Sonnenglanz Consulting BV CPA Management Idea s for large-scale

Sonnenglanz Consulting BV CPA Management Idea’s for large-scale deployments E. J. Van Nigtevecht Sonnenglanz Consulting BV 28 September 2010 1

Sonnenglanz Consulting BV Large scale deployments • Principles (1) – Participants register (technical) information about their messaging capabilities. For instance: the URL of the eb. MS endpoint, its public certificates or references to an LDAP containing that information, contact information, use of Intermediates, use of SSLoffloading, which eb. MS version is supported, notification channels, . . . Let’s call this a participant profile. – Participants can have several channels by which the system (or other participants!) can notify that participant. Examples: SMTP, eb. MS, Web-Application (via notification after a login), Web. Service. (The channels will have a predefined interface. ) – Relationships between Business Processes, collaborating partners, and CPA’s (CPP, CPA-template as well) will be stored in the central registry to enable the (re-) creation of CPA’s at any time. 28 September 2010 2

Sonnenglanz Consulting BV Large scale deployments • Principles (2) – A Specification Authority is able to register business processes. – The Specification Authority defines how the business process can be used, such as: • After Approval by the Specification Authority • Between Collaborating Partners (for instance by signing the CPA; it’s the responsibility of the partner to validate the signature before engaging the collaboration!) – A system should generate the CPA, CPA-template or CPP, based on the information in the registry! – The creation of a CPA can be initiated by several events. Examples: “New Collaboration between participant A 134 and B 9082”, “CPA End-Data Reached for CPA ID 7031843”, “New Certificate Participant XYZ” (due to an updated participant profile), etc. . . 28 September 2010 3

Sonnenglanz Consulting BV Large scale deployments • Principles (3) – Participants are identified by their party. Id and party. Id. Type. – Participants have to be authenticated, allowing different methods depending on the access channel. Examples: • eb. MS messages: an organisation X. 509 certificate • web-access to the registry: an Open. ID based on STORK level 2. – Participants can ‘join’ and ‘leave’ collaborations based on predefined business processes. An approval phase should be possible, if required. – Participants can ‘initiate’ a collaboration by inviting others. 28 September 2010 4

Sonnenglanz Consulting BV Actor = Business Partner Determine Partner Information Authenticate Partner Registry / Repository Partner Profile - Organisation - Name - Address - Phone numbers - Email - Party Id - Transport Capabilities (SMTP, HTTP) - Authentication & Transport Certificates (Public Keys) - Local Infrastructure (SSL-offloading, Intermediary, . . . ) - Notification Channel Capabilities (SMTP, eb. MS, . . . ) 28 September 2010 Partner Registration Partner Information 5

Sonnenglanz Consulting BV Actor = Specification Authority Define Business Process Authenticate Specifier Provide an e. BBP, containing - Business Process Identification - Services - Roles - Actions - Business Document Specifications -. . . 28 September 2010 Register Registry / Repository Business Process Business Process Registration 6

Sonnenglanz Consulting BV Selection Business Process Actor = Business Partner Registry / Repository Business Process Partner CPP - Search / Select Business Process - Provide Business Process Identification - Provide Selected Roles - Provide Selected Services (if needed) - Provide Selected Actions (if needed) -. . . CPP CPP Selection Business Process + 28 September 2010 Partner Information = CPP Join Authenticate Select Business Process Partner Information CPP Join Business Process The relationship between - Business Partner - Business Process is registered to enable the automated update of CPA’s whenever needed. An approval phase by the Specification Authority could be included. 7

Sonnenglanz Consulting BV Actor = Business Partner or Specification Authority Select (Other) Partner(s) Authenticate Partner Initiate Registry / Repository Collaboration Partner Information Business Process - Search / Select Business Process or CPP - Provide Business Process or CPP Identification - Provide Other Partner Identification 1 - Provide Other Partner Identification 2 - Provide Other Partner Identification 3 - Provide Selections (if needed). . . Partner Information Selection The relationship between the collaborating partners is registered to enable the automated update of CPA’s whenever needed. The other partners receive an invitation, which can be accepted by joining the Business Process or, in case they are already joined, by providing an explicit “Accept” response. 28 September 2010 Initiate Collaboration 8

Sonnenglanz Consulting BV Actor = Coordinator Event “Initiate Collaboration” Determine Partners On Event “Initiate Collaboration”: - Determine Business Process or CPP Identification - Determine Partners and corresponding Invitation Channels - Determine Selections (if needed) - Create Invitations - Set Timing Contraints - Send Invitations via Channels. . . 28 September 2010 Registry / Repository Partner Information Business Process Send Invitations Partner Information Selection Invite Partners 9

Sonnenglanz Consulting BV Actor = Business Partner Authenticate Invitation Partner Event “Invitation” Response CPA - Search / Select Collaboration Invitation (for instance: a link in an e-mail. . ) - Provide Accept/Reject status - Provide Selected Roles (if needed) - Provide Selected Services (if needed) - Provide Selected Actions (if needed) - Create Invitation Response. . . CPA CPA Selection CPP 1 + 28 September 2010 CPP 2 = Registry / Repository CPA Accept Collaboration On acceptance, the Partner Information is used to create the CPP (or select, if already available). The CPA’s are derived and distributed to the partners (including the initiator) by the Coordinator. 10

Sonnenglanz Consulting BV Actor = Business Partner Accept CPA Authenticate Registry / Repository Partner - Search / Select CPA’s - Specify Trusted Partners - Retrieve CPA’s - Configure eb. MS Adapter. . . Retrieve and Validate CPA Configure eb. MS Adapter CPA CPA CPA’s are retrieved and processed by the local partner to enable the eb. MS adapter. 28 September 2010 Accept CPA 11

Sonnenglanz Consulting BV Actor = Business Partner Authenticate Create Updated Profile Update Partner Profile Partner CPA Specify changes, for example - Provide Changed Certificate(s) and/or - Provide Changed URL and/or - Provide Change Party Id and/or. . . CPA Selection + 28 September 2010 CPP 2 = Partner Information CPA - Search / Select Partner Information CPP 1 Registry / Repository CPA Initiate Update On acceptance, new CPA’s are derived and distributed to the partners (including the initiator) whenever needed. An update could also be initiated by the Coordinator for instance when a CPA becomes invalid due to the “End Data” attribute. 12

Sonnenglanz Consulting BV Registry / Repository CPP Partner Information Business Process CPA CPP Process Business CPP Selection CPA Information Partner CPA Information 28 September 2010 CPP Process Partner Information Partner CPP Partner Information Registry / Repository 13

Sonnenglanz Consulting BV Selection Business Process + Partner Information = Selection CPP 1 CPP + CPP 2 = CPA Selection Business Process 28 September 2010 + Partner Information CPA Creation = CPA 14

Sonnenglanz Consulting BV Distibute CPA to. . . Request CPA with. . . Create CPA GP Business Process CPA Publish Partner Information GP Partner Information Publish Reg/Rep Publish Join Business Process GP Publish GP Partner Information GP GP 28 September 2010 15

Sonnenglanz Consulting BV Specifier (3) Register Business Process (11) (10) (4) (7) Initiate Collaboration Accept CPA Invitation Response Accept CPA (1) Partner A (2) Register Partner Registry / Repository (8) Event “Finish Collaboration” Register Partner (5) Event “Initiate Collaboration” Partner B (6) Inviate Collaboration Coordinator (9) CPA Created 28 September 2010 (9) CPA Created 16

Sonnenglanz Consulting BV Specifier Partner A (4) Accept CPA (3) Update Collaboration (5) Registry / Repository Accept CPA (1) Event “CPA End Date Reached” Or “Partner Information Changed” Partner B (2) Update Collaboration Coordinator 28 September 2010 17