Ref. Ares(2020)7898139 - 23/12/2020 Secretariat-General (SG) SG.DSG1.C.5 – Digital Solutions & Process Efficiency Architecture Overview Electronic Access to Commission Documents (EASE) Date:                  13/08/2020 Doc. Version:          4 RUP@EC Template V.5.0 Commission européenne, B-1049 Bruxelles / Europese Commissie, B-1049 Brussel - Belgium. Telephone: (32-2) 299 11 11. Office:    . Telephone: direct line (32-2)      . Commission européenne, L-2920 Luxembourg. Telephone: (352) 43 01-1.

Electronic Access to Commission Documents (EASE) Architecture Overview

Document Control Information

Si
Project Title: Electronic Access to Commission Documents (EASE)

Document Author:
Project Owner:

 

Project Manager:

Document Approver(s) and Reviewerls):

 

NOTE: All Approvers are required. Records of each approver must be maintained. All Reviewers in the
list are considered required unless explicitly listed as Optional.

Name Rle —— Adon —— |Dte

DC u
u

 

Document history:
The Document Author is authorized to make the following types of changes to the document without
requiring that the document be re-approved:

« Editorial, formatting, and spelling
«® Clarification

To request a change to this document, contact the Document Author or Owner.
Changes to this document are summarized in the following table.

Revision [Dete  [remtedy _____|shortDeseriptionoflhanges

04/12/2019 Revised after review of Compass Corporate
integration

19/06/2020 Update after review from development
contractor

 

Configuration Management: Document Location

The latest version of this controlled document is stored in https://myintracomm-
collab.ec.europa.eu/projects/SGISPM/PROJ_DOC%20%20EASE/Technical%20documentation/Architectu
re

 

RUP@EC Template V.5.0 Date: 13/08/2020 Version: 4 2/21

Electronic Access to Commission Documents (EASE) Architecture Overview Contents 1 INTRODUCTION ................................................................................................................................... 4 1.1 Purpose ............................................................................................................................................. 4 1.2 Scope ................................................................................................................................................ 4 1.3 Intended Audience ........................................................................................................................... 4 1.4 Overview of the document ............................................................................................................... 4 2 INFORMATION SYSTEM DESCRIPTION ................................................................................................. 5 2.1 Information System Position Statement ........................................................................................... 5 2.2 Information System Perspective ....................................................................................................... 6 2.3 Assumptions and Dependencies ....................................................................................................... 7 2.4 Information System Requirements and Quality Ranges ................................................................... 8 2.4.1 Availability .................................................................................................................................. 8 2.4.2 Usability ..................................................................................................................................... 8 2.4.3 Maintainability ........................................................................................................................... 9 2.4.4 Applicable Standards ................................................................................................................. 9 2.4.5 System Requirements ................................................................................................................ 9 2.4.6 Performance Requirements ..................................................................................................... 10 3 COMPLIANCE .................................................................................................................................... 10 3.1 Security Compliance ....................................................................................................................... 10 3.1.1 Security Statement .................................................................................................................. 10 3.1.2 Philosophy ................................................................................................................................ 11 3.1.3 Scope ........................................................................................................................................ 11 3.2 Document Management Compliance ............................................................................................. 11 3.3 Data Protection Compliance ........................................................................................................... 12 3.4 OLAF Compliance ............................................................................................................................ 12 3.5 Constraints (Optional)..................................................................................................................... 12 4 ARCHITECTURE OVERVIEW................................................................................................................ 13 4.1 Architectural Goals ......................................................................................................................... 13 4.2 Architecture Decisions .................................................................................................................... 13 4.2.1 Architecturally Significant Requirements ................................................................................ 13 4.2.2 Architectural Constraints ......................................................................................................... 13 4.2.3 General Findings and Recommendations ................................................................................ 14 4.3 Architecture Overview Diagram ..................................................................................................... 17 5 RE-USABLE ARCHITECTURAL ASSETS ................................................................................................. 19 APPENDIX 1: REFERENCES AND RELATED DOCUMENTS .......................................................................... 21 RUP@EC Template V.5.0                              Date: 13/08/2020                                     Version: 4                                       3 / 21

Electronic Access to Commission Documents (EASE) Architecture Overview 1 INTRODUCTION 1.1     Purpose This document provides an overview of the main conceptual elements of the Electronic Access to Commission Documents (EASE) components and their underlying relationships, which include candidate subsystems, components, nodes, connections, data stores, users and external systems. 1.2     Scope The scope is limited to the EASE components. Although some external systems are included in the document, the purpose of this is to illustrate the relationships between the EASE components and those systems. The architecture of those systems is out of the scope of the document. 1.3     Intended Audience This document’s intended audience is the IT governance team, the DIGIT data centre, the EASE development teams and the DIGIT solution architects. 1.4     Overview of the document The Information System Description chapter [§2] provides a high-level view of the Information System. The Compliance chapter [§3] describes how the system is compliant with the applicable standards and regulations. The Architecture Overview chapter [§4] explains the architecture of the EASE eco system. The Re-Usable Architectural Assets chapter [§5] lists all the building blocks and re-usable components used. RUP@EC Template V.5.0                    Date: 13/08/2020                  Version: 4                      4 / 21

Electronic Access to Commission Documents (EASE) Architecture Overview

2 INFORMATION SYSTEM DESCRIPTION

This section provides a high-level view of the Electronic Access to Commission Documents system, its
capabilities and interfaces with other applications.

2.1 Information System Position Statement

Public at large and EC access-to-documents coordinators
and case handlers

For the public at large: issue initial and confirmatory
applications for access to EC documents

EC access-to-documents coordinators and case
handlers: register, attribute and handle access-to-
documents requests

Will provide a new online portal through which citizens will
be able to submit access-to-documents requests, have an
overview of their previous requests, communicate
electronically with the Commission, search for the
previously disclosed documents etc.

Will provide EC access-to-documents coordinators and case
handlers a request management back-end that will
automate and improve the handling of requests, offer
improved search, statistics and reporting functionalities,
allow better deadline management, all while complying
with the necessary personal data protection requirements.

The GestDem system that currently supports the access-to-
documents process and the ColdFusion form on Europa
that allows the public at large to request access to
Commission documents, but not to track the advancement
or liaise with the Commission services that are handling the
request.

Will be in line with the European Commission Digital
Strategy [REF3] by providing the Commission and citizens
with a transparent, digital, efficient and user-centric
request management system and public portal.

our Information System

 

RUP@EC Template V.5.0 Date: 13/08/2020 Version: 4 5/21

Electronic Access to Commission Documents (EASE) Architecture Overview

2.2 Information System Perspective

The EASE information system is composed of three modules. Two web applications, one internal for
Commission staff and one external for the general public. These two modules are supported by a
common set of web services that implement the business, data access and integration logic. The third
module consists of back-end services that will support the web applications by providing access to the
database, implementing complex business logic and integrating with corporate services.

All modules will be developed by an extra-muros service provider (under DIGIT-XM QTM framework
contract), with the exception of a thin integration layer that will be developed by intra-muros service
providers (DIGIT-TM) (cf. AD-002).

It will be fully hosted within the DIGIT data centre based on standard hosting services and will leverage
the CNS, Corporate Search Service, Corporate eUl and EU Login components of the Reusable Solutions
Platform during the first phase of its deployment. It will then transition from its own instances of
Camunda to Compass Corporate and My Workplace after the move to production. The system will
integrate with the ePoetry and eTranslation set of translation services and Decide-Decision/Consultation
from 2022 onwards.

    
   
      

Messaging services EASE components Translation services

   
  

 

EASE back-end services

EASE request EASE public
management portal front-
es
Document front-end end Workflow services
management services
L
N

Business intelligence Security services

  
   
      

 

 

 

  

Corporate user Search services

interface

 

 

 

Figure 1 High-level context and component diagram

Connected with the
following information
systems / components

EASE Request SG corporate Web application based | Phase 1

Management System coordinators, on eUl that allows

(EASE-RMS) screeners and coordinators and case
attributors handlers to process
DG access-to- access to documents
documents requests in terms of
coordinators registering the request,
DG access-to- preparing the
documents documents and

request handlers drafting the reply for
Legal Service both initial and

®e EUloginfor
authentication

EASE API for
business logic and
integration

Qlik Sense to
display the
dashboards and
grant access to the

 

RUP@EC Template V.5.0 Date: 13/08/2020 Version: 4 6/21

Electronic Access to Commission Documents (EASE) Architecture Overview confirmatory                      reports application processes Phase 2    The UI will be integrated to the MyWorkplace ecosystem EASE Public Portal            Citizens and             Web application based            EU Login for (EASE-PP)                      organisations            on eUI/ECL that allows            authentication (students,               users to request access          EASE API for researchers,             to documents or                   business logic journalists,             searching for                     integration lobbyists…)              previously disclosed documents This will also be the main communication channel between the applicants and the Commission services that are handling the requests EASE API (EASE-API)           EASE-RMS                 Set of web resources          Phase 1     EASE-PP                  that allow both front-    EASE database end web applications    Workflow engine (EASE-RMS & EASE-PP) (Camunda) to integrate with corporate building               HRS blocks and to interact           ERS with EASE specific data          CNS    Corporate/Europa Search Service    SG NOVA (user management component & templating services) Phase 2    Workflow engine (Compass Corporate)    ePoetry    eTranslation    Decide- Consultation    Decide-Decision 2.3    Assumptions and Dependencies The current architecture solution proposal assumes the following:    That the Compass Corporate platform will be used to leverage the workflow task providers, the messaging infrastructure and reusable business-agnostic services.    That the MyWorkplace user interface framework may be used for the internal management system later. However, that the request management will be a stand-alone application at first.    That the public portal will adopt the DG COMM design language based on ECL components in alignment with the other Europa pages and information systems. RUP@EC Template V.5.0                   Date: 13/08/2020                    Version: 4                      7 / 21

Electronic Access to Commission Documents (EASE) Architecture Overview     That the main document repository will be the HAN family of services, but that some documents may be stored locally if they are not e-Domec compliant. The following components may not be immediately integrated but could be added later based on business prioritisation and availability of funds:     Translation services (provided by DGT): ePoetry to request official translations of outgoing correspondence and eTranslation for automatic translation of incoming correspondence.     Decide: in 2022 a project will be initiated to integrate Decide-Consultation/Decision into the confirmatory application process for DG/Legal Service consultations and for the adoption of confirmatory decisions. 2.4     Information System Requirements and Quality Ranges There are three main components for the EASE information system:     Request management system (EASE-RMS): request management web interface for Commission staff (SG/DG coordinators and case handlers).     Public portal (EASE-PP): public-facing web interface hosted on Europa that applicants use to search for disclosed documents and manage their applications.     APIs (EASE-API): set of interfaces that both the case management application and public portal rely on to retrieve and store information on the EASE business domain. 2.4.1 Availability Since the portal is a public application, it must be available at any time all year-round. The requirements for the request management system are less stringent because the system is required to be available during office hours.     EASE-RMS: standard availability requirements (Mon.-Fri., 8.00-18.00), with 99% uptime (21h54 possible downtime / 3 months).     EASE-PP: 24 hours a day, 7 days a week throughout the whole year, with 99% uptime (21h54 possible downtime / 3 months).     EASE-API: 24 hours a day, 7 days a week throughout the whole year, with 99% uptime (21h54 possible downtime / 3 months). 2.4.2 Usability As a web application, the public portal component will provide a web UI (User Interface) that adheres to usability standards of commonly available browser based application. As such:  The system will provide natural language search functionalities that will be on par (from a semantic perspective) with what nonprofessional users expect from a search engine.  The system will adhere accessibility standards put forth by the W3C WAI-ARIA Guidelines .               1 Note that these standards are already baked into the underlying UI frameworks the system will build upon; namely DIGIT’s eUI/ECL.  Proper user help material or documentation will be made available to the users for functionality that are identified as not being intuitive. Several rounds of usability tests were done on both web application prototypes, targeting specific user populations depending on the features that were being tested. The feedback from end-users was immediately integrated into the design. 1 https://www.w3.org/WAI/standards-guidelines/aria/ RUP@EC Template V.5.0                      Date: 13/08/2020                  Version: 4                      8 / 21

Electronic Access to Commission Documents (EASE) Architecture Overview

2.4.3 Maintainability

For both web applications, the architecture aims to have operational data and operational activities
served or driven from its database.

Key operational data that will be maintained in the database are:
® Jobschedules
® Staticreference data (language and country lists)
® Dynamic reference data (template types and categories)
«e Static texts’ translations and localized labels.

The Solution Provider and Business Manager will also have privileged access to an administration page
to manage user rights, document templates, localised labels and application runtime parameters.

A System Monitoring page and underlying component will be made available to record and visualize, in
real time, key performance, scalability and stability indicators of the API module.

Key system metrics that will be recorded are:
®e User counts over time
® Request counts over time
® _JVM Heap utilization over time
® _JVM Thread counts over time
® Job/Worker Queue sizes
« Slow queries
«e Slow services
® Error counts over time

Keeping track on these key metrics will allow for better understanding of problems when they occur and
for preventive measures to be taken when negative trends are identified.

2.4.4 Applicable Standards

The system will be compliant with data protection Regulation (EU) 2018/1725.
The system will be compliant with the Commission Decision (EU, Euratom) 2017/46 on IT
security.

® The business process model will be BPMN 2.0- compliant.

2.4.5 System Requirements

The EASE system will be fully hosted within the DIGIT data centre for acceptance and production
environments but will depend also on the contractor’s environments and AWS workspaces and servers
for development purposes.

The API gateway will help bridge the gap between the contractor’s development environments and the
corresponding integration of non-production APIs.

Üinfrastructureelement _[Predut _ [Management [Version |
LAMT stack Linux, Apache, MySQL & Linux (RHEL): 7.7

PeRIEER Apache web

server: 2.4.39

Apache Tomcat:
9.0.31

MySQL: 8.0.19

RUP@EC Template V.5.0 Date: 13/08/2020 Version: 4 9/21

Electronic Access to Commission Documents (EASE) Architecture Overview

Load balancer VIPs and reverse N/A
proxy mappings

Amazon Web Services Workspaces and development Cloud N/A
EC2 servers

EU Login 4.47.x for Tomcat

User interface framework eUI/ECL (Angular)
Workflow management Camunda 7.8.xX

framework

Document management & | HRS& ERS HRS 2.0

externalisation ERS12

Virtual machine OpenJDK 71

implementation

2.4.6 Performance Requirements

 

Only the public portal has noteworthy performance requirements because it is publicly available.

® The public portal will support up to 30 concurrent users against the search engine at any given
time and up to 20 concurrent users on the applicant dashboard. This component will complete
90% of all transactions within 2 seconds.

® The request management system will support up to 20 concurrent users at any given time. This
component will complete 90% of all transactions within 5 seconds.

® The APIs will support up to 50 requests per second and complete 90% of them within 2
seconds.

3 COMPLIANCE

3.1 Security Compliance

3.1.1 Security Statement

The following security business impact assessment will be confirmed when the security plan for the
information system is drafted in the second half of 2020 (according to the ITSRM? methodology).

The security plan ITSRM? Excel file is currently being filled in jointly by the Solution Provider and
Business Owner. The System Owner is expected to sign off on the Word document and its Excel annex in
Q1 2021 before the Q2 move to production.

Our Information System has a LIMITED BASIC
Confidentiality level

Our Information System has an Integrity MODERATE
level

Our Information System has an MODERATE
Availability level

RUP@EC Template V.5.0 Date: 13/08/2020 Version: 4 10/21