Eurostat ESS.VIP programme architecture Eurostat [email protected].
1 ESSnet workshop Eurostat Vision infrastructure project : SICON - Secured Infrastructure or...
-
Upload
marlene-gibson -
Category
Documents
-
view
216 -
download
1
Transcript of 1 ESSnet workshop Eurostat Vision infrastructure project : SICON - Secured Infrastructure or...
1
ESSnet workshop
Eurostat Vision infrastructure project :
SICON - Secured Infrastructure or CONfidential data access and sharing
Jean-Marc Museux Eurostat Unit B2 – Methodology and research
2
VIP SICON (1)
The overall aim of the project is to develop and establish a pilot of infrastructure, services and documentation for accessing EU confidential datasets held in Eurostat by external partners, mainly NSIs in view of integrating MS and Eurostat processes.
Technological and security dimension
3
VIP SICON (2) – project dependencies
Main related projects for pilot phase• EGR Euro Group Register• DASP Decentralised Access for Scientific Purposes
Other possible uses• Transport Statistics Information System• Webservice for SAS based production system (GSAT)• Service for EU data validation (Eurostat Editing Building
Block, National Account production system)• Teleworking in Eurostat
4
VIP SICON (3) – projects constraints
Clients requirements - Analysis starts with detailed review of user needs and functional specifications
Legal constraints Use of coorporate tools and service at Commission
level Outsourcing IT technical expertise and service
(s)Testa
Secure GatewayTESTA 2
Secure GatewayTESTA 1
DMZ CITRIX TESTA
Other DMZ or SNET
Application ServerSINCOM
Application Server ESTAT
DMZ CITRIX - RCNET
Web InterfaceInternet 1
Web InterfaceInternet 2
Web InterfaceTESTA 1
Web InterfaceTESTA 2
XenAppServer 1
XenAppServer 2
XenAppServer 3
XenAppServer 4
Reverse ProxyTESTA
DMZ TESTA
Internet
Secure GatewayInternet 2
Secure GatewayInternet 1
DMZ CITRIX Internet
Reverse ProxyInternet
DMZ Internet
Agency X
https://citrixprod1.cec.eu-admin.net https://citrixprod1.ec.europa.eu
Commission corporate service
Commission SEC ETAT SEC
6
VIP SICON (4) – project status
Kick-off meeting in July 2011 Users Need analysis (mainly EGR technical
requirements) Proposed model and schema for the secure
infrastructure provides January 2012 : first test with EGR April 2012 : test with DASP
Proposed Model & Schema for SICON
IE/Firefox
IPSec
Apache
Web Logic
End user Internet Rachel
Firewall Restricted Data
Files
Database IPsec Server
Application Server
Proposed Model & Schema for SICON PRO & CONS
PROS– Mains security needs are satisfied– Use only existing commission software
CONS– Triple Identification– No Web services– Opening outgoing channels is not recommended– Maintance costs
10
NEW BUSINESS PROCESS
MS collect and send micro data to Eurostat Eurostat and MS prepare micro data for research use
----------------------------------------------------------------------- Eurostat receive and process request (MS custodians) Eurostat configure researcher environment on secured
server MS RDC establishes connection with Eurostat server Researcher performs statistical analysis MS RDC staff check output