<p> <Project Name> Solution Architecture – Preliminary Solution Design ■Gate 2</p><p>Date: <dd/mm/yyyy> Version: <nn.nn></p><p><Company Name> <Company Logo> ■Gate 2 Solution Architecture Submission for <Project Name></p><p>1 Preliminary Solution Design Change Log</p><p>Any moderate or significant changes to the solution design must be resubmitted to TSG for review and approval prior to making any actual implementation change(s). In most cases, the review and approval of any changes would be performed internally within TSG.</p><p>Notes: 1. Use of a word processing automated change tracking feature is required when resubmitting this document in order to simplify the review and approval process. Once a version of the document has been approved, then that version of the document should be saved for archival purposes. Prior to submitting a new version of the document, all prior tracked changes should be accepted. This process for resubmission can then be repeated as many times as necessary until the final approval has been issued. 2. Failure to resubmit changes for review and approval could result in a recommendation by TSG that the project approval status be reconsidered. If there are any questions as to whether or not a change is substantive enough to warrant review and approval, please send an email on [email protected] for clarification. 3. Maintain a summary of changes in the table below.</p><p>Change Log Summary – Description Version Date (For instructional purposes examples have been provided) <Included further information within the Development <2.0> <04/10/2011> Quality Description section> (Note: this entry is for (Note: this entry is for (Note: this entry is for instructional purposes) instructional purposes) instructional purposes) ■Gate 2 Solution Architecture Submission for <Project Name></p><p>2 Preliminary Solution Design</p><p>The Preliminary Solution Design Section has been designed to capture only the most essential information required to obtain Preliminary Design approval. While the items listed are not intended to be an exhaustive list of the possible technologies that may be utilized in the implementation of an application, it does reflect some of the more common choices as well as important items that should be considered during the design phase.</p><p>2.1 Preliminary Solution Checklist</p><p>Disclaimer: Any technologies listed below have been provided solely for convenience, the information provided is not intended to be exhaustive nor does it indicate product endorsement by TSG.</p><p>Preliminary Solution Checklist Responses – Select all that apply</p><p>Development Approach  Commercial Off The Shelf (COTS):   Free Libre‘ Open Source Software (FLOSS):   Commercial Open Source:   Custom/Bespoke: </p><p>(Note: Customizations to COTS or FLOSS solutions must be limited to 10% and be fully supported in future releases or versions) Software Licenses  Specify the license frameworks that have been agreed upon (including any IPR arrangements): <Insert license agreement terms> (NOTE: Specify License Framework. Such as GPLv3, EUPL, LGPL, BSD, MITA IPR, etc)  Specify how other dependent software required by the solution (such as Operating Systems / Application Servers / Database Servers including any Client Access Licenses (CALs) ) shall be procured: <Insert source of procurement> Web Based Is the solution web based?   If not web based, is it virtualizable? </p><p>(NOTE: For non web based solutions indicate if the desktop application can be abstracted via virtualization) Architectural Approach  SOA:   3/N Tier:   Other: <Insert other architectural approaches> Processing Type  OLTP:   OLAP:   Other: <Insert other processing types> Development Platform  J2EE:  Version: <Insert version>  .NET:  Version: <Insert version>  Other: <Specify other> Version: <Insert version></p><p>Solution Architecture Document Template Version: 3.0 Page 1 Malta Information Technology Agency - Technology and Systems Governance Telephone: (+356) 21234710 Fax: (+356) 21234701 Website: www.mita.gov.mt ■Gate 2 Solution Architecture Submission for <Project Name></p><p>Preliminary Solution Checklist Responses – Select all that apply</p><p>Architectural Framework(s)  STRUTS:   JATO:   JSF:   Other: <Insert other architectural frameworks> Architectural Pattern(s)  MVC:   Factory:   Controller:   Data Access Object:   Other: <Insert other architectural patterns> Application Communication Service Interface: Technologies  Web Services (HTTP, XML, SOAP, WSDL, UDDI):  (Within the Solution Domain) o Public Facing:  o Internal Facing:   Messaging /Message Queuing: </p><p>Platform Specific:  .NET Remoting:   EJB/RMI – IIOP: </p><p>Other: Insert other platform specific communication technologies> Solution Integration  XML:  Technologies  Web Services:  (Both for service provisioning and service consumption)  Messaging:   EDI:   CORBA:   IIOP:   Adaptors:   Secure FTP:   Proprietary API:  Via: <Insert proprietary API name including link to documentation>  Other: <Insert other solution integration technologies></p><p>(Note: Kindly fill in the Service Contract/Adapter Definition template (Refer to Appendix A), to include any additional information with respect to the service/s being offered through the solution)</p><p>Solution Architecture Document Template Version: 3.0 Page 2 Malta Information Technology Agency - Technology and Systems Governance Telephone: (+356) 21234710 Fax: (+356) 21234701 Website: www.mita.gov.mt ■Gate 2 Solution Architecture Submission for <Project Name></p><p>Preliminary Solution Checklist Responses – Select all that apply</p><p>Security Technologies In case of websites, illustrate how the solution will be secured against:  SQL Injection: <Insert information here>  Cross Site Scripting: <Insert information here>  Other: <Insert information here> (Ensure that the solution is inline with OWASP top 10 https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project )</p><p>Secure Authentication: <Insert information here> (How is the user authentication process secured? What authentication mechanism and security level is being proposed? What technologies are being proposed? Please highlight the authentication mechanism and level used for each respective user type and role)</p><p>Secure transport: <Insert information here> (How is data secured in transit? What technologies/mechanisms are being proposed?)</p><p>Secure Storage: <Insert information here> (How is data secured when persisted? What technologies/mechanisms are being proposed?)</p><p>(Provide the security technologies which have been used in the mentioned contexts. The government adopted specifications related to Encryption and signing algorithms can be found on http://ictpolicies.gov.mt/) Solution Capacity Growth State the envisaged capacity growth for the solution in terms of the following:</p><p> Network Bandwidth (Intra/Internet): <Insert envisaged bandwidth growth>  Storage (DBMS/File System/Entire VM Image): <Insert envisaged storage growth>  <How can the solution scale horizontally and vertically? > (Scale horizontal or scale out is the process of adding more nodes to a system. For example: a single web server system is scaled out to a three web server system. Scale vertical or scale up is the process of adding more resources to a node. For example: adding memory to a single server)</p><p>(Note: this section is associated with the Estimated Total Number of Consumers, Estimated Total Number of Concurrent Consumers and Estimated Annual Customer Growth Rate sections in Gate 1) Business Domain Specify whether the application will make use of Protocols/Standards protocols/standards which are mandated by the business domain through either best practices, legal mandate or EU law/directive/outcome: (e.g.HL7 for the health Industry)</p><p><Insert standards/protocols including brief description></p><p>Solution Architecture Document Template Version: 3.0 Page 3 Malta Information Technology Agency - Technology and Systems Governance Telephone: (+356) 21234710 Fax: (+356) 21234701 Website: www.mita.gov.mt ■Gate 2 Solution Architecture Submission for <Project Name></p><p>Preliminary Solution Checklist Responses – Select all that apply</p><p>Performance Requirements Please specify any performance requirements related to the following classes of performance clearly highlighting the scenario, the value and unit of measurement, method of measurement.</p><p> Response times: <Insert response time, unit and method of measurement> (How fast the solution handle individual requests, what a real user would experience)  Throughput: <Insert response time, unit and method of measurement> (How many requests the solution can handle)  Concurrency: <Insert response time, unit and method of measurement> (How many users or threads work simultaneously)</p><p>(Note: Fill as deemed necessary) Application Backup Full Backup:  Requirements  Daily:   Weekly: </p><p>Incremental Backup:   Hourly:   Daily:   Weekly:  Production Availability Scheduled Downtime: Expectations on a monthly basis  Hours: <Insert number of hours>  Minutes: <Insert number of minutes></p><p>Service Restoration:  Hours: <Insert number of hours>  Minutes: <Insert number of minutes> Electronic Identity (eID) Citizen authentication level required: (This section should only be populated if  Username and Password:  the solution will make use of eID)  Username, Password and Certificate: </p><p>Select all the relevant options:  Business Authentication:   Support Service Delegation:   Support Agent Functionality: </p><p>(eID developer’s toolkit is accessible from the following address: https://www.mita.gov.mt/page.aspx?pageid=258)</p><p>Solution Architecture Document Template Version: 3.0 Page 4 Malta Information Technology Agency - Technology and Systems Governance Telephone: (+356) 21234710 Fax: (+356) 21234701 Website: www.mita.gov.mt ■Gate 2 Solution Architecture Submission for <Project Name></p><p>Preliminary Solution Checklist Responses – Select all that apply</p><p>Government Public State if the solution requires to authenticate public service Administration Federated employees:  Authentication (GPA IDP) (This section should only be populated if (Please note that the GPA IDP returns the following attributes upon successful the solution will require to authenticate authentication (outgoing claims): Public Service Employees)  Name, (e.g. Joe)  Surname, (e.g. Borg)  Email address (e.g. [email protected]) and  User account name. (e.g. [email protected]))</p><p>(The user account name should be used as the user unique identifier)</p><p>(The Government Public Administration Federated Authentication guidelines is accessible via the following address: https://www.mita.gov.mt/MediaCenter/PDFs/1_TSG-GDL-Government %20Public%20Administration%20Federated%20Authentication%20Guidelines- v1.0.pdf) myBills The solution will: (This section should only be populated if  Make use of myBills Hosted Payment Page:  the solution will make use of myBills)  And shall fully integrate with myBills: </p><p>(Have a look at the Electronic Payment Policy accessible via the following address: https://www.mita.gov.mt/MediaCenter/PDFs/1_GMICT_P_0105_Electronic_Pay ments_v1.0.pdf)</p><p>(myBills developer’s toolkit is accessible from the following address: https://www.mita.gov.mt/page.aspx?pageid=261) Mobile Government (mGov) With regards to the use of mGov, select all the relevant options (This section should only be populated if from below: the solution will make use of mGov)  Sending messages:   Sending and receiving messages:   Sending bulk mobile messages:   Sending bulk electronic messages: </p><p>(Have a look at the Mobile Messaging Service Policy accessible via the following address: https://www.mita.gov.mt/MediaCenter/PDFs/1_GMICT_P_0107_Mobile_Messa ging_Service_v1.0.pdf)</p><p>(mGov developer’s toolkit is accessible from the following address: https://www.mita.gov.mt/page.aspx?pageid=262)</p><p>2.2 Development Quality Description</p><p>The Development Quality Description section has been designed to capture how quality aspects such as portability, maintainability, extensibility, supportability and re-usability shall be reflected in the software part of the proposed solution.</p><p>Solution Architecture Document Template Version: 3.0 Page 5 Malta Information Technology Agency - Technology and Systems Governance Telephone: (+356) 21234710 Fax: (+356) 21234701 Website: www.mita.gov.mt ■Gate 2 Solution Architecture Submission for <Project Name></p><p>Portability <Insert information on the portability of the solution></p><p>(The ability for a solution to be migrated/installed on a different environment other then the original one, without the need of any code changes) Maintainability <Insert information on the maintainability of the solution></p><p>(Ease of extending the solution functionality, fixing of errors etc) Extensibility <Insert information on the extensibility of the solution></p><p>(The ability for the solution to be extended with ease and with minor modifications (future proof solution)) Supportability <Insert information on the supportability of the solution></p><p>(The ability for the solution to be more efficient in terms of product maintainability thus reducing operational costs (installation, configuration and monitoring) maintaining business continuity) Re-usability <Insert information on the re-usability of the solution></p><p>(The ability to use modified or unmodified solution components (subroutines etc) in other solutions)</p><p>2.3 Preliminary Solution Design Description</p><p>Provide a diagram (or diagrams) with corresponding narrative that depicts an accurate and detailed description of the preliminary design for the entire application. The design must document how each of the requirements specified in the conceptual design will be logically accomplished. The preliminary design must align with the Principles, Practices, and Standards that are published in the http://ictpolicies.gov.mt and https://www.mita.gov.mt/edev portals respectively.</p><p>At this point, properties such as scalability, availability, and security posture should be reflected. External network connection speeds (for both the citizen and employee) should be documented. The supporting application should perform at acceptable levels when utilizing lowest common access speeds. Specify any known hardware and software details (brand, model, version, etc) for clients, servers, and other network infrastructure; programming languages selected, and deployment location (i.e. server location where code is deployed). Interfaces must be identified.</p><p>Solution Architecture Document Template Version: 3.0 Page 6 Malta Information Technology Agency - Technology and Systems Governance Telephone: (+356) 21234710 Fax: (+356) 21234701 Website: www.mita.gov.mt ■Gate 2 Solution Architecture Submission for <Project Name></p><p>Line of Business Application – Logical Design</p><p>Transaction Zone 3 Zone 0/1 Zone 2 Zone (Hardened Internal Internet (Internal Network) l</p><p> l (Hardened DMZ) Network) a w l e</p><p>VPN l</p><p> r VPN VPN VPN l i l a a F w</p><p>Citizen w e e r e i n r</p><p>(5000 i o F r</p><p>F Z e</p><p>2</p><p> c</p><p>3</p><p>Transactions n</p><p>Employee n e</p><p> o DB e a i n l t n</p><p>Web o a Per day c Desktop Appl. o Z</p><p> a Server B Z</p><p> s Server d n (N=300) Server</p><p>SSL a</p><p> a (Mirror) r o T L (Cluster)</p><p>Remote Zone 3 Firewall Access VPN VPN Identity Common Payment Employees Service Access EDI Service (N=50) Broker Management (CC and ACH) System Dedicated Circuit VPN WAN Field External External Credit Employees Business Agency Card (N=100) Partner Application Authorization SAMPLE</p><p>2.4 Solution Architecture Quality Description</p><p>The Service Quality Description section has been designed to capture how quality aspects such as Performance/Throughput, Security, Integrity, Reliability, Availability, Scalability, Manageability, Serviceability and Recoverability shall be reflected in the proposed solution. Fill in the applicable section hence reflecting how the solution shall be delivered.</p><p>Note: this section should provide information for both the hosting environment and solution’s areas.</p><p>Performance/Throughput  Response times: <Insert information on the response times of the solution> (How fast the solution handles individual requests in terms of user experience)  Throughput: <Insert information on the throughput of the solution> (How many requests the solution can handle)  Concurrency: <Insert information on the concurrency of the solution> (How many users or threads work simultaneously)</p><p>(Specify the mechanism/s that the solution uses to achieve/support the above mentioned factors where applicable) Security  Authentication: <Insert information here> (The substantiation of the identity of a person or entity related to the solution in some way).  Authorization: <Insert information here> (The definition and enforcement of permitted capabilities for a person or entity whose identity has been established)</p><p>Solution Architecture Document Template Version: 3.0 Page 7 Malta Information Technology Agency - Technology and Systems Governance Telephone: (+356) 21234710 Fax: (+356) 21234701 Website: www.mita.gov.mt ■Gate 2 Solution Architecture Submission for <Project Name></p><p> Audit: <Specify whether the application (i) will be carrying out auditing, (ii) which actions will be audited, (iii) what audit data will be stored and (iv) where will the audit data be stored> (The ability to provide forensic data attesting that the solution was used in accordance with stated security policies)  Assurance: <Insert information here> (The ability to test and prove that the solution has the security attributes required to uphold the stated security policies)  Asset Protection: <Insert information here> (The protection of information assets from loss or unintended disclosure, and resources from unauthorized and unintended use)  Administration: <Insert information here> (The ability to add and change security policies, add or change how policies are implemented in the solution, and add or change the persons or entities related to the solution)</p><p>(Specify the mechanism/s that the solution uses to achieve/support the above mentioned factors) Integrity <Insert information here></p><p>(The capability for an application to bring data or a function from one application program together with that of another application program)</p><p>(Specify the mechanism/s that the solution uses to achieve/support the above mentioned factors) Reliability <Insert information here></p><p>(The ability for a solution to be aware of the hardware and software components to determine where and why failure is high and consequently is able to apply actions in order to reduce failure)</p><p>(Specify the mechanism/s that the solution uses to achieve/support the above mentioned factors) Availability <Insert information here></p><p>(The ability of the solution to function without service interruption or depletion despite abnormal or malicious events)</p><p>(Specify the mechanism/s that the solution uses to achieve/support the above mentioned factors) Scalability <Insert information here></p><p>(A property of a solution or process, which indicates its ability to either handle growing amounts of work (in terms of work load capacity – computational power etc) in a graceful manner or the ability and ease of enhancing the solution to handle new requirements)</p><p>(Specify the mechanism/s that the solution uses to achieve/support the above mentioned factors) Manageability The building blocks of manageability can be viewed as:</p><p>Solution Architecture Document Template Version: 3.0 Page 8 Malta Information Technology Agency - Technology and Systems Governance Telephone: (+356) 21234710 Fax: (+356) 21234701 Website: www.mita.gov.mt ■Gate 2 Solution Architecture Submission for <Project Name></p><p> Deployable: <Insert information here> (Solution deployment (moving or replication of information or binaries) aspects)  Diagnosable: <Insert information here> (Ability for Solution to provide auditing functionality to enable easy tracing and diagnosis of errors/issues)  Disaster-recoverable: <Insert information here> (The ability for the solution to recover from run-time crashes; considerations should also include data recovery aspects)</p><p>(Specify the mechanism/s that the solution uses to achieve/support the above mentioned factors) Serviceability <Insert information here></p><p>(The ease and extent of changes that can be affected without interrupting the application and the environment, consequently affecting availability)</p><p>(Specify the mechanism/s that the solution uses to achieve/support the above mentioned factors) Recoverability <Insert information here></p><p>(The ability towards a fast, easy, and reliable recovery of business data from virtually any disruption or event)</p><p>(Specify the mechanism/s that the solution uses to achieve/support the above mentioned factors)</p><p>Solution Architecture Document Template Version: 3.0 Page 9 Malta Information Technology Agency - Technology and Systems Governance Telephone: (+356) 21234710 Fax: (+356) 21234701 Website: www.mita.gov.mt ■Gate 2 Solution Architecture Submission for <Project Name></p><p>Appendix A – Service Contract/Adapter Definition</p><p>Section 1 – Functional</p><p> Consumption Information <How is the service going to be consumed?></p><p>(Example: The service provides an SMTP relay from the consumer to gov.mt domains and other domains registered through ICANN domain registration services, including subdomains and have the appropriate Mail Exchanger DNS Mechanisms in place.</p><p>The transmission of data through the consumption of this service is not secured through the use of TLS/SSL certificates; therefore it is the responsibility of the consumer to encrypt data.</p><p>User authentication for each connection is not required.</p><p>Sender domain must be valid and defined by MITA.</p><p>Access control is configured through Firewalls at the Segregated Environment Edge.</p><p>Each message is scanned against a list of viruses and malicious content)</p><p> Interfaces provided <Provide technical information on how the service can be accessed></p><p> Standards <Provide the standards which are relevant to the provisioning of the service within the table below></p><p>Standard Information <Example: SMTP> <Example: http://tools.ietf.org/html/rfc5321> <Example: TLS/SSL> <Example: http://tools.ietf.org/html/rfc5246> <Example: DNS> <Example: http://www.ietf.org/rfc/rfc1035.txt> <Example: SNMP> <Example: http://www.snmp.com/protocol/></p><p> Location of Documentation <Provide the technical design, including interfacing documentation and architecture blueprint of this adapter></p><p>Section 2 – Other Terms of Usage</p><p> Transactional <If the adapter is designed to support transactions provide the process of how it remediates in case of failure></p><p> Service Level Terms and Conditions <Provide the Service Level Agreements (SLAs) and other terms and conditions related to the consumption of this service></p><p>(Example: The adapter is monitored through MITA central monitoring services via SNMP. The uptime availability is available through the MITA hosting services. Each consumer should not send more than 10 mails per second when messages do not exceed 10 Kilobytes each.</p><p>Solution Architecture Document Template Version: 3.0 Page 10 Malta Information Technology Agency - Technology and Systems Governance Telephone: (+356) 21234710 Fax: (+356) 21234701 Website: www.mita.gov.mt ■Gate 2 Solution Architecture Submission for <Project Name></p><p>Consumers abusing the system will be disconnected without notice)</p><p> Quality of Service <Specify the quality checks that will be carried out during the design, development and deployment of this adapter?></p><p>(Example: This adapter was designed according to IETF specifications and best practices. It is based on IP protocols to ensure scalability and re-usability. The implementation is controlled by the MITA Change Management process)</p><p> Auditing Information <Specify the auditing mechanisms provided by the adapter, including the data elements that are recorded for auditing purposes. Include the Data Protection measures that are in place according to GMICT policy and legislation></p><p> Defined processes <Specify the processes which are available in order to apply for usage, disconnection or modifications of this adapter, as well as processes related to the consumer accessibility to the adapter></p><p>(Example: Requests for consumption of this adapter are controlled by MITA. A change request is required to open port 25 from the Segregated Hosting Environment to the service as defined under interfaces.</p><p>Requests for access to the adapter are identified through the solution architecture to be presented according to the Solution Architecture Templates available at http://mita.gov.mt. Project Manager is responsible to trigger change management process)</p><p>Section 3 – Responsibilities</p><p>This section should provide information about the roles and persons responsible for the provision of the service through this adapter.</p><p>Responsible Role <Organisation-Team-Contact Info> Accountable Role <Organisation-Team-Contact Info> Consultative Role <Organisation-Team-Contact Info> Informative Role <Organisation-Team-Contact Info></p><p>Solution Architecture Document Template Version: 3.0 Page 11 Malta Information Technology Agency - Technology and Systems Governance Telephone: (+356) 21234710 Fax: (+356) 21234701 Website: www.mita.gov.mt</p>