Version for TAC Review
Terminology/glossary used within the specification
Welcome to the single point of access to GovStack terminology compendium. The following terms and definitions facilitate GovStack communities of practices to communicate under the same terms of reference. Is during your interactions with GovStack documents.
Access
A general term that describes the granting and restriction of the right or opportunity to view or use that which has been developed as part of GovStack.
Accessibility features allow for a wide base of users, specialy the differently abled (visualy impared, limited motor ability, loss of hearing) users to have access to a service. Example of artefact W3C accessibility guidelines
Activity
That which is to be done during a specific session.
Administrator/ Analyst
A registrar or a staff of a registrar who is building a new registry.
Affiliation
The organization (legally registered entity) that a subscriber or resource represents in an event or during an activity.
Agile Project Management
An iterative approach to delivering a project throughout its life cycle, composed of several interactions of small steps towards the completion of the project. APM aims to promote velocity and adaptability, releasing benefits throughout the project rather than only at the end.
Alert Message
Specific information to be sent for alerting subscribers and resources (e.g. reminders, triggers (start/end of workflows in BBs), etc.).
Alert Mode
A messaging method that is used within a program for each specified target (SMS/email/URI).
Alert Policy
A rule for sending a notification to specified users and applications within a program’s specific session (reminders/triggers/etc.).
Alert Schedule
A list of dates and times at which specific alerts must be sent.
Alert Status
A text that indicates the state of a specific alert (undefined, armed, qualified, sent, acknowledged, failed).
Alpha
In software development, the pre-release early version of a product that is part of a dedicated testing process. Alpha phase generally begins when some core features of a product are complete but the product is partially incomplete.
Ansible
A suite of software tools that enables infrastructure as code. It is open-source and the suite includes software provisioning, configuration management, and application development functionality.
Application Programming Interface (API)
A connection between computers or between computer programs. It is a type of software interface, offering a service to other pieces of software. A document or standard that describes how to build such a connection or interface is called an API specification. The term API may refer either to the specification or to the implementation.
Appointment
The booking of specific subscribers (persons/systems) for a specific session, episode and event.
Asserter
An entity that asserts a claim.
Attribute
A property (data, information) relating to an entity.
Authentication
This is the technical process of establishing that the credentials (i.e. username, password, biometric etc.) provided by a party (user, system, other) are valid and that the party can be granted basic access to system resources with default access rights.
Authentication
The process or action of verifying the identity of a user or process. For the purpose of this project, authentication has been replaced with the term ‘verification’ to allow for a clearer definition and for demarcation with other building blocks.
Authorization
The granting to a subject of privileges or rights for accessing the various resources hosted by a system.
Beta
In software development, an early version of a product which is feature complete but there is a possibility that it could contain some bugs and performance issues.
Biographic Data
A set of text attributes representing a person’s identity, for example name; birth date; birth place; parents’ biographic data.
Biometric Data
A set of physical attributes which can be used to identify a person, for example fingerprints, face and iris.
Bottom-Up Approach
A method of working which begins at the specific level and moves to the general, focusing its analysis at a micro-level and then broadening it out from there.
Build-Measure-Learn Feedback Loop
A process of building a product, measuring user metrics and learning from them to better respond to user needs and improve the product.
An interoperable and open-source software component that, when combined with other building blocks, provides key functionalities to facilitate generic workflows common across multiple sectors.
Bulk Payments
A Payment from a single Payer to multiple Payees, for example cash transfer programs from a government or NGO to a set of beneficiaries.
Capability
The ability to execute a specified course of action or to achieve certain outcomes.
Capacity
The ability to perform a task in at least a minimally acceptable manner. Capacities need to be well-structured and recurring behaviours to classify as capabilities.
Capacity building
The process of developing and strengthening the skills, instincts, abilities, processes and resources that organisations and communities need to survive, adapt, and thrive in a fast-changing world.
Center for Internet Security Benchmarks (CIS)
A set of best-practice cybersecurity standards for a range of IT systems and products. CIS Benchmarks provide the baseline configurations to ensure compliance with industry-agreed cybersecurity standards.
Centralised Identity Approach
A form of user data management where data is stored in one place, so that users can access all of their applications, websites or other systems with the same set of credentials.
The addition of a simple feedback page within a digitized service can allow analytics of user satisfaction with the service. This is a valuable input in driving the improvement of the service. Example Generic feedback form by gov.uk
Civil Registry
A system recording life events (birth, death, marriage, divorce, adoption, name change) It is used to keep track of life events of individuals and to produce statistics for policy making.
Claim
An attribute asserted by an entity, about itself or another entity.
Cloud Native
An approach to building and running software applications that is designed to be compatible with cloud computing from its construction.
Cloud Security Posture Management (CSPM)
A solution suite that enables administrators to keep track of the way in which both home grown and 3rd party services and applications access public cloud provider resources from a security perspective and enables vulnerabilities to be resolved.
Co-Design
A way of designing products or services with the active involvement of the users and stakeholders, to make sure the product or service meets the users’ needs.
Common Vulnerabilities and Exposures (CVE)
A known vulnerability in a system or network component which can be exploited by a malicious attacker to gain access or create havoc.
Competency
Applying the necessary knowledge and skill in a real-world environment with full professional responsibility and accountability for one's own actions. Experience in a professional working environment represents the difference between demonstrated skill and demonstrated competency.
Computer Emergency Response Team (CERT)
A group that takes the lead in coordinating the management of cyber security incidents.
Configuration
Technical implementation of all the content and process conditions as defined by the Data Policy for Consent Agreement vis-à-vis creation, reading, updating and deletion, as well as for providing all necessary actors with the required operations.
Consent
A voluntary declaration by an individual to approve the processing of their Personal data. It is one specific justification for personal data processing that is assumed to be required by legal or ethical conditions.
Consent Management Building Block
Enables services for individuals to approve the use of their personal data by defining the principles, functions and architecture of an information system. For organisations that process personal data, it provides the ability to know the individual's will and legitimately process such personal data.
Consent Record
That which is created when an individual signs a consent agreement. It represents a signed consent agreement.
Consent Reference
A unique identifier used to locate and verify the validity of the Consent Agreement.
Contextual Enquiry
A type of field study that involves in-depth observation and interviews of a small sample of users to gain a robust understanding of work practices and behaviours.
Controlled Unclassified Information (CUI)
Information that requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government policies.
Controls Configurator
A tool for a human analyst to define, for each field in the application file and processing screens, what controls will be applied (input format, formulas, actions/checks between fields and with external databases).
Conway’s law
An adage that states that an organisation designs systems that mirror their own communication structure.
Core Competence
An essential asset for the survival of a project in the long term. This can be a mix of skills, resources, and processes.
Country Engagement Success Kit (CESK)
A set of manuals and descriptions on how to set up various GovStack channels and spaces, as well as providing guidance on making workflows more efficient.
Credential
A document, object, or data structure that vouches for the identity of a person through some method of trust and authentication. Common types of identity credentials include—but are not limited to—ID cards, certificates, numbers, passwords, or SIM cards.
Credential Management Services
An API to get access and update the credential associated to the identity, also manage issuance and life-cycle of physical or digital credentials.
Critical Thinking and Problem-Solving Skills
The ability to use ICT to make informed judgements and choices, and then use the information gathered to solve a problem.
Data consumers
A legal entity that requires the Individual's data from the Data Providers according to the consent of the Individual.
Data Disclosure Agreements
An understanding that exists between two organisations where one organisation acts as a Data Provider and the other as a Data Consumer. The DDA captures how data is shared between the two organisations and each party's role and obligation.
Data Leakage Prevention (DLP)
A solution typically used to prevent confidential or private information from leaking outside an organization to unauthorized 3rd parties.
Data Ownership
Both the possession of and responsibility for information.
Data Policy
A formal description of the purpose, nature and extent of consent-based personal data processing, covering the configuration needs and the conditions defined by law.
Data Processing Auditor
An entity (a person or an organisation) responsible for verifying the legitimacy of personal data processing by Data Controllers and Data Processors based on the Data Policies and performed tasks.
Data Protection Impact Analysis (DPIA)
A process designed to identify risks arising out of the processing of personal data and to minimise these risks as far and as early as possible. DPIAs are important tools for negating risk, and for demonstrating compliance with the GDPR.
Data Providers
A legal entity that stores and provides access to an Individual's data, which requires the individual's consent for processing (outside of its primary purpose/location).
Data Residency
The requirement that all customer content processed and stored in an IT system must remain within a specific country’s borders. This is one of the foremost concerns of organisations that want to use commercial cloud services.
Data Sovereignty
The idea that data is subject to the laws and governance structures of the nation where they are collected.
Downloadable forms are an intermediate step within the journey to digitize a service. The following are the attributes of a downloadable form: it has a unique identification number, and follows the official design standards (seals, logos, font, color scheme and more). Link to example Visa application form Gob.mx
Delegate
The person giving consent (signing Consent Agreement); on behalf of an Individual user.
Denormalised Databases
A strategy used on a previously-normalized database to increase performance. In computing, the process of trying to improve the read performance of a database, at the expense of losing some write performance, by adding redundant copies of data or by grouping data.
Design thinking is an approach that puts humans at the center of designing services by empathising with them and encorporating their feedback. It centers around validation of ideas by continuous experimenting and prototyping. At its core, it relies on action rather than thinking itself. By delivering visuals and mockups on a periodic basis, design thinking conveys vision in an impactful and meaningful way. Finaly, by iterating entire design processes, design thinking bosts the possibility of delivering a successful outcome.
Determinant
An attribute, defined in the rule, used as a filter to determine if (1) an entity is subject to a registration and/or (2) what requirements this entity must provide to register.
DevOps and DevSecOps
A set of principles and practices used along with tools that fully integrates and expedites the process of building, securing and deploying code on a scheduled and/or demand basis with the goals of reduced errors, reduced time-to-market, increased security and increased accuracy among others.
Digital Competency
A combination of knowledge, skills and attitudes with regards to be use of technology to perform tasks, solve problems, communicate, manage information, collaborate, as well as to create and share content effectively, appropriately, securely, critically, creatively, independently and ethically.
Digital Enterprise
An enterprise characterized by the creation of digitalized products or services that are either delivered fully digitally (eg, digital media or online banking); or where physical products and services are obtained by the customer by digital means (e.g., online car sharing services).
Government service delivered through digital channels like SMS, virtual assistant, website, web apps, and applications.
Digital Identifier
The key used by the parties to an identification relationship to agree on the entity being represented.
Digital Identity
The unique representation of a subject engaged in an online transaction. It is always unique in the context of a digital service, but does not necessarily need to uniquely identify the subject in all contexts.
Digital Identity and authentication policy
Policies that allow organizations to model security outcomes for application access based on industry-accepted, digital identity practices. They allow organisations to enable contextual, conditional access to services based on the risk and security posture when a user accesses it.
Digital Registries Coding Block
A no-code application meant to offer intuitive database/register creation and management functionalities.
Digital Service
Digital service is a government service available through digital channels. Government digital services are usually classified into the following two categories:
information services: typically websites, or mobile applications, that provide information to the public. This information often includes reports, fact sheets, and videos
transactional services: any services that lead to a change in the records held by the government. They typically involve an exchange of information, money, licenses or goods. Examples of transactional services include:
submitting a claim
registering a business
updating contact details
registering a birth, among others
Source: digital.gov.nz, 2020
Standard provides agencies with unified and consistent guidance on the design (user journeys, user/business life events, UX/UI, web forms, electronic documents), development (micro-services architecture and reusable software components/Building Blocks approach), and implementation (iterative, agile and citizen-centric) of digital services to enable and drive system-wide benefits.
Distributed Identity
An approach whereby the identity is owned and managed by the end person in a form of credentials (physical or digital) for which the owner is in full or as-needed control of its usage. This model if compared to centralized to federated presents lots of benefits in terms of privacy protection.
Documentation
An umbrella term that encompasses all written documents and materials dealing with a software product’s development and use.
Downloadable forms are an intermediate step within the journey to digitize a service. The following are the attributes of a downloadable form: it has a unique identification number, and follows the official design standards (seals, logos, font, color scheme and more). Link to example Visa application form Gob.mx.
E-Competence Framework (e-CF)
Created by the European Committee for Standardization (CEN) to communicat the required competencies for ICT professionals, establishing 41 competences across 5 proficiency levels and providing knowledge and skills examples.
e-Participation Index
A supplementary index to the UN E-Government Survey which extends the dimension of the Survey by focusing on the use of online services to facilitate provision of information by governments to citizens (“e-information sharing”), interaction with stakeholders (“e-consultation”), and engagement in decision-making processes (“e-decision making”).
East African Community (EAC)
A regional intergovernmental organisation of six (6) Partner States, comprising Burundi, Kenya, Rwanda, South Sudan, Tanzania and Uganda, with its headquarters in Arusha, Tanzania.
Economic and Monetary Community of Central Africa (CEMAC)
A regional intergovernmental organisation made up of six States: Gabon, Cameroon, the Central African Republic (CAR), Chad, the Republic of the Congo and Equatorial Guinea.
Electronic documents are printable representations of electronic transactions. For example, a birth certificate obtained online is proof of an electronic consultation with the population registry. Link to example Birth certificate gob.mx
Electronic Identity (eID)
A means for the user to prove electronically that they are who they say they are and thus gain access to services. It can appear in a form of certificate, username or email address or phone number.
Electronic Identity Token
A hardware device to be used during electronic transactions in order to provide for electronic identity verification process. It stores a set of private keys with corresponding public keys and carries at least functions of electronic authentication and digital signature creation.
End User
The customer of a digital financial services provider. the customer may be a consumer, a merchant, a government, or another form of enterprise.
End-of-life Product (EOL)
A product at the end of the product lifecycle which prevents users from receiving updates, indicating that the product is at the end of its useful life. With an EOL product, the vendor stops the marketing, selling, or provision or parts, services or software updates for the product.
Entity
A thing with distinct and independent existence, such as a person, organization, or device.
Episode Status
Indicates if a particular episode name within an event is pending/started/ended/no-show/cancelled.
European Qualifications Framework (e-QF)
A broad competency framework establishing 8 levels of knowledge, skills, and abilities to apply knowledge and skills with autonomy and responsibility.
Event Type
A service described by OpenAPI. Each event type is owned by a certain authority (e.g. the MoH might own the “new_birth” event type and define its schema).
Event-Based Gateway
A branching point in the Process where the alternative paths that follow the Gateway are based on Events that occur, rather than the evaluation of Expressions using Process data (as with an Exclusive or Inclusive Gateway).
Exclusive Gateway
A diversion point of a business process flow. For a given instance of the process, only one of the paths can be taken. An exclusive gateway may be used to achieve “looping” or “iteration” because if a condition is not met, the “next step” in the process may be another part of the process that provides a “way back” to the gateway in question after other activities are completed.
eXtensible Access Control Markup Language (XACML)
An open standard XML-based language used to express security policies and access rights to information. It defines a declarative fine-grained, attribute-based access control policy, language, an architecture, and a processing model describing how to evaluate access requests according to the rules defined in policies all in XMLSchema.
Federated Identity
A method of linking a user's identity across multiple separate identity management systems. It allows for clean separation between the service a client is accessing and the associated authentication and authorization procedures.
Federations Services
API allowing federation of identities from external identity providers.
Financial Management Information System
The budget management system of the government treasury, which ensures that government agencies’ payments are processed within the approval budget and releases.
Financial Service Providers (FSPs)
An organisation that is licensed by a regulatory authority to provide transaction accounts which hold customer funds and are used to make and receive payments.
Foundational Identity System (fID System)
An identification system primarily created to manage identity information for the general population and provide credentials that serve as proof of identity for a wide variety of public and private sector transactions and services. Common types include civil registries, universal resident or national ID systems, and population registers.
Functional Description Document
A type of standard system administrator’s document which describes the functionalities of a product. Most parts of this document are produced after consultation with a user or an owner.
Functional Identity
Provides official proof of identity and authorization for particular purposes or sectors. This typically includes identification systems that provide voter identification, ration cards, social security numbers, health cards, tax numbers, and more. In some cases these credentials may also be recognized as proof of identity for other purposes or sectors.
Functional Identity System
A platform which maintains a registry of identity credentials and associates the identity of a person with the entitlement that the functional credential offers.
G5 Benchmark
An ITU developed tool which measures collaborative digital regulation within the development of regulation and policy making. It takes data from 193 countries and expands to cover four pillars, with 70 indicators taken into account – national collaborative governance; policy design principles; digital development and digital economic policy agenda
Gateway
Flow-control elements, which are used to control how activities interact as they converge and diverge within a process. Entered (or “triggered”) by activities, a gateway acts as a function that decides which (outgoing) path to follow based on the result of the evaluation of the given set of conditions.
Generic workflows in digital government services refer to frequently encountered, standardized processes and procedures that government agencies can use to streamline various steps as part of services. These workflows are designed to be reusable and improve efficiency, transparency, and accessibility in delivering government services to citizens, businesses, and other stakeholders.
General Data Protection Regulation (GDPR)
EU law on data protection and privacy in the European Union and European Economic Area, forming the backbone of EU privacy law.
Government Enterprise Architecture
A whole of government approach to support government ecosystems by transcending boundaries for delivering services in a coordinated, efficient and equitable manner.
GovStack
An expert community-driven multistakeholder effort aimed at supporting governments in building digital services. It offers governments open-source tools including building block specifications, a sandbox for testing, and communities of practice.
GovStack Learning Management System (GS LMS)
An ecosystem which consists of materials supporting the understanding of the GovStack approach and helping during the implementation journey by providing an environment with guides, templates and other materials.
GovTech Maturity Index
A World-Bank-developed progress tracker which measures the key aspects of four GovTech focus areas across the globe: enhancing service delivery, supporting core government systems, mainstreaming citizen engagement, and GovTech enablers.
Gramm-Leach-Bliley At (GLBA)
A United States federal law that requires financial institutions to explain how they share and protect their customers' private information. It is also a generally accepted global standard.
Green-fields development
In software development, a project involving developing a system for a totally new environment, without concern for integrating with other systems (especially legacy systems). Such projects are deemed higher risk.
Heuristic Evaluation
A usability inspection method for computer software that helps to identify usability problems in the user interface design. It specifically involves evaluators examining the interface and judging its compliance with recognized usability principles.
HIPAA
The established United States federal standard to protect individuals' medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically. It is a generally accepted standard globally.
Host Entity
Identity of an entity that owns the responsibility for the event (Identify of a Hospital, school, Company, Hotel, etc.)
ICT Price Baskets
An ITU Affordability Data Set which provides information about the affordability of ICT services around the world.
ID/ Credential Management Services
Organisations that issue and manage the life cycle of Identity credentials, issuing identity documents, managing their renewal, and declaring them as stolen.
Identifier Management module
A building block that manages identifiers assigned to identities.
Identity and Access Management (IAM)
Typically refers to a security suite that implements the infrastructure required for Authentication and Authorization plus the management of identities, roles, groups and access.
Identity and Verification Building Block (IDVBB)
The building block which creates, manages and uses a digital foundational identity. As a part of the overall identity system, it can be interfaced with other building blocks in order to realize the complete set of requirements necessary for the identification and verification of the other GovStack building blocks.
Identity and Verification Services
An API to offer identification services to the 3rd party players . Those services can be identity verification, attributes sharing or answers to claims (ie I claim I’m older than 18 years old) Usage can be multiple in public services, but also private, even cross-countries.
Identity Credential
An identity document in a physical or digital form that an identity credential holder may present to authenticate his identity in a physical or electronic interaction.
Identity Registry
A system for storing and managing the identities. It contains and manages all the data that might need to be collected (according to local laws and regulations) including demographics (ie name), biographics (ie age), portrait, known identifiers, known documents and can offer consultation or management services on them.
Identity Verification Services
A service who allows a service provider to verify an identity or some of its attributes, for example checking a person declared identity or verifying its age.
IEEE/ACM Computing Curricular 2020 (CC2020)
A report examining undergraduate curricular guidelines in computer engineering, computer science, cybersecurity, information systems, information technology, software engineering, and data science.
Describes prerequisits needed to access the service, channels of interaction with the user (In person, Chatbots, voice commands, web applications, virtual assistant and more), information about costs associated with availing the service and legal framework and foundation of the service. The following is an example of a service sheet for applying for a UK passport online.
Inclusive Gateway
In product notation, specifies that one or more of the available paths will be taken. They could all be taken, or only one of them. Unlike the exclusive gateway, an inclusive gateway may trigger the execution of more than one out-going flows.
IndEA
India’s government enterprise architecture, which applies a whole-of-government approach to delivering common public services by guiding investment into digital public goods and facilitating digital payments.
Indian e-Governance Competency Framework
e-CGF provides a toolkit suggesting how to structure an e-Governance team and how to conduct fact based training needs analysis for competency benchmarking. It covers all kinds of competences and is not limited to IT capabilities only.
Individual
A person about whom the personal data is stored in an information system (a.k.a. “Data Subject”) and who agrees or not with the use of this data outside of its primary purpose/location.
Information Management Skills
The ability to access and use information to make informed decisions.
Information Mediator Building Block
Responsible for providing (1) a managed facility through which different GovStack BBs and applications may communicate securely with each other and (2) a facility through which applications may publish and subscribe to different events identified by unique message types, enabling more efficient and resilient communication and application design.
Inputs & outputs
Concrete actions and/or deliverables that need to happen in order for a stage to occur
Instance
The unique thread of execution of a process. It has input data, a start time, end time, log, exit code, and other attributes. There may be N number of instances for a given process.
Internal Kickoff
The meeting that marks the beginning of GovStack activities in the implementing country.
International Standard Classification of Occupations (ISCO)
One of the main international classifications for which ILO is responsible; a tool for organizing jobs into a clearly defined set of groups according to the tasks and duties undertaken in the job.
Internet Message Access Protocol (IMAP)
A mail client protocol used for retrieval of email messages from a mail server. For the purposes of GovStack IMAP refers to IMAP4 which is defined by the IETF with multiple RFCs.
Interoperability
Ability of ICT systems and business processes in government agencies to share information and knowledge within and across organizational boundaries, in order to better support the provision of public services as well as strengthen support to public policies and processes.
Issuer
Entity which creates a credential for one or more entities
ITU Global Cybersecurity Index
A trusted reference that measures the commitment of countries to cybersecurity at a global level – to raise awareness of the importance and different dimensions of the issue.
ITU Regulatory Tracker
Facilitates benchmarking and the identification of trends and gaps in ICT legal and regulatory frameworks and allows decision-makers to make the case for further regulatory reform toward achieving a vibrant and inclusive ICT sector
Journey Maps
A visualization of the process that a person goes through in order to accomplish a goal.
Kubernetes
An open-source container orchestration system for automating software deployment, scaling, and management. Google originally designed Kubernetes, but the Cloud Native Computing Foundation now maintains the project.
Legal Entity
An organisation (public or private)that has the rights and obligations to define standards for personal data processing. E.g. a public health authority.
Log Report
Information from log of proceedings of a specified event (e.g. who attended and when, no shows, resource utilized, etc.).
Mapper or account Lookup Directory Service
A dynamic directory matching beneficiaries’ unique identifier and their account numbers to enable multiple programs to direct payments to the same account and beneficiaries to switch payment service providers.
Messaging Event
The (single) act of asynchronous information transfer between the publisher and subscriber.
Minimum Viable Product
A version of a product with just enough features to be usable by early customers who can then provide feedback for future product development.
Mobile Money (MoMo)
A destination account to distribute funds to end users (in the case of G2P) or an initiation account to enable users to initiate a payment for government services (P2G) which is facilitated by transferring money and making and receiving payments using the mobile phone.
National Catalogue/ Inventory of Government Services
A catalogue of public services is a collection of descriptions of active public services that are provided by public administrations at any administrative level (i.e. local, regional, national or pan-European).
Network Time Protocol
A networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks.
Normalised Database
The process of structuring a relational database in accordance with a series of so-called normal forms in order to reduce data redundancy and improve data integrity.
Notifications allow a service to contact its users, through multiple channels (email, sms and more). Notifications can be templatized (following the official design standards), allow for personalization of messages, bulk sending of information, API integration, seek permissions Example of artifacts Notifications guidelines and tool from gov.uk
Notifications Services
An API that triggers external processes according to events happening on the identity data managed by the identity system (ie name change, death, new child born, document lost or stolen).
OAuth2
An open standards based protocol used for Authentication that uses bearer tokens and is specifically designed to work across HTTP. OAuth provides clients a "secure delegated access" to server resources on behalf of a resource owner.
Online communication skills
The ability to communicate with stakeholders online with clarity. Communication is crucial when working in the digitised platform market because stakeholders often have never met.
Open Data
Data that is openly accessible, exploitable, editable and shared by anyone for any purpose, even commercially.
Open Source
Computer software that is released under a license in which the copyright holder grants users the rights to use, study, change, and distribute the software and its source code to anyone and for any purpose.
Open Standards
Standard that is openly accessible and usable by anyone. It is also a prerequisite to use open license, non-discrimination and extensibility. Typically, anybody can participate in the development.
Open Web Application Security Project (OWASP)
An online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security.
OpenHIE
A global community focused on health systems interoperability. While the remit of the Information Mediator is domain independent, we have drawn from OpenHIE because (a) a number of the initial use cases are health-related and (b) the OpenHIE community has developed a mature, well-thought-through, multi-stakeholder specification which can serve as an example (though limited) for GovStack’s purposes.
OpenIDConnect
A simple open standards based identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of a party based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the party in an interoperable and REST-like manner.
Operator
A registrar or a staff of a registrar who is processing the request of an applicant.
Organizer
A user authorized by Host to manage event schedules using this building block.
Parallel Gateway
Used in process design to visualize the concurrent execution of activities and is used in pairs. When the process arrives at the “parallel gateway node”, all the outgoing flows exhibited from the gateway will be executed simultaneously. The flow will be merged at the “joining parallel gateway”.
Participant
The GovStack team and other stakeholder teams mainly government digital teams in an engagement process with GovStack.
Payee
The recipient of funds in a payment transaction.
Payer
The person/organization whose account is debited in a payment transaction.
Payment
An exchange of funds, credentials, and other necessary information to complete an obligation between end users. A transfer is an example of a payment.
Payment Alias/ Payment Address
May include phone numbers, email addresses, or other handles. They may include globally unique URIs, and may be chosen by the user. These are increasingly seen in new payment systems.
Payment Card Industry Data Security Standard (PCI DSS)
A set of standards used by the payment card industry to secure payment card data and card holder information including primary account numbers (PAN), credit/debit card numbers, and sensitive authentication data (SAD) such as CVVs and PINs.
Payments Building Block
The building block which enables digital financial payments to be tracked, evaluated, initiated, validated, processed, logged, compared and verified against budgets.
With the help of a standardized set of monitored data, indicators, analytical tools, and reports, performance analytics can provide effective and efficient analysis on various aspects of a service. Performance analytics most commonly used in services are digital take-up, user satisfaction, completion rate and cost per transaction. Example Performance analysis by gov.uk
Period
A range of consecutive days defined by start and end dates.
Personal Data
Any information that (a) can be used to identify the Individual to whom such information relates, or (b) is or might be directly or indirectly linked to the Individual.
Platform as a Service (PaaS)
A suite of software components that is fully integrated to provide a secure, convenient and rapid application development and deployment platform for cloud style applications.
Population Registry
A database/system which includes records of the entire population of a country covering citizens but also foreigners staying in the country and also the national diaspora.
Post Office Protocol (POP)
A standard email protocol used by clients to access email once delivered to a mail server in a specific DNS domain. Various versions of this protocol exist but for the purposes of this document POP refers to POP3 as defined by RFC1939 and the extension mechanism in RFC2449 and an authentication mechanism defined in RFC1734.
Postel’s Law
Paraphrased as “be liberal in what you accept, and conservative in what you send”.
Process
A business process is defined as a set of one or more linked activities which collectively realize a business objective.
Process Documentation
Documents produced during development and maintenance that describe steps taken during development of the software. Common examples include project plans; test schedules; reports and meeting notes.
Product Documentation
Documentation that describes the product that is being developed and provides instructions on how to perform various tasks with it.
Professional Technical Skills
The ability to understand various techniques involved in conceptualising, designing, development, testing, integration, operations & maintenance of a software product.
Provisioning
In general, provisioning means "providing" or making something available. Here, a way of propagating the joining or leaving of users from the system and creating/removing the accounts and access rights for users based on their target profile/role.
PubSub
In software architecture, publish–subscribe (PubSub) is a messaging pattern where senders of messages, called publishers, do not program the messages to be sent directly to specific receivers, called subscribers, but instead categorize published messages into classes without knowledge of which subscribers, if any, there may be.
Pubsub Pull Delivery Mode
Within PubSub, when the Room keeps a queue of events and the Subscriber can check that queue.
PubSub Push Delivery Mode
Within PubSub, when the Room sends events via webhook to the Subscriber’s API.
Quick Response (QR) Code
A method of encoding and visualization of data, which are machine-readable.
Realm
A security policy domain defined for a web or application server. A realm contains a collection of users, who may or may not be assigned to a group. An application will often prompt for a username and password before allowing access to a protected resource.
Registrar
An entity that is authorized to register, in a registry, claims submitted by an applicant and to issue a credential proving the registration.
Registration
Any approval/license/certificate issued by a public entity as a result of a request/declaration made by a user of the public service.
Registry
A paper-based or electronic database (centralized or decentralized, i.e. blockchain) where claims are stored and can be consulted.
Regulation
Normative text (law, decree, deed, decision, etc.) issued by a public entity.
Representational State Transfer (REST)
A set of architectural constraints that describes a uniform interface between physically separate components, often across the Internet in a Client-Server architecture.
Request for Information
A common business process whose purpose is to collect written information about the capabilities of various suppliers. Normally it follows a format that can be used for comparative purposes. An RFI is primarily used to gather information to help make a decision on what steps to take next.
Requirement
Information (i.e. claims and credentials) and fees which must be provided in a registration process.
Resource ID
Identity of a specific person/facility/equipment that is used to provide services in an Event
Result
Usually a credential (sometimes called: certificate, license, permit, card, etc.) proving the registration, in addition to the recording of information in a registry.
Room
A GovStack application that handles the distribution of events. Each Room has a set of connected event types. A room is located in the member’s local IM BB implementation and the member is responsible for all types of events in that particular room.
Routing
The process by which a route to a payment address is determined. The mechanism of sending payment information across different systems. This is sometimes used interchangeably with addressing.
RTC Synchronisation
The process of aligning with a real-time clock.
Rule
Any regulation, or part of a regulation, which creates for specific subjects an obligation or a right to register, and defines, for each category of subjects, the results and requirements of the registration.
Rules Engine
A tool transforming legal rules relating to a registration (i.e subjects, results, requirements and determinants), defined by a human analyst, into machine-readable statements.
SAAS
A software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted.
Scheduler BB
The Scheduling building block provides services needed for planning, booking, tracking, triggering, notifying and reporting status of events.
Scope
A set of claims and/or credentials required for a registration.
Security Assertion Markup Language (SAML)
SAML and SAML2 are XML markup protocols designed for federation of identities across identity providers and service providers. Its main use case is for web single-sign-on.
Service
A service is a minimal piece of functionality provided by a building block or use case implementation.
A service catalog is a list of services, which includes information like level of digitization, demand, cost to deliver, how they’re performing in terms of desired outcomes (for users, for policy, for the organization), whether they should exist in their current form, whether there are patterns that are duplicated, who owns and manages them, number of interactions to complete the service among other data that can facilitate optimization and prioritization of services according to the impact and feasibility of digitizing the services.
Source: Gov.uk
Session Locations
Address of physical location of facilities where the event is hosted. If the event is purely online, the location will be “Virtual”.
Session Slot
A slot is the time period of a session defined by its Starting and ending date-time specification to carry specific activity.
Session Status
The current state of a session (proposed/published/booked/started/completed/no_show/failed/canceled).
Shared service policy and catalogue
Policies on services which are shared across government supporting effective and efficient departmental administration. They enable civil servants and others in the public sector to focus on delivering government priorities and public services.
Simple Certificate Enrolment Protocol (SCEP)
Simple Certificate Enrolment Protocol (SCEP) is an open source protocol that is widely used to make digital certificate issuance at large organizations easier, more secure, and scalable.
Simple Mail Transfer Protocol (SMTP)
A protocol used to deliver e-mail messages over the Internet. This protocol is used by most email clients to deliver messages to the server, and is also used by servers to forward messages to their final destination.
Single Sign On (SSO)
An authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials.
Southern African Development Community (SADC)
An inter-governmental organization headquartered in Gaborone, Botswana. Its goal is to further regional socio-economic cooperation and integration as well as political and security cooperation among 16 countries in southern Africa.
Subject
An entity obliged or entitled to a registration, or about which a claim is made.
Subscriber
A person or an application that is target audience for specific sessions (students, patients, software apps, devices, etc.).
Synchronous Process
A synchronous process is a process that, once instantiated, will complete before returning a response to the request. The process instance is blocking and should be used sparingly.
System Admin Guide
A type of standard system administrator’s document which explains different types of behaviours of the system in different environment and with other systems.
System Documentation
Product documentation that describe the system itself and its parts. It includes requirements documents, design decisions, architecture descriptions, program source code, and help guides.
Task Flow Analysis
A step-by-step analysis of how a user will interact with a system in order to reach a goal. This analysis is documented in a diagram that traces a user's possible paths through sequences of tasks and decision points in pursuit of their goal.
Technical Skills
The ability to use a smart mobile device, an application, and to navigate online to complete a task.
Test Case Specifications
A type of quality assurance documentation used to verify each feature or functionality of a product. This is based on the approach outlined in the test plan.
Test Checklists
A type of quality assurance documentation in the form of a list of tests that should be run at a particular time.
Test Plan
A type of quality assurance documentation usually 1-2 pages in length. It describes what should be tested at a given moment, and contains a list of features to be tested; testing methods; timeframes; a list of relevant roles.
Test Strategy
A type of quality assurance documentation that describes the software testing approach to achieve testing objectives. It includes information about team structure and resource needs as well as priorities.
The German Advanced IT Training System
In addition to the German Qualifications Framework, the GAITS provides a system of career profiles of specialists in the computer, software and telecommunications sectors.
Top-Down Approach
A top-down approach starts with the broader view, analyzes the macroeconomic factors, and targets specifically from there.
Transaction
A reference to the entirety of the exchange, including a Payment but may also include information between the Payer’s DFSP and the Payee’s DFSP.
Treasury Single Account
A unified structure of government bank accounts that gives a consolidated view of government cash resources. Based on the principle of unity of cash and the unity of treasury, a TSA is a bank account or a set of linked accounts through which the government transacts all its receipts and payments.
UIN Generator
Generates Unique Identity Numbers which are unique in the system. UIN Generator will follow predefined business rules for that generation and will make sure that a new generated number has never been already issued.
UN E-Government Development Index
An index developed by the United Nations to present the state of E-Government development of member states, focusing broadly on provision of online services, telecommunication connectivity and human capacity.
Unconditional Social Cash Transfer (UCST)
Cash payments provided to financially disadvantaged or vulnerable people or households without requiring anything in return.
Uniform Resource Identifier (URI)
A unique sequence of characters that identifies a logical or physical resource used by web technologies.
Unique Identity Number (UIN)
Stands for Unique Identity Number, this number uniquely identifies a person in an ID system. UIN are an optional approach and not necessary.
A sequence of actions (steps) to achieve a specific goal in a specific context of usage. E.g., in one use case the IM BB may be used to let a BB access a service provided by another BB; in another use case it may be used to relay an event notification from one BB to several other BBs via PubSub. Digital government services are enabled by architecting dfferent use cases according to the service workflow.
User Documentation
Product documentation that is mainly prepared for end-users of the product and system administrators. This includes tutorials, user guides, troubleshooting manuals, installation and reference manuals.
How end users interact with and experience a service, which includes their perception of the actions associated with using that service.
Any tool or activity by which the end-user accesses, uses or otherwise interacts with a digital service.
Voucher
A token that entitles the holder to a discount or that may be exchanged for goods or services.
Voucher Group
A voucher group is a characteristic of a voucher that restricts the function or use case that a voucher can be used for.
Waterfall Project Management
A project management approach that entails a clearly defined sequence of execution with project phases that do not advance until a phase receives final approval. Once a phase is completed, it can be difficult and costly to revisit a previous stage.
Web forms allow capturing and validation of data provided by the user and digital registries. They follow the official design standards (seals, logos, font, color scheme, and more). Link to example Birth certificate gob.mx
Webhook
A webhook (also called a web callback or HTTP push API) is a way for an application to provide other applications with real-time information. A webhook delivers data to other applications as it happens, meaning you get data immediately.
Whole-of-Government Approach
The joint activities performed by diverse ministries, public administrations and public agencies in order to provide a common solution to particular problems or issues.
Wireframe
Software that helps designers and product managers visualize the structure and functionality of a web page or an app screen.
Workflow Activity
A single step in a workflow process.
Workflow Instance
An instance of execution for a workflow process.
Workflow Process
A workflow process contains one or many activities.
X-Road
An open-source software and secure data exchange layer that allows public and private sector databases to exchange data. All outgoing data on the software is digitally signed and encrypted, and incoming data is authenticated and logged.