The administration tasks for the TrustedX platform can be performed by using one of the below methods or a combination of them:
- Using an administration console incorporated in the TrustedX platform. The supplied console allows one to perform the administration tasks for the whole platform – managing groups, trusted entities, and policies or the supervision of events, etc.
- Using any specific application and via the platform’s TWS-EP component. The fact that the platform information is expressed in XML and that it is available as a service, means that management applications can access data such as events, specific configurations, other, etc. For example, the billing application used to perform the accounting of the service consumption of a specific entity.
The uniform information model of the TrustedX platform offers a conceptually simple administration procedure since it is as straightforward as reading and writing certain values of the virtual XML document.
Figure 1 shows how the platform's information model is built. The TWS-EP component uses XML style sheets (XSLT) to virtually transform different information sources (LDAP, DB, others) into one unique XML document. Further XSLT transformations are applied, once access authorization is granted, to obtain pages directly represented in a Web browser or other devices. This approach presents major advantages in terms of the simplification of system management in its ability to support different representation devices due to its open and easily-extended nature. The exclusive use of XML, XPath and XSLT technologies allows a maximum degree of resource reuse and system extension by using the numerous XML products available on the market.
TrustedX administration console (Figure 2) follows the above-mentioned model. The system has an advanced Graphical User Interface (GUI) used to administer and access all the system information in a uniform and centralised manner, via a Web browser. The administration functions of the platform’s console provide for:
- End Entity Management: management of groups of privileged users, users, applications or services and the groups of end entities.
- Management of trusted entities: management of the Certification Authorities, the Validation Authorities and the Time-Stamp Authorities.
- Management of authentication and authorization policies (Figure 3): this allows a set of rules and actions to be defined that will be applied in line with the type of authentication, the type of authenticated entity and the type of resource requested.
- Management of digital signature generation policy: this allows the definition and modification of policies to be applied when generating digital signatures.
- Management of digital signature verification policies: this defines and manages the digital signature verification policies, including the digital certificate validation policies (Figure 4).
- System configuration management: this defines the configuration of the platform’s own service components and the configuration of the databases, the directory, etc.
- Management of logs and audits: this allows the consulting of all the events generated by all the platform’s service components.