Can you have the confidence, proof of delivery and reliability of a traditional registered letter, and the convenience and speed of an email? Now, you can.
And even more…
Recently, we designed and implemented a registered electronic delivery system for one of our customers, Polish National Post Office. ERDS (Electronic Registered Delivery System) class system, is a set of applications that perform registered, and therefore guaranteed, messaging between the state and local government institutions, businesses and customers/ citizens.
Simply put, ERDS is similar to an email. It is also open and federally designed, thus enabling the exchange of messages between various operators (in particular within the European Union, according to eIDAS regulation). Of course, the necessary requirement is that the integrated systems should be built in accordance with the ETSI standards (the European standardisation organisation, which prepares the guidelines for the commodity, among others, European Commission regulations on digitisation),and use the AS4 protocol (instead of SMTP). However, when you look closely, you can see more significant differences.
First of all, the communication process itself is much more complex. In addition to the transmission of messages between the parties, there is also the transmission of gathered proofs. These proofs, called evidences, relate to events of posting, delivering and receiving messages, and in our implementation they are also documenting the decision regarding recipient’s acceptance or rejection of the message. Yes, you can refuse to accept the message, just like a letter with a postman. Every proof is marked with a qualified signature of the operator and a qualified timestamp. Importantly, such evidence is accepted by the European Union and national legislations. This information can therefore be used, similarly to postal confirmation of the receipt, as a reliable document in court. It is particularly interesting that the evidences not only confirm the existence of communication between the parties. Due to the fact that they contain cryptographic digests of the content and attachments of the messages, they can testify to what was the subject of the communication, without disclosing it directly.
Therefore, the ERDS system must guarantee that the identity of the communicating parties has been properly verified, and the message that the system was able to send will be delivered. This significantly affects the process of registering and authenticating users and the storage, and the protection of their personal data by the operator. It also imposes interesting requirements on scalability (thousands of messages per day), and the reliability of the solution architecture, as well as the mechanisms to ensure the integrity and confidentiality of exchanged messages.
Is the architecture we propose interesting?
It is certainly modern and certainly compliant with the ETSI guidelines. It has a modular, microservice structure, and the functional modules are defined in the open and free standards. The main technologies are Java 11 and Spring Boot. Messages are signed and encrypted using the cryptographic best known algorithms, based on elliptic curves (ECC: ECDSA and ECIES). We store data in PostgreSQL, Elasticsearch and InfluxDB databases. Internal communication is based on Apache Kafka, and this, plus module dockerizing, provides us with easy scalability, sudden load jumps handling and balancing, and the overall reliability. On the other hand, external interfaces are implemented as REST services, and for AS4 protocol based communication we use a tool designed and implemented using EU Grants – Domibus (https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/Domibus) .
As you can see, we have built virtually all the system components using open-source elements, except for a dedicated HSM (Hardware Security Module), that is responsible for signing evidences.
We are now keeping our fingers crossed for the production pilot tests and solution certification.