MConnect: Digitally Transforming Government and Improving Services for Citizens

E-Government platforms are growing in popularity globally and with good reason – when implemented, these platforms help improve transparency, allows data exchange, supports data-driven decisions, and leads to cost reduction. In Moldova, the government’s digital transformation agenda and strategy to modernize public services are overseen by the e-Government Center Moldova. This public institution has introduced MConnect – a cloud based interoperability platform powered by WSO2’s Integration capabilities.

“MConnect is the technical solution for the whole framework we do around data exchange in government,” says Artur Reaboi, enterprise architect at E-Government Center Moldova. Artur believes that there are two benefits to data exchange in government – it lowers the number of requests for documents from various government organizations and enables real-time access to data, thereby improving the efficiency of services. From the time that E-Government Center Moldova was initially set up in 2010, Moldova’s government had data-rich registries and the institution’s aim is to use MConnect to link these registries. This process is done via a centralized hub where E-Government Center Moldova is the sole organization responsible for this process, thereby ensuring operations run as smoothly as possible.

E-Government Center Moldova built a National Service Bus, based on WSO2 Enterprise Integrator, which they implemented together with WSO2 Certified Partner iello. Simplicity is a core characteristic of this platform. For example , data providers are encouraged to create generic services, where the National Service Bus is provided with increased data, which is then divided depending on the legal access of data consumers. MConnect consists of the following: interfaces for data consumption and data sources (mediation occurs between these interfaces), the MLog platform based on elasticsearch and has its special connector, and the planned Semantic Catalog (a registry of public data available at various data sources).

MConnect has demonstrated clear benefits since its implementation. Around 30 public authorities (from central ministries) are a part of this platform, and it’s now been expanded to include local public authorities. Artur estimates that E-Government Center Moldova processed approximately 25 million messages in 2017 – which is astounding for a country of 3 million. Furthermore, over 65 web services are in production and it only has an added latency of 100 milliseconds.

“Interoperability is a journey,” says Artur and his single most important piece of advice is that implementation is faster when centralized. Moreover, he encourages implementing generic services, considering the fact that it’s more cost-effective, and building a team of committed integration specialists (willing to stay for the long haul) for a project of this nature. More interesting plans are in the offing for E-Government Center Moldova, which include promoting Interoperability Law, implementing the previously mentioned Semantic Catalog, and modernizing public services to improve service quality for citizens.

Artur’s presentation has more details on the MConnect platform:

Learn more about the capabilities of WSO2 Enterprise Integrator and how it can be implemented in your digital transformation initiatives.

WSO2 Stream Processor: Making Real-time Stream Processing Available to the Masses

Today we are thrilled to announce the availability of the WSO2 Stream Processor, our lightweight, open source, high performance, stream processing platform which helps create real-time, intelligent, actionable insights for your digital business.

A significant competitive advantage for any modern businesses is the availability of business insights and information to make real-time decisions. The speed at which we collect, analyse, draw insights from an organization’s data and the time taken to respond to them, determines who ends up being the winners and losers.

The Rise of Real-time Stream Processing

Digital Transformation has seen many businesses opening up systems to others through APIs, supporting multiple ways of authenticating users and integrating multitude of systems together into a single digital platform. As the number of systems and usage goes up, it becomes impossible to keep the systems running and ensuring availability without real-time monitoring. Consumer centric digital businesses too customize experiences based on insights on buying patterns. With increased usage, fraudulent patterns, and security threats need to be monitored and acted upon.

Most systems generate such streams of events that can be transformed into valuable business insights. These events need to be collected, filtered, grouped and pattern matched in the process of transformation. Real-time stream processing technologies enable this transformation of simple event data into useful business insights. It plays the important role of a catalyst for digital transformation of modern businesses.

Adoption Challenges

There are however many challenges that enterprises face when adopting capabilities to quickly capture, analyze and process data, and act in real time.

With first generation stream processing products you had to write code and implement complex operators such as time windows, aggregations and patterns with minimum tooling support. Developing such code as well as adapting it to changing requirements is both complex and expensive. Moreover, they are inherently complex in their deployments, consisting of 5 – 6 nodes even for the simplest use cases. Such large deployments are difficult to manage and they incur high maintenance costs.

The use of streaming analytics is therefore a challenge for most businesses without the highly technical skillset and the cost involved.

The next generation of streaming analytics products solved some of these problems. Most of them support a more business user friendly SQL like language. Deployments though, still continue to be 5 – 6 nodes depending on the levels of throughput required. This makes it challenging for mainstream enterprises to adopt real-time streaming processing.

Taking Real-time Stream Processing to the Masses

WSO2 Stream Processor (WSO2 SP) is packed with features that enable any enterprise to build streaming analytics capabilities and derive meaningful insights out of the organization’s data. It is powered by Siddhi, the leading open source stream processing project that has been used by the likes of Uber, Transport for London (TFL), and Experian. The streaming SQL capabilities and in-built editor have event simulation and debugging support that can help you create real-time streaming applications faster than first generation products.

The high performance and low footprint also leads to more agile deployment: it is the only competing product that can handle 100K events per second in a high-availability deployment with just two commodity servers. This 2 node setup with minimum high availability achieves enough throughput for most of your stream processing needs. We’re talking over 8 billion messages per day!

In addition WSO2 Stream Processor includes new features that makes complex aggregations much simpler to write. The new rule management console, together with React-based dashboards, make rule management and real-time visualisation accessible to any organisation that wants to harness real-time analytics to gain competitive advantage.

WSO2 Stream Processor Reference Architecture

Here’s a snapshot of some other key features of WSO2 Stream Processor:

  • Supports massive scale when deployed in conjunction with Apache Kafka
    • Demonstrated in production at 30 billion messages per day
  • Updated Siddhi Streaming SQL 4.0 language adds incremental processing support for more efficient analytics
  • Simplified time based aggregations – write a single Siddhi statement that aggregates at multiple time intervals
  • Predictive Analytics through traditional and streaming Machine Learning
  • In-built IDE, event simulator and templates for developers
  • Monitor your deployment through a status dashboard
  • Deploy business rules through a graphical UI
  • Multiple data center support
  • Leverage Edge Analytics through small footprint deployment options

Visit our product page to try out the new release yourself, and let us know if you have any feedback.

Ask an Expert: Catching up with IAM Guru, Prabath Siriwardena

Prabath Siriwardena, WSO2’s senior director of security architecture, has a lot to be proud of. He’s an accomplished author, speaks at conferences such as Qcon, ApacheCon, WSO2Con, EIC, IDentity Next, OSCON and OSDC, and has over a decade of experience working with Fortune 100 companies.

We caught up with Prabath recently to get his take on the significance of GDPR, the future of open source IAM solutions, his personal journey at WSO2, and why he believes the world always needs fresh ideas.

1. What has your journey at WSO2 been like, Prabath?

I completed 10 years at WSO2 last year, having joined on the 1st of November 2007. It’s been a great journey with an awesome set of people around me – both the colleagues at work and the customers.

The joy of working at WSO2 is that you always get an opportunity to help someone solve a challenging problem.”

I’ve learned a lot from both these groups. The joy of working at WSO2 is that you always get an opportunity to help someone solve a challenging problem. It can be as simple as building a federated login scenario with a SaaS vendor to more complicated use cases like building an identity architecture to accommodate millions of users. Overall it’s a very satisfying, rewarding journey – looking back, I’ve enjoyed every second of it.

2. What’s the most recent problem you’ve helped solve?

I get the opportunity to talk to and work with many WSO2 customers, each problem is quite interesting. Engaging with customers allows me to understand their pain points. Once you know their pain points, you can work with them to find and build a solution.

Let me give you one example. Recently we worked with a customer based in San Francisco, California, a large company with hundreds of departments. Each department has its own applications and an identity store. The employee records are scattered between those different identity stores – and a given employee has to maintain multiple records under each department if they have to access any of the applications provided by that department. This has been the way the company operated for several years. A real productivity killer – but, convincing 100+ departments to build a unified identity platform across the company was challenging, both technically and politically. We’ve had several long discussions with their technical teams and is now in the process of building a unified identity platform with WSO2 Identity Server, in a phased approach.

3. GDPR has surely caught on and everyone is throwing this term around. But there’s a deadline approaching and we need to act fast. What’s the simplest way an enterprise can get started and what do they need to keep in mind?

GDPR is a historical milestone in all the initiatives brought up so far to protect consumer privacy. Even though it’s more applicable to EU, it has a global impact in the way it’s designed. Becoming GDPR compliant starts with a self-assessment – understand what data you collect from your employees, partners, suppliers, customers, and any other entities you work with. Then you need to see how the data is being stored and processed. If you occupy third parties in the process of data collection – or if you share data with third parties for further processing, then you also need to worry about them being GDPR compliant. Once that’s done, you can come up with a phased approach to be GDPR compliant. It’s always recommended that you consult a lawyer or any GDPR consultancy firm to validate your approach and get their guidelines. GDPR is a law, so you should not mess with it!

There are no all-in-one or tailor-made solutions for GDPR. This is where WSO2 Identity Server has a key role to play. WSO2 Identity Server, as an identity provider, gets directly involved in processing personal data. We have made the product GDPR compliant and also provide a portal for consent management.

4. What’s the future like for open source IAM solutions?

A decade back, the IAM market was mostly dominated by Oracle and IBM. The entry barrier was high and was not justifying the cost over the benefits.

Today the number of companies occupying an IAM solution is much better. Cloud-based IAM solutions and open source IAM solutions increasingly reduce the cost of entry.

There are more than 100 Universities in USA and Canada, using WSO2 Identity Server for free, with no support from WSO2. That’s the beauty of real open source.”

According to Gartner, by 2021 open source IAM components will be used for one or more IAM functions by 30% of organizations, up from 20% at the end of 2016. Apart from open source, there are a large number of companies that use homegrown IAM solutions – around 20%. In the next few years, I would expect these companies using homegrown IAM solutions to select an open source IAM product. Unless you have a dedicated set of engineers, who have expertise on IAM, it’s hard to keep up with the pace in which the IAM industry is evolving.

Another important fact I would like to highlight here is open source licensing. Not all open source licenses give you the same level of freedom. Apache 2.0 is the most business-friendly open source license. You can do anything with a product released under Apache 2.0. All WSO2 products are released under the Apache 2.0 license and WSO2 is the 8th largest open source software company. There are more than 100 Universities in USA and Canada, using WSO2 Identity Server for free, with no support from WSO2. That’s the beauty of real open source.

5. What are the benefits of an open source IAM solution?

There are multiple reasons why someone would pick an open source IAM vendor over commercial off-the-shelf (COTS) software. At one point, COTS had an edge over the features, but no more. Most of the open source IAM products out there can compete with any COTS product, in terms of features, and of course, perform better.

Then the cost. Most of the open source products do not have any licensing cost, but a production support model. This definitely reduces the initial product purchasing cost. One key reason I see why people go for open source IAM products is the ‘freedom’.

Most of the open source IAM products out there have a proven track record. I can speak for WSO2 Identity Server, where we have many large scale deployments around the globe, for millions of users.”

The freedom to examine the source code, freedom to extend the capabilities, and freedom to make business decisions.

That’s about scalability, how about security? Irrespective of a product being open source or not, you need to worry about the security of the product. At WSO2, we put a lot of effort into building all WSO2 products in a secure manner. We use both open source (OWASP ZAP) and commercial code scanning tools (Veracode, IBM AppScan). All these tools are integrated into the build system and no product releases are done without fixing any of the reported issues.

6. How did you start working in IAM?

It just happened. When I joined WSO2 in 2007, I was assigned to the WSO2 Identity Server team. At that time it was called, ‘Identity Solution’ – and we only had 4 members in the team. WSO2 was founded in 2005, where SOAP, SOA, web services were at the top of the hype. We had a strong, solid foundation in that space. Both of our founders are pioneers in the web services domain, and authored many key web services specifications. Axis2, Synapse, Rampart, WSS4J are top open source Apache projects initiated and mostly contributed by WSO2 employees at that time. Apache Rampart is the web services security module for Axis2 – and it has all WS-Security, WS-Security Policy, WS-Trust specifications covered. Around 2006/2007 we were closely working with Microsoft for interop testing, and that was the time Microsoft came up with an open specification called ‘Information Cards’, which is based on WS-Security and WS-Trust. Since we already had them implemented in Rampart, it only needed a little more effort on top of that to build support for Information Cards. That’s how the WSO2 Identity Server was born in 2007 – and it was one of the very first implementations of Information Cards in Java.

7. What is your proudest accomplishment in recent times?

WSO2 Identity Server celebrated its 10th anniversary in December 2017. Looking back, there are many proud moments that were accomplished as a team. Today, WSO2 Identity Server is a globally recognized brand and is one of the top open source IAM products. There are more than 40 million users globally using WSO2 Identity Server for authentication on daily basis. There are more than 100 paying customers, which we are extremely proud of. Just to name a few, Nissan, HP, GE, Verizon, Vodafone, Seagate, Department of Homeland Security (DHS), Verifone, Align Tech, WEST, Nutanix, Trimble and many more. It’s extremely satisfying to see how the product evolved over the last 10 years and is now trusted by many Fortune 100 and Fortune 500 companies to build the most critical parts of their core business on top of WSO2 Identity Server.

8. What advice would you like to give a budding developer or an architect to better their career?

Failing to innovate is the biggest failure in anyone’s life. The world does not lack technical skills, but fresh ideas.”

Failing to innovate is the biggest failure in anyone’s life. The world does not lack technical skills, but fresh ideas. Fresh ideas are born when you start feeling your problems and those of others. You may choose to live with the pain or get rid of it by fixing the problem. The latter leads to innovation. There is always room for improvement, room for innovation. Capitalize on those and enjoy what you do.

You can follow Prabath here and read his blog here.