Skip to main content

In this article, I am going to look into how the Estonian X-Road is being scaled to Finland. X-Road is a name given to Estonian national data exchange layer. I wrote about it in my previous post:

“Estonia’s Information System is built in a decentralized manner meaning that it contains different technology stacks built in different time frames where the personal data is scattered and kept in a variety of databases. For these islands to be able to communicate with each other there needs to exist a data exchange layer that provides its members’ autonomy, confidentiality, integrity and availability. In Estonia, this system is called the X-Road which was started in 2002 by the Estonian Information Technology Center.” – Kaspar Triebstok

Finland implementing pure Estonian breed tech is a great example of how a country can export its innovation abroad not to make money in the short run but to think bigger and form an international trust federation of data exchange between different countries. Providing a foundation where companies, as well as public sector institutions, can build new services on top.

Most other countries think how to connect their internal public sector parts with each other. Then how could the results be communicated to the private sector and further. If you have all that figured out like Estonia has then the natural way to go is to think about scaling. How can you connect your country’s infrastructure to others? For that to work right now you need to have the same core technology running in each member country. In the case of this Nordic collaboration, Finland took over the already working X-Road from Estonia and implemented it in their country. They called it Palveluväylä if you are into Finnish.

Just to keep the abbreviations in check X-Road means the technology and ideology. X-Tee is the X-Road instance in Estonian and Palveluväylä means the same instance in Finland. What is more, the word Palveluväylä in translation means Service bus. This may cause some confusion to think that X-Road is an enterprise service bus where actually it doesn’t do any of those things. For example, in the version 6 of the X-Road, any asynchronous service is no longer supported so think of it as a network rather than some form of the message bus.

Implementation process

It all started in 2013 when the Prime Ministers of Estonia and Finland signed the Memorandum of Understanding about the cooperation in the field of ICT. The goal was to create the possibility of sharing resources, experience, and expertise in ICT development. The participants could also now promote cooperation in implementing the Estonian X-Road source code in Finland as well as work together on the future versions of the technology.

“To our knowledge, this is the world’s first digitally signed international agreement; it was signed using ID cards.” Government Communication Unit

By early 2014 Estonia had given the X-Road to Finland under EUPLE license and a test environment of the version 5 was set up. In 2015 X-Road version 6 development environment was opened and a cooperation agreement between the parties was signed to continue the development of X-Road in cooperation by having a shared code base. Later that year Finland started the production use of X-Road. Today, there are 18 organizations joined with the production environment in Finland.

Problems in adoption

Today it seems though that a lot of organizations that are connected to the Finnish X-Road don’t actually provide any services on the layer yet. The reasons for that are related to policy motives as well as to technical factors.

One of the reasons is the chicken-and-egg problem, service providers are waiting for consumers to join and vice versa. From the technical side, it is clear today that the integration of the needed security servers with some of the legacy systems is very time-consuming and therefore the adoption of X-Road has taken longer than anticipated.

In addition, there are also architectural limits that can cause some headaches. For example, the current architecture doesn’t support external load balancers very well. So if you want to offer services on the X-Road and you want to put your security server cluster behind an external load balancer then you need to install and register one server and clone it. Then when you need to set up access rights and services you need to maintain each security server individually. Fortunately, this support is in development and should be ready by the first quarter of the next year. [1]

This form of federation opens many doors for the private sector to scale their business built on top of big data

Also, organizations have been moving their web services away from SOAP to the REST protocol for simplicity but X-Road uses the SOAP protocol and there are no plans to change that (there are reasons why X-Road uses SOAP). On the upside, REST gateway for the service is in development although it is more of a proof of concept and not ready for the production environment yet.

On the motivational side, it is currently clear that the parties in Finland don’t see that large of a benefit in fully adapting the X-Road. Having different existing solutions for data exchange means that the basic needs of the organizations have been fulfilled and any extra effort is well — extra effort. In spite of that, it is true that there is no other technology currently in development that can allow such a secure, wide-scale and reliable data exchange between different government offices and private companies, especially in different countries. Hopefully, we will see people thinking bigger and realizing what amazing innovations this form of collaboration can bring.

To manage the cooperation and its challenges Estonia and Finland have set up a management body and a working group both consisting of six people (50/50 from Estonia and Finland). Their goal is to guide the roadmap, to do risk management as well as share the technical information and coordinate the development of the day-to-day work.

Development

The whole point of the change management is that all the parties involved in developing the X-Road will share a common roadmap. Sharing is key here. X-Road is open source and available for anyone. Feel free to fork it but third party modified versions are currently forbidden from the official environments. Additionally, the core central server source code is not open yet.

You can think of the central server as a DNS server but instead of it being a discovery server, it holds, updates and publishes global configuration files to all the security servers connected to the information systems of the X-Road members (now called sub-systems). The global configuration files hold the internet addresses of the members and their sub-systems, a list of all the members as well as acknowledged trust services — certification policy and timestamping services. The central server also deals with registering new members. [2]

If we compare the two development approaches of Estonia and Finland we can see subtle differences. For example, Finland has a much more agile approach with its Scrum development framework — it has 2-week iterations while Estonia does 4–6 bigger releases a year.

The way forward

So we pretty much will go from having this in one country:

 

To where we have X-road centers in multiple countries all connected to each other forming an X-Road Trust Federation:

The Trust Federation

This form of federation opens many doors for the private sector to scale their business built on top of big data. Right now there are two countries who will form this federation but hopefully we will see other states joining in the future as well. Currently, the roadmap shows that this form of syndication will be formed by the Q1 of 2017. To bring you an example of what it means to the end users then if I register a company on the X-Road from Estonia then I don’t need to do it again in Finland, instead, I can immediately start querying data from the members situated in any of the federation countries.

In the end, the goal of X-Road is to be a communication channel for open services. This will mean that not only am I able to query the public infrastructure data in my operating country but I can ask the same information easily without any additional contracts from other countries as well. Having this access via X-Road allows us to scale much faster.

To offer this kind of insight into the cities of the world you need to have access to a large amount of data. I have been previously talking only about two fairly small Nordic countries. Put this in a context of the world and you can see the challenges in extracting public data of more than 180 cities across the world. Think about how much easier would it be for companies  to gather the data needed if all those countries and cities would have data centers that would be part of the Trust Federation. Yes, it is an idealistic thought but with enough time and proper success stories with X-Road, I am sure it will one day happen. Will it be Estonian X-Road or some other technology is another topic for another day.