Lisboa, 10.07.2015
Peter HaunoldHead of Professional Services, Fabasoft Austria GmbH
Document- and Case-Management:
Requirements, Challenges and Solutions
• Enterprise-Content-Management
• Document Management
• Business Process Management
(Workflow)
• Information Governance and
Compliance
• E-Records (Electronic Records Management)
• Archiving
Requirements for Collaboration
• Digital Business Files (Personal Files, Contract Management, …)
• Finance and ERP (SAP, Navision, …)
• HR and Application Management
• Various Special Fields Applications (Transportation, Health, Social, Housing, …)
• Additional Services(Printing, Upload, Incoming Docs, Delivery, Authentication, Register, …)
• Enterprise Search
combined with
Typical Requirement Landscape 2015PageParserIntegration von Webseiten ins
Internet bzw. Intranet
PDF-GeneratorErstellen von PDFs mit itext
Case file -ConnectorGeschäftsfälle/Dokumente verwalten
SAP-eBillingGültigkeit Kontierung prüfen
SAP-Financedirekte Buchung ins FI
historisch
HelpXML-Dateien können durch
Anwender erstellt werden
UploadDateiupload-
unterstützung
Person modelVerwaltung von Personen
SAP-PSCDEin/Auszahlungen
Anordnungen buchen
Vertragskonto verwalten
SAP-Business partnerPersonen, Adressen, Bankverbindungen
suchen, anlegen, ändern
SAP-household-
managementMittelreservierung
Saldenauswertung
ApplicationFachspezifische Funktionen
EPaymentElektronische Bezahlung
Graphic designDiagramme mit JFreeChart
WBAWeb-Basierte
Abfragen
auf XML-Basis für
DB-Zugriffe
Portal-ToolsPortalklassen für
Zugriff auf LDAP-Daten
der Portale
Java-KernelPersonenevidenz
Kanzleiwesen
Förderungsleistungsevi
denz
Zahlungsabwicklung
Delivery serverDownloadmöglichkeit von
Dokumenten
Forms serviceBereitstellen von Antragsdaten
aus Formularserver
FTPFTP-Klassen für
Zugriff auf FTP-
Server
FrameworkRahmenapplikationen mit
Basisfunktionalität mit
Schichtenmodell
PDF-Printer connectionÜbergabe eines PDFs über den Druckmanager
an die Poststelle für zentralen Druck
• Databases for structured data
• File Management System and MS Office for Document Management
• MS Exchange, Lotus Notes, MS SharePoint for Business Process Management
• Single Applications for • Digital Business Files (Personal Files, Contract Management, …)
• E-Records (Electronic Records Management)
• Business Files
• Finance and ERP
• …
• Archiving solution for parts of information, documents …
• Rules and Guidelines for Information Governance and Compliance
• …
Existing Separate Solutions Scenario I
• Different Applications based on• Win32 Technologies – Fat Clients
• Web Technologies – Thin Clients
• With different• User Interfaces and User Guidelines
• User Accounts
• Authentication Technologies (Basic, Integrated, Smart Card, PIN, …)
• Connections – local, online or hybrid (online and offline)
• From different devices• Desktop or Laptop
• Tablet or iPad
• Smartphone
Existing Separate Solutions Scenario II
• Users need to know and use different authentication methods
• Password policies of different applications are different
• From very simple without password restrictions or n-digits not changing to
et least 8 digits, one capital letter, one number and one special character, must
be changed every n-days and must not be the same for n-months
• Weak replication or synchronizing of data between application and devices
• Role based authentication is practically not existing
• Separation between business data/applications and private
data/applications is therefore necessary/wished
Challenges and Problems I
Challenges and Problems II
• Amount of data in business and for private reasons is permanently
increasing• e-mails
• Documents
• Structured and unstructured information
• Electronic receipts and bills (Amazon, credit card, bank account, …)
• Digital life and identity recorded with pictures, videos, music …
Storing and keeping the information safe against illegal usage
against system faults
against outdated applications and file-formats
Access from everywhere and from every device
Solutions organizational
• Consolidation of all actual running applications:
• Type of application
• UI of application
• Accessibility of application
• Security aspects (infrastructure and application)
• Role model of application
• Data generated and stored in the application
• Data used in other applications:• Synchronized, replicated, linked
• Which application is the key-application?
Solutions technical I
• Same authorization from all applications using
• User information from a central AD or LDAP service
• User role based information for every user
• Identity providers supporting SAML 2.0 (Security Assertion Markup
Language), e.g. Shibboleth …
• Two factor authentication against password abuse
(e.g. certificate and PIN/electronic signature)
• Application Portal Services
Users can access every application he/she is entitled (has rights and at
least one role) after logged in to the operating system and accessing the
applications‘ portal
Solutions technical II
• Interoperability and data exchange between the connected applications
using
• WebServices based on SAO and SOAP
• Standardized interfaces for loose coupling, e.g. WebServices
• Definition of usage of synchronized or replicated data or linked data• e.g. documents created in applications based on their metadata and
calculations and logic rules and requirements are transferred to the DMS
on are available as links to the original documents
• Finalized documents are created from these links and are stored in the
DMS only (with links from the application if wished and needed)
Although this is technical solution it is a big organizational issue!
Solutions infrastructural I
• On Premise installations vs. Appliances and SaaS
installations vs. Cloud Services are influenced by:
• Organizational and technical requirements and issues
• Service Level Agreements
• Availability of data center with reliability
• Team for operating and administration
• Hardware requirements and renewal cycles
• Backup devices and strategies
• Storage optimization with CAS (application-/hardware-based)
• One/many service providers
Solutions infrastructural II
• Installation in a secure environment
• Secure access
• Secure environment
• Secure network
• …
• With very strict separation from services that are
available from outside
Recommendation: Installation in a certified data center
Solutions secure & data protection
• Applications, solutions and installations that guarantee
• Access only for users in their specific user roles
• Access control schema that allows data access on a more granular
ACL schema than read, write and delete rights
• Possibility to generate Audit Logs in different levels (read, write,
modify, search, delete) for different object and content types
• Possibility of data encryption using independent encryption services
• Mainly for contents, in special cases also for metadata
• Depending on the confidentiality category of the information
• Independent from hardware and application or software-vendor
Solutions intellectual I
• Search Capabilities over all affected applications
• Metadata Search
• Full text Search
• Role based search considering the user rights on documents and
information
• Possibility to drill down
• Possibility to find related and similar information
• Using search mechanisms for automatic categorization of
information
• for incoming information from paper, documents, e-mails …
Solutions intellectual II
• Usage and integration of national registers and services
e.g. Person register, address register, population register,
commercial register or company’s book
• Integration of
• Electronic forms for incoming data and documents
• Electronic services for processes with citizens
• Digital signatures
• Electronic delivery
Solutions & actual development
• DMS and Case/File Management System with Workflow since 26 years
• Integration of SAML 2.0 and 2-factor authorization (certificate and PIN/digital ID)
• Standardized WebServices (SOA, SOAP and JSon)
• JSR 286 and JSR 168 conformity, Fabasoft runs as Portlet in LifeRay
• Integration of national register services, electronic signatures and delivery services
• Participating in various national standardization organizations in A, DE and CH
• Content addressed storage for multimedia contents
• Teamrooms with synchronization mechanisms so that users can use links (avoid of
sending content) from various Fabasoft installations
• Peter Haunold
Working for Fabasoft since 1999
• Education
TU Wien, Surveying Engineer (Dipl.-Ing.) Geographic Information Systems and large data
Process automation and information/signal theory
• Career
1999 – 2001 Consultant
2001 – 2002 Sales
2002 – 2004 Produkt Development
Since 2004 Head of Professional Services
• European software manufacturer and cloud
provider
• Business focus:
• Secure Collaboration
• Process management (Workflows)
• Electronic records
• Semantic enterprise search
• Regional focus:
• German speaking countries
• Slovakia (through a partner) & EU agencies
• Portugal (through Unisys Portugal)
• Figures:
• > 200 employees
• 27 Mill € turnover
• Registered at the stock exchange in Frankfurt
(Prime Standard)
Fabasoft
Fabasoft Head Office in Linz
Products
• Application:
• On Premise & SaaS:
Fabasoft Folio & Fabasoft
eGov-Suite
• Fabasoft Folio Cloud
• Search
• Fabasoft Mindbreeze
Enterprise & Mindbreeze
Inspire
• Infrastructure:
• Fabasoft app.telemetry
• Secomo
• Development:
• app.duxc
• app.test
Copyright © Fabasoft Austria GmbH, Linz, Austria, 2015.
All rights reserved. All hardware and software names used are trade names and/or brand names of the respective manufacturer. Fabasoft
accepts in this document no explicit or implicit responsibilities, in particular not as regards the completeness and correctness of the
document. This presentation contains forward looking statements, including information using the words “believe”, “assume”, “expect” or
formulations with a similar meaning. Such forward-looking statements comprise known and unknown risks, uncertainties and other factors,
that can result in the fact that the real results, development, financial situation or achievements deviate considerably form those assumed
implicitly or explicitly in those statements. These factors among other things include: competition through other companies, effects or risks of
new software and technology, the company’s ongoing capital needs, financing costs, changes in the operating expenses, engaging and
keeping of qualified employees, disadvantageous changes in the applicable fiscal law, riots, cause beyond control, acts of war and other in
this presentation named factors. In connection with these uncertainties investors should not rely on those forward-looking statements. The
company does not accept any responsibilities, to comply with those forward-looking statements in the future or to adjust them to future events
or developments.
E&OE.