Data Exchange Layer X-Road

Last year the X-Road saved 820 years of working time.
— The Information System Authority (RIA) of Estonia

X-Road Basics

X-Road is an open source data exchange layer solution that enables organizations to exchange information over the Internet. X-Road is a centrally managed distributed data exchange layer between information systems that provides a standardized and secure way to produce and consume services. X-Road ensures confidentiality, integrity and interoperability between data exchange parties.

X-Road is used nationwide in the Estonian data exchange layer X-tee and in the Suomi.fi Data Exchange Layer service in Finland. X-Road is released under the MIT open source license and is available free of charge for any individual or organization.

X-Road_overview.png

X-Road implements a set of common features to support and facilitate data exchange. X-Road provides the following features out of the box:

  • address management

  • message routing

  • access rights management

  • organization level authentication

  • machine level authentication

  • transportation layer encryption

  • time-stamping

  • digital signature of messages

  • logging

  • error handling.

The identity of each organization and technical entry point (Security Server) is verified using certificates that are issued by a trusted Certification Authority (CA) when an organization joins an X-Road ecosystem. The identities are maintained centrally, but all the data is exchanged directly between a consumer and provider. Message routing is based on organization and service level identifiers that are mapped to physical network locations of the services by X-Road. All the evidence regarding data exchange is stored locally by the data exchange parties, and no third parties have access to the data. Time-stamping and digital signature together guarantee non-repudiation of the data sent via X-Road.

Two X-Road ecosystems can be joined together, federated. Federation is a one to one relationship between two ecosystems. Members of the federated ecosystems can publish and consume services with each other as if they were members of the same ecosystem. It is possible to create federation connections with multiple ecosystems, but transitive federation relationships are not supported. Ecosystem does not have a federation relationship with another ecosystem that it's not directly federated with. Federation enables easy and secure cross-border data exchange between X-Road ecosystems.

Indirectly, X-Road also enables citizens and officials to operate via different portals and applications (document management systems, institutional information systems) in a more efficient and flexible manner. For example, it helps checking for relevant information in national databases or securely exchange documents with institutions.

NIIS and X-Road

The following activities, among others, are undertaken by NIIS with regard to the X-Road and other core e-Government infrastructure components as decided by NIIS members:

  • management, development, verification, and audit of the source code;

  • administration of documentation;

  • administration of business and technical requirements;

  • conducting development;

  • developing and implementing principles of licensing and distribution;

  • providing second-line support for members;

  • international cooperation.