Architecture Issues For eHealth Interoperability
Written by Nikos Vaggalis   
Monday, 16 June 2014
Article Index
Architecture Issues For eHealth Interoperability
Implementation with OpenNPC


Implementing the NCPs

Each country was set to create its own NCP by implementing the reference specification; the problem, however, was that there wasn't enough knowledge or resources. For that reason OpenNCP, a set of open source components designed to be used separately or as a bundle or atomically, sprung to life, to help countries develop their NCPs on their own and with no external intervention. A community of experts was also established around OpenNCP to facilitate the project through consultancy, expert skills, design, support, engineering and knowledge sharing, hence providing high quality assistance to the participants.

Open sourcing of the components was chosen because of the freedom it gives for contributing, modifying and distributing. This was nicely summed up at the Workshop by Licínio Kustra Mano of iUZ Technologies as

free is not about the cost but about what you can do with it”.


Components in Detail

  • The Protocol Terminators

epsos-ws-server - Server Side (Country A)

epsos-client-connector - Client Side (Country B)

These components are packaged as web applications and are deployed to a servlet container such as Tomcat.



This component is a "Security Token Service" (STS) for issuing “Treatment Relationship Confirmation” (TRC) Assertions. It is another web application that is deployed to Tomcat. TRC-STS is used by an epSOS portal (e.g. OpenNCP portal or epsos-web), which must include the TRC-STS client for retrieving the TRC assertions from the security token service.


  • TSL-sync

TSL-sync connects to Central Services and downloads the Trusted Service Lists (TSL) with NCP endpoint addresses and certificates of the other Participating Nations. It is a web application deployed to Tomcat. TSL-sync may be configured to run for example every night.


  • TSAM-sync

The Terminology Service Access Manager (TSAM) Synchronizer is a standalone jar file with configuration files and a start script. This application may be scheduled to run, for example, on a daily basis and will download terminology data from the Central Services repository into the local database (LTR - Local Terminology Repository).


  • OpenATNA

OpenATNA is an implementation of the Audit Trail and Node Authentication (ATNA) profile. It is is a web application and is deployed to Tomcat. The application's two principal responsibilities are receiving the audits from NCP components and storing them into the audit repository and accessing the stored audits using a web interface.


  • Database

A local database is required for storing the following information:

  • ATNA audit messages
  • epSOS Automatic Data Collection (eADC) records
  • TSAM data, i.e. code and value sets, code mappings etc.
  • Configuration settings for the OpenNCP server, client and portal


  • Portals

There is a choice of two web portals:

  • OpenNCP Portal (deployed on Liferay Community Server)
  • epSOS-Web (deployed on Tomcat)


  • IPsec

Communication between NCPs is secured using HTTPS over IPsec. IPsec is not part of the OpenNCP software, but it is needed for establishing VPN connections between epSOS NCPs. Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet. A common implementation of IPsec for Linux is Openswan. It must be installed on the NCP machine.

Beyond the pilot phase

As the project reaches its end, the critical issue of sustainability remains to be solved. What's going to happen after its funding ends? What business model needs to be followed to ensuring long term funding? Is central administration and funding from the EU Commission the only way of keeping it alive?

Other issues that should be considered are scalability; whether it requires a central management/policy scheme to coordinate members, and maintain the specifications; and how it can evolve from an EU to an international standard,

Ultimately, the big question on the table is, how can epSOS evolve from a pilot project to a mature end product?


More Information


2014 E-Health Forum



epSOS Technical Aspects (pdf)


loadposition iprogrammer}


To be informed about new articles on I Programmer, install the I Programmer Toolbar, subscribe to the RSS feed, follow us on, Twitter, Facebook, Google+ or Linkedin,  or sign up for our weekly newsletter.


raspberry pi books



or email your comment to:


Last Updated ( Wednesday, 18 June 2014 )