerability atlas, mitigation, preparedness, response mechanism, relief, recovery etc Real time disaster The portal shall provide access/ integrate various real time information update information on weather, natural hazards and disasters available in

Page 95 of 124 SADKN Portal Guidelines Report

public domain in member countries and display the same online on country maps. Integration with other portals can happen using Web services, RSS, Mash Up technology, etc Map centre Client-server based WEB-GIS application (can be accessed through web-browser from anywhere in the world) to generate dynamic thematic maps (Demographic, Critical establishment, Natural Hazard and Vulnerability profile etc). Mash Up technology can also be used Group Discussion Should allow members to form groups and trigger discussion on Forum various issues of disaster management. This will help to initiate a communication between the members Calendar Should arrange events related to disaster management chronologically Smart Search Should provide for searching the right information at minimal time available in the network. It will also have a link to Google search engine Expertise Locator Should help in identification of trained human resources in various fields of disaster management in the country FAQ Frequently asked questions Site Map Should provide complete website details and links Legal Terms All the legal terms related to the site should be listed Communities Option to generate communities on the portal in which topics related to disaster management can be discussed and learned Weather Update Comprehensive weather update should be provided on the portal which would indicate the risk as well. Like for example a heavy rainfall which can cause flood Emergency This link on the portal should provide the information about the best management practices and plans which should be followed at the time of emergency Education and Should provide information / training related to disaster Training management Ongoing projects This link on the portal should provide the information about the latest projects going on related to disaster management and the advantages of those projects for the society Login for authorized Should provide for authorized users to login and upload the secure users data on the portal using the publishing workflow Notifications This link on the portal should provide the owner the ability to issue any notice to the users of the portal if required Global issues Should provide information about the latest Global issues and their happenings related to Disaster Management Policies All the latest polices made related to disaster management should be

Page 96 of 124 SADKN Portal Guidelines Report

available Feedback form Feedback option should be provided to users using which portal can be further improved upon Volunteers Should be an access to the users to register themselves for volunteering for the cause of disaster management Spread the word Gives the user the ability to tell his/her friends about this portal Email Updates This link on the portal gives the user the ability to register an email address / mobile number so that he or she can receive e-mail updates Missing Person Update / request / provide information about the missing people in a Registry disaster situation Shelter Registry Provides user the ability to locate on a map all the places where disaster shelter camps are situated Organization registry This link on the portal gives the Organizations the ability to register themselves for the help and volunteering for disaster management Counter Should keep a log of the total number of visitors to the site

Page 97 of 124 SADKN Portal Guidelines Report

Annexure VI - Comparison of Open Source Database Options

Features Firebird Ingres MaxDB MySQL PostgreSQL Licensing Initially Inprise Ingres is MaxDB is available MySQL is PostgreSQL is modules were available under the MySQL available under released licensed under under the Dual Licensing the MySQL under the the InterBase Computer Model: Dual Licensing BSD license. Public License Associates • Commercial Model: (IPL). New Trusted • GNU General • Commercial code modules Open Public License • GNU added to Source General Firebird are License Public licensed under License the Initial Developer's Public License (IDPL) Operating • Microsoft • Microsoft • Microsoft • Microsoft • Microsoft Systems Windows 95 / Windows Windows 2000 / Windows 95 Windows Support 98 / ME / 2000 / XP XP / 98 / ME / 2000 / XP 2000 / XP • Microsoft • Microsoft 2000 / XP • Microsoft • Microsoft Windows Windows Server • Microsoft Windows Windows Server 2003 Windows Server Server 2003 2003 • Linux Server 2003 2003 • Linux • Linux • Sun Solaris • Linux • Linux • Sun Solaris • Sun • Sun Solaris • Sun Solaris • Mac OS X Solaris Sparc • Mac OS X • Novell Netware Limits per Maximum Maximum Maximum number Maximum Maximum Database number of number of of tables: Unlimited number of number of tables: 32767 tables: Maximum database tables: tables: Maximum 67108863 size: 32 TB (with 8 Unlimited Unlimited database size: Maximum KB page size) Maximum Maximum Theoretical limit database Maximum number database size: database size: of 7 TB size: of files/volumes per Unlimited Unlimited

Page 98 of 124 SADKN Portal Guidelines Report

Maximum Unlimited database: 64 – Maximum Maximum number of files Maximum 4096, specified number of files number of per database: number of by a configuration per database: files per Theoretically files per parameter Unlimited database: Not 65536 (216) database: Maximum The maximum determinable including Unlimited file/volume size size of a shadow files Maximum (data): 518 MB – 8 MySQL Maximum page page size: GB tablespace is size: 16384 65536 bytes Maximum 64 TB bytes file/volume size Maximum (log): 16 TB cache buffers: 65536 pages Complex Maximum size Maximum Maximum size of a Maximum size Maximum size Query of a SQL size of a SQL statement: ≥ of a SQL of a SQL Limits statement: 64 SQL 16 KB (Default statement: 1 statement: No KB statement: ≥ value 64 KB, GB, 16 MB is information Maximum 64 KB specified by a default. available number of Maximum system variable) Maximum Maximum members in an number of Maximum number number of number of IN list: 1499 members in of members in an members in an members in Maximum an IN list: IN list: 2041 IN list: No an IN list: number of No limitation limitation found 10917 using joinable tables: found Maximum the default 255 Maximum number of Maximum number of joinable tables: number of joinable 61 joinable tables: 126 tables: No limitation found SQL- Firebird's SQL The SQL-92 MaxDB can be Several PostgreSQL Standards language standard operated in one of differences supports a adheres closely (ISO/IEC the following SQL between subset of both to the SQL-92 9075:1992) modes: MySQL and the SQL-92 standards is supported - INTERNAL: standard SQL and SQL-99 (ISO/IEC at entry Database system- are listed. A standards. It

Page 99 of 124 SADKN Portal Guidelines Report

9075:1992) at level. internal definition warning is gives detailed entry level. SQL-92 - ANSI: ANSI given, that explanations Firebird 1.5 standard standard according “Concatenating of what is introduced a behavior to ANSI X3.135- many RIGHT supported and number of can be 1992, Entry SQL JOINS or what features in switched off - DB2: Definition of combining is not accordance for DB2 Version 4 LEFT and with the more compatibility - ORACLE: RIGHT join in recently with Definition of the same released SQL- older ORACLE7 query may not 99 standard. versions of MaxDB does not give a correct Although Ingres support the INNER answer”. FirebirdSQL and OUTER join Unfortunately follows syntax. An outer “many” is not standard join is represented further closely, there by the operator (+) detailed. Full are small outer joins are differences not supported Prepared Supported Supported Supported Supported Supported Statement s Error Code Yes Yes Yes Yes Yes Expressiv eness Date/Time Yes Yes Yes Yes Yes Literals Full-Text No No No MySQL does PostgreSQL Search support full-text doesn't searching, but include full- only on text indexing MyISAM type as part of the tables core distribution Load Firebird doesn't Load MaxDB doesn’t Load balancing Load

Page 100 of 124 SADKN Portal Guidelines Report

Balancing have a built-in balancing support load happens in balancing load balancing happens in balancing in an MySQL between two facility Ingres when clustered clusters nodes can be using the environment built up with Grid Option the “pgpool” add-on. Large More than 2 GB More than 2 More than 2 GB on Large Memory Large Memory Memory on 32-bit GB on 32- 32-bit platforms. Support on 32- Support on Support platforms. bit bit platforms is 32-bit platforms. not assured platforms is not assured Replicatio No but possible Yes Yes Yes Yes using n with third party exta application applications System Firebird does “Ingres The “Database The tool The graphical Managem not come with Visual Manager” tool is "MySQL administration ent visual tools. Manager” used to manage Administrator" tool "pgAdmin The Firebird captures database enables the III" has a core package events that instances. DBA, among server status includes a set are You can use it other window where of command- occurring in among other things administrative the DBA can line tools, which the to create, monitor, tasks, to see a list of can be used to system. The back up, and visually open query DBA has restore database monitor the connections particular the instances. The database along with database possibility to “Database health. Aside further health specify Manager” GUI has from other detailed information like which a database information. transaction messages graphical user health The server statistics, must interface and can informations, status window indepth be be used only on the number of is capable of information discarded, Microsoft Windows. open refreshing about indexes which are However, you can connections, itself and more. displayed, use the Database the amount of periodically. There is no and which Manager GUI also traffic, and the There is no built-in way to additionally to manage number of SQL built in

Page 101 of 124 SADKN Portal Guidelines Report check if a trigger database instances queries is mechanism of remote Firebird special that are running on shown. There warning server is alerts. a remote computer is no built in the DBA when currently up Special with a mechanism of certain limits and running, alerts different operating warning the are being except include system. There is DBA when reached or the when trying to playing also a web edition certain limits connection to connect to a sounds and of “Database are being the remote displaying Manager” as well reached or the database is database with message as a command-line connection to lost. the command- boxes and version. the database is PostgreSQL line forwarding MaxDB does not lost. does not tool “isql” for of message support SNMP or support instance. texts to the any other SNMP or any Firebird does operating management other not support system protocol management SNMP or any event natively. protocol other handling natively. management system for protocol further natively. treatment. The Ingres managemen t architecture is compatible with standard managemen t protocols like SNMP, Distributed Managemen t Environmen

Page 102 of 124 SADKN Portal Guidelines Report

t (DME) and Common Managemen t Interface Protocol (CMIP). Security The server Kerberos is The MaxDB MySQL uses a Kerberos is installation supported database system proprietary supported. At includes a user as an differentiates authentication a given time authentication authenticati between two types protocol using either database for on of users: a Kerberos storing mechanism. - Database users user/password version 4 or 5 definitions of all There is no access the data in information. can be used, users that have built-in SSL the database Additionally, not both access to the support instance using SQL MySQL can together. SSL, Firebird Server. available. statements check X509 PAM, MD5 A Ingres - DBM operators certificate and SSH are case-sensitive Installations (Database Manager attributes but supported for password must can be operators) manage there is no authentication be defined for administere database support for and each user and d in instances using the other encrypting used to compliance Database Manager authentication connections. gain access to with the tool mechanism It is possible the server. The National The database like Kerberos to assign a command-line Computer system or LDAP for password to tool for Security administrator instance. SSL- the database maintaining the Center (SYSDBA user) encrypted super user user database (NCSC) C2 and the first DBM connections operating is gsec. security operator have between system user User standard. special MySQL clients account to authentication authorizations. and servers divide security is required User names can be are supported. handling whenever a up to 32 between the remote or local characters. operating client Passwords have a system and connects to a maximal length of the database

Page 103 of 124 SADKN Portal Guidelines Report

Firebird 18 (ASCII character management database. set) or 9 system. Passwords can (UNICODE be up to 32 character set) characters, but characters. only the first MaxDB uses a eight proprietary characters are authentication significant. protocol and Hence, for doesn’t support example, the other authentication passwords mechanism like masterkey and Kerberos or LDAP masterkeeper for instance. are seen by the server as Passwords aren’t identical. sent in a human- Passwords are readable way from case sensitive. the client to the Passwords are server. encrypted by the Firebird API at the client, before they are sent to the server. Firebird doesn’t support other authentication mechanism like Kerberos or LDAP for instance Support Commercial CA.com Commercial Free support There are Availabilit support is offers support contract can be several y available extensive with SAP [MaLi05]: obtained from companies

Page 104 of 124 SADKN Portal Guidelines Report through Ingres If you are using the community worldwide IBPhoenix support in database system in groups, lists offering [IbPh05]. many an SAP application, and forums. PostgreSQL IBPhoenix is a countries. then you Commercial support web site and an Also several are given access to support can be and organization courses in the whole of SAP obtained from professional that provides administrati AG’s support partners services information on and infrastructure worldwide or and services to application through the support directly from InterBase® and developmen contract with SAP. MySQL AB. Firebird t can be Commercial Training, developers and taken in support contract consulting and users, those cities with MySQL: 24x7 telephone who develop around the If you are using the hotline support applications on world. database system in are available InterBase® or other applications Firebird, and (not SAP those who applications), then develop and you can conclude a use the support contract underlying with MySQL. database Freely available engine itself. support via the The IBPhoenix MaxDB mailing list team has an unparalleled depth and breadth of experience with InterBase® and Firebird, as developers, as users, as consultants, and in providing

Page 105 of 124 SADKN Portal Guidelines Report accurate, useful answers to questions about either product. Free support is available through community groups, lists and forums active on the Firebird Open Source projects. A list of available groups is available here

Page 106 of 124 SADKN Portal Guidelines Report

Annexure VII – Hardware Specifications

This section provides the specifications of the hardware components for creation of SDMC Data Centre. These specifications are indicative only and the actual might vary depending on the requirements of the stakeholders.

Internet router Particulars Specifications Hardware High Performance CPU Architecture Modular Chassis Power supply 230 Volt 50Hz input Memory ∗ RAM  64 MB, upgradeable to 128 MB Flash  32 MB, upgradeable to 64 MB Performance 0.2 Mbps (64byte packet) Interface / Slots Ethernet  1 copper + 1 Fibre E1 Ports  4 ports, V.35 4 ports HP will provide E1 ports only to support 30x64 KBps data channels. ISDN BRI - 8 Ports. The ISDN will used for auto dial-back in case of lease line failure. The auto dial backup can also be given on separate device, if OEM does not support on a single device. Will have 2 Free slots Console port  1 number Routing Protocols Static Routing RIPv1, RIPv2 OSPF with demand Circuits BGP4 Policy Routing Protocols PPP, Multi link PPP HDLC MPLS IPv4 and IPv6 NAT, PAT Multicasting  PIM or MOSPF VPN/Tunnel GRE tunnelling and IP Sec 3DES/AES VPN for configuration of VPN tunnels.

Page 107 of 124 SADKN Portal Guidelines Report

200 concurrent tunnels Encryption IP Sec 3DES/AES

Dialling capability ISDN Dial backup. The ISDN will be used in case of lease line failure for auto dial-back from Internet router. The auto dial backup can also be given on separate device, if OEM does not support on a single device

In-active hang-up Security NAT, PAT Multilevel Access control Supports ACL to provide supervision and control. Controlled SNMP Access through implementation of Access Lists on the router to ensure SNMP access only to the SNMP manager or the NMS workstation Controlled SNMP access through the use of SNMP with MD5 authentication. Supports Remote Authentication User Service (RADIUS) and AAA Supports PPP CHAP Management & Accessibility using Telnet, SSH, Console access for Upgradeability administration and configuration Supports FTP or TFTP for easy software upgrades over the network. SNMPv1, snmpv2/v3 Supports configuration management through the CLI, GUI or web interface. Supports Event and system history logging functions & Syslog Supports pre-planned timed reboot to upgrade their hardware to a new software feature and plan the rebooting as an off-peak time Physical 19” Rack Mountable

Accessories All necessary power cords, data cables, connectors, CDs, manuals, brackets accessories, wire managers, etc. will be provided.

Page 108 of 124 SADKN Portal Guidelines Report

Firewall Particulars Specifications Power Supply 200-240 VAC, 50 Hz Internal Redundant Power Supply Physical attributes 19” Rack mountable Modular Chassis Hardware Interfaces  2 x GE and option for expansion to 4 GE ports

Console Port  1 number Memory ∗ Minimum RAM 64 MB & Upgradeable 128 MB flash Encrypted throughput: minimum 500 Mbps Concurrent connections: 10000 Simultaneous VPN tunnels: 2000 Clear text throughput: 2 Gbps Architecture Will be installed in Redundancy Will be hardware based Routing Protocols Static Routes RIPv1, RIPv2 OSPF BGP4 (optional) Firewall Route redistribution between any of the above protocols (optional) Protocols TCP/IP, PPTP RTP, L2TP IPSec, GRE PPPoE, EAP-TLS, RTP SIP, H.323 FTP, HTTP, HTTPS SNMP, SMTP, TFTP DHCP, DNS IPv6 Other support 802.1Q, NAT, PAT, IP Multicast support, Remote Access VPNURL Filtering, Logical interface support (VLAN), Layer 2 Firewall, Virtual Firewall.

Page 109 of 124 SADKN Portal Guidelines Report

Access Radius , TACACS

QoS QoS features like traffic prioritization, differentiated services, committed access rate. Supports for QoS features for defining the QoS policies. Supports Low Latency Queuing. L2 and L3 CoS/DSCP Priority Mapping.

Encryption IPSec, DES/3DES/AES

Hardware, software Management Console, Telnet, SSHv2, Browser based configuration SNMPv1, v2 Maintenance & Scheduled System Reload (Reboot) Serviceability Main components like motherboard, IO board, power supplies and fan tray are field replaceable. Cables and All accessories including data cables, clamps, connectors, etc will accessories be provided.

IPS

Particulars Specifications Features Minimum Layer 7 Throughput --> 2.0 Gig, using single or multi device solution. Number of segments  2 x Gig Supports fail-open to four Gigabit segments in case of Power / hardware / software failure Will protect against DoS/ DDoS / SYN-flood/ TCP-flood /UDP-flood Has “Zero-day” protection against DoS attacks based on traffic behaviour Action on Block attacks in real time, Drop Attack Packets, Packet Logging detection Reset Connections, Action per Attack Stateful Operation TCP Reassembly

IP Defragmentation Bi-directional Inspection

Page 110 of 124 SADKN Portal Guidelines Report

Forensic Data Collection Access Lists Signature Vendors Signature Database – minimum 3600 Detection Device will have capability to add unlimited User Defined Signatures. Supports Automatic signature synchronization from OEM database server on web Alerting Alerting SNMP, SMTP support Log File, Syslog support Management Console, SSH, Telnet, HTTPS, HTTP, SNMP v1/v2C/ v3 Operations Supports 24/7 Security Update Service Supports Real Time signature update Supports Provision to add static own attack signatures Reporting System provides centralized reporting and management. System provides comprehensive security event reporting System provides comprehensive security event reporting. Power Internal Redundant Power Supply 230 V AC , 50Hz

Server Particulars Specifications OS Windows / Unix / Linux (with patches, license, Support, Subscription, Anti virus, etc) Hardware CPU 1 number (capabilities to expand to 2 CPU) Minimum Processor  Intel Xeon 3.0Ghz (dual-core) or higher with 4 MB L2 cache (dual-core) and 1333 MHz FSB RAM Minimum 8 GB PC2-3200 DDR II 667 MHz RAM with ECC fully buffered memory expandable up to 16 GB HDD 3x146GB or higher Serial Attached SCSI (SAS) Hot Pluggable HDDs (10K rpm or higher, 3.5”) with RAID 5 implementation Network Card Dual: 10/100/1000Mbps RAID SAS RAID controller with at least 256MB of battery-backup cache CD & DVD 16x or higher DVD-ROM/ CD Writer Combo slim drive Graphics card 8 MB Display memory Ports 1x Serial, 2xUSB, 1x PS/2 Mouse, 1x PS/2 KBD, 1xVGA , 2xRJ45,

Page 111 of 124 SADKN Portal Guidelines Report

Slots At least 3 PCI/ PCIe slots Keyboard * Please see details of KVM Switch along with one Keyboard and one Mouse* Optical Mouse Monitor * Chassis The chassis with redundant hot-swap power supplies.

The chassis will have necessary provision to connect to an external SAN array with 2 FC Ports on separate cards (4 gig., option for additional 2 redundant ports).

LEDs to show system activity and status of components

chassis having 6 HS drive bays with Hot Swap power supply,

(Optional: Daisy chaining feature to connect more Rack Server) Ports 1x Serial, 2xUSB, 1x PS/2 Mouse, 1x PS/2 KBD, 1xVGA , 2xRJ45, Software All required device driver software as per above configuration, in media with manual, for OS installation, System Configuration & Management Server (a) Remote management of the server over LAN/ WAN (b) Hardware Management remote console feature ( c) In band & out of band remote Features management (d) Remote power On (e) Server health logging & Monitoring Advance warning for processor & memory failure (f) Integrated management log Certifications Energy star compliant, NSTL, FCC (EMI EMC/ ETDC) certified, ISO 9001: ISO 14001, ACPI compliant, PCI compliant OS Certifications Certified for proposed OS OS with Server Operating System with patches, license, 5 years’ Support/ Subscription, (Anti-virus if any)

Page 112 of 124 SADKN Portal Guidelines Report

LAN Switch

Particulars Specifications Interface /Slots 1 x 24 ports 10x100x1000 GE 2 x 1000Mbps ports base Single Mode Performance Minimum Packet forwarding rate should be 20 Mpps Minimum 100 Gbps switching fabric capacity General Features Layer3 - with following supports (RIPv1, v2, OSPFv2, VRRP, DHCP). Licence for OSPF & VRRP Supports Port Mirroring Supports Port Trunking Link Aggregation IEEE 802.1Q VLAN encapsulation 802.1Q Minimum 255 VLAN Supports Port based network access control (802.1x) Supports port security Traffic shaping and policing MAC Address security/MAC Address Notification support which allows for notification of new users added or removed. Management RS-232 Console port Easier Software upgrades through network, using FTP, TFTP, etc. Accessibility using Telnet, SSH, Console access. Easier Software upgrades through network, using FTP, TFTP, etc. SNMPv1, snmpv2 Configuration management through CLI, GUI based software utility and using web interfaces. GUI tools will be provided. Event and system history logging functions will be available. Supports Syslog Server requirements Switch will have CPU utilization monitoring and Port description Standards IEEE 802.1x support IEEE 802.3x full duplex on 10BASE-T or 100BASE-TX or 100BASE-TXports IEEE 802.1d Spanning-Tree Protocol IEEE 802.1p class-of-service (CoS) prioritization IEEE 802.1Q VLAN IEEE 802.1s

Page 113 of 124 SADKN Portal Guidelines Report

IEEE 802.1w IEEE 802.3 10BASE-T specification IEEE 802.3u 100BASE-TX specification Power Supply Internal power supply 230 Volt 50Hz input Mounting 19” Rack mountable L3 features PIM Sparse Mode, Bi-directional PIM, IGMP v1, v2 ICMP support IPv6 classification & filtering supported

UPS – 20 KVA

Particulars Specifications Certified ISO 9001 certified to Manufacturer Technology Inverter device IGBT based Microprocessor controlled Digital Design Double Conversion True On-line UPS Overall efficiency >85% (AC-AC) Inverter efficiency >90% Input Input Voltage & 300-460VAC 3Phase Range Input Frequency 50 Hz ± 5% Range Input Phase Three Phase with ground Input current THD < 15% Input Power Factor 0.9 or better Output 20 KVA Voltage 220VAC-230VAC Voltage Regulation +/-1% Rated Output 40 A at 0.8 p,f./32A at U.P.F current Switching 15 KHZ Frequency Output Frequency Free running Mode 50Hz ± 0.5% regulation Sync Mode 50Hz ± 2 Hz

Page 114 of 124 SADKN Portal Guidelines Report

Harmonic Distortion 2% (linear load) (THD) 3% (non-linear load) Output Waveform Pure Sine wave Crest Factor 2.5:1 Power Factor 0.6 to unity Battery Battery Backup 1 Hours on full resistive load Battery Type Sealed Lead Maintenance Free VRLA type (Lead Calcium SMF batteries NOT acceptable) DC Bus Voltage DC Bus Voltage of UPS to be specified Battery Ratings 10KVA: 38000VAH Transfer Time 0 ms Battery Enclosure MS Rack Powder Coated General Operating 0 to 50 degree centigrade Temperature Noise level <45 dB @ 1 Meter Alarms & All necessary alarms & indications essential for performance Indications monitoring of UPS will be incorporated. Bypass Automatic Bypass Switch Overload capacity 110% for 10 minutes and 125 % for 1 minute Compatibility UPS will be compatible with DG Set supply and mains supply Isolation Galvanic Isolation Transformer in-built in the UPS Standard RS 232 port for software interface SNMP interface support Dimensions Bidder to specify dimensions (H x W x D) for UPS & Batteries Set Architecture UPS systems will have back to back ‘hot standby’ configuration with common battery bank

Page 115 of 124 SADKN Portal Guidelines Report

Generator Set – 30 KVA

Particulars Specifications Engine type Multi-cylinder, in accordance with IS 10002-1981with latest amendments

General Electric start 12 V DC Features Water cooled /Air cooled Mechanical/Electronic Governor Fuel  High speed diesel Rating  Continuous Output Suitable HP rated to match the alternator Rated Speed  1500 RPM Over load 10% overload – 1 hour capacity 50% overload – 15 second Accessories Flywheel to suitable diameter and fuel injection equipment Air cleaner Lubricating oil cooler (if required) Electric motor starting equipment like motor, battery, charging generator with voltage regulator etc. Heavy duty radiator with fan Residential type silencer with exhaust piping with vibration isolator Fuel tank suitable for 8 Hrs of continuous running with necessary piping and fuel gauge, drain valve, inlet and outlet connections. Anti vibration mounting pads Speed controlling governor Suitable coupling system to the Alternator Tachometer Lubricating oil pressure gauge Hour meter to indicate number of Hrs of operation Auto trip on low oil pressure Over speed alarm with trip Thermal insulation for exhaust line with glass wool, Aluminium sheet, chicken mesh, Diesel line 12 mm dia (or as applicable) including beads flanger etc Battery 12 V with lead and terminal Battery charger. Protection against low lubricating oil pressure, high water

Page 116 of 124 SADKN Portal Guidelines Report

temperature and over speed will be provided for engine with alarm and fuel shut off. Alternator Output  30 KVA P.F  0.8 lag Voltage  415V, 3Ph Type  continuous running duty type Frequency  50 Hz Phase  3,4 wire Speed  1500 rpm Cooling  Air-cooled / water cooled Over load capacity 10% overload – 1 hour 50% overload – 15 second Lubrication  forced (if required) Excitation  Self excited, self regulated, automatic voltage regulator with remote voltage control facility Permissible voltage variation  +/- 1.5% of rated voltage Insulation  Class H Base frame  Engine and alternator will be coupled and mounted on sturdy, fabricated, welded construction, channel iron base frame with coupling guard. Control Panel The Genset control panel will be of 14 SWG CRCA sheet and powder coated finish. The panel will be provided with standard engine instrumentation, Voltmeter with selector switch, Ammeter with selector switch, Frequency meter, Current transformer, Instrument Fuses etc. MCCB/MCB of suitable rating will be provide for overload and short circuit protection

AMF AMF facility will be provided for the DG set. AMF relay shall be provided in the control panel/Electrical panel with required control wiring and Contactors for automatic operation will be done.

Acoustic Weather and sound proof Acoustic enclosure will limit sound level enclosure below 70 db at 3 m distance from the set. Minimum 50 cm all round clearance will be provided inside. The exhaust pipe shall be minimum 1.8 m above ground level. Additional Canopy will be provided over the Acoustic enclosure with suitable steel structure.

Dimensions Bidder to specify dimensions (H x W x D)

Page 117 of 124 SADKN Portal Guidelines Report

Desktop Specification Particulars Specifications

Processor Processor with Hyper Threading (2.8GHz or more, 1MB L2 Cache, 800 MHz FSB Chipset 800G or higher Chipset

Motherboard OEM mother board

Memory 2 x 256 MB DDR SDRAM @ 400 MHz Expandable to 4 GB

Floppy Drive 1.44 MB

Hard Disk Drive 80 GB SATA SMART III 7200 rpm with Pre Failure Warranty

Optical Drive 52x IDE CD ROM

Graphics Integrated (on board) Intel Media Accelerator 900

Ethernet Integrated (on-board) 10/100/1000 controller

Bays Minimum : 6 (with support for 2 internal Hard drives) Slots Minimum : 4

x1 PCI Express Slot - 1 no

x16 PCI Express Graphics Slot - 1 no and

PCI PCI - 2 nos

Ports 1 Parallel, 1 Serial

4 USB (Ver 2.0) with at least 2 ports in front

VGA and 2 PS/2 ports

Power Supply Minimum 300 Watts (Surge protected)

Page 118 of 124 SADKN Portal Guidelines Report

Monitor 17" Color TFT with minimum 1280 x 1024 @ 60Hz resolution, Asset Controlled, Energy Star compliant

Keyboard PS/2 104 keys keyboard 30 sec/print, 4 � 6 in. (10 � 15 cm) in default mode Mouse PS/2 2 Button Optical Scroll Mouse

Diagnostic Tool Pre installed OEM's Diagnostic tool for hardware diagnostics

Cabinet box ISO certified, with cooling system

Printer / Scanner Specification Particulars Specifications Connectivity Connectivity options USB 2.0

Data transfer rate 480 Mbps

Bluetooth Optional

Display Display type LCD TFT

Display diagonal size 3 inches

Storage Type of storage media Memory card

Built in card reader Yes

Memory cards SD, SDHC, CF-I, CF-II, MMC, xD

Printing and Printing technology Inkjet Scanning Features Color printing speed 30 PPM

Grayscale printing speed 29 PPM

Paper input 100 sheets

Others Photo printing speed 30 sec/print, 4 x 6 in. (10 x 15 cm) in default mode

Supported paper types Plain paper, coated paper, photo paper, iron-on, transparency film, label media, greeting cards

Page 119 of 124 SADKN Portal Guidelines Report

Auto paper type detection Yes

Print functions 100%, fit-to-page, fill-page, mirror, poster

Scanner type CIS

Maximum scan size 21.6 x 29.7 cm

Ink system 2-cartridge, 6-ink system

Scanner support TWAIN and WIA import

Power Mains

Page 120 of 124 SADKN Portal Guidelines Report

Annexure VIII – An Indicative Costing for SADKN Portal Development & Hosting

OPTION 1: Development, Implementation and hosting is entirely done by SDMC

Financial Estimation: US$ 373800-393800

Item Detail Tentative Cost (in US $)

Software

Software Development Cost with Open Source 80,000 – 1,20,000

Software Development Cost with Proprietary Solution 1,50,000

Software License

OS Server 1000

Web Server 2000

Mail Server 2000

AV Server 2000

RDBMS 10,000

Total 17000

Hardware

Directory Server 10,000

Portal Server 10,000

Content Mgmt Server 10,000

Database Server 10,000

Web Server 10,000

Forms Server 10,000

Mail Server 10,000

AV Server 10,000

Router 10,000

Page 121 of 124 SADKN Portal Guidelines Report

L3 Switch 6000

24Port Patch Panel 800

Firewall 30,000

IPS/IDS 30,000

UPS (20 KVA)(30 min backup) 10,000

Genset (30 KVA) 20,000

Total 186800

Annual Maintenance Cost per year 30000

OPTION 2: Development and Implementation by SDMC only while hosting is entirely done by 3 rd party

Financial Estimation: US$ 90000-165000

Item Detail Tentative Cost (in US $)

Software

Software Development Cost with Open Source 80,000 – 1,20,000

Software Development Cost with Proprietary Solution 1,50,000

Annual Maintenance Cost per year 10000

Hosting Charge per year 0 - 5000 *

Note:

1. Costs mentioned above are only indicative in nature and does not include any taxes, duty, exchange rate, etc 2. Actual costs might vary depending upon final specification 3. * In case of Government departments, Government data centers provide hosting services at a very minimal or no cost. This option should be explored for hosting purpose

Page 122 of 124 SADKN Portal Guidelines Report

Annexure IX – An Indicative OPEX for Software

Product Line WebSphere Weblogic Sharepoint Liferay JBoss GlassFish (Middleware) (IBM) (Oracle) (Microsoft) (RedHat) (SUN) Product Edition Enterprise Enterprise Enterprise Standard Enterprise Enterprise (Platinum) Annual Included $5,500 Included $5000 $6,750 $8,999 Subscription / Support / Maintenance Cost (per unit)

Product Line Enterprise MySQL Microsoft IBM Oracle (Database) DB Product Line PostgreSQL MySQL SQL Server IBM DB2 v9 Oracle 10g Enterprise 2005 Product Edition Premium Platinum Enterprise Enterprise Enterprise Edition Edition Edition Database Server Open Source Open Source Proprietary Proprietary Proprietary Source Code Annual $4,495 $4,495 $5,000 $7,280 $10,450 Subscription, Support & Maintenance Cost (Per Unit

Note:

1. Costs mentioned above are only indicative in nature and does not include any taxes, duty, exchange rate, etc 2. Actual costs might vary depending upon final specification

Page 123 of 124 SADKN Portal Guidelines Report

Annexure X – An Indicative Country-wise Costing for National Focal Point (NFP)

Country wise costing at NFP (All Cost In US$) Sri India Pakistan Bangladesh Lanka Nepal Bhutan Maldives Afghanistan Manpower ( @ 750 per Month) 9000 9000 9000 9000 9000 9000 9000 9000 Hardware (Desktop, Printer, Scanner, UPS) 1000 1000 1000 1000 1000 1000 1000 1000 Content Developm ent 7000 5000 5000 5000 2000 2000 2000 2000 Total 17000 15000 15000 15000 12000 12000 12000 12000

Grand Total cost For all SAARC Member is USD 110,000

Page 124 of 124