Customs Declaration Processing System Detailed User and ...

More documents

Recommendations

Info

DETAILED USER & TECHNICAL REQUIREMENTS FOR CDPS AND USE-CASE MODELS Ref: PHASE V Number AR-0000 AR-0010 AR-0020 AR-0030 AR-0040 AR-0050 AR-0060 AR-0070 AR-0080 AR-0090 AR-0100 AR-0110 AR-0120 Description In case CDPS fails or is shut down for maintenance, incoming messages must be queued. Immediate fallback to manual procedures is required for high-priority messages during CDPS downtime. MCA is responsible for providing the availability of the National network covering redundancy, resilience, recovery and performance aspects (according to the chosen availability level). It is recommended that a backup machine for the CDPS should be available for manual switching. It is recommended that all servers be protected against power failure (Uninterruptible Power Supply). CDPS must operate during opening hours of all COs it serves. It must also operate outside those hours to carry out processes for which no intervention by Customs Officers is required. The system should support at least 1000 simultaneous active user sessions (the number is based on the average number of customs officers at work at the same time and one third of the companies involved in the customs declaration process). It is required that the number of active session can be changed by means of a configurable parameter. CDPS data should be backed up daily, weekly and monthly. Data backups should be stored in a separate location at least 30 kms from the CDPS servers. CDPS must provide the capability for back up and recovery of data such that the back up operation can be either manually initiated by operations support staff or automatically performed at regular pre-determined basis as specified by the operation support staff. Data older than 5 years should be archived in a different database or different database scheme. MCA should have access to this data through the different reports included in CDPS. The system must be deployed on load balanced server architecture. There should be possibility for shutting down a server for maintenance reasons and in the same time to keep the system fully operational. The deployment architecture must be designed and managed so as to ensure continuity of service. Controls must exist to limit the impact of a Denial of Service attack mounted against any of the system resources. Table 8: General requirements for fallback and availability 5.2.4.2.1Common Domain Specific Requirements This chapter provides the additional fallback and availability requirements for CDPS related to Common Domain. These requirements will need to be satisfied prior to the accession of Macedonia to EU. Number Description AR-0005 In case CDPS fails or is shut down for maintenance, incoming messages must be queued. The CCN Gateway must queue the Common Domain messages. AR-0130 In the event that it is known that an NCA is unavailable, all messages to be sent to that NCA will be stored on the CCN Gateway of the MCA or in CDPS. AR-0140 MCA is responsible for defining rules and conditions for the message exchange Page 138/276
DETAILED USER & TECHNICAL REQUIREMENTS FOR CDPS AND USE-CASE MODELS Ref: PHASE V Number Description between MCA and the Traders. This may or may not be supported by a National SLA. 5.2.5 Security Table 9: Common Domain specific requirements for fallback and availability 5.2.5.1 Overview 5.2.5.1.1Users The users of the system should be divided on two groups – Internal Users and External Users. The internal users are the customs officers involved in the process of the customs clearance (National Domain). The internal users will be authenticated in the system by providing username and password. If in the future the internal users need to electronically sign or authorize a document, then they will need to be issued an electronic certificate. The electronic certificate can be used for user authentication too. The external users are the users from the External Domain, namely, declarants which lodge customs declaration electronically in the system, employees of other government agencies, or applications from economic operators and other government agencies which consume the web services provided by CDPS. The external users can be authenticated in the system with username and password, electronic certificate or both. It is up to MCA to decide which of afore mentioned approaches will be implemented in the system. The external user should connect to the system using a secure protocol e.g. HTTPS. Additional information for every system user can be kept in the system. At least user’s personal names and contact information should be required by the system for every user profile. A link should be established in the system between the external users that represent a juridical person (operator) and their respective juridical person (kept in the referential data module). A link should be established in the system between the internal users and their customs office and department (also kept in the referential data module). There should be a possibility for activation / deactivation of a user profile. This will allow system administrators respectively to allow / forbid given user(s) to access the system. The usernames should be unique in the system. It should not be possible to have two different users (system users) with the same username no matter if they belong to the same or different domains. 5.2.5.1.2Access Rights, Roles and Security The system should keep a list of predefined access rights (privileges) of Customs officers. For traders we have a authorisation for e-communication with customs authorities. Every access right allows the execution of a given operation or usage of a particular resource in the system. The system should hide the interface elements which lead to an execution of an operation (for example loading of data, executing a business process, saving data modifications and so on) when the user is not in the possession of the privilege responsible for that particular operation. The system should support manageable user roles of Customs officers. The roles are composed of access rights. A user with the corresponding access rights (system administrator) can add, delete and modify user roles. One or more roles should be assigned to every user in the system. The system will authorize a user to execute a given action or use particular data if the user is in a role that contains the access right defined (responsible) for this particular action or data. The authorization for the external users to use certain customs regimes or electronic certificates is decided based on information from the Authorization sub-application. The visibility of user interface elements and the possibility for execution of certain functions could also be realized with the access rights and user roles. Page 139/276
Page 1 and 2:
DETAILED USER & TECHNICAL REQUIREME
Page 3 and 4:
Page 5 and 6:
Page 7 and 8:
Page 9 and 10:
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Page 25 and 26:
Page 27 and 28:
Page 29 and 30:
Page 31 and 32:
Page 33 and 34:
Page 35 and 36:
Page 37 and 38:
Page 39 and 40:
Page 41 and 42:
Page 43 and 44:
Page 45 and 46:
Page 47 and 48:
Page 49 and 50:
Page 51 and 52:
Page 53 and 54:
Page 55 and 56:
Page 57 and 58:
Page 59 and 60:
Page 61 and 62:
Page 63 and 64:
Page 65 and 66:
Page 67 and 68:
Page 69 and 70:
Page 71 and 72:
Page 73 and 74:
Page 75 and 76:
Page 77 and 78:
Page 79 and 80:
Page 81 and 82:
Page 83 and 84:
Page 85 and 86:
Page 87 and 88: DETAILED USER & TECHNICAL REQUIREME
Page 137: DETAILED USER & TECHNICAL REQUIREME
Page 189 and 190:
Page 191 and 192:
Page 193 and 194:
Page 195 and 196:
Page 197 and 198:
Page 199 and 200:
Page 201 and 202:
Page 203 and 204:
Page 205 and 206:
Page 207 and 208:
Page 209 and 210:
Page 211 and 212:
Page 213 and 214:
Page 215 and 216:
Page 217 and 218:
Page 219 and 220:
Page 221 and 222:
Page 223 and 224:
Page 225 and 226:
Page 227 and 228:
Page 229 and 230:
Page 231 and 232:
Page 233 and 234:
Page 235 and 236:
Page 237 and 238:
Page 239 and 240:
Page 241 and 242:
Annex 6 NCTS - Reference Data Annex
Page 243 and 244:
Annex 6 NCTS - Reference Data AGREE
Page 245 and 246:
Annex 6 NCTS - Reference Data 4 = O
Page 247 and 248:
Annex 6 NCTS - Reference Data G09 =
Page 249 and 250:
Annex 6 NCTS - Reference Data REC =
Page 251 and 252:
Annex 6 NCTS - Reference Data C06 C
Page 253 and 254:
Annex 7 AES - Reference Data Annex
Page 255 and 256:
Annex 7 AES - Reference Data - Comb
Page 257 and 258:
Annex 7 AES - Reference Data Common
Page 259 and 260:
Annex 7 AES - Reference Data METHOD
Page 261 and 262:
Annex 7 AES - Reference Data Road l
Page 263 and 264:
Annex 7 AES - Reference Data 31 40
Page 265 and 266:
Annex 7 AES - Reference Data STORIN
Page 267 and 268:
Annex 7 AES - Reference Data WAREHO
Page 269 and 270:
Annex 8 AIS - Reference Data NAME F
Page 271 and 272:
Annex 8 AIS - Reference Data X = Co
Page 273 and 274:
Annex 8 AIS - Reference Data B: Com
Page 275 and 276:
Annex 8 AIS - Reference Data UN DAN
show all

Customs Declaration Processing System Detailed User and ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?