Introduction
Welcome to the openNCP installation overview for using OpenNCP.
OpenNCP is epSOS NCP software publicly available under Open Source licensing. Acts as a bidirectional technical, organisational and legal interface between the existing different national functions and infrastructures and also acts as a mediator as far as the legal and regulatory aspects are concerned.
OpenNCP Community is an open group of people orchestrated by an agile software development methodology conducting effort on designing, coding, testing and delivering OpenNCP software.
Joinup is a collaborative platform created by the European Commission and funded by the European Union via the Interoperability Solutions for Public Administrations (ISA) Programme.
All provided OpenNCP software components are exclusively licensed under the ASL v.2 scheme. Developers of software components are given the responsibility to check that no other licensing rights pertain to any elements embedded or related to a newly developed component, particularly but not limited to libraries.
PNs and other enquirers are responsible in co-operation with the OpenNCP community, to ensure that the licenses of all open source components used in the project are compatible with the purpose and scope of the project
System Requirements
Typical Hardware Requirements
- 2 GHz Xeon Processor or equivalent
- 20 GB Storage
- 4 GB Memory
Suggested Software Requirements
- Linux or Microsoft Windows Operating System
- Oracle Java SE Development Kit 7 (jdk7u15 or later)
- Apache Tomcat 6.0.x or 7.0.x
- Openswan 2.6.x for IPsec
- Relational Database
Overview of OpenNCP components
OpenNCP consists of the following components which are available for download at JoinUp.
Protocol Terminators
The core of OpenNCP is the Protocol Terminators and consists of these two components:
- epsos-ws-server - Server Side (Country A)
- epsos-client-connector - Client Side (Country B)
These components are packaged as web applications and are deployed to a servlet container such as Tomcat.
IPsec
Communication between NCPs is secured using HTTPS over IPsec. Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet. IPsec must therefore be installed on the NCP server. A common implementation of IPsec for Linux is Openswan.
TRC-STS
This component is a "Security Token Service" (STS) for issuing a “Treatment Relationship Confirmation” (TRC) Assertion. It is another web application that is deployed to Tomcat.
TSL-sync
TSL-sync connects to Central Services and downloads the Trusted Service List (TSL) and configurations about the other Participating Nations. It is a web application deployed to Tomcat.
TSAM-sync
The Terminology Service Access Manager (TSAM) Synchronizer is another OpenNCP component. It is a standalone jar file with configuration files and a start script. This application is scheduled on a daily basis and will download terminology data from the Central Services repository into the local database.
OpenATNA
OpenATNA is an implementation of the Audit Trail and Node Authentication (ATNA) profile. This component is installed to a directory and started as a background process.
Database
A local database is required for storage of the following information:
- ATNA audit messages
- Electronic Automatic Data Collection (eADC) records
- TSAM data
- TSL data
- Configuration settings for OpenNCP and portal
Portals
There is a choice of two web portals:
- OpenNCP Portal (deployed on Liferay Community Server)
- epSOS-Web (deployed on Tomcat)
More information
The purpose of this document is to give an overview of the OpenNCP components and installation. For further information refer to the OpenNCP Installation Manual