The core of OpenNCP is the Protocol Terminators and consists of these two components:
These components are packaged as web applications and are deployed to a servlet container such as Tomcat.
Communication between NCPs is secured using HTTPS over IPsec. Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet. IPsec must therefore be installed on the NCP server. A common implementation of IPsec for Linux is Openswan.
This component is a "Security Token Service" (STS) for issuing a “Treatment Relationship Confirmation” (TRC) Assertion. It is another web application that is deployed to Tomcat.
TSL-sync connects to Central Services and downloads the Trusted Service List (TSL) and configurations about the other Participating Nations. It is a web application deployed to Tomcat.
The Terminology Service Access Manager (TSAM) Synchronizer is another OpenNCP component. It is a standalone jar file with configuration files and a start script. This application is scheduled on a daily basis and will download terminology data from the Central Services repository into the local database.
OpenATNA is an implementation of the Audit Trail and Node Authentication (ATNA) profile. This component is installed to a directory and started as a background process.
A local database is required for storage of the following information:
There is a choice of two web portals:
The purpose of this document is to give an overview of the OpenNCP components and installation. For further information refer to the OpenNCP Installation Manual