The core of OpenNCP is the Protocol Terminators. This consists of these two components
These components are packaged as web applications and are deployed to a servlet container such as Tomcat.
Communication between NCPs is secured using HTTPS over IPsec. Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet. IPsec must be installed on the server, one example implemention for Linux is Openswan.
This component provides a Security Token Service (STS) for issing a “Treatment Relationship Confirmation” (TRC) Assertion. This is a web application that is typically deployed to Tomcat.
This is another web application that can be deployed to Tomcat. TSL-SYNC connects to Central Services and downloads the Trusted Service List (TSL) plus other information about the other Participating Nations.
The Terminology Service Access Manager (TSAM) Synchronizer is another OpenNCP component. It is a standalone jar file with some configuration files and a start script. This application is scheduled on a daily basis and will download terminology data from the Central Services repository into the local database.
OpenATNA is an implementation of the Audit Trail and Node Authentication (ATNA) profile. This component is installed to a directory on the server and started as a background process.
A local database is used to store the following information:
The database stores the following information:
MySQL, Oracle and PostgreSQL databases have been tried and tested.
There is a choice of two web portals that can be installed
The purpose of this document is to give a overview of the OpenNCP installation. For more information please refer to the OpenNCP Installation Manual