The core of OpenNCP is the Protocol Terminators and consists of these two components:
These components are packaged as web applications and are deployed to a servlet container such as Tomcat.
Communication between NCPs is secured using HTTPS over IPsec. Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet. IPsec must be installed on the server, one example implemention for Linux is Openswan.
This component provides a Security Token Service (STS) for issing a “Treatment Relationship Confirmation” (TRC) Assertion. This is a web application that is typically deployed to Tomcat.
This is another web application that can be deployed to Tomcat. TSL-SYNC connects to Central Services and downloads the Trusted Service List (TSL) plus other information about the other Participating Nations.
The Terminology Service Access Manager (TSAM) Synchronizer is another OpenNCP component. It is a standalone jar file with some configuration files and a start script. This application is scheduled on a daily basis and will download terminology data from the Central Services repository into the local database.
OpenATNA is an implementation of the Audit Trail and Node Authentication (ATNA) profile. This component is installed to a directory and started as a background process.
A local database is required for storage of the following information:
There is a choice of two web portals:
The purpose of this document is to give a overview of the OpenNCP components and installation. For further information refer to the OpenNCP Installation Manual