Terminology | implementation-playbook

Access

A general term that describes the granting and restriction of the right or opportunity to view or use that which has been developed as part of GovStack.

Accessibility

Accessibility features allow for a wide base of users, specialy the differently abled (visualy impared, limited motor ability, loss of hearing) users to have access to a service. Example of artefact W3C accessibility guidelines

Activity

That which is to be done during a specific session.

Administrator/ Analyst

A registrar or a staff of a registrar who is building a new registry.

Affiliation

The organization (legally registered entity) that a subscriber or resource represents in an event or during an activity.

Agile Project Management

An iterative approach to delivering a project throughout its life cycle, composed of several interactions of small steps towards the completion of the project. APM aims to promote velocity and adaptability, releasing benefits throughout the project rather than only at the end.

Alert Message

Specific information to be sent for alerting subscribers and resources (e.g. reminders, triggers (start/end of workflows in BBs), etc.).

Alert Mode

A messaging method that is used within a program for each specified target (SMS/email/URI).

Alert Policy

A rule for sending a notification to specified users and applications within a program’s specific session (reminders/triggers/etc.).

Alert Schedule

A list of dates and times at which specific alerts must be sent.

Alert Status

A text that indicates the state of a specific alert (undefined, armed, qualified, sent, acknowledged, failed).

Alpha

In software development, the pre-release early version of a product that is part of a dedicated testing process. Alpha phase generally begins when some core features of a product are complete but the product is partially incomplete.

Ansible

A suite of software tools that enables infrastructure as code. It is open-source and the suite includes software provisioning, configuration management, and application development functionality.

Application Programming Interface (API)

A connection between computers or between computer programs. It is a type of software interface, offering a service to other pieces of software. A document or standard that describes how to build such a connection or interface is called an API specification. The term API may refer either to the specification or to the implementation.

Appointment

The booking of specific subscribers (persons/systems) for a specific session, episode and event.

Asserter

An entity that asserts a claim.

Attribute

A property (data, information) relating to an entity.

Authentication

This is the technical process of establishing that the credentials (i.e. username, password, biometric etc.) provided by a party (user, system, other) are valid and that the party can be granted basic access to system resources with default access rights.

Authentication

The process or action of verifying the identity of a user or process. For the purpose of this project, authentication has been replaced with the term ‘verification’ to allow for a clearer definition and for demarcation with other building blocks.

Authorization

The granting to a subject of privileges or rights for accessing the various resources hosted by a system.

Beta

In software development, an early version of a product which is feature complete but there is a possibility that it could contain some bugs and performance issues.

Biographic Data

A set of text attributes representing a person’s identity, for example name; birth date; birth place; parents’ biographic data.

Biometric Data

A set of physical attributes which can be used to identify a person, for example fingerprints, face and iris.

Bottom-Up Approach

A method of working which begins at the specific level and moves to the general, focusing its analysis at a micro-level and then broadening it out from there.

Build-Measure-Learn Feedback Loop

A process of building a product, measuring user metrics and learning from them to better respond to user needs and improve the product.

Building Block

An interoperable and open-source software component that, when combined with other building blocks, provides key functionalities to facilitate generic workflows common across multiple sectors.

Bulk Payments

A Payment from a single Payer to multiple Payees, for example cash transfer programs from a government or NGO to a set of beneficiaries.

Capability

The ability to execute a specified course of action or to achieve certain outcomes.

Capacity

The ability to perform a task in at least a minimally acceptable manner. Capacities need to be well-structured and recurring behaviours to classify as capabilities.

Capacity building

The process of developing and strengthening the skills, instincts, abilities, processes and resources that organisations and communities need to survive, adapt, and thrive in a fast-changing world.

Center for Internet Security Benchmarks (CIS)

A set of best-practice cybersecurity standards for a range of IT systems and products. CIS Benchmarks provide the baseline configurations to ensure compliance with industry-agreed cybersecurity standards.

Centralised Identity Approach

A form of user data management where data is stored in one place, so that users can access all of their applications, websites or other systems with the same set of credentials.

Citizen satisfaction survey

The addition of a simple feedback page within a digitized service can allow analytics of user satisfaction with the service. This is a valuable input in driving the improvement of the service. Example Generic feedback form by gov.uk

Civil Registry

A system recording life events (birth, death, marriage, divorce, adoption, name change) It is used to keep track of life events of individuals and to produce statistics for policy making.

Claim

An attribute asserted by an entity, about itself or another entity.

Cloud Native

An approach to building and running software applications that is designed to be compatible with cloud computing from its construction.

Cloud Security Posture Management (CSPM)

A solution suite that enables administrators to keep track of the way in which both home grown and 3rd party services and applications access public cloud provider resources from a security perspective and enables vulnerabilities to be resolved.

Co-Design

A way of designing products or services with the active involvement of the users and stakeholders, to make sure the product or service meets the users’ needs.

Common Vulnerabilities and Exposures (CVE)

A known vulnerability in a system or network component which can be exploited by a malicious attacker to gain access or create havoc.

Competency

Applying the necessary knowledge and skill in a real-world environment with full professional responsibility and accountability for one's own actions. Experience in a professional working environment represents the difference between demonstrated skill and demonstrated competency.

Computer Emergency Response Team (CERT)

A group that takes the lead in coordinating the management of cyber security incidents.

Configuration

Technical implementation of all the content and process conditions as defined by the Data Policy for Consent Agreement vis-à-vis creation, reading, updating and deletion, as well as for providing all necessary actors with the required operations.

Consent

A voluntary declaration by an individual to approve the processing of their Personal data. It is one specific justification for personal data processing that is assumed to be required by legal or ethical conditions.

Consent Management Building Block

Enables services for individuals to approve the use of their personal data by defining the principles, functions and architecture of an information system. For organisations that process personal data, it provides the ability to know the individual's will and legitimately process such personal data.

Consent Record

That which is created when an individual signs a consent agreement. It represents a signed consent agreement.

Consent Reference

A unique identifier used to locate and verify the validity of the Consent Agreement.

Contextual Enquiry

A type of field study that involves in-depth observation and interviews of a small sample of users to gain a robust understanding of work practices and behaviours.

Controlled Unclassified Information (CUI)

Information that requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government policies.

Controls Configurator

A tool for a human analyst to define, for each field in the application file and processing screens, what controls will be applied (input format, formulas, actions/checks between fields and with external databases).

Conway’s law

An adage that states that an organisation designs systems that mirror their own communication structure.

Core Competence

An essential asset for the survival of a project in the long term. This can be a mix of skills, resources, and processes.

Country Engagement Success Kit (CESK)

A set of manuals and descriptions on how to set up various GovStack channels and spaces, as well as providing guidance on making workflows more efficient.

Credential

A document, object, or data structure that vouches for the identity of a person through some method of trust and authentication. Common types of identity credentials include—but are not limited to—ID cards, certificates, numbers, passwords, or SIM cards.

Credential Management Services

An API to get access and update the credential associated to the identity, also manage issuance and life-cycle of physical or digital credentials.

Critical Thinking and Problem-Solving Skills

The ability to use ICT to make informed judgements and choices, and then use the information gathered to solve a problem.

Data consumers

A legal entity that requires the Individual's data from the Data Providers according to the consent of the Individual.

Data Disclosure Agreements

An understanding that exists between two organisations where one organisation acts as a Data Provider and the other as a Data Consumer. The DDA captures how data is shared between the two organisations and each party's role and obligation.

Data Leakage Prevention (DLP)

A solution typically used to prevent confidential or private information from leaking outside an organization to unauthorized 3rd parties.

Data Ownership

Both the possession of and responsibility for information.

Data Policy

A formal description of the purpose, nature and extent of consent-based personal data processing, covering the configuration needs and the conditions defined by law.

Data Processing Auditor

An entity (a person or an organisation) responsible for verifying the legitimacy of personal data processing by Data Controllers and Data Processors based on the Data Policies and performed tasks.

Data Protection Impact Analysis (DPIA)

A process designed to identify risks arising out of the processing of personal data and to minimise these risks as far and as early as possible. DPIAs are important tools for negating risk, and for demonstrating compliance with the GDPR.

Data Providers

A legal entity that stores and provides access to an Individual's data, which requires the individual's consent for processing (outside of its primary purpose/location).

Data Residency

The requirement that all customer content processed and stored in an IT system must remain within a specific country’s borders. This is one of the foremost concerns of organisations that want to use commercial cloud services.

Data Sovereignty

The idea that data is subject to the laws and governance structures of the nation where they are collected.

Downloadable forms

Downloadable forms are an intermediate step within the journey to digitize a service. The following are the attributes of a downloadable form: it has a unique identification number, and follows the official design standards (seals, logos, font, color scheme and more). Link to example Visa application form Gob.mx

Delegate

The person giving consent (signing Consent Agreement); on behalf of an Individual user.

Denormalised Databases

A strategy used on a previously-normalized database to increase performance. In computing, the process of trying to improve the read performance of a database, at the expense of losing some write performance, by adding redundant copies of data or by grouping data.

Design thinking

Design thinking is an approach that puts humans at the center of designing services by empathising with them and encorporating their feedback. It centers around validation of ideas by continuous experimenting and prototyping. At its core, it relies on action rather than thinking itself. By delivering visuals and mockups on a periodic basis, design thinking conveys vision in an impactful and meaningful way. Finaly, by iterating entire design processes, design thinking bosts the possibility of delivering a successful outcome.

Determinant

An attribute, defined in the rule, used as a filter to determine if (1) an entity is subject to a registration and/or (2) what requirements this entity must provide to register.

DevOps and DevSecOps

A set of principles and practices used along with tools that fully integrates and expedites the process of building, securing and deploying code on a scheduled and/or demand basis with the goals of reduced errors, reduced time-to-market, increased security and increased accuracy among others.

Digital Competency

A combination of knowledge, skills and attitudes with regards to be use of technology to perform tasks, solve problems, communicate, manage information, collaborate, as well as to create and share content effectively, appropriately, securely, critically, creatively, independently and ethically.

Digital Enterprise

An enterprise characterized by the creation of digitalized products or services that are either delivered fully digitally (eg, digital media or online banking); or where physical products and services are obtained by the customer by digital means (e.g., online car sharing services).

Digital Government Service

Government service delivered through digital channels like SMS, virtual assistant, website, web apps, and applications.

Digital Identifier

The key used by the parties to an identification relationship to agree on the entity being represented.

Digital Identity

The unique representation of a subject engaged in an online transaction. It is always unique in the context of a digital service, but does not necessarily need to uniquely identify the subject in all contexts.

Digital Identity and authentication policy

Policies that allow organizations to model security outcomes for application access based on industry-accepted, digital identity practices. They allow organisations to enable contextual, conditional access to services based on the risk and security posture when a user accesses it.

Digital Registries Coding Block

A no-code application meant to offer intuitive database/register creation and management functionalities.

Digital Service

Digital service is a government service available through digital channels. Government digital services are usually classified into the following two categories:

information services: typically websites, or mobile applications, that provide information to the public. This information often includes reports, fact sheets, and videos
transactional services: any services that lead to a change in the records held by the government. They typically involve an exchange of information, money, licenses or goods. Examples of transactional services include:
- submitting a claim
- registering a business
- updating contact details
- registering a birth, among others

Source: digital.gov.nz, 2020

Digital Service Design Standard

Standard provides agencies with unified and consistent guidance on the design (user journeys, user/business life events, UX/UI, web forms, electronic documents), development (micro-services architecture and reusable software components/Building Blocks approach), and implementation (iterative, agile and citizen-centric) of digital services to enable and drive system-wide benefits.

Distributed Identity

An approach whereby the identity is owned and managed by the end person in a form of credentials (physical or digital) for which the owner is in full or as-needed control of its usage. This model if compared to centralized to federated presents lots of benefits in terms of privacy protection.

Documentation

An umbrella term that encompasses all written documents and materials dealing with a software product’s development and use.

Downloadable forms

Downloadable forms are an intermediate step within the journey to digitize a service. The following are the attributes of a downloadable form: it has a unique identification number, and follows the official design standards (seals, logos, font, color scheme and more). Link to example Visa application form Gob.mx.

E-Competence Framework (e-CF)

Created by the European Committee for Standardization (CEN) to communicat the required competencies for ICT professionals, establishing 41 competences across 5 proficiency levels and providing knowledge and skills examples.

e-Participation Index

A supplementary index to the UN E-Government Survey which extends the dimension of the Survey by focusing on the use of online services to facilitate provision of information by governments to citizens (“e-information sharing”), interaction with stakeholders (“e-consultation”), and engagement in decision-making processes (“e-decision making”).

East African Community (EAC)

A regional intergovernmental organisation of six (6) Partner States, comprising Burundi, Kenya, Rwanda, South Sudan, Tanzania and Uganda, with its headquarters in Arusha, Tanzania.

Economic and Monetary Community of Central Africa (CEMAC)

A regional intergovernmental organisation made up of six States: Gabon, Cameroon, the Central African Republic (CAR), Chad, the Republic of the Congo and Equatorial Guinea.

Electronic documents

Electronic documents are printable representations of electronic transactions. For example, a birth certificate obtained online is proof of an electronic consultation with the population registry. Link to example Birth certificate gob.mx

Electronic Identity (eID)

A means for the user to prove electronically that they are who they say they are and thus gain access to services. It can appear in a form of certificate, username or email address or phone number.

Electronic Identity Token

A hardware device to be used during electronic transactions in order to provide for electronic identity verification process. It stores a set of private keys with corresponding public keys and carries at least functions of electronic authentication and digital signature creation.

End User

The customer of a digital financial services provider. the customer may be a consumer, a merchant, a government, or another form of enterprise.

End-of-life Product (EOL)

A product at the end of the product lifecycle which prevents users from receiving updates, indicating that the product is at the end of its useful life. With an EOL product, the vendor stops the marketing, selling, or provision or parts, services or software updates for the product.

Entity

A thing with distinct and independent existence, such as a person, organization, or device.

Episode Status

Indicates if a particular episode name within an event is pending/started/ended/no-show/cancelled.

European Qualifications Framework (e-QF)

A broad competency framework establishing 8 levels of knowledge, skills, and abilities to apply knowledge and skills with autonomy and responsibility.

Event Type

A service described by OpenAPI. Each event type is owned by a certain authority (e.g. the MoH might own the “new_birth” event type and define its schema).

Event-Based Gateway

A branching point in the Process where the alternative paths that follow the Gateway are based on Events that occur, rather than the evaluation of Expressions using Process data (as with an Exclusive or Inclusive Gateway).

Exclusive Gateway

A diversion point of a business process flow. For a given instance of the process, only one of the paths can be taken. An exclusive gateway may be used to achieve “looping” or “iteration” because if a condition is not met, the “next step” in the process may be another part of the process that provides a “way back” to the gateway in question after other activities are completed.

eXtensible Access Control Markup Language (XACML)

An open standard XML-based language used to express security policies and access rights to information. It defines a declarative fine-grained, attribute-based access control policy, language, an architecture, and a processing model describing how to evaluate access requests according to the rules defined in policies all in XMLSchema.

Federated Identity

A method of linking a user's identity across multiple separate identity management systems. It allows for clean separation between the service a client is accessing and the associated authentication and authorization procedures.

Federations Services

API allowing federation of identities from external identity providers.

Financial Management Information System

The budget management system of the government treasury, which ensures that government agencies’ payments are processed within the approval budget and releases.

Financial Service Providers (FSPs)

An organisation that is licensed by a regulatory authority to provide transaction accounts which hold customer funds and are used to make and receive payments.

Foundational Identity System (fID System)

An identification system primarily created to manage identity information for the general population and provide credentials that serve as proof of identity for a wide variety of public and private sector transactions and services. Common types include civil registries, universal resident or national ID systems, and population registers.

Functional Description Document

A type of standard system administrator’s document which describes the functionalities of a product. Most parts of this document are produced after consultation with a user or an owner.

Functional Identity

Provides official proof of identity and authorization for particular purposes or sectors. This typically includes identification systems that provide voter identification, ration cards, social security numbers, health cards, tax numbers, and more. In some cases these credentials may also be recognized as proof of identity for other purposes or sectors.

Functional Identity System

A platform which maintains a registry of identity credentials and associates the identity of a person with the entitlement that the functional credential offers.

G5 Benchmark

An ITU developed tool which measures collaborative digital regulation within the development of regulation and policy making. It takes data from 193 countries and expands to cover four pillars, with 70 indicators taken into account – national collaborative governance; policy design principles; digital development and digital economic policy agenda

Gateway

Flow-control elements, which are used to control how activities interact as they converge and diverge within a process. Entered (or “triggered”) by activities, a gateway acts as a function that decides which (outgoing) path to follow based on the result of the evaluation of the given set of conditions.

Generic Workflow

Generic workflows in digital government services refer to frequently encountered, standardized processes and procedures that government agencies can use to streamline various steps as part of services. These workflows are designed to be reusable and improve efficiency, transparency, and accessibility in delivering government services to citizens, businesses, and other stakeholders.

General Data Protection Regulation (GDPR)

EU law on data protection and privacy in the European Union and European Economic Area, forming the backbone of EU privacy law.

Government Enterprise Architecture

A whole of government approach to support government ecosystems by transcending boundaries for delivering services in a coordinated, efficient and equitable manner.

GovStack

An expert community-driven multistakeholder effort aimed at supporting governments in building digital services. It offers governments open-source tools including building block specifications, a sandbox for testing, and communities of practice.

GovStack Learning Management System (GS LMS)

An ecosystem which consists of materials supporting the understanding of the GovStack approach and helping during the implementation journey by providing an environment with guides, templates and other materials.

GovTech Maturity Index

A World-Bank-developed progress tracker which measures the key aspects of four GovTech focus areas across the globe: enhancing service delivery, supporting core government systems, mainstreaming citizen engagement, and GovTech enablers.

Gramm-Leach-Bliley At (GLBA)

A United States federal law that requires financial institutions to explain how they share and protect their customers' private information. It is also a generally accepted global standard.

Green-fields development

In software development, a project involving developing a system for a totally new environment, without concern for integrating with other systems (especially legacy systems). Such projects are deemed higher risk.

Heuristic Evaluation

A usability inspection method for computer software that helps to identify usability problems in the user interface design. It specifically involves evaluators examining the interface and judging its compliance with recognized usability principles.

HIPAA

The established United States federal standard to protect individuals' medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically. It is a generally accepted standard globally.

Host Entity

Identity of an entity that owns the responsibility for the event (Identify of a Hospital, school, Company, Hotel, etc.)

ICT Price Baskets

An ITU Affordability Data Set which provides information about the affordability of ICT services around the world.

ID/ Credential Management Services

Organisations that issue and manage the life cycle of Identity credentials, issuing identity documents, managing their renewal, and declaring them as stolen.

Identifier Management module

A building block that manages identifiers assigned to identities.

Identity and Access Management (IAM)

Typically refers to a security suite that implements the infrastructure required for Authentication and Authorization plus the management of identities, roles, groups and access.

Identity and Verification Building Block (IDVBB)

The building block which creates, manages and uses a digital foundational identity. As a part of the overall identity system, it can be interfaced with other building blocks in order to realize the complete set of requirements necessary for the identification and verification of the other GovStack building blocks.

Identity and Verification Services

An API to offer identification services to the 3rd party players . Those services can be identity verification, attributes sharing or answers to claims (ie I claim I’m older than 18 years old) Usage can be multiple in public services, but also private, even cross-countries.

Identity Credential

An identity document in a physical or digital form that an identity credential holder may present to authenticate his identity in a physical or electronic interaction.

Identity Registry

A system for storing and managing the identities. It contains and manages all the data that might need to be collected (according to local laws and regulations) including demographics (ie name), biographics (ie age), portrait, known identifiers, known documents and can offer consultation or management services on them.

Identity Verification Services

A service who allows a service provider to verify an identity or some of its attributes, for example checking a person declared identity or verifying its age.

IEEE/ACM Computing Curricular 2020 (CC2020)

A report examining undergraduate curricular guidelines in computer engineering, computer science, cybersecurity, information systems, information technology, software engineering, and data science.

Information service sheets

Describes prerequisits needed to access the service, channels of interaction with the user (In person, Chatbots, voice commands, web applications, virtual assistant and more), information about costs associated with availing the service and legal framework and foundation of the service. The following is an example of a service sheet for applying for a UK passport online.

Inclusive Gateway

In product notation, specifies that one or more of the available paths will be taken. They could all be taken, or only one of them. Unlike the exclusive gateway, an inclusive gateway may trigger the execution of more than one out-going flows.

IndEA

India’s government enterprise architecture, which applies a whole-of-government approach to delivering common public services by guiding investment into digital public goods and facilitating digital payments.

Indian e-Governance Competency Framework

e-CGF provides a toolkit suggesting how to structure an e-Governance team and how to conduct fact based training needs analysis for competency benchmarking. It covers all kinds of competences and is not limited to IT capabilities only.

Individual

A person about whom the personal data is stored in an information system (a.k.a. “Data Subject”) and who agrees or not with the use of this data outside of its primary purpose/location.

Information Management Skills

The ability to access and use information to make informed decisions.

Information Mediator Building Block

Responsible for providing (1) a managed facility through which different GovStack BBs and applications may communicate securely with each other and (2) a facility through which applications may publish and subscribe to different events identified by unique message types, enabling more efficient and resilient communication and application design.

Inputs & outputs

Concrete actions and/or deliverables that need to happen in order for a stage to occur

Instance

The unique thread of execution of a process. It has input data, a start time, end time, log, exit code, and other attributes. There may be N number of instances for a given process.

Internal Kickoff

The meeting that marks the beginning of GovStack activities in the implementing country.

International Standard Classification of Occupations (ISCO)

One of the main international classifications for which ILO is responsible; a tool for organizing jobs into a clearly defined set of groups according to the tasks and duties undertaken in the job.

Internet Message Access Protocol (IMAP)

A mail client protocol used for retrieval of email messages from a mail server. For the purposes of GovStack IMAP refers to IMAP4 which is defined by the IETF with multiple RFCs.

Interoperability

Ability of ICT systems and business processes in government agencies to share information and knowledge within and across organizational boundaries, in order to better support the provision of public services as well as strengthen support to public policies and processes.

Issuer

Entity which creates a credential for one or more entities

ITU Global Cybersecurity Index

A trusted reference that measures the commitment of countries to cybersecurity at a global level – to raise awareness of the importance and different dimensions of the issue.

ITU Regulatory Tracker

Facilitates benchmarking and the identification of trends and gaps in ICT legal and regulatory frameworks and allows decision-makers to make the case for further regulatory reform toward achieving a vibrant and inclusive ICT sector

Journey Maps

A visualization of the process that a person goes through in order to accomplish a goal.

Kubernetes

An open-source container orchestration system for automating software deployment, scaling, and management. Google originally designed Kubernetes, but the Cloud Native Computing Foundation now maintains the project.

Legal Entity

An organisation (public or private)that has the rights and obligations to define standards for personal data processing. E.g. a public health authority.

Log Report

Information from log of proceedings of a specified event (e.g. who attended and when, no shows, resource utilized, etc.).

Mapper or account Lookup Directory Service

A dynamic directory matching beneficiaries’ unique identifier and their account numbers to enable multiple programs to direct payments to the same account and beneficiaries to switch payment service providers.

Messaging Event

The (single) act of asynchronous information transfer between the publisher and subscriber.

Minimum Viable Product

A version of a product with just enough features to be usable by early customers who can then provide feedback for future product development.

Mobile Money (MoMo)

A destination account to distribute funds to end users (in the case of G2P) or an initiation account to enable users to initiate a payment for government services (P2G) which is facilitated by transferring money and making and receiving payments using the mobile phone.

National Catalogue/ Inventory of Government Services

A catalogue of public services is a collection of descriptions of active public services that are provided by public administrations at any administrative level (i.e. local, regional, national or pan-European).

Network Time Protocol

A networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks.

Normalised Database

The process of structuring a relational database in accordance with a series of so-called normal forms in order to reduce data redundancy and improve data integrity.

Notifications

Notifications allow a service to contact its users, through multiple channels (email, sms and more). Notifications can be templatized (following the official design standards), allow for personalization of messages, bulk sending of information, API integration, seek permissions Example of artifacts Notifications guidelines and tool from gov.uk

Notifications Services

An API that triggers external processes according to events happening on the identity data managed by the identity system (ie name change, death, new child born, document lost or stolen).

OAuth2

An open standards based protocol used for Authentication that uses bearer tokens and is specifically designed to work across HTTP. OAuth provides clients a "secure delegated access" to server resources on behalf of a resource owner.

Online communication skills

The ability to communicate with stakeholders online with clarity. Communication is crucial when working in the digitised platform market because stakeholders often have never met.

Open Data

Data that is openly accessible, exploitable, editable and shared by anyone for any purpose, even commercially.

Open Source

Computer software that is released under a license in which the copyright holder grants users the rights to use, study, change, and distribute the software and its source code to anyone and for any purpose.

Open Standards

Standard that is openly accessible and usable by anyone. It is also a prerequisite to use open license, non-discrimination and extensibility. Typically, anybody can participate in the development.

Open Web Application Security Project (OWASP)

An online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security.

OpenHIE

A global community focused on health systems interoperability. While the remit of the Information Mediator is domain independent, we have drawn from OpenHIE because (a) a number of the initial use cases are health-related and (b) the OpenHIE community has developed a mature, well-thought-through, multi-stakeholder specification which can serve as an example (though limited) for GovStack’s purposes.

OpenIDConnect

A simple open standards based identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of a party based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the party in an interoperable and REST-like manner.

Operator

A registrar or a staff of a registrar who is processing the request of an applicant.

Organizer

A user authorized by Host to manage event schedules using this building block.

Parallel Gateway

Used in process design to visualize the concurrent execution of activities and is used in pairs. When the process arrives at the “parallel gateway node”, all the outgoing flows exhibited from the gateway will be executed simultaneously. The flow will be merged at the “joining parallel gateway”.

Participant

The GovStack team and other stakeholder teams mainly government digital teams in an engagement process with GovStack.

Payee

The recipient of funds in a payment transaction.

Payer

The person/organization whose account is debited in a payment transaction.

Payment

An exchange of funds, credentials, and other necessary information to complete an obligation between end users. A transfer is an example of a payment.

Payment Alias/ Payment Address

May include phone numbers, email addresses, or other handles. They may include globally unique URIs, and may be chosen by the user. These are increasingly seen in new payment systems.

Payment Card Industry Data Security Standard (PCI DSS)

A set of standards used by the payment card industry to secure payment card data and card holder information including primary account numbers (PAN), credit/debit card numbers, and sensitive authentication data (SAD) such as CVVs and PINs.

Payments Building Block

The building block which enables digital financial payments to be tracked, evaluated, initiated, validated, processed, logged, compared and verified against budgets.

Performance Analytics

With the help of a standardized set of monitored data, indicators, analytical tools, and reports, performance analytics can provide effective and efficient analysis on various aspects of a service. Performance analytics most commonly used in services are digital take-up, user satisfaction, completion rate and cost per transaction. Example Performance analysis by gov.uk

Period

A range of consecutive days defined by start and end dates.

Personal Data

Any information that (a) can be used to identify the Individual to whom such information relates, or (b) is or might be directly or indirectly linked to the Individual.

Platform as a Service (PaaS)

A suite of software components that is fully integrated to provide a secure, convenient and rapid application development and deployment platform for cloud style applications.

Population Registry

A database/system which includes records of the entire population of a country covering citizens but also foreigners staying in the country and also the national diaspora.

Post Office Protocol (POP)

A standard email protocol used by clients to access email once delivered to a mail server in a specific DNS domain. Various versions of this protocol exist but for the purposes of this document POP refers to POP3 as defined by RFC1939 and the extension mechanism in RFC2449 and an authentication mechanism defined in RFC1734.

Postel’s Law

Paraphrased as “be liberal in what you accept, and conservative in what you send”.

Process

A business process is defined as a set of one or more linked activities which collectively realize a business objective.

Process Documentation

Documents produced during development and maintenance that describe steps taken during development of the software. Common examples include project plans; test schedules; reports and meeting notes.

Product Documentation

Documentation that describes the product that is being developed and provides instructions on how to perform various tasks with it.

Professional Technical Skills

The ability to understand various techniques involved in conceptualising, designing, development, testing, integration, operations & maintenance of a software product.

Provisioning

In general, provisioning means "providing" or making something available. Here, a way of propagating the joining or leaving of users from the system and creating/removing the accounts and access rights for users based on their target profile/role.

PubSub

In software architecture, publish–subscribe (PubSub) is a messaging pattern where senders of messages, called publishers, do not program the messages to be sent directly to specific receivers, called subscribers, but instead categorize published messages into classes without knowledge of which subscribers, if any, there may be.

Pubsub Pull Delivery Mode

Within PubSub, when the Room keeps a queue of events and the Subscriber can check that queue.

PubSub Push Delivery Mode

Within PubSub, when the Room sends events via webhook to the Subscriber’s API.

Quick Response (QR) Code

A method of encoding and visualization of data, which are machine-readable.

Realm

A security policy domain defined for a web or application server. A realm contains a collection of users, who may or may not be assigned to a group. An application will often prompt for a username and password before allowing access to a protected resource.

Registrar

An entity that is authorized to register, in a registry, claims submitted by an applicant and to issue a credential proving the registration.

Registration

Any approval/license/certificate issued by a public entity as a result of a request/declaration made by a user of the public service.

Registry

A paper-based or electronic database (centralized or decentralized, i.e. blockchain) where claims are stored and can be consulted.

Regulation

Normative text (law, decree, deed, decision, etc.) issued by a public entity.

Representational State Transfer (REST)

A set of architectural constraints that describes a uniform interface between physically separate components, often across the Internet in a Client-Server architecture.

Request for Information

A common business process whose purpose is to collect written information about the capabilities of various suppliers. Normally it follows a format that can be used for comparative purposes. An RFI is primarily used to gather information to help make a decision on what steps to take next.

Requirement

Information (i.e. claims and credentials) and fees which must be provided in a registration process.

Resource ID

Identity of a specific person/facility/equipment that is used to provide services in an Event

Result

Usually a credential (sometimes called: certificate, license, permit, card, etc.) proving the registration, in addition to the recording of information in a registry.

Room

A GovStack application that handles the distribution of events. Each Room has a set of connected event types. A room is located in the member’s local IM BB implementation and the member is responsible for all types of events in that particular room.

Routing

The process by which a route to a payment address is determined. The mechanism of sending payment information across different systems. This is sometimes used interchangeably with addressing.

RTC Synchronisation

The process of aligning with a real-time clock.

Rule

Any regulation, or part of a regulation, which creates for specific subjects an obligation or a right to register, and defines, for each category of subjects, the results and requirements of the registration.

Rules Engine

A tool transforming legal rules relating to a registration (i.e subjects, results, requirements and determinants), defined by a human analyst, into machine-readable statements.

SAAS

A software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted.

Scheduler BB

The Scheduling building block provides services needed for planning, booking, tracking, triggering, notifying and reporting status of events.

Scope

A set of claims and/or credentials required for a registration.

Security Assertion Markup Language (SAML)

SAML and SAML2 are XML markup protocols designed for federation of identities across identity providers and service providers. Its main use case is for web single-sign-on.

Service

A service is a minimal piece of functionality provided by a building block or use case implementation.

Service Catalog

A service catalog is a list of services, which includes information like level of digitization, demand, cost to deliver, how they’re performing in terms of desired outcomes (for users, for policy, for the organization), whether they should exist in their current form, whether there are patterns that are duplicated, who owns and manages them, number of interactions to complete the service among other data that can facilitate optimization and prioritization of services according to the impact and feasibility of digitizing the services.

Source: Gov.uk

Session Locations

Address of physical location of facilities where the event is hosted. If the event is purely online, the location will be “Virtual”.

Session Slot

A slot is the time period of a session defined by its Starting and ending date-time specification to carry specific activity.

Session Status

The current state of a session (proposed/published/booked/started/completed/no_show/failed/canceled).

Shared service policy and catalogue

Policies on services which are shared across government supporting effective and efficient departmental administration. They enable civil servants and others in the public sector to focus on delivering government priorities and public services.

Simple Certificate Enrolment Protocol (SCEP)

Simple Certificate Enrolment Protocol (SCEP) is an open source protocol that is widely used to make digital certificate issuance at large organizations easier, more secure, and scalable.

Simple Mail Transfer Protocol (SMTP)

A protocol used to deliver e-mail messages over the Internet. This protocol is used by most email clients to deliver messages to the server, and is also used by servers to forward messages to their final destination.

Single Sign On (SSO)

An authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials.

Southern African Development Community (SADC)

An inter-governmental organization headquartered in Gaborone, Botswana. Its goal is to further regional socio-economic cooperation and integration as well as political and security cooperation among 16 countries in southern Africa.

Subject

An entity obliged or entitled to a registration, or about which a claim is made.

Subscriber

A person or an application that is target audience for specific sessions (students, patients, software apps, devices, etc.).

Synchronous Process

A synchronous process is a process that, once instantiated, will complete before returning a response to the request. The process instance is blocking and should be used sparingly.

System Admin Guide

A type of standard system administrator’s document which explains different types of behaviours of the system in different environment and with other systems.

System Documentation

Product documentation that describe the system itself and its parts. It includes requirements documents, design decisions, architecture descriptions, program source code, and help guides.

Task Flow Analysis

A step-by-step analysis of how a user will interact with a system in order to reach a goal. This analysis is documented in a diagram that traces a user's possible paths through sequences of tasks and decision points in pursuit of their goal.

Technical Skills

The ability to use a smart mobile device, an application, and to navigate online to complete a task.

Test Case Specifications

A type of quality assurance documentation used to verify each feature or functionality of a product. This is based on the approach outlined in the test plan.

Test Checklists

A type of quality assurance documentation in the form of a list of tests that should be run at a particular time.

Test Plan

A type of quality assurance documentation usually 1-2 pages in length. It describes what should be tested at a given moment, and contains a list of features to be tested; testing methods; timeframes; a list of relevant roles.

Test Strategy

A type of quality assurance documentation that describes the software testing approach to achieve testing objectives. It includes information about team structure and resource needs as well as priorities.

The German Advanced IT Training System

In addition to the German Qualifications Framework, the GAITS provides a system of career profiles of specialists in the computer, software and telecommunications sectors.

Top-Down Approach

A top-down approach starts with the broader view, analyzes the macroeconomic factors, and targets specifically from there.

Transaction

A reference to the entirety of the exchange, including a Payment but may also include information between the Payer’s DFSP and the Payee’s DFSP.

Treasury Single Account

A unified structure of government bank accounts that gives a consolidated view of government cash resources. Based on the principle of unity of cash and the unity of treasury, a TSA is a bank account or a set of linked accounts through which the government transacts all its receipts and payments.

UIN Generator

Generates Unique Identity Numbers which are unique in the system. UIN Generator will follow predefined business rules for that generation and will make sure that a new generated number has never been already issued.

UN E-Government Development Index

An index developed by the United Nations to present the state of E-Government development of member states, focusing broadly on provision of online services, telecommunication connectivity and human capacity.

Unconditional Social Cash Transfer (UCST)

Cash payments provided to financially disadvantaged or vulnerable people or households without requiring anything in return.

Uniform Resource Identifier (URI)

A unique sequence of characters that identifies a logical or physical resource used by web technologies.

Unique Identity Number (UIN)

Stands for Unique Identity Number, this number uniquely identifies a person in an ID system. UIN are an optional approach and not necessary.

Use Case

A sequence of actions (steps) to achieve a specific goal in a specific context of usage. E.g., in one use case the IM BB may be used to let a BB access a service provided by another BB; in another use case it may be used to relay an event notification from one BB to several other BBs via PubSub. Digital government services are enabled by architecting dfferent use cases according to the service workflow.

User Documentation

Product documentation that is mainly prepared for end-users of the product and system administrators. This includes tutorials, user guides, troubleshooting manuals, installation and reference manuals.

User Experience (UX)

How end users interact with and experience a service, which includes their perception of the actions associated with using that service.

User Interface (UI)

Any tool or activity by which the end-user accesses, uses or otherwise interacts with a digital service.

Voucher

A token that entitles the holder to a discount or that may be exchanged for goods or services.

Voucher Group

A voucher group is a characteristic of a voucher that restricts the function or use case that a voucher can be used for.

Waterfall Project Management

A project management approach that entails a clearly defined sequence of execution with project phases that do not advance until a phase receives final approval. Once a phase is completed, it can be difficult and costly to revisit a previous stage.

Web forms

Web forms allow capturing and validation of data provided by the user and digital registries. They follow the official design standards (seals, logos, font, color scheme, and more). Link to example Birth certificate gob.mx

Webhook

A webhook (also called a web callback or HTTP push API) is a way for an application to provide other applications with real-time information. A webhook delivers data to other applications as it happens, meaning you get data immediately.

Whole-of-Government Approach

The joint activities performed by diverse ministries, public administrations and public agencies in order to provide a common solution to particular problems or issues.

Wireframe

Software that helps designers and product managers visualize the structure and functionality of a web page or an app screen.

Workflow Activity

A single step in a workflow process.

Workflow Instance

An instance of execution for a workflow process.

Workflow Process

A workflow process contains one or many activities.

X-Road

An open-source software and secure data exchange layer that allows public and private sector databases to exchange data. All outgoing data on the software is digitally signed and encrypted, and incoming data is authenticated and logged.