Sad KN Portal Guidelines

SADKN Portal Guidelines Report
SADKN Portal Guidelines Report, SAARC Disaster Management Centre
Page 1 of 124
Table of Contents
Executive Summary ..................................................................................3 Project Background ..................................................................................6 Vision, Objectives and Outcomes ..................................................................8 Disaster Management Phases and Outcomes .................................................. 17 Information Flow: Information creation, capture, dissemination and availability ........... 27 Handholding guidelines for SADKN portal development and establishment ................ 32 SADKN Portal: Operational Guidelines .......................................................... 40 SADKN Portal: Technical Guidelines ............................................................ 64 An Approach to Development: Open Source and Proprietary Solutions..................... 76 Key Recommendations ............................................................................ 79 Annexure I - Brief On Gateway Specifications .................................................. 84 Annexure II A brief on GIS interface............................................................ 86 Annexure III A brief write-up about CMS....................................................... 91 Annexure IV - SADKN Portal: Search Methodology ............................................ 94 Annexure V - List of features...................................................................... 95 Annexure VI - Comparison of Open Source Database Options ............................... 98 Annexure VII Hardware Specifications ........................................................107 Annexure VIII An Indicative Costing for SADKN Portal Development & Hosting.........121 Annexure IX An Indicative OPEX for Software ...............................................123 Annexure X An Indicative Country-wise Costing for National Focal Point (NFP) ........124
Page 2 of 124
Executive Summary The SAARC countries are one of the most vulnerable regions to natural disasters, experiencing a wide variety of natural hazards, including floods, cyclones, earthquakes, droughts, storm surges and tsunamis. The region, which is home to 641 million people living in extreme poverty, accounts for a majority of the total number of deaths caused by natural disasters globally and shares a disproportionate burden of the global loss of life from disasters: more than 70 per cent of the casualties from major disasters in the world since the year 2000 have occurred in this region and the top most affected countries worldwide, in terms of the number of victims, are from this region The impact of disasters can be substantially reduced if people at all levels from government officials to individuals at the community level are informed of the risks and know how to behave in case of emergency and early warning reception. A culture of disaster prevention and resilience can be attained through human and institutional capacity-building in disaster risk reduction. The sharing of information, indigenous knowledge, research results, best practices and lessons learned on hazards and vulnerabilities is the key to improving capacities Information and communications technology and disaster risk reduction. A regional network of networks on knowledge- and information-sharing and analysis, facilitated by SADKN, with the active participation of all SAARC countries, could increase the access of members to lessons learned, knowledge, and analysis. With an objective of Disaster Risk Reduction and Management SAARC Disaster Management Centre (SDMC) has taken an initiative of creating a network known as SAARC Disaster Knowledge Network (SADKN). This web-based interface would provide an opportunity to the people of SAARC countries to have an exposure to latest Information and Communication Technology for Disaster Risk Reduction and Management activities and initiatives. SADKN aims at establishing an environment, which will encourage people of South Asia to create, learn, organize, share, and reuse knowledge. This network would comprise of a central SADKN portal which would act as a central disaster management related portal for the SAARC (Nepal, Bhutan, Maldives, Pakistan, Afghanistan, Sri Lanka, Bangladesh and India) Countries, National Focal Agencies, participating organizations which could be research and academic institutes, ministries at central, state and local level, NGOs, etc from different SAARC countries. These member associates would provide inputs on various aspects of Disaster management and Disaster risk reductions and provide an interface to the citizens of the SAARC region for Disaster related activities and updates. SADKN portal would be the key focal point this virtual network and would play the pivot role of collaborating and coordinating among different stakeholders of the initiative.
Page 3 of 124
The project has been classified in two phases or tiers. Current phase of the project comprises of formulating guidelines for the portal which would further be circulated among the SAARC countries and participating agencies for reference during portal creation or upgrade. The report has been drafted in to three volumes. Volume I broadly define the unit, form, format and frequency of information to be shared by the member associates. Volume II broadly gives a brief about the information management life cycle and information flow and role of various participants in this regard. It also provides a handholding approach for the maintenance related activities for the SADKN portal. Volume III of the report consists of technical specifications and operational guidelines for SADKN portal development and establishment.
A tentative cost for this portal Development, implementation and hosting entirely done by SDMC is estimated to be approximately USD 90000 (with open source software) or USD 165000 (with proprietary software) (USD = United States Dollar)
Page 4 of 124
Volume I
Page 5 of 124
Project Background Global Natural Disaster Risk Hotspots project generated a global disaster risk assessment for two disaster-related outcomes: mortality and economic losses. This assessment showed that Asia, in particular East and South Asia, is at high risk for hydrological disasters, droughts, and landslides. Tropical cyclones occur more frequently in the Asian and Pacific region than in any other part of the world and are usually accompanied by severe flooding. In addition, the impacts of climate change will be particularly acute in Asian and Pacific countries. Climate variability and extreme events pose significant challenges for economic sectors in the regionsuch as agriculture, water resources, health and tourismendangering food security, accelerating the erosion of coastal zones and increasing the intensity of natural disasters, therefore impeding national efforts. This virtual network of networks known as South Asian Disaster Knowledge Network (SADKN) has been envisaged to provide a common platform to exchange, share, and acquire Disaster related knowledge through the SADKN web portal. One of the key goals envisaged under the SADKN project is development of state-of-the-art web-based interface to organize information, knowledge, and experience on Disaster Management. This web-based interface would provide an opportunity to people of SAARC countries to have an exposure to latest Information and Communication Technology for Disaster Risk Reduction and Management activities and initiatives. SADKN aims at establishing an environment, which will encourage people of South Asia to create, learn, organize, share, and reuse knowledge. SADKN, apart from these would also act as a platform for the following: Knowledge sharing and analysis with the participation of relevant regional and subregional organizations Strengthening policies and informed decision-making on disaster risk reduction and climate change adaptation Promoting comprehensive preparedness planning to mitigate the impacts of disasters and the development of cost-effective and accessible technologies to support early warning at the national to community levels using a multi-hazard approach Promoting regional cooperative mechanisms and regional resource-sharing arrangements for disaster risk reduction, including on information, communications and space technologies, to improve disaster preparedness and response in the region Building capacities to assess the socio-economic impacts of disasters and to evaluate the financial and economic costs and benefits of disaster risk reduction for more effective resource mobilization Encouraging development of legal and institutional arrangements, including innovative financial mechanisms Page 6 of 124
Integrating disaster risk reduction into national, sub-national and sectored development planning Encouraging the setting of voluntary targets for resource allocation, including by the private sector Building capacities to evaluate financial and economic costs and benefits of disaster risk reduction to promote greater investments in reducing disasters in the region Promoting comprehensive preparedness planning to mitigate the impacts of disasters Promoting resource-sharing arrangements in the region Calling on the international donor community to increase its funding support for regional and national activities for disaster risk reduction and the implementation of the Hyogo Framework for Action Strengthening regional cooperation mechanisms for implementing the above-mentioned regional activities on disaster risk management and risk reduction
Page 7 of 124
Vision, Objectives and Outcomes To develop a world class Disaster Management network for SAARC countries, to provide a common platform for information sharing and develop a knowledge base to reduce the disaster risk and minimize the impact of disasters in South Asia.
The objective To create an one stop source of information on disaster management in SAARC To create a network of government, research/ academic institutions, non-government organizations, in SAARC Asia on disaster management Provide immediate access to documented and published information contributed by the networking organizations in the field of disaster management Provide an organized collaborative Knowledge base (K-base) to organize and locate information easily Establish an environment, which will encourage people of SAARC to create, learn, organize, share and reuse knowledge
Outcome Provide platform for regional co-operative mechanism and resource sharing arrangement Strengthening support for reducing disaster risk in the member countries Providing rehabilitation and reconstruction assistance following disasters Provide Country Partnership Strategy Guidelines Assistance in sustainable institutional structures and good governance Assistance in Risk identification, monitoring, early warning, and public awareness Assistance in technical and physical risk mitigation Building resilience, promoting innovation, knowledge, and education Risk sharing and risk transfer Assistance in preparedness, effective response, and sustainable recovery
Page 8 of 124
SADKN Portal: A Gateway to Information on Disaster Management SADKN web portal will act as the central point and be the common platform for knowledge sharing among the SAARC Countries. SADKN portal will provide SAARC countries with ready access to clear, understandable, user-friendly information about emergency management and the Government organizations and updates about the disaster and other services like that of weather forecast etc, that are integral to managing disaster among SAARC countries. The portal will be the gateway for information access including information on major hazards, both present and historical including tropical cyclones, earthquakes, tsunamis, volcanoes, floods, and wildfires. The portal will contain the information on a cyclone in Bangladesh which had a destructive impact on the masses, etc. SADKN will provide decision makers with the needed geospatial context for assessing risks and communicating about natural hazards and the exposure that people and infrastructure have to these hazards. It will contain the entire range of the disaster management life cycle from hazard assessment, to early warning, to response and recovery operations. The portal will provide information on the following questions thus creating the sharing of knowledge for the purpose of creating learning effects among the SAARC countries The proneness of a region to a particular disaster The occurrences and intensity of the disaster The location of the affected area, and the level of current hazards Number of people likely to get affected Severity of the disaster on the infrastructure
It has been envisioned that information flow across SADKN happens in a unified form and format keeping in line with the international convention for such information. Information flow can be mapped in terms of unit, form, and frequency and it is recommended that the flow of information happens in a prescribed unit, form, and frequency. Unit: Unit of information is the relevance of information available compared to the information required. It is highly important for all the SADKN stakeholders to understand what information is to be sent or posted on SADKN portal under different situations or different phases of disaster i.e. Pre disaster, Post disaster and During disaster. It is of critical importance to have information availability pertaining to the specific disaster event in context. For example, information should be available to the common citizens of the SAARC region regarding flood alerts and flood disaster management steps whenever there is a possibility of flood. Unit of information can be gauged under the following three levers
Page 9 of 124
Timeliness: Refers to the time when information is sent or received. Availability of timely information is the crucial cog in disaster management domain. For example: timely alert or information for an impending disaster to the administration, local communities, citizens, etc can help in mitigating disaster impact and go a long way in disaster risk reduction. Tsunami warning system developed after the devastating 2004 Tsunami, has been of great help in alerting the ship crews, coastal population, etc regarding any tsunami update. Scope: It is the completeness of the information. It intends to give a holistic view of the situation or the disaster. Incase of a flood, it should contain information about the coordinates or location details of the impacted areas, etc. Actionable: the information should be actionable upon; it is one of the main criteria of the unit of information. Suppose a rehabilitation activity is being carried for a disaster like flood in Patna district, Bihar, India, the exact coordinates of the location will be required by a helicopter pilot to drop food and essential commodities for the victims of the flood. In absence of the geographical co ordinates, the timely and effective relief measures cannot be under taken effectively Forms of the information: The format of the information can be of many types like that analog, digital, maps, tabular. The format of the information largely depends upon the source of information. Suppose the source of information is satellite, it will be in the form of maps Format: The format of information can be of various types like, web enabled information, public domain information which is available to all the members of the SADKN portal or to whoever logs on to the SADKN portal, or restricted access information, only for the members with valid access ids etc. Since the nature of the information could be different, like some information could be highly secret but is very important to be shared with some expert group. In that case the information could be sent under restricted access format, which would be accessed only be the members with restricted access permissions. Frequency: The frequency for updating largely depends on the severity of the disaster. The severity is a function of the area being affected, the loss of economy and lives caused and the lifecycle of the disaster. When talking about the frequency, for earthquake alerts rapid maps could be provided early i.e. within 2 hours time but the detailed mapping could not be provided in 2 hours as it requires more time. Though rapid maps are informative but lack detailed information, whereas the detailed map contains lots of information but they are not available in short period of 2 hours. Serial Number 1. 2. 3. 4. Type of disaster Earthquake Flood Draughts Cyclone Frequency 2 hrs by rapid mapping 6hrs 7-14 days 30 minutes
Page 10 of 124
Volume II
Page 11 of 124
SADKN will be a Knowledge Portal consisting of Regional Chapters and National Chapters for all the SAARC countries which will be designed, developed, hosted and maintained by SDMC. The member countries will assist in updating the content and maintaining the national chapters through remote login facilities provided at the NFP through a client system. The NFPs will collect information from the participating institutions, organizations of their respective countries. Thus the SADKN portal will be designed, developed, hosted, maintained, and upgraded by the SDMC while the content of the national chapters would only be updated and maintained by National Focal Points (NFPs) of the respective countries. An Implementation Agency (IA) would be hired by SDMC for portal design, development and content management. MoUs will have to be signed in between the SDMC and partner countries NFPs for regular provision of data and information. The NFPs will be required to select a fulltime consultant, known as National Focal Point Coordinator (NFPC) who would be assigned the task of data collection from the partner organizations, data digitization and validation and would be under the direct control of the NFPs of those respective countries. The data would be updated through the remote login from the client machine on the respective National chapters which in turn will be mirrored on the main SADKN portal. The NFP will be provided with a dedicated client machine along with printer and scanner to perform the routine tasks and the cost of the same will be borne by the SDMC. The NFPs would also be required to sign MOUs with the participating organizations for sharing of data and knowledge on disaster and risk management in the format specified by SDMC. The people in the SAARC countries and elsewhere would be able to access the information by simply typing the url of the state-of-the-art-portal. The SADKN Portal is explained in the next sections in details. Information Services: Information services are the category of services in providing the static and dynamic data regarding a particular disaster in a country in past as well as in present. In the first phase the portal will be a basic informational portal but later the information services like dynamic weather forecast, satellite mapping, and other services can be incorporated. It will also provide the basis of usage of funds and other relief services provided by different communities and organization for post disaster activities. The real time availability of information on disaster management will be available in the later phases Transaction Services: Transaction services include managing donations and other relief activities from different communities and organizations. The transaction service will not be available in the first phase of the portal development, but will be incorporated in later phases. The Portal should provide a set of MIS reports to the identified Stakeholders for the purpose of monitoring prioritized services which can be accessed through the Internet. Page 12 of 124
SADKN Portal would be hosted at Government Data Centre or Commercial Data Centre and it is highly recommended that this model is adopted rather creating a new data centre for the purpose of hosting the SADKN portal. Functionally, the portal should be accessible through Internet or Mobile devices. All these delivery channels should access the application through a Firewall and using secured communication.
The SADKN Portal (along with the National & Regional Chapters) along with would cater to the following needs of the SAARC Countries: Policies and Guidelines: The SADKN web portal would have the policies and guidelines on disaster management of all the SAARC countries. The policies and guidelines would be containing the National level policy on disaster management, guidelines on disaster management, the national strategy ion disaster management, national plans on disaster management etc of all the SAARC countries. Classification of disasters: The SADKN portal would contain Documents, Research papers, Reports, white papers, Plan of actions etc on different disasters from all the SAARC countries. Natural Disasters: Earthquake Floods River Erosion Cyclone Tsunami Page 13 of 124
Landslide Forest fire Droughts, etc Man Made Disasters/ Human Induced disasters: Nuclear disaster Chemical disaster Mine disaster Biological disaster Environmental disasters, etc
Capacity Building & Training: The portal would support detailed Documents and Manuals in country specific language, pictures / photographs, small video films, information on the nearest training centers or contact details of the agencies providing free training etc. Besides these the other features to be covered are o Trainings of volunteers contribute towards creating response capacity on a larger scale. o Training of trainers sessions helps to build local capacity in empowering the communities and having the capacity at the local level. o Trainings along with manuals/kits/equipment help communities to retain the messages and practice their skills. o Involving the Government and utilizing their expertise contributes towards ownership and sustainability.
The training documents, manuals, short films on training modules could be provided on varied topics like, search and rescue, disaster assessment response, emergency first aid and distribution of first aid kits, livestock management, livelihood diversification, health and hygiene and distribution of health & hygiene kits, soil and water testing, agriculture management, etc Early warning system: Details of various early warning systems could be posted on the SADKN portal. The details could be provided by various stakeholders of the SADKN portal. Also the participating research and scientific agencies, and other expert agencies associated with the National focal agency of each of the SAARC country could provide details on detecting a early warning signal in there respective field of expertise. Other features on the related topic includes; Establishment of emergency management committees/and their capacity building Rehearsals/simulation of emergency response scenarios is an effective way of retaining early warning information Development of village evacuation & flood management plans Page 14 of 124
Development of district disaster management plan Installation of water level indicators & gauges Distribution of loud speakers Infrastructure Support: The details to build safer earthquake and flood resistant infrastructures could be provided on the portal. Various other details on the infrastructure development in the earthquake, landslide, cyclone, flood prone regions could also be provided Advocacy & Public awareness: For increasing the public awareness SADKN portal
could contain the details on the following: Media sensitization workshops Details on awareness sessions for students, communities & other stakeholders Seminars and workshops details for key stakeholders Details on Public theatre, role plays and drama etc. Small Scale mitigation works details: The details on small scale mitigation works could
be provided in documented form on the SADKN portal. The details could be provided in works like, How to build emergency shelters quickly How to establish Establishment of water and testing laboratory Construction of wells & installation of hand pumps Benefits and ways of Tree plantation Construction of retaining walls Integrated water efficient schemes Flood protection wall Debris flow protection work Rain water harvesting techniques Mapping & Data Computerization: The SADKN portal would contain tools for computing and preparing, Generating hazard & vulnerability Maps Preparing an inventory of all hazards faced by the community in the target area Preparing and storing baseline data available on most hazardous sites for further investigation and mitigation Page 15 of 124
Storing historic profile of hazards and their impacts Detecting vulnerable population and elements at risk to each hazard
The other related topics that would feature on the SADKN portal are: Role of NGOs Role of corporate Facilitation of Co-ordination Research & Dissemination Institutional Strengthening National chapters
Page 16 of 124
Disaster Management Phases and Outcomes Disaster Management comprises of numerous activities involving multitude of stakeholders and organizations which have to coordinate and work together for the task at hand. Time constraint adds an additional dimension to the Disaster Management paradigm. Some of the key components and constraints which need to be given adequate attention during the SADKN realization are listed as follows: Involvement of stakeholders at various levels Time constraint Facilitation for decision making authority by providing relevant and timely information Changing environment from time to time, dynamism of the situation Nature, frequency and location of the disaster
This section provides an overview of the Disaster Management with respect to the following phases: Pre-Disaster During Disaster Post Disaster
Pre Disaster SADKN has been envisaged as a common platform for sharing of information, knowledge and experience among the numerous participants and stakeholder nations. This would also enable the citizens of SAARC region in freely communicating and collaborating with each other for disaster related domain and at the same time provide a window to them for interacting with domain experts and institutes. Some of the core outcomes as envisaged under the Pre Disaster paradigm are listed in the following table. Outcomes Creating awareness among stakeholders especially citizens Activities / Tools RSS feeds regarding Disaster related information e-Newsletters, e-mails alerts, etc Communities, blog for group discussion, online polls, etc Games, quiz modules related to disaster information for youth and children Community driven initiatives for creating awareness using the SADKN platform
Page 17 of 124
Common Platform for Information and Knowledge Sharing related to Disaster Management
Knowledge base including reports, documents, articles White papers on various aspects of Disaster Management Blogs, Group Discussion Forums Archive & History section containing details about all major disaster events Repository on Life cycle of various disasters Access to Expertise knowledge including latest R&D results on disasters
Capacity Building
Specialized Online training modules based on the Life Cycle of specific disasters Option for Live Chat with Experts on different types of Disasters Specific documents related to different disasters indicating Dos & Dont Use of techniques like flash animation, video feeds, webcasts, etc indicating specific steps to be undertaken in case of specific disaster Information on Community based camps for Disaster Management Training in nearby localities, areas, etc First Aid training modules Undertaking new Research & Development initiatives for Disaster Management involving stakeholders at various levels Key learning from previous experiences including Dos & Dont during specific cases of disaster Information on Projects / Schemes undertaken for Disaster Risk Reduction for specific disaster events like INCOIS for Tsunami Warning System, etc
Disaster Risk Reduction
Page 18 of 124
The basic intent of developing the SADKN portal is sharing of information, knowledge, and experiences of various stakeholders and participants among various groups of people including citizens of the SAARC countries. Stakeholders of SADKN portal can post information on their areas of expertise on their associated portals related to Disaster Management and Risk Reduction which would be available for all the users. Information sharing can happen through any relevant piece of information on disaster management through documents, case studies, blogs, discussion forums, live chat with experts, archives, trends of various events, findings of scientific, and research institutes etc. Recent News updates and new posting could be sent as an email alerts to the users registering for the service. Another key objective of SADKN would be capacity building and creating awareness among citizens of the SAARC countries for disaster risk reduction and management through online trainings, web seminars and educational videos (based on flash technology and video feeds). Special online games and quiz activities should be used as an option for inculcating awareness among the children and youth. Information available on SADKN portal in good times shall keep stakeholders informed to plan better for future Page 19 of 124
During Disaster Communication during the disaster is the key aspect in managing a disaster. During emergency situations, the information can be provided by the respective associate members of the National Focal Agency to the SADKN Portal. The following table lists the core outcomes under the During Disaster paradigm. Outcomes Disaster Management Activities / Tools Link for Missing Person Registry Module Link for Shelter Registry Module Link for Volunteer Registry Module Centralized Help Module for information on o Blood donation camps o Money donation options o Miscellaneous help Expertise inputs and guidance for tackling the disaster incident Link for disaster specific Dos & Dont activities Latest information on the specific disaster incident Updated news about the disaster events across the world Email / SMS alerts to the Nodal Officers of the identified agencies involved in the each country about the disaster incident Option for Live Chat with Experts on specific disaster information and guidance List of identified Organizations / Institutes / Communities having capability and expertise for handling the specific disaster incident type alongwith contact details and the Nodal Officer details Updates about various initiatives, steps, etc undertaken at Government / Organizational / National Focal Agency / Community level for disaster incident management Information on hospitals / primary health centers / police stations / civil defense camps / schools / stations (railway & bus) etc in and around the disaster affected region A centralized information demand-supply dashboard for resource requirements (food, medicine, medical supplies, money, volunteers, clothing, camps, etc) Page 20 of 124
Information Sharing
Coordination & Facilitation
Page 21 of 124
Post Disaster During the Post Disaster scenario, major efforts are concentrated on the rehabilitation and construction activities. However, it is of utmost importance to analyze the causes of the disaster and if possible, take preventive and corrective steps as necessary to avoid any future recurrence of the incident. The following table lists the core outcomes under the Post Disaster paradigm Outcomes Disaster analysis Activities / Tools MIS reports, graphs, etc to present the available information for analytical purposes related to the disaster incident Common platform for numerous stakeholders to seek and provide relevant analysis and inputs which can be further utilized by the competent authorities (including Respective Government, SDMC) to take an informed decision and plan for the future Latest information on the specific disaster incident Option for Live Chat with Experts on specific disaster information and guidance such as Civil construction experts, Medical experts, Post disaster trauma experts, etc Help module for information and details on o Blood donation camps o Money donation options o Missing person registry module o Volunteer registry module o Shelter registry module Information and contact details of the involved agencies and organizations along-with details of Nodal officers List of identified Organizations / Institutes / Communities having capability and expertise for handling the specific disaster incident type alongwith contact details and the Nodal Officer details Updates about various initiatives, steps, etc undertaken at Government / Organizational / National Focal Agency / Community level for disaster incident management
Rehabilitation
Coordination and Facilitation
Page 22 of 124
Information on hospitals / primary health centers / police stations / civil defense camps / schools / stations (railway & bus) etc in and around the disaster affected region A centralized information demand-supply dashboard for resource requirements (food, medicine, medical supplies, money, volunteers, clothing, camps, etc)
For disaster risk reduction the participation of all the stake holders of the SADKN portal will be highly important and crucial. Customized MIS reports should be a critical component of the portal for analyzing the data collected and extracting meaningful information for benchmarking purposes. If the probability of occurrence of a disaster event in an area is found to be high based on the study by an expert group then this information can be further used for risk reduction and disaster mitigation. The knowledge group and experts in all the areas could analyze these findings and after discussions can come up with a solution for common benefit. Expert findings can be shared on the portal after data analysis, recent trend analysis and based on prior Page 23 of 124
experience. A risk mitigation plan can be proposed by various experts and the local area authorities could take a well informed decision to avert the natural event or to minimize its effect. Hence during the crucial times the SADKN portal will provide single platform to all the stakeholders for having discussions and arriving at the best suited plan for Risk reduction. A piece of crucial Information in advance on SADKN portal can help the stake holders in taking a informed decision in advance and help in risk reduction
SADKN platform should facilitate interaction and have simultaneous dialogue with all related expertise dealing with disaster management in SAARC countries and this initiative has been thoughtfully envisaged as a tool to store, retrieve, disseminate and manage information related to disaster management.
Page 24 of 124
Information Management Life Cycle Currently knowledge and experiences of disaster practitioners remain in isolated silos with individual or institutional domain. There is an urgent need of an organized common platform to capture, organize and share this knowledge and to create a versatile interface among policymakers in the Government and disaster managers at all administrative level (National/State/District/Sub-District/ Community). SADKN initiative is a conscious effort for Disaster Risk Reduction and Disaster Management at Regional, National, Provincial and subprovincial level. Numerous organizations / agencies / institutes have been envisaged to be part of the initiative which however, due to gap in information coordination and sharing cannot be realized. Information creation, storage, retrieval, availability and dissemination would play the key role in Disaster Management. Generally, three perspectives in Information cycle management have been envisaged across the globe by various experts Management Application Organization
Management focuses on capturing, organizing and facilitating information. This would involve participation from all the participating members in the SADKN initiative including Government departments, agencies, R&D and academic institutions, expert individuals, international communities, etc.
Page 25 of 124
Application focuses on effective retrieval of relevant content through advanced searches and mining to conduct knowledge-related work and tasks and on the use of the results for discovery. Information should be updated and stored at the SADKN system and network of portals by the participating members and associates as described in the ensuing section. Organizations focus on learning, sharing and collaboration. This is the education component and would lead to creating awareness and capacity building for disaster management paradigm which would be facilitated by availability of information about disaster preparedness, dos and donts in emergency, disaster management plans, policies and guidelines available in various domains related to disaster management. Information management is not only about capturing best practices and experiences people have and store it in a database with a hope that it will be useful later. Information management is all about getting the right knowledge, in the right place, at the right time
This initiative aims at connecting all participating government departments, statutory agencies, research organizations/ institutions to share collectively and individually their expert know-hows. The exchange should be facilitated through online interaction, e-workshops, documentation of experiences, sharing information on SADKN Portal etc.
Page 26 of 124
Information Flow: Information creation, capture, dissemination and availability Information sharing among SAARC is the most important aspect of the SADKN portal; hence information flow should start from the gathering of information and further creating and uploading the information on the portal and thus making the information available to the different stakeholders. The information available with the different countries can be made available by digitizing and uploading the available hardcopy of the journals, reports, research papers, and white papers thus creating a database based on the available information (digitizing the hard copy available). The information stored in the database will be made available to the citizens of the SAARC countries through the SADKN Portal. The information flow will happen from the lowest level (member associates) of the SADKN network to the highest level (SADKN portal) and this would be a measure of the success of the project and the associated envisaged objectives. The information is provided to the SADKN Portal by the respective NFP. The flow of information occurs from the respective agencies to the NFP. Nature of information should be categorized with respect to three critical parameters, namely, location, disaster type and disaster frequency. Such categorization would help in analyzing and finalizing the information in terms of unit, form, format and frequency of update. These terms have already been defined in volume I of the guidelines. Information in the predefined format, unit and at specified frequency should be uploaded to the main SADKN portal in the form of a .pdf file. Specifics of the unit, form, format and frequency of the information have been defined in the volume I of guidelines. Every associate member organization / agency / institute should clearly identify a nodal officer. Nodal officer should report to the PMU and would facilitate and coordinate on behalf of his / her organization / agency / institution with National Focal Point, PMU and other participating members. Nodal officer would serve as the single point of contact on behalf of his / her organization and should be in the capacity of taking key decisions with respect to information sharing and support for realizing the SADKN initiative.
Page 27 of 124
Apart from the organizational nodal officer, a team of dedicated and qualified resources from the organization should also be identified whose role would be to update the requisite information on the SADKN portal. This team would report to the Nodal officer from the respective organization / agency / institute. Before publishing the data and information on the SADKN portal, Nodal officer should review the same and provide approval for uploading the information on the portal. Information can be classified in to critical / non-critical information and public / restricted information. Information identified as public should be published in the open space of the SADKN portal and would be available to all the users. Such information can include training manuals on disaster management, warnings on bad weather situations, etc.. Information in the SADKN network should be classified as Critical and Non Critical A clear Memorandum of Understanding (MoU) should be entered with the participating agencies / members and National Focal Point and SDMC in this regard. Information which can be shared by the associated members should be clearly demarcated and be a part of the MoU. Page 28 of 124
It is important to motivate and encourage the participants to proactively participate in this initiative and efforts of such members should be recognized and applauded. An incentive based scheme should be adopted for such purposes. Incentive / Scheme Target Audience Frequency Every 3 months
Individual Certificate of Merit based on contribution Individuals to Knowledge base / News / Concepts papers / Innovations / Citizen Journalism
Certificate of Merit based on contribution to Organizations / Every 3 months Knowledge base / News / Concepts papers / Agencies / Institutions Innovations Recognition as Champion in Disaster Management. Individuals This should be awarded to individuals who have been nominated more than once for Individual Certificate of Merit 6 months
Recognition as Most Contributing Group in Disaster Organizations / 6 months Management paradigm. This should be based if the Agencies / Institutions associate group / organization has been nominated more than once for Group Certificate of Merit Medal of Honor for individuals and groups who have Individuals and Yearly been awarded Champion Certification and Most Organizations / Contributing Group in Disaster Management more Agencies / Institutes than twice. This should be followed by a 3 month / 6 month / 9 month / 12 month membership of the National Focal Agency group. In case of organizations, nodal officer from the organization should be nominated for this honorary membership SADKN Merit Certification and Medal of Honor for Individuals and Yearly individuals and organizations who have contributed Organizations / immensely and have been conferred all the above Agencies / Institutes mentioned certificates for recognition at a Regional Forum
Page 29 of 124
In phase I of portal development and SADKN implementation, information would be made available at pre-defined frequencies and in pre-defined formats at the main portal by the respective member associates. The following figure provides a holistic view of the envisioned scenario.
In the first phase, it is recommended that an informational portal is developed with very basic features such that a start is made at the regional level in the SADKN initiative. This portal should be gradually upgraded to more advanced level of functionalities and a phased approach should be adopted for the same.
Page 30 of 124
Once the system achieves stability after integration of advanced features like sms alerts, missing person registry, etc SADKN portal would be integrated with similar initiatives across the globe like systems in Europe, US, Africa, etc. This should be done after signing MoU by SDMC and SADKN teams with the respective international networks.
For any disaster event, information should be posted by the identified person at the associated portal of the SADKN network. Each bit of information posted should be classified in critical and non-critical category during the time of entry. Any entry classified in the critical category shall be reflected at SADKN portal immediately and should trigger an alert management system wherein an SMS alert and Email alert are sent to the relevant stakeholders of various participating agencies. Information on disaster events should be available on a real time basis along with disaster relief efforts, dos and donts, etc on the portal. Emergency contact data and helpline numbers should flash on the portal along-with contact numbers and addresses of the local area Hospitals, Police department, Fire stations, NGOs etc which can be referred to by users. Users should be able to register for the missing person service after entering the relevant details in the online form. Similarly, shelter and relief work information should be available to all the users and departments like NGO, Police, Hospitals, Fire offices, Forest offices, Government agencies, etc on the portal. Weather forecasts and predictions along-with expert analysis for next 24 hours should be available on the SADKN web portal.
Page 31 of 124
Handholding guidelines for SADKN portal development and establishment Entire system of portal development and implementation has been conceptualized in four phases and is depicted in the following diagram
The following table depicts the relative roles and responsibilities of PMU and the identified Implementation Agency (IA) during the four phases of development and establishment of the portal.
Phase
Conceptualiza tion
Program Management Unit (PMU)

Assistance to the IA in understanding / assessing the need for various functions of web portal Conducting meeting with IA for monitoring and overseeing the progress of work Review of draft portal in the developers environment and its finalization
Implementation Agency (IA)

Carrying out brief (8-10 days) preliminary study through internal surveys/ interviews for finalizing functionalities and need of the web portal Participating in the meetings called by PMU / SADKN Agency for discussions directly and indirectly related to the web portal development Preparation of draft web portal for the purpose of its review by PMU / SADKN agency Preparation of brief progress reports on a weekly, monthly basis for review by PMU (report format to be provided by PMU Application Development as per the project scope and agreed SLA Carrying out suggested modifications in the portal Page 32 of 124
Development
Providing assistance in obtaining relevant data for IA Review the progress of IA through conducting periodic review meeting Facilitating and conducting acceptance testing in coordination with IA and Audit agency Suggesting changes / modifications as applicable after the UAT
Finalization of the SADKN web portal when it is felt that all the features have been added / implemented with reference to the SADKN portal project scope Review the progress of the IA through conducting periodic review meetings Conducting dry runs of the various functionalities in the web portal Reviewing the results of testing and security audit of portal by the identified Audit, Compliance and Certification agency Finalization of topics to be covered in the training sessions to be conducted by the IA team Arranging training sessions, to be conducted by IA team, in terms of identifying the staff who should undergo training for portal administrator, data entry staff etc and arranging for space and photocopies of training manuals, user manuals provided by the IA Assessment of the quality of training Review of the technical problems reported, ability of the SADKN web portal to serve its primary objectives related to Disaster Management phases (During Disaster activity period, No Disaster period, Capacity building initiatives) Assessing the performance of the SADKN portal for the stated objectives of the project Assessing the internal capacity of the associated member organization for handling portal administration and everyday trouble shooting. Accordingly a decision to either renew or terminate contract should be taken at the end of the term defined in the SLA of the IA Finalization of terms and conditions etc in
after the UAT and security audit
Support / Maintenance
Carrying out final testing of all the functionalities like search engine, payment gateway, automated alert system, etc Preparation of user manuals, training manuals, troubleshooting guides etc Arranging for training sessions and handholding for the identified staff of associated member with an aim of developing skills to perform basic maintenance and system handling capabilities Providing helpdesk / telephonic / email support to the associated member organizations for technical problems Provision for one dedicated resource from the developing team until PMU declares the portal to be stable
Exit
Finalization of terms and conditions and charges in case of renewal of contract In case of non renewal of contract, handling over all the relevant documents, reports etc for smooth maintenance of web portal Page 33 of 124
case of renewal of contract of the IA Appointing suitable resources for the various responsibilities to be handled in running the SADKN web portal smoothly
An overview of steps involved in Portal maintenance A web portal grows with time with the addition of new contents and features. A portal therefore requires regular monitoring and maintenance to ensure that the quality is maintained and it meets the expectations of the user/visitors. The PMU should sign a Service Level Agreement with the portal maintenance agency. The SLA should clearly mention all the terms and conditions, procedures and policies to be followed. Portal Maintenance Team should also ensure smooth hand holding activities. Portal maintenance team The portal maintenance team would comprise of a portal maintenance manager who would be reporting to the PMU and would be responsible for overall maintenance of the SADKN system and portal. The portal maintenance team would provide complete handholding support for the entire SADKN system and portal. The maintenance team should ensure that the SADKN portal function completely as per the functional specifications. They should ensure especially during the disaster time that all the alerts and related news are regularly updated, they should ensure that the time taken for portals for getting uploaded and downloaded as quickly as possible. They should provide the necessary handholding support to all the members and partners of the SADKN. The portal maintenance manager / (or appointed person) should coordinate with the PMU and other members in order to ensure a smooth and proper flow of information. The coordination is also required to formulate policies concerning the management of content / data on the portal through its entire life cycle (creation, moderation, approval, publishing and archival). The maintenance team would be also responsible to take care of the feed back and query mail responses to the visitors of the SADKN portal. The portal maintenance team would be responsible for overall portal performance, security and system availability. The SADKN system and portal should be monitored and maintained for the following parameters: Content management Traffic analysis Security audit
Page 34 of 124
Functionality check Broken links review User Feedback Content management The maintenance team should ensure that there is smooth and proper flow of content from the ground agency to the site. It should also take care of the content quality and user satisfaction issues. The maintenance team should also ensure that obsolete data is removed / deleted and old data is archived as per the policy System review The maintenance team ensures that the SADKN portal is thoroughly reviewed and maintained to rule out the presence of any broken links or error. The maintenance team should set a mechanism for periodically validating links to related information. An automated report should provide a list of broken links on the portal which could be immediately corrected
Traffic Analysis The maintenance should regularly monitor and maintain the SADKN site traffic to analyze the usage patterns as well as visitors profiles and preferences. A periodic report on the same should be sent to the PMU
Performance The maintenance team should ensure that the SADKN site down time is optimized for a variety of network connections as well as devices. The maintenance team tests all important pages of the SADKN portal for this Feedback Feedback from the visitors is the best way to judge the performance of any website and to make necessary improvements. The maintenance team should put a proper mechanism in place to carry out the changes and enhancements as suggested by portal users System availability The maintenance team should ensure that the portal is available for visitors at all times 365X24X7
Security audit The maintenance team should perform security audits on regular basis to conform that the SADKN portal is free from all kind of virus/security threats
Page 35 of 124
Volume III
Page 36 of 124
The SAARC Disaster Management Centre (SDMC) has taken up a project known as South Asia Disaster Knowledge Network (SADKN). The main objective is to develop a state-of-the art webbased interface consisting of Regional and National Chapters to organize information, knowledge and experience on disaster and its management at SDMC which can be accessed by the citizens of all the member countries. The member countries will have considerable participation in the maintenance and updation of the nations chapters in the SADKN portal. A NFP will be identified in the member countries along with a consultant (NFPC), which will be required to network itself with all the participating organizations having its Nodal officers. The NFPs would be able to gather information and upload the same on the National Chapters through remote login facility provided by SDMC on client-server architecture. The SADKN will thus emerge as a platform, which will encourage people of South Asia to create, learn, organize, share and reuse knowledge. It will be a network consisting of Government, private, inter-government agencies, international agencies, and NGOs dealing with all types and stages of disaster. The Governing Body of SAARC Disaster Management Centre (SDMC) has given the direction that the SADKN shall be developed in two parts: 1. The Regional Chapter which shall be designed, developed, hosted and maintained by the SDMC. 2. The National Chapters which shall be designed, developed, hosted and maintained by the SDMC in collaboration with the Member Countries of the SAARC. The Content of the National Chapters shall be maintained and updated by the Member Countries through remote login facilities provided to the National Focal Points (NFPs). The SDMC shall appoint an Implementation Agency to design, develop, and maintain the regional and national chapters which shall be hosted in SDMC.
Page 37 of 124
Technical Summary Portals A portal represents a web site that provides a single point of access to applications and information. From an end user perspective, a portal is a web site with pages that are organized by tabs or some other form of navigation. Each page contains a nesting of sub-pages, or one or more port letsindividual windows that display anything from static HTML content to complex web services. A page can contain multiple port lets, giving users access to different information and tools in a single place. Users can also customize their view of a portal by adding their own pages, adding portlets of their choosing, and changing the Look And Feel of the interface. Technically speaking, a portal is a container of resources and functionality that can be made available to end-users. A portal presents diverse content and applications to users through a consistent, unified web-based interface. Portal administrators and users can customize portals, and content can be presented based on user preferences or rule-based personalization. Each portal is associated with a web application that contains all of the resources required to run portals on the web. Web Sphere Portal Web-Sphere Portal is quickly becoming a standard infrastructure platform for building enterpriseclass applications. But it provides much more than just this: Web-Sphere Portal delivers integrated content and applications, plus a unified, collaborative workplace. Thus we can look at WebSphere Portal from two different angles. On one hand it is a development platform for new applications, and on the other it enables the integration of existing applications and processes. Weblogic Portal WebLogic Portal supports development of portals through Workshop for WebLogic, which is a client-based tool. We can also develop portals without Workshop for WebLogic through coding in any tool of choice such as JBuilder, vi or Emacs. Portals can be written in Java or JSP, and can include JavaScript for client-side operations. Microsoft SharePoint Like most portal products, SharePoint allows visitors to create custom views of the Web site. Microsoft's first portal application was called Digital Dashboard. This product introduced the concept of Web parts boxes of information on a page that represented a summary or overview of information. (Other vendors referred to these items as "portlets.") By assembling multiple parts on a page, each user could customize his view of the portal to contain the information that pertained to them. In theory, every visitor of the site could have different content at the same URL. However, the technology behind the Digital Dashboard was not up to the task, and it never made it out of the beta stage. Portal Server has been upgraded to run on the .Net framework and is now referred to as SharePoint Products and Technologies. The "Product" is SharePoint Portal Page 38 of 124
Server 2003 (SPS) and the "Technologies" are Windows SharePoint Services (WSS). A significant point about these two is that WSS is included with the Windows Server 2003 license. Any organization that is licensed for Windows Server 2003 can also host Websites that are based on WSS. Microsoft SharePoint, is limited to exactly ONE option for operating system (Microsoft Windows), database (SQL Server), web server (Microsoft IIS), and application server (Windows). JBoss JBoss Enterprise Portal Platform delivers web-based composite applications and highperformance web presences. It uses enterprise standards to support a wide range of development approaches that maximize flexibility and choice for enterprise web user interfaces. JBoss Enterprise Portal Platform meets the demands of internal and external end users who require access to and interaction between back-end applications, SOA services, and Web 2.0 applications. Based on an open, reliable framework, JBoss Enterprise Portal Platform can meet the development and operational demands of the smallest tactical mashup-style application all the way up to the largest mission-critical web sites. JBoss Enterprise Portal Platform supports the new Java Portlet 2.0 specification (JSR-286) as well as other enterprise portal standards. JBoss Enterprise Portal Platform is LDAP 3.0 compliant and supports Red Hat IPA, Sun, and MS Active Directory. JBoss Enterprise Portal Platform supports multiple single sign-on solutions including CAS, OpenSSO and JOSSO.
Page 39 of 124
SADKN Portal: Operational Guidelines 1. Establishment of Project Management Unit (PMU)

As the project initiating step, it is of vital importance and highly recommended that the Project Management unit (PMU) be established. The basic responsibility of PMU would be to monitor the progress of the project and review the work of the agencies involved with the project. Project Management unit is the guiding committee for the implementation till the roll out of the project. The PMU should contain people with expertise on various domains like that of: Technology expert Domain expert Support staff
The project management unit will have various responsibilities like monitoring activity and managing the contents and various other activities related to the project. The PMU will report directly to the SDMC. PMU will engage in various activities mentioned below
Page 40 of 124
(i) Identification of stakeholders, their roles, and responsibilities in SADKN implementation A large number of stakeholders at the regional, national and local levels shall be responsible for the development and growth of this knowledge portal. o SAARC DISASTER MANAGEMENT CENTER (SDMC)
The SAARC Disaster Management Centre (SDMC) shall be responsible for the conceptualization, design and implementation of the SADKN in collaboration with the various other stakeholders of this project. The specific functions and responsibilities of the SDMC for the implementation of this project shall be as under :i) Conceptualize, design, develop and give overall discretion to the project. ii) Host the SADKN portal with necessary hardware, software, content and related institutional mechanism. iii) Develop technical and operational guidelines for the implementation of the project iv) Enter into agreement with the National Focal Point of the Member Countries for the implementation of the Project. v) Mobilize resources for the implementation of the project. vi) Provide necessary financial grant to the Member Countries for the implementation of the Project. vii) Select appropriate agency for the design, development and maintenance of the portal viii) Provide necessary remote access to all the stakeholders for accessing the SADKN portal with its regional and national chapters ix) Coordinate with SAARC, UN ISDR and Member Countries for project implementation x) Provide clear guidelines on the type, unit, format or form of information required from the Member Countries and Partner Organizations xi) Provide templates and guidelines for the content writing of the National Chapters. xii) Provide necessary support, guidance and assistance to all other stakeholders for information sharing and other related issues. xiii) Devise appropriate incentive scheme to recognize the good work done by the stakeholders. xiv) Resolve difference of opinion, if any, between the stakeholders. o IMPLEMENTATION AGENCY
The SDMC would select an implementation agency for the design, development, and maintenance of the SADKN portal. The implementation agency shall perform the following activities: i) ii) Prepare the Project plan for SADKN portal Design and Develop the SADKN portal with its regional and national chapters as per agreed terms and conditions.
Page 41 of 124
iii) iv) v) vi) vii)
Conduct system study and prepare the Project Initiation report after an initial assessment of the requirements Prepare the SRS, Design document, UAT document, Database Schema Prepare the Application development as per the system project scope Deploy the application at the identified data centre Perform maintenance and support related activities in the Post Go-Live scenario as per the agreed SLA terms and conditions
o NATIONAL FOCAL POINTS (NFP) The following National Focal Points of the Member Countries shall be the nodal institutions for the implementation of the project in the respective Member Countries: TABLE 1: NODAL INSTITUTION OF MEMBER COUNTRIES MEMBER COUNTRY NATIONAL FOCAL POINT
Afghanistan Bangladesh Bhutan India Maldives Nepal Pakistan Sri Lanka
Afghan National Disaster Management Authority Disaster Management Bureau Ministry of Home and Cultural affairs National Institute of Disaster Management National Disaster Management Center Ministry of Home Affairs National Disaster Management Authority Disaster Management Center
Role and Responsibilities of NFP The National Focal Point shall have the following functions and responsibilities: i) Enter into agreement with the SDMC for the implementation of the project. ii) Identify the various government, non-government, scientific, technical, academic and other organizations engaged in the creation, dissemination and use of knowledge on disaster management in the Member Countries to be partners of the project. iii) Institutionalize the partnerships through agreement, MoU or any other instrument as deemed fit. iv) Encourage the partners to voluntarily contribute their knowledge resources for the portal through incentives, award or certificates, as desirable. v) Collect, compile and collate the knowledge from the partner organizations and then transmit the same to the SDMC for the development of the National Chapter.
Page 42 of 124
vi) Assist the SDMC in the design and development of the National Chapter through expert comments, advice, suggestions, ideas, views etc. vii) After the portal is launched maintain and update the portal on a continuing basis as per technical and operational guideline regarding maintenance to be issued by the SDMC. viii) Nominate a senior functionary of the organization to be a Nodal Officer who will be responsible for coordination with the SDMC and other partners for the implementation of the project. ix) Appoint a Consultant who would be assisting the Nodal Officer in the discharge of the responsibilities of the NFP. x) Supervise, control, and monitor the activities of the Consultant. o APPOINTMENT OF CONSULTANT AT THE NFP
Each NFP shall appoint a full time Consultant to assist the Nodal Officer in discharging the responsibilities of the NFP. The SDMC shall be providing financial support of maximum USD 750 towards the remuneration of the Consultant for a period of 12 months. Eligibility of Consultant i) Good academic record preferably with Post Graduate degree ii) Experience of working in the disaster management field for a minimum period of three years iii) Minimum of two years work experience in IT related activities and basic understandings over database generation, internet, remote logins, web security, updating and sharing, Intellectual Property Rights (IPR) iv) Minimum two years of experience in content writing and management of web portals specially knowledge portals involving multi-stakeholders v) Good writing skills in English, as demonstrated in by published articles, papers etc. vi) Proficiency and skill in the use of basic word processing and design softwares. Functions And Responsibilities Of Consultant i) Assist the Nodal Officer of the NFP in discharging the responsibilities of the NFP. ii) Collect, compile, digitize and transmit knowledge resources from the partner organizations to the SDMC on a regular basis for the development of the National Chapters as per the formats to be prescribed by the SDMC. iii) Write one page profile of partner organizations and transmit the same to the SDMC as per format to be prescribed in this regard. iv) Write the draft content of the portal as per formats/ templates to be prescribed by the SDMC v) Maintain and updating the National Chapter as per guidelines to be prescribed by the SDMC. vi) Respond to the e-mails, queries, questions discussions, and clarifications. From the user group in consultation with the partner organizations/ institutions. vii) Submit periodic progress reports to the SDMC in the prescribed formats viii) Perform all such functions that may be entrusted by the NFP and the SDMC.
Page 43 of 124
PARTNER ORGANIZATIONS (PO)
The National Focal Points shall identify the potential Partner Organizations of the portal, such as:i) Departments/ Organizations of the Central, Provincial and Local Governments dealing with any aspect of prevention, mitigation, preparedness, response, relief, rehabilitation and reconstruction of any aspects of the natural or man made disaster. ii) Early warning agencies like Meteorological Department, Water commission, Flood Control Agencies, Drought Monitoring cell etc. iii) Scientific and Technical organizations like Geological Survey, Seismic observatories, Space Research Organizations, Remote Sensing agencies etc. iv) Engineering and architectural schools specialized in disaster resistant construction- design technologies. v) Academic institutes like universities ,school of social Sciences, management schools ,etc., Specializing on the various technical , social , economic aspects of the disaster management vi) Institutions of medical research, specialization on emergency health management, disaster medical and psychosocial care, etc. vii) National and non-governmental Organization (NGOs) working on different aspects of disaster risk reduction, relief and humanitarian assistance. viii) Country offices of international organizations and multi-lateral institutions like UNDP, World Bank etc. working on various aspects of disaster risk reduction and post disaster reconstruction activities. ix) Civil society and community based organizations working on disaster management. x) Electronic, print, and folk media. xi) Corporate sector working on disaster management through the mechanism of corporate social responsibilities, Business continuity practices and private public partnerships Functions And Responsibilities Of POs The Partner Organizations shall share all such information, data, reports and other resources, including time series and real time data, as may be hosted in the public domain for the information and awareness for different user groups and for better management of disasters at all levels. The Partner Organizations shall provide their expert opinion and advice on all such matters as may be referred to them by the NFP or the SDMC. The Partner Organizations may also advise the NFPs regarding the design and development of the portal. Nodal Officer At Partner Organizations
Page 44 of 124
Every Partner Organization shall designate a Nodal Officer within the Organization for the implementation of the project. The Nodal Officer should preferably have knowledge and interest in disaster management and should have basic skill in data processing and transmission. The responsibilities of the Nodal Officer shall be as under: i) Communicate with the various wings within the Partner Organization regarding the knowledge resources that can be shared in the public domain for the National Chapter. ii) Provide all such resources to the NFPs on a regular basis in digitized format iii) Update such resources regularly. iv) Handle the queries, questions and clarifications on any matter that may be referred to the POs by the NFP or the SDMC for advice or comments. v) Perform all those relevant tasks as may be required and decided by the NFPs
Activities, deliverables and time limits of the stakeholders are defined in the table below:
Page 45 of 124
TABLE 4: ACTIVITIES, DELIVERABLE AND TIME LIMITS FOR COMPLETION OF ACTIVITIES BY SRAKEHOLDERS
STAKE HOLDERS SDMC (C) FORMAT OF DELIVERABLES Web portal (D) TIME FOR COMPLETION OF THE ACTIVITIES Web portal should be designed and developed within 4 months after selection of implementation agency Within one month of issuance of guidelines Within 4 months of issuance of guidelines Regular ongoing SL NO
(A) ACTIVITIES Conceptualization and overall monitoring for the development and maintenance of SADKN portal
(B) DELIVERABLES Develop, maintain and populate SADKN network in terms of state-of-the-art web portal
1.
Selection of implementation agency for design, development, and maintenance of the SADKN portal with its regional and national chapters Hosting of SADKN portal with necessary hardware, software and related content Coordinate with SAARC, UN ISDR and Member Countries for project implementation Get into a legal agreement or MoU with the NFPs of member countries It should provide necessary remote access
Tender notice
Work order
Training Document for the proper use of the portal Coordination, monitoring
Web portal
Administrative
Legal Agreement or MoU Document To be provided in
Hard copy of Legal Agreement or MoU Notification to all
Within 1 month from release of the Guidelines Immediately with
Page 46 of 124
to all the member NFPs and Partner Organizations for accessing the SADKN portal Provide clear guidelines on the type, unit, format or the form of information required from each partner It should define and allocate specified space to each member NFP on the SADKN portal. It should provide necessary support, guidance and assistance to all other stakeholders of SADKN for information sharing and other related issues It should resolve differences, if any, between members of SADKN It should assist the NFP in forming an alliance with the partners in their countries It should lay down the guidelines to be followed by all the NFP
Technical Guidelines
the NFPs/ POs with details of the remote login access Hardcopy of the guidelines
the development of the portal
To be provided in Technical Guidelines
Immediately after the agreement between the NFP and the SDMC With the development of the portal During the course of the implementation of the project
To be provided in Technical Guidelines Advisories
To be in built in the design As desirable
Guidelines to be followed by NFPs
Hardcopy and Softcopy in the PDF format
Immediately after the signing of the agreement with the NFP.
Prepare the Application development as per the system project scope
As per Technical Guidelines
Do
Do
Page 47 of 124
Perform maintenance and support related activities in the Post Go-Live scenario as per the agreed SLA terms and conditions 2. NFP Enter into agreement with the SDMC for the implementation of the project. Identify the various governments, nongovernment, scientific, technical, academic, and other organizations engaged in the creation, dissemination, and use of knowledge on disaster management in the Member Countries to be partners of the project.
Maintenance of the SADKN portal Legal agreement Agreement
Regular intervals
Immediately
Preparation of an inventory of a minimum of 20 potential partner organizations
Discussion/ negotiation with the potential partner organizations
With in one month from the signing of agreement with SDMC
Institutionalize the partnerships through agreement, MoU or any other instruments as deemed fit Collect, compile and collate the knowledge from the partner organizations and the transmit the same to the SDMC for the development of the National Chapters. After the SADKN portal is launched maintaining and updating their respective national chapters on a continuing basis as per technical and operational guideline regarding maintenance to be issued by the
Agreement/ MoU etc
Agreement/ MoU etc To be prescribed by SDMC
Within 3 months of signing agreement with SDMC During the course of development of the portal
To be prescribed by SDMC
After the SADKN portal is launched
Page 48 of 124
SDMC. Nominate a senior functionary of organization to be a Nodal Officer who be responsible for coordination with SDMC and other partners for implementation of the project. the will the the Administrative Order Administrative Order Immediately after the agreement is signed with SDMC
Appoint Consultant who will assist the NFP in the performance of its functions and responsibilities. 3. Consultant Collect, compile, digitize and transmit knowledge resources from the partner organizations to the SDMC on a regular basis for the development of the National Chapters.
As provided guidelines
in
the
Appointment letter
Within a month of signing the agreement Most of the resources shall be collected and transmitted within 3 months and thereafter as and when the same are collected, During the first month of the consultancy
As per formats to be prescribed by the SDMC.
To be submitted in soft copy
Write one page profile of partner organizations and transmit the same to the SDMC as per format to be prescribed in this regard. Write the draft content of the portal as per formats/ templates to be prescribed by the SDMC
As per template to be provided by the SDMC
Soft copy in word file
As per template to be provided by the SDMC
Soft copy in word file
As per schedule to be prescribed by SDMC
Page 49 of 124
Maintain and update the National Chapter
As per detailed technical guidelines
Through remote login and password to be provided by SDMC As prescribed
Regularly after the National Chapter is launched Regularly after the National Chapter is launched Every month as prescribed
Respond to the e-mails, queries, questions discussions, and clarifications. Submit periodic progress reports to the SDMC
As per guidelines to be provided by SDMC In the prescribed formats
As per prescribed formats
4.
Partner Organizatio ns
The Partner Organizations shall share all such information, data, reports and other resources, including time series and real time data, as may be hosted in the public domain for the information and awareness for different user groups and for better management of disasters at all levels.
Initially as the National and regional Chapters are under development such data shall be shared in digitized format. Subsequently after the portal is launched the data shall be uploaded through remote access to be provided by the SDMC. Expert opinion, advices
PDF and other format as prescribed
Static data shall be transmitted within 3 months of the signing the agreement. Dynamic data critical for disaster management shall be transmitted on a real time basis, as agreed. Earliest convenience
The Partner Organizations shall provide their expert opinion and advice on all such matters as may be referred to them by the NFP or the SDMC.
E-mail, fax etc
Page 50 of 124
5.
Nodal Officer at Partner Institutions
Communicate with the various wings within the Partner Organization regarding the knowledge resources that can be shared in the public domain for the National Chapter.
Internal communications within the organization
As per the practice of the Organization
As desirable
Provide all such resources to the NFPs on a regular basis in digitized format
As prescribed
As prescribed
As prescribed
Update such resources regularly.
As prescribed
As prescribed
Static data once in a week. Dynamic data on a real time basis, as agreed. As prescribed
Handle
the
queries,
questions
and
As prescribed
On line
clarifications on any matter that may be referred to the POs by the NFP or the SDMC for advice or comments
Page 51 of 124
FINANCIAL SUPPORT TO NFPs
The project budget has provision for providing financial support to the NFPs for procurement of hardware, engaging a Consultant and development of contents for the National Chapters. The budget for procuring hardware includes a desk top computer, UPS, Scanner and Printer with a ceiling cost, as under: TABLE 2: PROCUREMENT OF HARDWARE ITEMS Desk top computer with window XP and PDF UPS, Scanner and Printer Total TENTATIVE COST US $ 450 US$ 250 US$ 700
In case any other item or the above items with higher cost are procured, SDMC will not be able the pay the extra cost incurred in procuring these high-end items. The country wise total financial support to be provided to NFP is given in the table below:
TABLE 3: COUNTRY WISE FINANCIAL SUPPORT TO NFP (ALL COST IN US$) Components Consultant @ 750 per month Hardware (Desktop, Printer, Scanner, UPS) Content Development Total 12000 15000 12000 17000 12000 12000 15000 12000 2000 5000 2000 7000 2000 2000 5000 2000 Afghanistan 9000 1000 Bangladesh 9000 1000 Bhutan 9000 1000 India 9000 1000 Maldives 9000 1000 Nepal 9000 1000 Pakistan 9000 1000 Sri Lanka 9000 1000
(iv) Disaster Knowledge Management including digitization, content creation and content development a) Knowledge management and networking being the core issue, the project attaches importance to the collection, compilation, updation and digitalization of published reports,
Page 52 of 124
maps, warning messages, research findings, policy notes, advisories and educational materials. These resources are to be collected from all the knowledge institutions within the country; to be made portable for sharing through SADKN and to be developed as a credible repository for National DKN. b) The consultant, under the supervision of NCP, may take up the above knowledge management and networking efforts for six months till the portal becomes fully operational. After that, it is expected that the portal will become a part of the disaster management activities with the commitment for continuous updation of the knowledge inputs for SADKN. The budgetary support to the extent of US$ 7000 is allocated for content creation and digitization. Remote login: Remote login enables a user to connect to an internet host so as to use the portal interface. Remote login uses simple sharing software which gives the user an access to the required portal from any Internet-connected device anywhere in the world. This software is installed at the other end which allows the authenticated user to access and administer the data available on the portal. This process can be well explained using an example of Google Documents. This service provides the user to access the Google databases using remote login to access, upload and edit the documents. The documents are securely accessed and administered only by the authenticated user using their secure passwords.
local
remote
local
Page 53 of 124
All the National Focal Points (NFP) of the SAARC countries would be provided with a remote login id and password to access the SADKN portal by SDMC. This remote login facility should be used by every participating member NFP to upload and update the respective section of the SADKN portal. Member NFP should be required to upload the data from their respective regions / member associates after proper review and content correction on the SADKN portal using the remote login facility.
Remote login would broadly ensure the following: System security: Unauthorized access and potential threats to the systems would be checked and monitored through access control mechanism. Only identified members from the respective NFP / organizations / agencies would be provided with remote login facility Content integrity: This would ensure that content update happens only through authorized access Content availability: This would ensure access control to critical and classified content rather than public view
Content and information would be available in a read only mode on the SADKN portal for public view. However data / content marked as critical / classified during upload by the respective NFP would be only available to authorized users.
The following points broadly illustrates the content upload and updation on the SADKN portal, The nodal officers at the respective partner organizations/ institutions/ agencies/ departments of the respective NFPs should collect, gather and send the data to the respective NFPs nodal officer in the pre specified format The nodal officer at the NFPs should thoroughly evaluate and validate the data received from the partner organizations/ institutions/ agencies/ departments The nodal officer at the respective NFPs should access the SADKN portal by remote login facility provided to them by the SDMC and upload and update the data on the SADKN portal.
2.
Identification of Implementation Agency (IA)

Selection Criteria a. Implementation Partner (Leading member in case of a consortium) should be a reputed firm in the IT industry with domain expertise in Software / Hardware & Networking / IT services / Distributed IT based service delivery. A copy of Memorandum of Articles of Association should be provided
Page 54 of 124
b. IA should be registered in India under Companies Act 1956 (Leading member in case of a consortium), as evidenced by the certificate of incorporation issued by the Registrar of companies c. IA should have an ISO 9000 certification (Leading member in case of a consortium), as evidenced by a valid ISO 9000 certificate during the identification and selection process d. IA should have been in operation for a period of at least 5 years as of ddmmyyyy (Leading member in case of a consortium), as evidenced by the Certificate of Incorporation issued by the Registrar of Companies e. IA should have had an average annual turnover of Rupees xxx during the last 3 financial years (Leading member in case of a consortium), evidenced by the audited accounts of the company and duly accompanied with a certificate by the Chartered Accountant in this regard. IA shall be required to submit the audited balance sheets for the last three financial years f. IA (Leading member in case of a consortium) should be a profit making company, i.e., a company which earned net profits in each of the last three financial years (irrespective of the amount of profits) and shall submit the profit and loss statement for the last three financial years for evaluation g. IA (or consortium member) responsible for Software Development and System Integration should have SEI-CMM Level 5 certification and shall be required to submit the letter (or any other relevant evidence) certifying the same h. IA (or consortium) should have implemented at least three transactional portals for providing the information and transaction services online to citizens including integration with the disparate backend application systems. IA (or consortium) shall provide references to such portal solutions developed and implemented for their clients. IA shall provide work orders certified by the respective clients mentioning duration of project, scope of work, etc i. IA (all members in case of a consortium) shall not be under a declaration of ineligibility for corrupt or fraudulent practices. A self certified letter by the designated official of the IA (all members in case of a consortium) should be submitted in this regard
Page 55 of 124
3.
Selection of Technology Solution

During selection of the Portal solution the following points should be kept in perspective Features Technology involved
Salient Features of SADKN Portal i. Various stakeholders including common users should be able to access / share information and services over the Internet through SADKN Portal System should be available 24x7 and reliable. During management of any disaster event, system portal has been envisaged to operate as the focal point of all the disaster management activities and one-stop solution for various stakeholders affected by the disaster System should permit transactions through the front-end System design should be highly scalable, secure and reliable since this would be a mission critical application Publishing Workflow should ensure that content is properly reviewed and approved prior to publishing by using a multi-step and role-based workflow Content Scheduling should ensure that content is always published on time and is never out of date by automating its publishing and archiving schedule Page Revision History should enable users to perform ad hoc audits with automatic storage of content revisions and page versions Authoring Tools for Functional Users should provide non-IT functional users with easy-to-use tools, helping them to create and publish rich and personalized content directly to Web sites from their browser and Word editor. This role-based, distributed publishing model should also incorporate multi-level workflow approval, automatic content scheduling and archiving, and content meta-tagging Search engine optimization for faster searches through common internet search engines i.e. Google, MSN , Yahoo, AOL etc Graphics using flash objects or suggested tool for better visual appeal for online training and games features System should be universal accessible through devices like PCs, Laptops, PDA, mobiles, etc
ii.
iii. iv.
v.
vi.
vii.
viii.
ix.
x.
xi.
Page 56 of 124
xii.
Ability to carry out public and private (internal to SDMC) surveys, in an open or anonymous mode, and compilation of results and generation of reports for the same Stakeholder databases should be maintained by the respective backend Governments / Departments / Organizations
xiii.
A larger number of viable alternatives between products on the server and desktop platforms have brought about a significant push for both open source and commercial software solutions to become more innovative, and for software providers to focus and improve substantially on emerging issues like security and reliability. For development of the SADKN portal, various technologies options are available. The following table illustrates few options available. Features Supported OS Weblogic IBM AIX, HP UNIX, Windows 2003/2008/ XP/Vista, Linux, SUN Solaris etc. WebSphere IBM AIX, HP UNIX, Microsoft 2003 Server, SUN Solaris, Linux, etc. Microsoft Share-point Microsoft Windows (95/98/NT/2000 /ME/XP/2003) JBoss JBoss Enterprise Portal Platform is 100% pure Java and interoperable with most operating systems capable of running a Java Virtual Machine (JVM), including Linux, Windows, and UNIX. JBoss Enterprise Portal Platform is interoperable with any JDBCcompliant database and is certified on MySQL, PostgreSQL, Oracle, and MS Liferay Microsoft Windows (95/98/NT/2000 /ME/XP/2003), Linux (Fedora, Novell), Apple Mac OS X (through 10.4.6), Sun Solaris 10, BSD (FreeBSD, NetBSD, OpenBSD) Oracle Database, Microsoft SQL Server, IBM DB2, MySQL, PostgresSQL, Firebird, Hypersonic etc.
Supported DB
DB2, Oracle 10g/11g, MS SQL Server 2005, MySQL, Sybase etc.
IBM DB2, MS SQL Server Oracle 11g, MS SQL Server, MySQL, PostgreSQL
Page 57 of 124
SQL Server Supported Web Server Apache, Microsoft Internet Information Server (IIS) 5.0/6.0/7.0, Sun Java System Web Server V6.0 , Oracle HTTP Server, Apache Server V2.0.49, V2.0.52, IBM HTTP Server V2.0.47.1/V6.0/ V6.0.1/ V6.0.2, IBM HTTP Server for iSeries (Powered by Apache) V5R3, IBM Lotus Domino Enterprise Server 6.5.4/ 6.5.5/ 7.0.1, Sun Java System Web Server V6.0 SP9, 6.1 Service Pack 3, Microsoft Internet Information Server 6.0 Microsoft Sun Java System Sun Internet Web Server System Server Information Server (IIS) 5.0/6.0/7.0 Java Web
Supported Browser
Microsoft IE 6.0/7.0 with SP1 or higher, Mozilla FireFox 1.0/1.5/2.0. JAVA
IE Microsoft IE, Microsoft IE, Microsoft IE Microsoft 6.0/7.0 with 6.0/7.0 with Mozilla FireFox Mozilla FireFox SP1 or higher, SP1 or higher Mozilla FireFox 1.0/1.5/2.0
Supported Technolog y
JAVA
.NET
JAVA
JAVA
Selection of final solution amongst the plethora of options should be made based on the user and the stakeholder requirements. Proprietary solutions like Share Point, Web Sphere and Web Logic provide an integrated solution and are highly mature and stable Page 58 of 124
systems. However, all the proprietary solutions have cost involved which is high as compared to open source solutions. The exact costing can be done only once assessment of the user needs, system analysis and an assessment of IT maturity of the participating stakeholders is conducted. Indicative cost estimation is provided in Annexure VII It is suggested that portal solution should be selected in conformance with the specifications provided in the Technical Guidelines section. A list of features specific to portal is provided in Annexure V.
4.
System Study
Identified IA shall conduct the system study and prepare a Project Initiation Report. This report shall contain a detailed review of the existing systems, existing infrastructure, site survey, an assessment of key components (if any) like data centre, communication links and options, skilled manpower availability, geographic conditions, etc. This study should be conducted with the view of assessing of the existing situation based on which a detailed project plan for portal development and implementation can be formulated
5.
Preparation of System Requirement Specification (SRS)

Identified IA should prepare a detailed System Requirement Specification (SRS) Report. It is suggested that the SRS report should reviewed by the respective Project Management Unit (PMU) and any ambiguity with respect to the project scope is discussed with the IA. Application development should start only after PMU gives a sign-off on the SRS. It should be ensured that the SRS document captures the following in detail: System design and specifications Application architecture Application functionality Application flow Specific feature-wise details Interface design Database design
SRS document would be the reference benchmark based on which application development would happen. Page 59 of 124
6.
Application Development
It is suggested that the application development happens at the Implementation Agencys development environment. This would help in keeping the costs of application development low and at the same time provide the best environment for application development in terms of tools and support. It should be ensured that the application development happens in strict adherence with the identified solution in terms of technology and specifications. Regular reviews and monitoring of the application development process should be ensured through monitoring mechanisms like weekly monitoring report, modular demos, etc of the application to the PMU. It should be the responsibility of the IA that proper relevant documentation including user manual, online help module, test plans, etc are developed.
7.
Application Testing and User Acceptance Testing (UAT)

The primary objective of Application testing and User Acceptance Testing is to ensure the adherence to the requirements, standards and specifications prescribed in this guidelines. It is suggested that this activity is conducted by ensuring that the following are associated with clear quantifiable metrics for accountability: Functional requirements System availability System performance Security Manageability Standards and protocols
It is recommended that acceptance testing is conducted in two phases, namely, Pre Go-Live and Post Go-Live. The acceptance testing prior to the Go-live should be aimed at ensuring the conformance of the solution (including design, developed software etc) in accordance with the requirements defined for the solution. The Pre Go-Live testing should be performed in parallel with various phases of the project. Broadly this phase should contain the following levels of testing: Unit testing Module testing Integration testing
Page 60 of 124
Post Go-Live User Acceptance Testing (UAT) is suggested with an aim of complete testing of the integrated solution (SADKN Portal and Data Centre). Post Go-Live testing should include functional, performance, security & controls testing and should also include any other as may be required. It should be ensured that IA addresses all the issues / gaps identified in the solution in both Pre & Post Go-Live testing phases and provides support for any technology related problem / issue.
8.
Security Audit
It is recommended that PMU should undertake an exercise of Testing, Acceptance and Certification of systems implemented for the project through an independent agency (referred to as Quality Assurance / Certification Consultant or Agency like STQC). The following methodology is suggested for this activity: PMU should nominate a suitable neutral and technically competent Audit, Compliance and Certification Agency (or Consultant) for conducting acceptance testing and certification Audit, Compliance and Certification Agency should define a set of guidelines following internationally accepted norms and standards for testing and certification in all aspects of project development and implementation covering software, hardware and networking including the processes relating to the design of solution architecture, design of systems and sub-systems, coding, testing, business process description, documentation, version control, change management, security, service oriented architecture, performance in relation to compliance with SLA metrics, interoperability, scalability, availability and compliance with all the technical and functional requirements It is recommended that the Audit, Compliance and Certification Agency should be involved with project from the early development stage (not later that SRS development phase) to ensure that the guidelines are being adhered to. This would help to avoid large-scale modifications pursuant to testing done after the application is fully developed It is expected from the appointed Audit, Compliance and Certification Agency that qualified and experienced professionals are engaged to perform specific tests on software, hardware, networking, security and all other aspects It should be the responsibility and duty of the Audit, Compliance and Certification Agency to bring to the notice of PMU any deviations from the norms, standards or guidelines through established and appropriate processes like weekly monitoring reports, meetings, testing reports, etc
Page 61 of 124
It should be noted that an involvement or guidance by the agencies (PMU, Audit agency) shall not absolve the Implementation Agency from the fundamental responsibility of designing, developing, installing, testing and commissioning the various components of the project to deliver the services in perfect conformity with the SLA
9.
Portal Hosting: Go Live Stage

Application deployment should be done only once the security audit is completed at the identified Data Centre
10.
Data Centre
A Data Centre is required for hosting the Portal solution and for the same purpose following two options is available: Creation of SADKN Data Centre Hiring the services of a Commercialized Data Centre
The following table presents a brief comparison between the two: Issue Physical Setup SADKN (SDC) Data Centre Commercialized Data Centre (CDC) Only vendor needs to be identified from a list of CDC operators Very high In case of CDC, data security remains with third party whereas in SDC, it remains with SDMC Remarks
Vendor / Site should be identified for SkDC setup. Would involve huge investment in terms of cost, time and manpower Very high
Data Security
Maintenance
A dedicated team is required for maintenance and support related activities
CDC team takes care of maintenance related issues
System Availability Capital expenditure
Responsibility for system Responsibility will availability will remain with remain with CDC SDMC Huge costs involved Lease amount Overall costs for the project depending on the Data substantially lesser reduces in case of Centre Type than the setup cost Commercialized Data Centre
Page 62 of 124
It is recommended that the External Data Centre is selected based on the highest security and safety norms and the selected should be ISO 27001 compliant. 11.
Portal Maintenance
It is suggested that the task of portal maintenance and support should be given to the Implementation Agency and a clear SLA should be agreed upon and legalized in this regard with a clear time period.
New Release / Upgrade It should be the responsibility of the IA to ensure that any gaps / issues with respect to the portal functioning are addressed to immediately and new release of the application or upgrade of the application is done ensuring the least downtime (if at all)
Change Management Activities It is suggested that all the Change Management and handholding related activities are a function of the IA and should be included in the SLA. Following list of activities should be included in the Change Management function of the IA: i. System Orientation training ii. Basic Computer training iii. Application training iv. Basic maintenance training
Page 63 of 124
SADKN Portal: Technical Guidelines

This section presents the technical specifications and standards to be followed for portal development and implementation Application Architecture For the purpose of development of the SADKN Portal Solution, it is suggested that an n tier architecture model should be adopted. The application architecture should follow industry standard protocols like HTTP, SOAP and XML for integration with backend department systems. This will enable the application to easily integrate with legacy systems and exchange information with the same. The application architecture will be broadly divided into three layers: i. Presentation Layer: The presentation layer will be a browser-based application ii. Business Logic layer: The Business Logic will be processed by the Application Server and Integration server deployed at the Datacenter iii. Data Layer: The data layer of the application provides clustering capabilities for failover and high availability at data center. The data stored in the database server can be retrieved as an XML document and the application can communicate this information with any system following open standards Since the system has to integrate with applications across various stakeholder entities consisting of heterogeneous platforms and databases (e.g. integration of the application with the relevant databases, etc), application integration solution using web services standards can be adopted. With the given requirements of the Portal solution, a broad level specification for portal components is outlined in the ensuing section. Following are the portal components which are envisaged to be a part of SADKN Portal System:
Page 64 of 124
S. No. 1.
Online Portal Component Portal Solution
Brief Description of the Component The portal solution and accompanying solution components must conform to open standards and must be a horizontal enterprise portal Provides the content creation, management and version control capabilities for the content hosted in portal
2.
Content Management
3.
User Management & Provides user management services and service enrolment Access Control features to enable business user to register with the portal and Management System to enrol for the services provided in the portal Online Forms PKI Services Provides electronic interface for information capturing purpose Provides secured mechanism for user identification, transaction integrity & security, non-repudiation The portal and various other components such as hardware, data centre should possess security features that protect sensitive data from unauthorized access and modifications Gateway Provides interface to the external payment gateway for enabling the online payment services
4. 5.
6.
Security
7.
Payment Services
Page 65 of 124
The detailed specifications of the Components are outlined as below: Portal Solution S. No. 1. Portal Specifications Intelligent advanced caching techniques to enhance the portal performance by caching frequently accessed data in memory. Predictive caching based on techniques such as user behaviour and past portal access analysis is desirable Ease of installation using graphical installation and configuration quick start tools and wizards Preconfigured out-of-the-box functionality such as existing portal components and predefined personalization templates thus allowing a minimized go-live time The Implementation Partner is required to propose and implement a strong management framework allowing portal administrators to monitor, reconfigure, manage, update, and control all platforms, hardware and software, of the portal site and associated services. The management framework should also allow administrators to monitor operations, report faults, alert administrators of failures, analyze access, usage, load etc. to take appropriate actions whenever needed. The portal management tools and packages should be installed on the LAN The proposed portal solution should be capable of accessing structured data via ODBC and JDBC as well as native SQL statements for specific database formats. As for unstructured data, the portal should be capable of providing a link to a piece of content in a particular format or an icon representing a piece of content formatted in a particular fashion The portal should support both push services such as email based alerts and notifications as well as pull services such as display of RSS feeds from various popular news sources The portal solution should be capable of interfacing with backend business application and other existing portals via a multitude of mechanisms such as, but not limited to, the following: Web services Application services through the service oriented architecture Composite applications
2.
3.
4.
5.
6.
7.
Page 66 of 124
8.
To achieve the above mentioned integration target, the portal solution must at least conform to the most recent approved versions of the following standards: WSDL UDDI XML JSR-168 SOAP WSRP
9.
The portal solution and accompanying components should possess workflow and business process management capabilities and should be open for interfacing with and be controlled by such packages via various mechanisms such as event triggers and messages Portal solution should not mandate the use of additional client software for web access, other than a standard web browser such as internet explorer, fire fox etc. In case any specific application requires the use of such a component, it should be made available on the portal for a free download by the end-users
10.
Page 67 of 124
Content Management S. No. 1. Content Management Specifications Provide content management, content aggregation, index/search, and categorization for local content. The SADKN Portal should enable basic content searching and delivery primarily focused on information related to government services Content management framework should manage the process of content creation, revision and approval through a combination of work flow and version control technologies Contributor, managerial rights and privileges must be managed according to the predefined roles for security and to ensure that participants are undertaking suitable and appropriate tasks Content must be tagged with the Metadata to enable it to be retrieved more easily. The portal solution shall include Metadata directories for personalization and search functions to work effectively through creation of indexes and cross-references of the data (data assets) contained in each of the various databases associated with the portal Access management and privileges for content management should be secured and advanced authentication technologies such as PKI shall be used for controlling access to the SADKN Portal content management SADKN Portal content repositories must be managed, through versioning and version control, to ensure integrity and authority of the core content
2.
3.
4.
5.
6.
User Management & Access Control Management System S. No. 1. User Registration & Access Control Management System Specifications User Registration & Access Control management services should facilitate user registration with the SADKN Portal and should allow the users to enrol for various department services User Management should be a directory services solution based on open industry standards such as LDAP
2.
Page 68 of 124
3.
User authentication services must support common authentication mechanisms (Basic, User Id/Password, Certificates, Tokens, Smart Card) and standards (X.509, etc.) for functional users Authentication Services should be able to integrate with leading PKI vendors and Standards
4.
5.
Once authenticated, users should be allowed to access the services for which he/she has enrolled and for which Authorization Officer has approved SADKN Portal should provide the Security & User administration interface (module) for Authorization Officer of an organization to enable management of access rights and privileges of other users in the organization SADKN Portal should provide the Security & User administration interface (module) for Administrator to enable management of access rights and privileges of other users in the organization The Passwords and other confidential information related to the users should be stored and transmitted in a secured and encrypted manner Password Management services must enforce password restrictions, which include the criteria and limitations that can be placed on passwords to increase security. It should provide features such as periodic forced changes, not reusable, hard to guess, mixed characters along-with minimum password lengths, enforcement of alphanumeric password standards, password history logging and user lockout from failed login attempts The auditing and logging solution should allow secure logging of events to a central location
6.
7.
8.
9.
10.
Page 69 of 124
Online Forms S. No. 1. Online Forms for various services Create a central repository for all Government / NGO / Organization forms in use. The repository should include application forms in various printable formats ready for downloading and printing on paper. The portal should allow downloading forms in ODF and PDF formats Index, categorize, and sort the forms for easy retrieval by service requesters. Online Forms section should be designed in a way that provides end users with a user friendly searching facility to search for the proper form in the event that the proper form fitting the required service is unknown to the requester Categorization and grouping of the forms should follow the same structure as the presentation of the services on the site (e.g. life events model). Direct links for the section listing and describing the services to the Online Forms section should be created in the service delivery section of the portal. In the event that the user starts the process of locating the proper form from the Online Forms section, one should see a similar graphical representation of the service delivery model but tailored to allow direct access to the forms Provide a mechanism for automatic uploading and updating of the forms hosted on the portal by the concerned entities. The uploaded forms should not appear immediately on the site for online filling until the various integration steps are completed unless they either do not require integration or follow the same integration requirements as older versions. However, the form can immediately appear for downloading as outlined below. The uploading process should possess the following features: i. Only authenticated and authorized entities are allowed to upload forms Entities are only allowed to upload forms that the entity owns. Once a new form is uploaded, an automated indexing, content analysis, categorization, and sorting process is triggered to allow searching for the form on the site The portal should accept a standard application format preferably XML and use backend automated tools to translate from the standard format to other downloadable formats Once the form is uploaded, and if the form is integrated with other Page 70 of 124
2.
3.
4.
ii.
iii.
iv.
backend systems, then a trigger must be sent to the site administrators to start the process of integrating the form with the backend systems through the portal if any such actions are required 5. Provide a mechanism for online filling of the appropriate forms. Filled forms should be forwarded to the concerned entity for processing electronically. The functionality should be available in various flavours: i. SADKN Portal shall allow downloading forms for printing and filling by the service seeker SADKN Portal shall allow online filling of forms for data capturing purpose and for sending the filled forms via basic messaging protocols (e.g. via an email message as an attachment) to the concerned entity SADKN Portal shall allow for online filling and submission of the filled forms to backend applications for processing. This would be done through the proposed integration messaging infrastructure
ii.
iii.
6.
During the infrastructure building process, more integration features will be made available to SADKN Portal and other backend application. This will provide the portal site with the ability to: i. Allow digital signatures for authentication of content update / publish on the portal Allow donation payments on the portal site Populate the form with data from other backend applications and shared databases
ii. iii.
7.
The Implementation Partner must define and document the operational procedures required to operate this section of the portal and should define any change management processes that are required to implement updating of information / forms hosted by the portal (e.g. the Implementation Partner should define in clear terms how the operational staff would handle uploading and integrating a form with the portal once the system notifies the operators of a change in a form
Page 71 of 124
PKI Services S. No. 1. PKI Services SADKN Portal should support Digital Certificates issued by licensed CA's in India and should accept digital certificates based on criteria (Issuer, Class, Policy Identifiers) Server SSL certificates should be used for authenticating servers and encrypting sensitive traffic between SADKN Portal, Gateway and other participating entities Digital Signatures may be mandated for various transactions
2.
3.
Security S. No. 1. Security Specifications Security should be regarded as an overall framework that encompasses facilities, people, systems and applications. Besides defining the security architecture for systems and data, the Implementation Partner must define: i. ii. iii. The hosting and facilities security features and requirements Security processes to be applied on and by portal staff Security policies and procedures in conformity with ISO 27001, during the design phase Auditing procedures to ensure that the security design and features are implemented and enforced Security alerting mechanisms Security response team to take immediate actions in case of a security breach
iv.
v. vi.
2.
Authentication and single-sign-on mechanisms should be developed and embedded with SADKN Portal for authenticating purposes. This should be linked to the personalization sections of the portal site and authentication shall be carried on to other portals. The preferred solutions for authentication and single-sign-on should meet the following: i. Authentication should be conducted using the standards based LDAP meta-directory server Page 72 of 124
ii. iii. 3.
Authentication should be linked in the future to PKI Single-sign-on should use open standards
Portal solution should handle errors due to communication failure, hardware failure, etc and roll back the changes appropriately so that transaction consistency is maintained at all times The solution should ensure guaranteed once only delivery, message routing, transformation, data compression, queuing and load balancing features and optimize both data-level and process-level integration. Specific capabilities of such a solution should include, but are not limited to, a robust and secure messaging infrastructure and graphical data transformation Security design should provide for a well-designed identity management system, security of physical and digital assets, data and network security, backup and recovery and disaster recovery system The portal security solution must provide for session settings such as idle or max session time-outs, session caching, concurrent sessions and other session control settings System should be audited by a third party at the stage of acceptance testing stage pre-launch and periodically thereafter, at least once a year, to ensure that the security systems are intact and that the security policies are strictly being enforced Following is an illustrative list of key security features which should be implemented: i. ii. iii. iv. Single Sign-On Encryption LDAP based authentication and authorization PKI services
4.
5.
6.
7.
8.
9.
The solution should provide for maintaining an audit trail of all the transactions and all entries into the system Some of the additional features are as follows:
Data Centre / Server Level 10. The server operating system should be hardened to provide a high level of security according to industry best practices and vendor recommendations for hardened operating system The physical location should possess sufficient physical security controls to limited physical access to the hosting site
11.
Page 73 of 124
Hardware Level 12. The Implementation Partner shall ensure the highest possible security levels in the SAN design. The use of encryption and authentication is recommended whenever possible. Security devices and appliances such as firewalls, Intrusion Detection Systems, encryption modules, VPN support modules etc must be used at key points and configured to provided optimum level of security
Data Security 13. Adoption of a security policy that is adherent to the ISO standards should be ensured. Some of the key security guidelines are listed below: i. Grant privileges only to a user or application which requires the privilege to accomplish necessary work. Excessive granting of unnecessary privileges can compromise security ii. No administrative functions are to be performed by an application. For example create user, delete user, grant role, grant object privileges, etc iii. Privileges for schema or database owner objects should be granted via a role and not explicitly. Do not use the ALL option when granting object privileges, instead specify the exact privilege needed, such as select, update, insert, delete iv. Password protected roles may be implemented to allow an application to control access to its data. Thereby, end users may not access the applications data from outside the application v. Access to Administrative or System user accounts should be restricted to authorized DBA vi. Do not grant system supplied database roles. These roles may have administrative privileges and the role privileges may change with new releases of the database vii. Database catalogue access should be restricted. Example: Use USER_VIEWS instead of DBA_VIEWS for an Oracle database viii. Privileges granted to PUBLIC are accessible to every user and should be granted only when necessary ix. Any password stored by applications in the database should be encrypted x. Applications should not DROP, CREATE or ALTER objects within the application xi. Utilize the shared database infrastructure to share cost whenever possible xii. Applications should not access the database with the same security as the owner of the database objects. For example on SQL Server do Page 74 of 124
xiii.
xiv. xv. xvi. xvii.
not grant the dbowner role and on Oracle do not use the Schema userid to connect to the database. Setup another userid with the necessary privileges to run the application Database integrity should be enforced on the database using foreign keys not in the application code. This helps prevent code outside the application from creating orphan records and/or invalid data Do not hard code username and passwords in the application source code Ensure external users have the least privilege possible Auditing of database functions/activities should follow the standards of the EA Standard "Auditing" The solution should use encrypted communication between its components and the back-end department applications. The solution should provide compatibility with industry standard encrypted network traffic, which may be used to transmit critical data (e.g. HTTP over SSL, and LDAP over SSL, etc)
Payment Gateway Services S. No. 1. Payment Gateway Services Should provide the interface and access to the external payment gateway services provider and should be integrated with the SADKN Portal solution Should facilitate payment (donation) through credit card, debit cards and online bank transactions Payment Gateway services should provide complete audit functionality for tracking and monitoring/reconciling the financial transactions taking place through SADKN Portal In case of unsuccessful transactions the Payment gateway should be able to refund the amount to the calling account
2.
3.
4.
Page 75 of 124
An Approach to Development: Open Source and Proprietary Solutions Open Source v/s Proprietary Software SADKN portal is envisaged as a mission critical application which has to interact in an environment where information is kept in heterogeneous formats in multiple databases situated at varying geographical locations. The envisioned portal solution aims at bridging the gaps between people, processes, applications and systems. It is suggested that adherence to follow various standards like IEEE standards (for development prescribed by the IEEE Standard Association to ensure follow of best practices and standards at every stage of the software development and implementation process); ANSI SQL 2003 standard for RDBMS; and Open standards for hardware platforms is ensured.
An open standard is a standard that is publicly available and has various rights to use associated with it
Open standards are meant to ensure interoperability between products from different vendors so that customers have the flexibility to put together best of breed solutions and, at least in theory, can swap out one vendors products for anothers if they become disenchanted with the first vendor on product quality or price. The best example of open standards at work is the Internet virtually all of the technology specifications it depends on are open, as is the process for defining new ones In this write up an effort has been made to present a comparison between the technology paradigms in terms of open source and commercial software and the choices that may be chosen for application development for building XML based web-services for development of SADKN portal. Open Source Software Open source refers to a software licensing model where the source code of the software is typically made available royalty-free to its users, under terms allowing redistribution, modification and addition, though often with certain restrictions. Open-source programs are often, though not exclusively, developed through a collaborative effort in which a number of persons, often with no formal association with each other, contribute elements of the final software. While open source software is made available under a variety of approaches in licensing, these approaches have certain features in common. They rely on the copyright within the software to form the licensing contract. They each grant rights and permissions subject to conditions. In general, these conditions restrict how the software may be further changed or distributed, rather than imposing a
Page 76 of 124
requirement that a fee be paid for it. There are two principal open source licensing approaches, the GNU General Public License (GPL) and the Berkeley Software Distribution (BSD) License. The most often cited examples of alternative open source applications include the Linux operating system, the OpenOffice suite (formerly Sun's Star Office, www.openoffice.org) and Mozilla's Firefox web browser. Advantages Low cost and no license fees Open standards that facilitate integration with other systems Option for customization in-house It supports interoperability, at least with well publicized APIs It is very well documented in many cases Flexibility and customizability extensive active builder and user communities that forms a good technical support base Many open source applications run on multiple platforms including Windows and Linux The end-user of Open Source code has the ability to change and modify source to implement any extra "features" of security they may wish for a specific use, which can extend to the kernel level No software piracy is involved
Disadvantages Lack of professional support and trainings in many cases Evolving developer communities Lack of release co-ordination unless there is support from the organization which would be on a chargeable basis
Financial Implications

Give away the program and charge for installation and support (used by many Linux distributions) Customizations, support and maintenance are chargeable in many cases Free version of the software might have less features that the paid one
Proprietary Software Proprietary software refers to the model where the software developed by a commercial entity is typically sold or licensed to a customer in object or executable code, either directly or through channels. The commercial entity often provides support, training, updates and other similar services needed by customers to use that software. The source code of the software may be made available to certain users of the software through special licensing or other agreements, but is usually not distributed to the general public, and may not be copied or modified except in a
Page 77 of 124
manner provided for in such agreements.Closed-source software vendors typically provide a "one-stop shop" for all support matters: since the vendor developed the software (and appropriately licensed any included components that were developed by others), the vendor also provides all necessary support functions. Nobody else can provide the level of support that the original vendor does, simply because nobody else has the requisite access to the source code (not just to understand how it works, but to make modifications and fix bugs). Commercial software providers typically adopt the traditional software licensing approach where permission to use the software is granted to a customer in return for a fee. The customer is usually permitted to use, reproduce or adapt the software according to the terms of the permitted activities under the license. Advantages Reliable, professional support and training available Packaged, comprehensive, modular formats Regularly and easily updated It supports interoperability, at least with well publicized APIs It is very well documented
Disadvantages High Initial cost of the software and the licenses It has closed standards that hinder further development Proprietary software companies often change their licensing policies like Server based licensing, then to number of users based licensing and now recently to named-user licensing Proprietary Solutions leads to piracy due to their high costs
Financial Implications High initial cost Cost of implementation and extra licenses is not involved in base packages The support and up gradation comes with a cost
Page 78 of 124
Key Recommendations
Given the funds availability and the varying level of IT maturity of the participating countries in the SADKN initiative, it is imperative that a phased approach be adopted to realize the vision of SADKN. This section provides key recommendations in terms of a phased approach, technology selection and overall budget breakup. SADKN Phase-wise Implementation Roadmap The ensuing section provides an illustrative view of the phase-wise approach for development of the SADKN portal. Phase Year of Implementation I One II Two
Phase I In phase I, it is recommended that a basic informational portal should be established first. The purpose of this portal should be to only provide informational services and should have the following basic features: About us News Knowledge Documents Disaster Information and news Calendar Smart Search Expertise Locator Frequently Asked Questions Site Map Legal Terms Communities Weather Update Document Based Education & Training Notifications Policies Login for Authorized Users Spread the word Counter Feedback Forum Knowledge base Page 79 of 124
Archive Distance calculator Locating a place Real time disaster information update Group discussion forum Live chat sessions with domain experts on various disaster types Education and training using flash animation techniques, video feeds, webcasts, etc Centralized Help Module o Details of Disaster relief shelters / camps in disaster affected area o List of major hospitals / police stations / schools / railway stations / bus stations in the disaster affected area e-Newsletters Blogs
The very aim of this informational portal would be cerate awareness among the stakeholders in terms of usage, information sharing and interacting amongst the involved participants. The envisaged SADKN system and portal would be an entirely new concept to most of the members and participants in the SAARC region. Hence it is imperative that in phase I, only a basic system is developed. Once the system achieves the desired stability and maturity in terms of usage, reliability and availability during the earmarked time period of one year, it is recommended that phase II should be undertaken. Phase II It is important to assess the system maturity and stability before undertaking the development of the advanced modules of the SADKN system and portal. It is assumed by the end of the year I, which would also include the implementation of the phase II, the existing system would achieve the desired outcomes of the SADKN vision of providing a common platform for collaboration and information among the participants, member associates and more importantly the citizens of the SAARC region. However, if it is felt that the level of IT maturity of the system and the users of the system is not as desired, phase I should be extended and a re-evaluation of the same should be done after every six months. Under phase II, more advanced features and functionalities of the SADKN portal would be developed and implemented. An indicative list of such features and functionalities is given below: Map Centre o Identification of disaster affected areas on maps o Identification of essential infrastructure on maps including hospitals / primary health centers / police stations / civil defense camps / schools / stations (railway & bus) etc in and around the disaster affected region Integration with International Disaster Management Networks
Page 80 of 124
Advanced Modules o Shelter Registry o Volunteer Registry o Missing Person Registry Centralized Help Module o Payment gateway integration for donation option o Blood donation camp registry Demand-supply dashboard for resource requirements (food, medicine, medical supplies, money, volunteers, clothing, camps, etc) Advanced disaster management and alert system Analytical tools o Customized MIS reports o Detailed information on various disaster
Technology Selection During selection of technology / application solutions, it is recommended that open standards should be adhered to and the selection between open source and proprietary solutions should be made based on the fund availability and technology preference. The following table gives an illustrative list of options available. However this list is only indicative and other options may also be explored. Features Supported OS Weblogic IBM AIX, HP UNIX, Windows 2003/2008/ XP/Vista, Linux, SUN Solaris etc WebSphere IBM AIX, HP UNIX, Microsoft 2003 Server, SUN Solaris, Linux, etc Microsoft Share-point Microsoft Windows (95/98/NT/2000 /ME/XP/2003) JBoss JBoss Enterprise Portal Platform is 100% pure Java and interoperable with most operating systems capable of running a Java Virtual Machine (JVM), including Linux, Windows, and UNIX Liferay Microsoft Windows (95/98/NT/2000 /ME/XP/2003), Linux (Fedora, Novell), Apple Mac OS X (through 10.4.6), Sun Solaris 10, BSD (FreeBSD, NetBSD, OpenBSD)
Supported DB
DB2, Oracle IBM DB2, MS SQL Server 10g/11g, Oracle 11g, MS MS SQL SQL Server,
JBoss Enterprise Oracle Portal Platform is Database, interoperable with Microsoft SQL
Page 81 of 124
Server 2005, MySQL, Sybase, etc
MySQL, PostgreSQL
any JDBCcompliant database and is certified on MySQL, PostgreSQL, Oracle, and MS SQL Server
Server, IBM DB2, MySQL, PostgresSQL, Firebird, Hypersonic, etc
Supported Web Server
Apache, Microsoft Internet Information Server (IIS) 5.0/6.0/7.0, Sun Java System Web Server V6.0, Oracle HTTP Server
Apache Server V2.0.49, V2.0.52, IBM HTTP Server V2.0.47.1/V6.0/ V6.0.1/ V6.0.2, IBM HTTP Server for iSeries (Powered by Apache) V5R3, IBM Lotus Domino Enterprise Server 6.5.4/ 6.5.5/ 7.0.1, Sun Java System Web Server V6.0 SP9, 6.1 Service Pack 3, Microsoft Internet Information Server 6.0
Microsoft Sun Java System Sun Internet Web Server System Information Server Server (IIS) 5.0/6.0/7.0
Java Web
Supported Browser
Microsoft IE 6.0/7.0 with SP1 or higher, Mozilla FireFox 1.0/1.5/2.0
Microsoft IE Microsoft IE Microsoft IE, Microsoft IE, 6.0/7.0 with 6.0/7.0 with Mozilla FireFox Mozilla FireFox SP1 or higher, SP1 or higher Mozilla FireFox 1.0/1.5/2.0
Page 82 of 124
Supported Technolog y
JAVA
JAVA
.NET
JAVA
JAVA
Though hardware specifications for creating a new data centre are provided in annexure VII, it is strongly recommended that the portal application be hosted using the services of an external data centre (Government Data Centre / Commercialized Data Centre) rather than creating a new data centre. In case, no options are available in the member countries, services of data centers in India can be availed and SDMC should be able to help and guide the member countries in this regard. Government Data Centers provide services at a minimal or no cost to Government departments.
Budgetary Estimations
Annexure VIII provides details of budgetary estimations vis--vis option 1 and option 2. Option 1 has the provision of building a dedicated data centre for implementation of the SADKN. This would require an investment of huge amount of capital. Option 2 considers only building of the portal whereas hosting of the SADKN portal would be at an external data centre. The option of building up a dedicated data centre as envisaged under Option 1 would require a huge capital investment for building a data centre just for hosting a portal. Considering the available resources, Option 2 is recommended and has been finally selected. Annexure IX provides the country-wise breakup.
Page 83 of 124
Annexure I - Brief On Gateway Specifications The following are the interoperability standards. The Gateway Service Provider (GSP) should ensure that these standards that implementation of solution is in compliance with these standards. 1. Interoperability Interface Protocol (IIP) 2. Interoperability Interface Specifications (IIS) 3. Inter-Gateway Interconnect Specifications (IGIS) 4. Gateway Common Services Specifications (GCSS) i. INTEROPERABILITY INTERFACE PROTOCOL (IIP) The objective of Interoperability Interface Protocol (IIP) and Interoperability Interface Specification (IIS) is to standardize on the protocol and to specify the interface nature for this communication to take place. IIP is the communication protocol that the Service Access Providers, Service Gateway and the Service Providers need to comply with. This protocol is divided into two parts; one part is targeted towards the Service Access Providers and one for the Service Providers. IIP is an asynchronous request-poll-retrieval protocol, with provisions for synchronous communication, which supports requests to be sent and receive a response through a polling mechanism or synchronously. The foundation of the protocol is based on message types and context based processing of messages. There are mechanisms for sending a request, communicating acknowledgements, querying the state of a request, sending and communicating responses and to handle error situations. The message types supported by this protocol are listed below:
1. 2. 3. 4. 5. 6. 7. 8.
Submit Request Used to send an service request Submit Acknowledgement Used to acknowledge submission requests Submit Poll Used for polling for responses Submit Response Used to package the service response List Request Used for querying submission state Delete Request Used for ending a submission session Delete Response Used as an indicator for submission session ending Submit Error Used for responding to errors
Exchange of IIP compliant messages is intended to be the primary mode of communication between the Service Access Providers and the Service Gateway as well as between the Service Providers and Service Gateway. It is to be noted above that not all messages are required to be supported by the Service Access Providers and the Service Page 84 of 124
Providers. Some of the above messages are mandated to be supported by the Service Access Providers and some for the Service Providers. IIP provides the interoperable interface for communication and all the IIP messages are XML based, therefore readily usable by any application. ii. INTEROPERABILITY INTERFACE SPECIFICATIONS (IIS) IIS provides the technological specification for exchanging of the IIP compliant message. To this end IIS provides the following: Mapping of the IIP message to a carrier protocol, SOAP Provides guidelines for messaging, in terms of message size etc Provides facilities for optimization, through batching mechanism etc.
IIS compliments IIP by translating the message exchange into a viable form of messaging mechanism, such that optimization can be achieved by the implementing application. In terms of carrier protocol, IIS follows SOAP, as standardized by W3C, such that wide industry support is available in forms of ready libraries and implementations. IIS is always used in conjunction with IIP; therefore it is uniformly applicable to the Service Access Providers, Service Providers and Service Gateway. iii. INTER-GATEWAY INTERCONNECT SPECIFICATIONS (IGIS) The primary aim of this standard is to provide the specifications and protocols required for construction of the Gateway Constellation. In this endeavour, the document provides specifications at the following levels: Gateway Constellation Structure Service Resolution and Service Information Propagation Operational Guidelines for Gateway Constellation Gateway Interconnect Protocol (GIP) This specification defines the structure of the Gateway Constellation, the communication mechanisms between various gateways in the constellation, facilities to propagate a service request to its required destination and the policy guidelines applicable to each of the participating gateways in the constellation and the constellation as a whole. This specification is intended to provide the basis on which the Gateway Constellation will be realized. The specification and its associated protocol (s) may be realized with the help any suitable technology and means. In effect, this specification is a technology neutral specification, guideline and protocol enumeration for the Gateway Constellation.
Page 85 of 124
Conformance to IGIS is required by any Gateway that needs to be a part of the Gateway Constellation. Annexure II A brief on GIS interface GIS is an acronym for Geographic Information Systems. These technological systems measure data (spatial and non-spatial) based on geographic areas stores and organizes the data into sets and finally analyzes it in order to make an illustration of the data. The maps that are generated can be used to make better decisions and have greater efficiency when planning, managing and designing these geographic areas. GIS links location data with information such as human activity, weather and natural resources.
Web GIS
The concept of Web GIS is based on how the map is produced and responds to users' interactions over the Web. The publication and distribution of spatial data are increasingly important activities enabling organizations to share domain-specific dynamic spatial information over the Web. Web GIS add GIS functionality to a wide range of internet-based applications in government, business, research and education. It has several advantages such as worldwide access, dynamic data access and user-friendly interface. An illustrative view of Web GIS architecture:
Application logic
Page 86 of 124
Typical applications for GIS software include the evaluation of places for the location of new stores, the management of power and gas lines, the creation of maps, the analysis of past crimes for crime prevention, route calculations for transport tasks, the management of forests, parks and infrastructure, such as roads and water ways, as well as applications in risk analysis of natural hazards, and emergency planning and response. For this multitude of applications different types of GIS functions are required and different categories of GIS software exist, which provide a particular set of functions needed to fulfill certain data management tasks. Suggested features for the Web GIS software: Data Management It is suggested that the software provides for geodata services for data extraction, replication and synchronization, as well as a framework and tools for managing large spatial datasets in an RDBMS GIS Web Services Software should support Web services including but not limited to Map, Image, Globe, locator and geo processing Mapping It is recommended that it includes tools for creating rich browser-based Web mapping applications Spatial Analysis It should support server-based analysis and geoprocessing, including vector, raster, 3D, and network analytics, as well as models, scripts, and tools Publishing to Clients This would be a very key feature and hence it should support a broad range of clients and browser-based applications such as Google Maps or Microsoft Virtual Earth etc Image Management It is suggested that the system should support the image management Web Application Functionality It should support functionalities including but not limited to pan, zoom, identify features, measure distances, find addresses, query and search attributes Advanced Spatial Analysis The system should support advanced spatial modeling and analysis, such as suitability analysis, cut-fill, line-of-sight, terrain modeling etc Page 87 of 124
Spatial Web Editing Functionality It should support spatial editing tasks for applications such as adding, modifying, and deleting map features like points, lines, and polygons GIS Software Categories Different types of GIS software exist with different functionality. Desktop GIS usually serve all GIS tasks and are sometimes classified into three functionality categories: GIS Viewer GIS Editor GIS Analyst
Spatial Database Management Systems are mainly used to store the data but often also provide (limited) analysis and data manipulation functionality. WebMap Servers (UMN Server) are used to distribute maps and data over the internet. Similarly, WebGIS Clients are used for data display and to access analysis and query functionality from Server GIS over the internet or intranet. Libraries and Extensions provide additional (analysis) functionality that is not part of the basic GIS software, for instance functions for network and terrain analysis, or functions to read specific data formats. Finally, Mobile GIS are often used for field data collection. Selection of the final solution for implementing the Web GIS feature would depend on the features, functionalities and actions desired to be performed using the software. However, a feature integrating the SADKN portal with the GIS related information is highly recommended with the suggested features as mentioned above. Another technology which can be used is the Mash-up Technology. A brief write-up about the same is presented in the ensuing section. Mash-up technology Mash-up is a web application that combines data from more than one disparate source into a single integrated which remains oblivious to the underlying data model. The SAARC Disaster Management Centre Portals is envisaged to be used as a one stop medium for accessing various information for which various application-to-application communications would be required to access information and various services of departmental portals. Mash-ups exemplify web services technology, fusing data from two or more disparate Web applications to create an integrated experience informed by the original data sources with out the involvement of the underlying data model.
Page 88 of 124
Mash Ups
Mash up depends on the logical layer to support point to point messaging. Messaging is a form of interoperability, which is guided by the different protocols defined by GOI (IIP, IIS etc) which can be XML based.
Page 89 of 124
An illustrative view of Mash-up architecture
Comparison between Web GIS and Mash-up technology Web GIS Map Mash-up
Application and base map data in one Application data and map data separate database Server side map creation Map centric Own map data required GIS knowledge required Large number of features are integrated Client side Application centric Application data displayed in a map like Google maps Elementary or minimal GIS knowledge required Slow processing for higher number of features
Page 90 of 124
Annexure III A brief write-up about CMS A content management system (CMS) is a computer application used to create, edit, manage, search and publish various kinds of digital media and electronic text. CMS is frequently used for storing, controlling, versioning, and publishing specific documentation. The content managed may include computer files, image media, audio files, video files, electronic documents, and Web content etc. These concepts represent integrated and interdependent layers. There are various nomenclatures known in this area: Web Content Management, Digital Asset Management, Digital Records Management, Electronic Content Management and so on. The bottom line for these systems is managing content and publishing, with a workflow if required. A CMS should support the following features: Identification of all key users and their content management roles The ability to assign roles and responsibilities to different content categories or types Definition of workflow tasks for collaborative creation, often coupled with event messaging so that content managers are alerted to changes in content (For example, a content creator submits a story, which is published only after the copy editor revises it and the editor-in-chief approves it.); The ability to track and manage multiple versions of a single instance of content The ability to capture content The ability to publish the content to a repository to support access to the content (Increasingly, the repository is an inherent part of the system, and incorporates enterprise search and retrieval.); Separation of content's semantic layer from its layout (For example, the CMS may automatically set the color, fonts, or emphasis of text.).
There are three main categories of CMS, with their respective domains of use: 1. Enterprise CMS - strategies, methods and tools used to capture, manage, store, preserve, and deliver content and documents related to processes 2. Web CMS - A web content management system (WCMS or Web CMS) is content management system (CMS) software, usually implemented as a Web application, for creating and managing HTML content. A WCMS facilitates content creation, content control, editing, and many essential Web maintenance functions. Most of systems use a database to store content, metadata, and/or artifacts that might be needed by the system. Content is frequently, but not universally, stored as XML, to facilitate reuse and enable flexible presentation options. A presentation layer displays the content to regular Web-portal visitors based on a set of templates. The templates are sometimes in the format of XSLT files. Administration is typically done through browser-based interfaces. Unlike Web-site builders
Page 91 of 124
like Microsoft FrontPage or Adobe Dreamweaver, a WCMS allows non-technical users to make changes to an existing site with little or no training There are three major types of WCMS: Offline processing: These systems pre-process all content, applying templates before publication to generate Web pages. Vignette CMS and Bricolage are examples of this type of system Online processing: These systems apply templates on-demand. HTML may be generated when a user visits the page, or pulled from a cache. Hosted CMSs are provided by such SaaS developers as AspireCMS, Bravenet, UcoZ, Freewebs and Crownpeak. Some of the better known open source systems that produce pages on demand are Mambo, Joomla!, Drupal, TYPO3, Zikula and Plone. DotNetNuke is a partially open source CMS that runs on asp.net and is free to download and install Hybrid systems: Some systems combine the offline and online approaches, these are called as hybrid systems Some systems write out executable code (e.g. JSP, ASP, PHP,ColdFusion,Perl pages) rather than just static HTML, so that the CMS itself does not need to be deployed on every Web server. Other hybrids, such as Blosxom, are capable of operating in either an online or offline mode 1. Component CMS
Examples of open source CMS: Joomla! Joomla! is a free open source content management system for publishing content on the World Wide Web and intranets as well as a Modelviewcontroller (MVC) Web Application Development framework. The system includes features such as page caching to improve performance, RSS feeds, and printable versions of pages, news flashes, blogs, polls, website searching, and language internationalization. Joomla is licensed under the GPL. Each website requires a separate Joomla! Installation. Mambo Mambo is a full-featured, award-winning content management system that can be used for everything from simple websites to complex corporate applications. It is used all over the world to power government portals, corporate intranets and extranets, ecommerce sites, nonprofit outreach, schools, church, and community sites. Advanced interface features include printable versions of pages, news flashes, blogs, forums, polls, calendars, website searching, language internationalization, and many others. Mambo is released under the terms of the GNU General Public License (GPL) Version 2. It is written with the PHP programming language and uses the MySQL database. Drupal
Page 92 of 124
Drupal is a free software package that allows an individual or a community of users to easily publish, manage and organize a wide variety of content on a website. The built-in functionality, combined with dozens of freely available add-on modules, will enable features such as Content Management Systems, Blogs, Collaborative authoring environments, Forums, Peer-to-peer networking, Newsletters, Podcasting, Picture galleries, File uploads and downloads. Drupal is built on top of a database abstraction layer that enables you to use Drupal with MySQL and PostgreSQL. Other SQL databases can be supported by writing a supporting database backend containing fourteen functions and creating a matching SQL database scheme TYPO3 TYPO3 is a free Open Source content management system for enterprise purposes on the web and in intranets. It offers full flexibility and extendibility while featuring an accomplished set of ready-made interfaces, functions and modules. A number of database systems are supported by TYPO3 e.g. MySQL, Oracle, PostgreSQL, etc POST NUKE PostNuke is software that creates an impressive, dynamic web site and provides the webmaster with a site they can administer with a minimal amount of HTML knowledge through a web browser. PostNuke's functionality can be increased by installing modules, blocks and themes. Features of POST NUKE include Template engine for theming, API, RSS feeds, Forums, Polls, Language internationalization, Galleries, Chat, Games, Reviews, Links... with many third parties add-on
Page 93 of 124
Annexure IV - SADKN Portal: Search Methodology Search functionality is one of the most extensively used features of a portal / website / search engine. It is one of the most user friendly features and saves a lot of time of the user by providing an efficient and quick way of identifying and locating what the user is searching for. In case of SADKN portal, it has been envisaged that any user of the portal should be able to search and retrieve relevant even from any of the associate websites / portals. Hence, relevance of Search Methodology and options provided are important. It is recommended that the following features should be available for the users on the SADKN portal: i. Search help / tips: shall provide information on the type of searches possible and hints on how to narrow down the search ii. Advanced search: This link shall pull up a more detailed and often more user-friendly search page that can help narrow searches from a plethora of information available within the SADKN network iii. Miscellaneous Search: Spell Checker should be provided to support search word keyed by giving options for the correct word incase a word is incorrectly spelt Recommendation on types of Search Methods Following is a list of search methods which are recommended (but should not be limited only to) for the typical nature of the Search functionality with respect to the SADKN portal Key Words search Limiters and Operators search Nesting Subject-Matter Indices Tree Research
Page 94 of 124
Annexure V - List of features Feature About Us Description Should contain the information about the organization and should have details of the establishment of the organization, nature of work they are doing, activities, etc Should contain updated news for all the events as they happen. This feature is updated by the all the partners related to the portal Should archive the updated information on the portal which can be used for future references Should provide the option to the visitor individuals & organizations for donating money which can be further used for the disaster management as well as disaster relief Should provide the option to access the documents for the referral purposes by the users of the portal such as annual reports, disaster management plan etc Should provide the links and information to contact the emergency services at the time of emergency Should provide the option to the user to calculate distance between two locations This is a special search tool that provides information about all important places of a country and is linked to Google earth for displaying the place on Google map or provides information in textual form K-base is a dedicated comprehensive database on disasters dealing with cause to consequences and is expected to be built by numerous contributors. The portal should enable the contributors to register themselves as members of the Portal, and participate in enriching the central repository. All disaster related the information will be classified under 8 themes: Earthquake, Flood, Cyclone, Drought, Landslides, Epidemic, NBC and Others, which are again segregated into various subcategories Should provide consolidated source of disaster-related information and services with the members countries. Information includes occurrences of different hazards, its geographic distribution, vulnerability atlas, mitigation, preparedness, response mechanism, relief, recovery etc Real time disaster The portal shall provide access/ integrate various real time information update information on weather, natural hazards and disasters available in Page 95 of 124
News Archive Donate
Documents
Emergency Office Distance Calculator Locating a place
Knowledge base
Disaster Information
public domain in member countries and display the same online on country maps. Integration with other portals can happen using Web services, RSS, Mash Up technology, etc Map centre Client-server based WEB-GIS application (can be accessed through web-browser from anywhere in the world) to generate dynamic thematic maps (Demographic, Critical establishment, Natural Hazard and Vulnerability profile etc). Mash Up technology can also be used Discussion Should allow members to form groups and trigger discussion on various issues of disaster management. This will help to initiate a communication between the members Should arrange chronologically events related to disaster management
Group Forum Calendar
Smart Search
Should provide for searching the right information at minimal time available in the network. It will also have a link to Google search engine Should help in identification of trained human resources in various fields of disaster management in the country Frequently asked questions Should provide complete website details and links All the legal terms related to the site should be listed Option to generate communities on the portal in which topics related to disaster management can be discussed and learned Comprehensive weather update should be provided on the portal which would indicate the risk as well. Like for example a heavy rainfall which can cause flood This link on the portal should provide the information about the best practices and plans which should be followed at the time of emergency and Should provide management information / training related to disaster
Expertise Locator FAQ Site Map Legal Terms Communities Weather Update
Emergency management Education Training Ongoing projects
This link on the portal should provide the information about the latest projects going on related to disaster management and the advantages of those projects for the society
Login for authorized Should provide for authorized users to login and upload the secure users data on the portal using the publishing workflow Notifications Global issues Policies This link on the portal should provide the owner the ability to issue any notice to the users of the portal if required Should provide information about the latest Global issues and their happenings related to Disaster Management All the latest polices made related to disaster management should be
Page 96 of 124
available Feedback form Volunteers Spread the word Email Updates Feedback option should be provided to users using which portal can be further improved upon Should be an access to the users to register themselves for volunteering for the cause of disaster management Gives the user the ability to tell his/her friends about this portal This link on the portal gives the user the ability to register an email address / mobile number so that he or she can receive e-mail updates Person Update / request / provide information about the missing people in a disaster situation Provides user the ability to locate on a map all the places where disaster shelter camps are situated This link on the portal gives the Organizations the ability to register themselves for the help and volunteering for disaster management Should keep a log of the total number of visitors to the site
Missing Registry
Shelter Registry Organization registry Counter
Page 97 of 124
SADKN Portal Guidelines Report Annexure VI - Comparison of Open Source Database Options Features
Firebird Initially Inprise modules were licensed under the InterBase Public License (IPL). New code modules added to Firebird are licensed under the Initial Developer's Public License (IDPL) Microsoft Windows 95 / 98 / ME / 2000 / XP Microsoft Windows Server 2003 Linux Sun Solaris Mac OS X
Ingres Ingres is available under the Computer Associates Trusted Open Source License
MaxDB MaxDB is available under the MySQL Dual Licensing Model: Commercial GNU General Public License
MySQL MySQL is available under the MySQL Dual Licensing Model: Commercial GNU General Public License
PostgreSQL PostgreSQL is released under the BSD license.
Licensing
Operating Systems Support
Microsoft Windows 2000 / XP Microsoft Windows Server 2003 Linux Sun Solaris
Microsoft Windows 2000 / XP Microsoft Windows Server 2003 Linux Sun Solaris
Microsoft Windows 95 / 98 / ME / 2000 / XP Microsoft Windows Server 2003 Linux Sun Solaris Sparc Novell Netware
Microsoft Windows 2000 / XP Microsoft Windows Server 2003 Linux Sun Solaris Mac OS X
Limits per Maximum Database number of tables: 32767 Maximum database size: Theoretical limit of 7 TB
Maximum Maximum number number of of tables: Unlimited tables: Maximum database 67108863 size: 32 TB (with 8 Maximum KB page size) database Maximum number size: of files/volumes per
Maximum Maximum number of number of tables: tables: Unlimited Unlimited Maximum Maximum database size: database size: Unlimited Unlimited
Page 98 of 124
Maximum number of files per database: Theoretically 65536 (216) including shadow files Maximum page size: 16384 bytes Maximum cache buffers: 65536 pages Complex Query Limits Maximum size of a SQL statement: 64 KB Maximum number of members in an IN list: 1499 Maximum number of joinable tables: 255
Unlimited Maximum number of files per database: Unlimited Maximum page size: 65536 bytes
database: 64 4096, specified by a configuration parameter Maximum file/volume size (data): 518 MB 8 GB Maximum file/volume size (log): 16 TB
Maximum number of files per database: Unlimited The maximum size of a MySQL tablespace is 64 TB
Maximum number of files per database: Not determinable
Maximum size of a SQL statement: 64 KB Maximum number of members in an IN list: No limitation found Maximum number of joinable tables: 126
Maximum size of a SQL statement: 16 KB (Default value 64 KB, specified by a system variable) Maximum number of members in an IN list: 2041
Maximum size of a SQL statement: 1 GB, 16 MB is default. Maximum number of members in an IN list: No limitation found Maximum number of joinable tables: 61
Maximum size of a SQL statement: No information available Maximum number of members in an IN list: 10917 using the default Maximum number of joinable tables: No limitation found PostgreSQL supports a subset of both the SQL-92 and SQL-99 standards. It
SQLStandards
Firebird's SQL language adheres closely to the SQL-92 standards (ISO/IEC
MaxDB can be Several operated in one of differences the following SQL between modes: MySQL and is supported INTERNAL: standard SQL at entry Database system- are listed. A The SQL-92 standard (ISO/IEC 9075:1992)
Page 99 of 124
9075:1992) at entry level. Firebird 1.5 introduced a number of features in accordance with the more recently released SQL99 standard. Although FirebirdSQL follows standard closely, there are small differences Prepared Statement s Error Code Expressiv eness Date/Time Literals Full-Text Search Supported
level. SQL-92 standard behavior can be switched off for compatibility with older versions of Ingres
internal definition ANSI: ANSI standard according to ANSI X3.1351992, Entry SQL - DB2: Definition of DB2 Version 4 ORACLE: Definition of ORACLE7 MaxDB does not support the INNER and OUTER join syntax. An outer join is represented by the operator (+)
warning is given, that Concatenating many RIGHT JOINS or combining LEFT and RIGHT join in the same query may not give a correct answer. Unfortunately many is not further detailed. Full outer joins are not supported Supported
gives detailed explanations of what is supported and what is not
Supported
Supported
Supported
Yes
Yes
Yes
Yes
Yes
Yes No
Yes No
Yes No
Yes MySQL does support full-text searching, but only on MyISAM type tables
Yes PostgreSQL doesn't include fulltext indexing as part of the core distribution
Load
Firebird doesn't Load
MaxDB
doesnt Load balancing Load
Page 100 of 124
Balancing
have a built-in balancing support load happens load balancing happens in balancing in an MySQL facility Ingres when clustered clusters using the environment Grid Option
in balancing between two nodes can be built up with the pgpool add-on. Large Memory Support on 32-bit platforms is not assured Yes exta using
Large Memory Support
More than 2 GB More than 2 More than 2 GB on Large Memory on 32-bit GB on 32- 32-bit platforms. Support on 32platforms. bit bit platforms is platforms. not assured No but possible Yes with third party application Firebird does not come with visual tools. The Firebird core package includes a set of commandline tools, which can be used to query particular database health information like transaction statistics, indepth information about indexes and more. There is no Ingres Visual Manager captures events that are occurring in the system. The DBA has the possibility to specify which messages must be discarded, which are displayed, and which Yes Yes
Replicatio n System Managem ent
applications The Database The tool Manager tool is "MySQL used to manage Administrator" database enables the instances. DBA, among You can use it other among other things administrative to create, monitor, tasks, to back up, and visually restore database monitor the instances. The database Database health. Aside Manager GUI has from other a database graphical user health interface and can informations, be used only on the number of Microsoft Windows. open However, you can connections, use the Database the amount of Manager GUI also traffic, and the to manage number of SQL The graphical administration tool "pgAdmin III" has a server status window where the DBA can see a list of open connections along with further detailed information. The server status window is capable of refreshing itself periodically. There is no built in
built-in way to additionally
Page 101 of 124
check if a remote Firebird server is currently up and running, except when trying to connect to a remote database with the commandline tool isql for instance. Firebird does not support SNMP or any other management protocol natively.
trigger special alerts. Special alerts include playing sounds and displaying message boxes and forwarding of message texts to the operating system event handling system for further treatment. The Ingres managemen t architecture is compatible with standard managemen t protocols like SNMP, Distributed Managemen t Environmen
database instances that are running on a remote computer with a different operating system. There is also a web edition of Database Manager as well as a command-line version. MaxDB does not support SNMP or any other management protocol natively.
queries is shown. There is no built in mechanism of warning the DBA when certain limits are being reached or the connection to the database is lost.
mechanism of warning the DBA when certain limits are being reached or the connection to the database is lost. PostgreSQL does not support SNMP or any other management protocol natively.
Page 102 of 124
t (DME) and Common Managemen t Interface Protocol (CMIP). Security The server installation includes a user authentication database for storing definitions of all users that have access to the Firebird Server. A case-sensitive password must be defined for each user and used to gain access to the server. The command-line tool for maintaining the user database is gsec. User authentication is required whenever a remote or local client connects to a Kerberos is supported as an authenticati on mechanism. There is no built-in SSL support available. Ingres Installations can be administere d in compliance with the National Computer Security Center (NCSC) C2 security standard. The MaxDB database system differentiates between two types of users: - Database users access the data in the database instance using SQL statements MySQL uses a proprietary authentication protocol using a user/password information. Additionally, MySQL can check X509 but no for Kerberos is supported. At a given time either Kerberos version 4 or 5 can be used, not both together. SSL, PAM, MD5 and SSH are supported for authentication and encrypting connections. It is possible to assign a password to the database super user operating system user account to divide security handling between the operating
- DBM operators certificate (Database Manager attributes operators) manage there is database support
instances using the other Database Manager authentication tool The database system administrator (SYSDBA user) and the first DBM
mechanism like Kerberos or LDAP for instance. SSLencrypted connections operator have between MySQL clients special and servers authorizations. User names can be are supported. up to 32 characters. Passwords have a system and the database maximal length of
Page 103 of 124
Firebird database. Passwords be up to characters, only the eight characters significant. Hence, example, passwords
can 32 but first are for the
18 (ASCII character set) or 9 (UNICODE character set) characters. MaxDB uses a proprietary authentication protocol and doesnt support other authentication mechanism like Kerberos or LDAP for instance. Passwords arent sent in a humanreadable way from the client to the server.
management system.
masterkey and masterkeeper are seen by the server as identical. Passwords are case sensitive. Passwords are encrypted by the Firebird API at the client, before they are sent to the server. Firebird doesnt support other authentication mechanism like Kerberos or LDAP instance Support Availabilit y Commercial support available CA.com is offers extensive for
Commercial Free support There are support contract can be several with SAP [MaLi05]: obtained from companies
Page 104 of 124
through IBPhoenix [IbPh05]. IBPhoenix is a web site and an organization that provides information and services to InterBase and Firebird developers and
Ingres support in many countries. Also several courses in administrati on and application developmen t can be taken in
If you are using the database system in an SAP application, then you are given access to the whole of SAP AGs support infrastructure through the support contract with SAP. Commercial support contract
community groups, lists and forums. Commercial support can be obtained from partners worldwide or directly from MySQL AB. Training, consulting and
worldwide offering PostgreSQL support and professional services
users, those cities who develop around applications on world. InterBase or Firebird, and those who develop and use the underlying database engine itself. The IBPhoenix team has an unparalleled depth and breadth of experience with InterBase and Firebird, as developers, as users, as consultants, and in providing
with MySQL: 24x7 telephone the If you are using the hotline support database system in are available other applications (not SAP applications), then you can conclude a support contract with MySQL. Freely available support via the MaxDB mailing list
Page 105 of 124
accurate, useful answers to questions about either product. Free support is available through community groups, lists and forums active on the Firebird Open Source projects. A list of available groups is available here
Page 106 of 124
SADKN Portal Guidelines Report Annexure VII Hardware Specifications This section provides the specifications of the hardware components for creation of SDMC Data Centre. These specifications are indicative only and the actual might vary depending on the requirements of the stakeholders. Internet router Particulars Hardware Architecture Memory
Specifications High Performance CPU Modular Chassis Power supply 230 Volt 50Hz input RAM Flash 64 MB, upgradeable to 128 MB 32 MB, upgradeable to 64 MB 1 copper + 1 Fibre
Performance Interface / Slots
0.2 Mbps (64byte packet) Ethernet E1 Ports 4 ports, V.35 4 ports HP will provide E1 ports only to support 30x64 KBps data channels. ISDN BRI - 8 Ports. The ISDN will used for auto dial-back in case of lease line failure. The auto dial backup can also be given on separate device, if OEM does not support on a single device. Will have 2 Free slots Console port 1 number
Routing Protocols
Static Routing RIPv1, RIPv2 OSPF with demand Circuits BGP4 Policy Routing
Protocols
PPP, Multi link PPP HDLC MPLS IPv4 and IPv6 NAT, PAT Multicasting PIM or MOSPF
VPN/Tunnel
GRE tunnelling and IP Sec 3DES/AES VPN for configuration of VPN tunnels.
Page 107 of 124
SADKN Portal Guidelines Report 200 concurrent tunnels Encryption Dialling capability IP Sec 3DES/AES ISDN Dial backup. The ISDN will be used in case of lease line failure for auto dial-back from Internet router. The auto dial backup can also be given on separate device, if OEM does not support on a single device In-active hang-up Security NAT, PAT Multilevel Access control Supports ACL to provide supervision and control. Controlled SNMP Access through implementation of Access Lists on the router to ensure SNMP access only to the SNMP manager or the NMS workstation Controlled SNMP access through the use of SNMP with MD5 authentication. Supports Remote Authentication User Service (RADIUS) and AAA Supports PPP CHAP Management Upgradeability & Accessibility using Telnet, SSH, administration and configuration Console access for
Supports FTP or TFTP for easy software upgrades over the network. SNMPv1, snmpv2/v3 Supports configuration management through the CLI, GUI or web interface. Supports Event and system history logging functions & Syslog Supports pre-planned timed reboot to upgrade their hardware to a new software feature and plan the rebooting as an off-peak time Physical Accessories 19 Rack Mountable All necessary power cords, data cables, connectors, CDs, manuals, brackets accessories, wire managers, etc. will be provided.
Page 108 of 124
Firewall Particulars Power Supply Physical attributes Hardware Specifications 200-240 VAC, 50 Hz Internal Redundant Power Supply 19 Rack mountable Modular Chassis Interfaces Console Port Memory
2 x GE and option for expansion to 4 GE ports 1 number
Minimum RAM 64 MB & Upgradeable 128 MB flash Encrypted throughput: minimum 500 Mbps Concurrent connections: 10000 Simultaneous VPN tunnels: 2000 Clear text throughput: 2 Gbps
Architecture Routing Protocols
Will be installed in Redundancy Will be hardware based Static Routes RIPv1, RIPv2 OSPF BGP4 (optional) Firewall Route redistribution between any of the above protocols (optional)
Protocols
TCP/IP, PPTP RTP, L2TP IPSec, GRE PPPoE, EAP-TLS, RTP SIP, H.323 FTP, HTTP, HTTPS SNMP, SMTP, TFTP DHCP, DNS IPv6
Other support
802.1Q, NAT, PAT, IP Multicast support, Remote Access VPNURL Filtering, Logical interface support (VLAN), Layer 2 Firewall, Virtual Firewall.
Page 109 of 124
SADKN Portal Guidelines Report Access QoS Radius , TACACS QoS features like traffic prioritization, differentiated services, committed access rate. Supports for QoS features for defining the QoS policies. Supports Low Latency Queuing. L2 and L3 CoS/DSCP Priority Mapping.
Encryption
IPSec, DES/3DES/AES Hardware, software
Management Maintenance Serviceability Cables accessories
Console, Telnet, SSHv2, Browser based configuration SNMPv1, v2 & Scheduled System Reload (Reboot) Main components like motherboard, IO board, power supplies and fan tray are field replaceable. and All accessories including data cables, clamps, connectors, etc will be provided.
IPS Particulars Features Specifications Minimum Layer 7 Throughput --> 2.0 Gig, using single or multi device solution. Number of segments 2 x Gig Supports fail-open to four Gigabit segments in case of Power / hardware / software failure Will protect against DoS/ DDoS / SYN-flood/ TCP-flood /UDP-flood Has Zero-day protection against DoS attacks based on traffic behaviour Action detection on Block attacks in real time, Drop Attack Packets, Packet Logging Reset Connections, Action per Attack Stateful Operation TCP Reassembly IP Defragmentation Bi-directional Inspection
Page 110 of 124
SADKN Portal Guidelines Report Forensic Data Collection Access Lists Signature Detection Vendors Signature Database minimum 3600 Device will have capability to add unlimited User Defined Signatures. Supports Automatic signature synchronization from OEM database server on web Alerting Management Operations Alerting SNMP, SMTP support Log File, Syslog support Console, SSH, Telnet, HTTPS, HTTP, SNMP v1/v2C/ v3 Supports 24/7 Security Update Service Supports Real Time signature update Supports Provision to add static own attack signatures Reporting System provides centralized reporting and management. System provides comprehensive security event reporting System provides comprehensive security event reporting. Power Internal Redundant Power Supply 230 V AC , 50Hz Server Particulars OS Hardware CPU 1 number (capabilities to expand to 2 CPU) Minimum Processor Intel Xeon 3.0Ghz (dual-core) or higher with 4 MB L2 cache (dual-core) and 1333 MHz FSB RAM HDD Network Card RAID CD & DVD Graphics card Ports Minimum 8 GB PC2-3200 DDR II 667 MHz RAM with ECC fully buffered memory expandable up to 16 GB 3x146GB or higher Serial Attached SCSI (SAS) Hot Pluggable HDDs (10K rpm or higher, 3.5) with RAID 5 implementation Dual: 10/100/1000Mbps SAS RAID controller with at least 256MB of battery-backup cache 16x or higher DVD-ROM/ CD Writer Combo slim drive 8 MB Display memory 1x Serial, 2xUSB, 1x PS/2 Mouse, 1x PS/2 KBD, 1xVGA , 2xRJ45, Specifications Windows / Unix / Linux (with patches, license, Support, Subscription, Anti virus, etc)
Page 111 of 124
SADKN Portal Guidelines Report Slots Keyboard * Mouse* Monitor * Chassis The chassis with redundant hot-swap power supplies. The chassis will have necessary provision to connect to an external SAN array with 2 FC Ports on separate cards (4 gig., option for additional 2 redundant ports). LEDs to show system activity and status of components chassis having 6 HS drive bays with Hot Swap power supply, (Optional: Daisy chaining feature to connect more Rack Server) Ports Software 1x Serial, 2xUSB, 1x PS/2 Mouse, 1x PS/2 KBD, 1xVGA , 2xRJ45, All required device driver software as per above configuration, in media with manual, for OS installation, System Configuration & Management (a) Remote management of the server over LAN/ WAN (b) Hardware remote console feature ( c) In band & out of band remote management (d) Remote power On (e) Server health logging & Monitoring Advance warning for processor & memory failure (f) Integrated management log Energy star compliant, NSTL, FCC (EMI EMC/ ETDC) certified, ISO 9001: ISO 14001, ACPI compliant, PCI compliant Certified for proposed OS Operating System with patches, Subscription, (Anti-virus if any) license, 5 years Support/ At least 3 PCI/ PCIe slots Please see details of KVM Switch along with one Keyboard and one Optical Mouse
Server Management Features
Certifications OS Certifications OS with Server
Page 112 of 124
LAN Switch Particulars Interface /Slots Performance General Features Specifications 1 x 24 ports 10x100x1000 GE 2 x 1000Mbps ports base Single Mode Minimum Packet forwarding rate should be 20 Mpps Minimum 100 Gbps switching fabric capacity Layer3 - with following supports (RIPv1, v2, OSPFv2, VRRP, DHCP). Licence for OSPF & VRRP Supports Port Mirroring Supports Port Trunking Link Aggregation IEEE 802.1Q VLAN encapsulation 802.1Q Minimum 255 VLAN Supports Port based network access control (802.1x) Supports port security Traffic shaping and policing MAC Address security/MAC Address Notification support which allows for notification of new users added or removed. Management RS-232 Console port Easier Software upgrades through network, using FTP, TFTP, etc. Accessibility using Telnet, SSH, Console access. Easier Software upgrades through network, using FTP, TFTP, etc. SNMPv1, snmpv2 Configuration management through CLI, GUI based software utility and using web interfaces. GUI tools will be provided. Event and system history logging functions will be available. Supports Syslog Server requirements Switch will have CPU utilization monitoring and Port description Standards IEEE 802.1x support IEEE 802.3x full duplex on 10BASE-T or 100BASE-TX or 100BASE-TXports IEEE 802.1d Spanning-Tree Protocol IEEE 802.1p class-of-service (CoS) prioritization IEEE 802.1Q VLAN IEEE 802.1s
Page 113 of 124
SADKN Portal Guidelines Report IEEE 802.1w IEEE 802.3 10BASE-T specification IEEE 802.3u 100BASE-TX specification Power Supply Mounting L3 features Internal power supply 230 Volt 50Hz input 19 Rack mountable PIM Sparse Mode, Bi-directional PIM, IGMP v1, v2 ICMP support IPv6 classification & filtering supported
UPS 20 KVA Particulars Certified ISO 9001 certified to Manufacturer Technology Inverter device IGBT based Microprocessor controlled Digital Design Double Conversion True On-line UPS Overall efficiency Inverter efficiency Input Input Voltage Range Input Range & 300-460VAC 3Phase >85% (AC-AC) >90% Specifications
Frequency 50 Hz 5% Three Phase with ground THD < 15% 0.9 or better 20 KVA 220VAC-230VAC +/-1% Output 40 A at 0.8 p,f./32A at U.P.F 15 KHZ
Input Phase Input current Input Power Factor Output Voltage Voltage Regulation Rated current Switching Frequency
Output Frequency Free running Mode 50Hz 0.5% regulation Sync Mode 50Hz 2 Hz
Page 114 of 124
SADKN Portal Guidelines Report Harmonic Distortion 2% (linear load) (THD) 3% (non-linear load) Output Waveform Crest Factor Power Factor Battery Battery Backup Battery Type DC Bus Voltage Battery Ratings Transfer Time Battery Enclosure General Operating Temperature Noise level Alarms Indications Bypass Overload capacity Compatibility Isolation Standard Dimensions Architecture 0 to 50 degree centigrade <45 dB @ 1 Meter & All necessary alarms & indications essential for performance monitoring of UPS will be incorporated. Automatic Bypass Switch 110% for 10 minutes and 125 % for 1 minute UPS will be compatible with DG Set supply and mains supply Galvanic Isolation Transformer in-built in the UPS RS 232 port for software interface SNMP interface support Bidder to specify dimensions (H x W x D) for UPS & Batteries Set UPS systems will have back to back hot standby configuration with common battery bank 1 Hours on full resistive load Sealed Lead Maintenance Free VRLA type (Lead Calcium SMF batteries NOT acceptable) DC Bus Voltage of UPS to be specified 10KVA: 38000VAH 0 ms MS Rack Powder Coated Pure Sine wave 2.5:1 0.6 to unity
Page 115 of 124
Generator Set 30 KVA Particulars Engine type Specifications Multi-cylinder, in accordance with IS 10002-1981with latest amendments Electric start 12 V DC Water cooled /Air cooled Mechanical/Electronic Governor Fuel Rating Output Over capacity Accessories High speed diesel Continuous 1500 RPM
General Features
Suitable HP rated to match the alternator Rated Speed load 10% overload 1 hour 50% overload 15 second Flywheel to suitable diameter and fuel injection equipment Air cleaner Lubricating oil cooler (if required) Electric motor starting equipment like motor, battery, charging generator with voltage regulator etc. Heavy duty radiator with fan Residential type silencer with exhaust piping with vibration isolator Fuel tank suitable for 8 Hrs of continuous running with necessary piping and fuel gauge, drain valve, inlet and outlet connections. Anti vibration mounting pads Speed controlling governor Suitable coupling system to the Alternator Tachometer Lubricating oil pressure gauge Hour meter to indicate number of Hrs of operation Auto trip on low oil pressure Over speed alarm with trip Thermal insulation for exhaust line with glass wool, Aluminium sheet, chicken mesh, Diesel line 12 mm dia (or as applicable) including beads flanger etc Battery 12 V with lead and terminal Battery charger. Protection against low lubricating oil pressure, high water
Page 116 of 124
SADKN Portal Guidelines Report temperature and over speed will be provided for engine with alarm and fuel shut off. Alternator Output P.F Type Phase Speed Cooling Voltage Frequency 30 KVA 0.8 lag 415V, 3Ph continuous running duty type 50 Hz 3,4 wire 1500 rpm Air-cooled / water cooled
Over load capacity 10% overload 1 hour 50% overload 15 second Lubrication forced (if required) Excitation Self excited, self regulated, automatic voltage regulator with remote voltage control facility Permissible voltage variation Insulation Class H +/- 1.5% of rated voltage
Base frame Engine and alternator will be coupled and mounted on sturdy, fabricated, welded construction, channel iron base frame with coupling guard. Control Panel The Genset control panel will be of 14 SWG CRCA sheet and powder coated finish. The panel will be provided with standard engine instrumentation, Voltmeter with selector switch, Ammeter with selector switch, Frequency meter, Current transformer, Instrument Fuses etc. MCCB/MCB of suitable rating will be provide for overload and short circuit protection AMF facility will be provided for the DG set. AMF relay shall be provided in the control panel/Electrical panel with required control wiring and Contactors for automatic operation will be done.
AMF
Acoustic enclosure
Weather and sound proof Acoustic enclosure will limit sound level below 70 db at 3 m distance from the set. Minimum 50 cm all round clearance will be provided inside. The exhaust pipe shall be minimum 1.8 m above ground level. Additional Canopy will be provided over the Acoustic enclosure with suitable steel structure. Bidder to specify dimensions (H x W x D)
Dimensions
Page 117 of 124
SADKN Portal Guidelines Report Desktop Specification Particulars Processor Chipset Motherboard Memory Floppy Drive Hard Disk Drive Optical Drive Graphics Ethernet Bays Slots Specifications Processor with Hyper Threading (2.8GHz or more, 1MB L2 Cache, 800 MHz FSB 800G or higher Chipset OEM mother board 2 x 256 MB DDR SDRAM @ 400 MHz Expandable to 4 GB 1.44 MB 80 GB SATA SMART III 7200 rpm with Pre Failure Warranty 52x IDE CD ROM Integrated (on board) Intel Media Accelerator 900 Integrated (on-board) 10/100/1000 controller Minimum : 6 (with support for 2 internal Hard drives) Minimum : 4 x1 PCI Express Slot - 1 no x16 PCI Express Graphics Slot - 1 no and PCI PCI - 2 nos Ports 1 Parallel, 1 Serial 4 USB (Ver 2.0) with at least 2 ports in front VGA and 2 PS/2 ports Power Supply Minimum 300 Watts (Surge protected)
Page 118 of 124
SADKN Portal Guidelines Report Monitor Keyboard Mouse Diagnostic Tool Cabinet box 17" Color TFT with minimum 1280 x 1024 @ 60Hz resolution, Asset Controlled, Energy Star compliant PS/2 104 keys keyboard30 sec/print, 4 6 in. (10 15 cm) in
default mode
PS/2 2 Button Optical Scroll Mouse Pre installed OEM's Diagnostic tool for hardware diagnostics ISO certified, with cooling system
Printer / Scanner Specification Particulars Connectivity Specifications Connectivity options Data transfer rate Bluetooth Display Display type Display diagonal size Storage Type of storage media Built in card reader Memory cards Printing and Scanning Features Printing technology Color printing speed Grayscale printing speed Paper input Others Photo printing speed Supported paper types USB 2.0 480 Mbps Optional LCD TFT 3 inches Memory card Yes SD, SDHC, CF-I, CF-II, MMC, xD Inkjet 30 PPM 29 PPM 100 sheets 30 sec/print, 4 x 6 in. (10 x 15 cm) in default mode Plain paper, coated paper, photo paper, iron-on, transparency film, label media, greeting cards
Page 119 of 124
SADKN Portal Guidelines Report Auto paper type detection Print functions Scanner type Maximum scan size Ink system Scanner support Power Mains Yes 100%, fit-to-page, fill-page, mirror, poster CIS 21.6 x 29.7 cm 2-cartridge, 6-ink system TWAIN and WIA import
Page 120 of 124
Annexure VIII An Indicative Costing for SADKN Portal Development & Hosting OPTION 1: Development, Implementation and hosting is entirely done by SDMC Financial Estimation: US$ 373800-393800 Item Detail Software Software Development Cost with Open Source Software Development Cost with Proprietary Solution Software License OS Server Web Server Mail Server AV Server RDBMS Total Hardware Directory Server Portal Server Content Mgmt Server Database Server Web Server Forms Server Mail Server AV Server Router 10,000 10,000 10,000 10,000 10,000 10,000 10,000 10,000 10,000 1000 2000 2000 2000 10,000 17000 80,000 1,20,000 1,50,000 Tentative Cost (in US $)
Page 121 of 124
SADKN Portal Guidelines Report L3 Switch 24Port Patch Panel Firewall IPS/IDS UPS (20 KVA)(30 min backup) Genset (30 KVA) Total Annual Maintenance Cost per year 6000 800 30,000 30,000 10,000 20,000 186800 30000
OPTION 2: Development and Implementation by SDMC only while hosting is entirely done by 3rd party Financial Estimation: US$ 90000-165000 Item Detail Software Software Development Cost with Open Source Software Development Cost with Proprietary Solution Annual Maintenance Cost per year Hosting Charge per year 80,000 1,20,000 1,50,000 10000 0 - 5000 * Tentative Cost (in US $)
Note: 1. Costs mentioned above are only indicative in nature and does not include any taxes, duty, exchange rate, etc 2. Actual costs might vary depending upon final specification 3. * In case of Government departments, Government data centers provide hosting services at a very minimal or no cost. This option should be explored for hosting purpose
Page 122 of 124
Annexure IX An Indicative OPEX for Software
Product Line WebSphere (Middleware) (IBM) Product Edition Annual Subscription Support Maintenance Cost (per unit) Enterprise Included / /
Weblogic (Oracle) Enterprise $5,500
Sharepoint Liferay (Microsoft) Enterprise Included Standard $5000
JBoss (RedHat) Enterprise $6,750
GlassFish (SUN) Enterprise (Platinum) $8,999
Product Line Enterprise (Database) DB Product Line PostgreSQL Product Edition Premium
MySQL MySQL Enterprise Platinum Open Source $4,495
Microsoft SQL Server 2005 Enterprise Edition Proprietary $5,000
IBM IBM DB2 v9 Enterprise Edition Proprietary $7,280
Oracle Oracle 10g Enterprise Edition Proprietary $10,450
Database Server Open Source Source Code Annual $4,495 Subscription, Support & Maintenance Cost (Per Unit Note: 1. 2.
Costs mentioned above are only indicative in nature and does not include any taxes, duty, exchange rate, etc Actual costs might vary depending upon final specification
Page 123 of 124
Annexure X An Indicative Country-wise Costing for National Focal Point (NFP)
Country wise costing at NFP (All Cost In US$)

India Manpower ( @ 750 per Month) Hardware (Desktop, Printer, Scanner, UPS) Content Developm ent Total Pakistan Bangladesh Sri Lanka Nepal Bhutan Maldives Afghanistan
9000
9000
9000
9000
9000
9000
9000
9000
1000 7000 17000
1000 5000 15000
1000 5000 15000
1000 5000 15000
1000 2000 12000
1000 2000 12000
1000 2000 12000
1000 2000 12000
Grand Total cost For all SAARC Member is USD 110,000
Page 124 of 124

Sad KN Portal Guidelines

Transféré par

Informations du document

Description originale:

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Sad KN Portal Guidelines

Transféré par

Droits d'auteur :

Formats disponibles

SADKN Portal Guidelines Report