The client, a ministerial department in charge of security, needed a portal dedicated to the communication from and towards foreign countries for the management of the exchange of very sensitive data. In particular, the client required the project to comply both with the stringent security and reliability policies to which it must abide by, and with the national and international regulations that supplement and specify the technical provisions concerning the automated exchange of the data involved.
Besides, the client highlighted the importance of minimising the technical and organisational impact on other IT systems.
Present developed and maintained ad hoc software, provided for the customisation and parameterisation of software products and supplied specialist support services. The benefits of implementing Present’s solution have allowed to achieve high standards of security requested by the data exchange portal and to optimise the costs of the solution for the duration of the entire lifecycle.
The realisation of the described solution involved a challenging technical complexity due to several factors: the critical performance, service levels and requested availability values, the need to rationalise and optimise technical and operational aspects as well as the innovative use of state-of-the-art technologies. Moreover, this complexity was compounded by an extremely complex organisational context, that includes a national and international coordination between different security bodies.
The solution developed by Present has provided the inclusion of sophisticated and technologically advanced modules. In line with specific needs of the client, Present has designed a centralised security infrastructure, able to guarantee the protection of accesses to web resources, to web-services resources and the fulfilment of the Service Provider role in the federation of identities with the other portals involved. Besides, Present has customised and parameterised the Identity and Access Management systems that involve the unique management of utilities and access authorizations to individual applications by system managers, the administrative management of portal access policies and features and the implementation of a system that ensures confidentiality and integrity of communications.
Besides, the portal designed by Present, has provided a monitoring dashboard for the data correlation and analysis, with statistical reports and graphics aimed at mapping out action strategies with the scope to prevent and counteract criminal phenomena, as well as to monitor the activities of offices authorised to data processing.
The scope required a diversified technologies, including the in-depth knowledge of Windows Server operating systems, application servers (IBM WebSphere and Microsoft IIS), databases (My SQL Server, Microsoft SQL Server), security platforms (CA SiteMinder), virtualisation platform (CITRIX XenDesktop) and log management systems (CA UAR Enterprise Log Manager). For the success of the project, Present employed a cross-functional team of specialised professionals to ensure an extensive knowledge of the regulatory, technological and scientific environment.
The implementation of the portal fulfilled the client’s complex regulatory and technical requirements and allowed: