Cybernetica is the provider of e-Customs product suite “Customs Engine” which was created as a result of close co-operation with Customs and traders community.
Customs Engine covers main business processes related to the handling of customs documents, such as customs declarations, summary declarations, manifests, TIR carnets, transit declarations, anticipated export records, exit summary declarations and arrival notifications. In addition, Customs Engine also contains the full implementation of the European Union’s common customs systems: New Computerized Transit System (NCTS), Export Control System (ECS), and Import Control System (ICS). Customs Engine has interfaces with TARIC, AEO, EORI, REX and Customs Decisions.
The system is highly configurable. Unlimited number of customs procedures can be dynamically modified and adapted to the changes in customs legislation. The software modules of Customs Engine can be combined with other software components providing easy integration. Customs Engine has successfully been implemented in Single Window projects allowing for exchange of customs data between various stakeholders, from traders to other government agencies.
Customs Engine follows the latest developments in Java ecosystem, manages all documents in standard XML format, provides RESTful and SOAP interfaces and complies with WCO best practices. The product suite is developed and maintained in accordance with the European Commission’s Electronic Customs Multi-Annual Strategic Plan (MASP) and European Union legislation.
With global communications in place, security and authenticity can be founded on certainty instead of belief or obscurity. Digital governance of a nation state or a company assumes all the participating assets and actors - things, software agents and human persons - are expected to be uniquely distinguished by an identificator - by a so called “digital name”. It will be precisely certain, whom are you communicating and contracting with. “Digital names” are not used for authentication, as the passwords or security tokens are; but for identification only. In a paradoxal way, good privacy is easily achievable if all the actors are appropriately identified from the very start.
Another key concept of the digital identity are signatures. Cybernetica introduced a digital signature scheme in 1997. The distinguished passages of the first Estonian Digital Signature Act (2002) were written by Cybernetica scientists. Using strong schemes of time stamped digital signatures permits to achieve the extra qualities as non-repudiation and authenticity. Signatures and identification procedures only are as immutable as is the underlying digital identity. This is why the notion about strong digital identity serves as the basis for technological solutions Cybernetica offers. Cybernetica is able to augment the infosec target values like confidentiality, privacy, authenticity and non-repudiation, provided the underlying identities of all actors are cryptographically verifyable.
SplitKey is a next generation eID created by Cybernetica cryptologists to overcome some issues with digital identity on the mobile platforms. SplitKey displaces the expensive and inconvenient hardware token and uses a treshold cryptosystem to split the private key into three independently unusable shares, thus bringing the strong identification mechanisms to the smartphones’ playground. The independent Smart-ID application is known to be a successful implementation of SplitKey - enabling Telcos and Nordic banks to offer eIDAS compatible trust services in all Baltics.
Authority and authenticity are next key terms related to digital identityproviding the value for the command chain. Cybernetica is able to realise complex mandating systems based on digital identities to support various governance workflows, be these public services or commercial portals.
The essence of digital identity extends even further. The classical documents of the pre-internet era were self-proclaiming, the digital documents - both identity documents and contracts - rely on a trust anchor to enable the independent cryptographic verification of the content and authority. While the cryptographic tokens are largely commodised today, the implementation of a large scale identity project yet assumes a central Identity Management System that Cybernetica is able to provide.
A proper and literate implementation of cryptography is equally important for trusted systems. The scientists at Cybernetica have numerous publications in the field of cryptography, including the periodic “Cryptographic Algorithms Lifecycle Report”. The ability to code the algorithms in a secure way is also present at Cybernetica.
Governance is the way how human activities are organised and documented. e-Governance that Estonia is famous for, defines how are cryptographically strong identities handled in digital society as well as the decision making procedures and authorisations for persons to act as officials. Governance procedures in a digital society are expected to leave a verifiable audit trail. Governance is not necessarily related to the Government, businesses and social initiatives too need clear and well reasoned governance procedures.
Cybernetica has to do with Estonian history giving birth to modern e-governance regulations. This is because science does exist independently from power and ideologies. Groundbreaking scientific works describing the information theory, system dynamics and cybernetics were published in USA during 1930s-1950s to resurface later among the Soviet science in 1960-s, also framing the scientific thought of post-war Estonia. Real and applied sciences were often preferred by students instead of the over-ideologised by Soviets social sciences.
The honourable predecessor of Cybernetica, the Institute of Cybernetics at the Estonian Academy of Sciences was established in 1960, after the ban on genetics and cybernetics was lifted. Estonian scientists had access to the mainframes and participated in real IT projects involving the computers and microprocessors. As the Soviet thought preferred to automatise the industry vs the society, the governance in Estonian economy and agriculture became the subject of modernisation and the source of experience.
Around the cataclysmic year 1989, Estonian science was able to remain healthy. People with scientific qualifications did not flee the positions and country. The governance system left by Soviets needed in a fast replacement and personal computers required introducing into the society. Theoretical milestones like Kerberos, TCP/IP, open systems and X.509 were taught at Tallinn Technical University and were implemented into the mint-fresh information systems of the restorated Estonian State. This way the disciplines lectured by elder academicians formed the foundation for a new generation of Estonian information science, the very one that created eID, X-Road and e-Governance.
Cybernetica follows the Guardian Angel principles providing secure digital technologies for the sake of the digital society. e-Governance is a systemic approach to the possibilities and issues of the global society but implemented for the benefit of the local society.
The Internet voting technology from Cybernetica is usable for numerous tasks ranging from everyday management meetings up to the countrywide referendums and elections. Cybernetica provided a secure internet voting solution as early as 2005 – the risks were carefully assessed in scientific works, the technology was created later as an answer to the real threats. Remote voting helps to keep the expenses down and brings together fora that would be impossible to gather otherwise.
Smartmatic and Cybernetica formed a joint venture – Smartmatic-Cybernetica Centre of Excellence for Internet Voting – to study and develop Internet voting on a global scale. Internet voting technology from Cybernetica is neither an electronic version of absentee voting envelope nor strictly the governmental elections, but a secure and proven foundation of modular design suitable for a considerably wider class of tasks.
Internet voting technology has been met with an appreciation and was actively used along statewide elections in Estonia. As a world level highlight, up to one third of appeared voters are casting their ballots via Internet voting – that marks both trust and a sustained security of the technological solution Cybernetica created. The technical implementation of Estonian elections was straightforward due a pre-existing PKI bound to the nationwide eID system. However, Cybernetica can support both strong cryptographic tokens as well as lightweight legacy authentication methods. Whenever possible, social network authentication schemes should be avoided for serious voting, due to their indeterminancy.
Internet voting technology Cybernetica created is constantly being improved since 2005, incorporating fresh security expectations from the society and legislation. In 2011, a PoC was created by a student to manipulate the screen overlays and consequently, the ballot. Cybernetica answered with a design where voter can prove the correctness of the casted ballot via another channel – his/her mobile phone – not compromising the confidentiality of the vote. The mixnets technology was added in 2017, introducing the independent cryptographic verifiability of the voting procedures. The election branch of the source code has been made public to satisfy the sceptical minds.
Estonian web-taxation portal “e-Tax Board” was launched already in 2000, allowing citizens to submit their tax declarations online. Today, 99% of all taxes in Estonia are declared online. Estonia is the most efficient tax collector in the world and in addition has the most competitive tax system among OECD countries. But despite that, the country was trying to tackle a noticeable VAT gap for years.
Cybernetica developed and implemented the technical solution that helped the Estonian Tax and Customs Board (ETCB) to enact a major VAT reform in the country. The effects of the reform were astonishing – a 10% raise in VAT collection was noted despite declining economy. The amount of initiated tax investigations dropped drastically due to this effect. No longer is the ETCB tackling the VAT gap reactively, but has the capability to prevent deliberate VAT fraud, resulting in the growth of state revenue, streamlining the auditing processes and reducing the administrative burden for honest companies.
Cybernetica’s technical solution allows for the user to access the VAT declaration application either through web-based e-Tax Board interface or enter the data to the system using machine-to-machine interface. In Estonia, full integration to the e-Government backbone, the X-Road, was provided, together with other data entry solutions (such as XML). Data aggregating is then performed by the Cybernetica-built aggregator and sent to the risk analysis tool (which is any type of BI unit available in the organization). The solution integrates to any in-house or external BI processes and risk analysis methods with no overhaul needed. Finally, results are provided in the auditor’s case management tool, which indicates companies with threat of VAT evasion to the auditors.
The story of X-Road started in 2000 when the Estonian government started to investigate ways to organize the communication between government entities. These seminars and debates led to the first X-Road project in 2001. The goal was to build a uniform data exchange mechanism for connecting state registries, as well as to build a citizen portal and to integrate major registries (population registry, business registry, vehicle registry) to the system. The bid was won by a consortium with Cybernetica being responsible for implementing the data exchange solution. The first version of X-Road went live in December 2001. Cybernetica has been the developer of the X-Road core technology since then.
Originally, the X-Road traffic was mostly queries to state registries. However, as organizations grew more comfortable with the technology, the X-Road usage evolved. In addition to simple queries, organizations started to use X-Road for data insertion/updating as well as connecting business processes running in separate organizations. As of now, there are several major applications that use X-Road as the transport protocol but that also add application-specific conventions, protocols, etc. Examples include the e-health system, government document management system DHX and the electricity metering system Estfeed. All these applications were simple to design because they could rely on existing secure communication layer.
The importance of X-Road to the current Estonian governance cannot be overestimated. There are almost no paper documents and certificates that need to be carried from one government agency to another. Instead of relying on documents carried by the citizen, agencies make queries to the source and retrieve the most up to date version of the required information. The security features of X-Road guarantee that the query response has the same legal weight as a signed paper document. Due to the security and availability of X-Road, most of the government systems are built on the assumption that the necessary data for making a decision can be queried on demand. Thus, there are no duplicate databases and paper documents given to citizens. This produces enormous savings that are difficult to quantify, but that make the Estonian government one of the most efficient/streamlined ones in the world.
World Bank Development Report in 2015 highlighted two foundational technologies that enable a secure and smart e-government ecosystem: digital identity and data exchange. Our main challenge for governmental data exchange is how to ensure secure and reliable exchange of mission critical data in an adverse, complex and dynamic environment.
The report, written by Kristjan Vassil from the Institute of Government and Politics at the University of Tartu, goes on to describe the characteristics of the X-Road, the data exchange platform Cybernetica developed for the Estonian Government: „ … open design is accompanied by rigid security measures – authentication, multilevel authorization, high-level log processing and monitoring, encrypted and time stamped data traffic – the basic functionalities that are covered within the very structure of X-Road.“
Our work on developing data exchange for the Estonian government began in 1999. The government started to investigate ways to organize the communication between government entities - these seminars and debates led to the X-Road project in 2001. The goal was to build a unified data exchange mechanism for connecting state registries, build a citizen portal and integrate major registries (population registry, business registry, vehicle registry) to the system. The bid was won by a consortium with Cybernetica being responsible for implementing the data exchange solution. The first version of X-Road went live in December 2001. Cybernetica has been the developer of the X-Road core technology since then.
Originally, X-Road traffic was mostly querying to state registries. However, as organizations grew more comfortable with the technology, usage of the X-Road diversified. In addition to simple queries, organizations started to use X-Road for data insertion/updating and connecting business processes running in separate organizations. Examples include the e-health system, government document management system DHX and the electricity metering system Estfeed. All these applications were easier to design because they could rely on an existing unified secure communication layer. The importance of X-Road to Estonian governance cannot be overestimated. There are almost no paper documents and certificates that need to be carried from one government agency to another. Instead of relying on documents brought by the citizen, agencies make queries to the source and retrieve the most up to date version of the required information. The security features of X-Road guarantee that the query response has the same legal weight as a signed paper document. Due to the security and availability of X-Road, most of the government systems are built on the assumption that the necessary data for making a decision can be queried on demand. Thus, there are no duplicate databases and paper documents given to citizens. This produces enormous savings that are difficult to quantify, but make the Estonian government one of the most efficient and streamlined in the world.
Today, the X-Road in Estonia has connected over 450 institutions and enterprises and over 150 public sector institutions. There are roughly 52 000 organisations as indirect users of X-Road services and nearly 1300 interfaced information systems. Over 2800 services can be used via the X-Road and it has helped Estonia save 1407 years of working time in 2018 (up from 804 in 2017).
In 2012 Cybernetica started a research & development project to develop the basis for the next generation interoperability platform, the UXP (Unified eXchange Platform). The core and protocol set of which is also used in the X-Road version 6. UXP is targeted at establishing a standardized secure and scalable communication channel between several counterparts (governments, ministries, agencies, organisations), while providing confidentiality, strong authentication and long-term proof of value of the messages.
Security by design is at the heart of governmental data exchange and several information security principles have been implemented in our data exchange solutions. Starting with what is known as the CIA Triad: confidentiality, integrity and availability. Here, confidentiality refers to encrypted data being exchanged directly between the members and not transferred via third parties. To ensure integrity, all data exchange over UXP is signed, audit logs are chained together and timestamped in several ways. As a result, the information is held in a distributed data system and can be exchanged instantly upon request, providing data exchange 24/7. Scalability, reliability, non-repudiation, accountability, auditability, to highlight a couple of other principles, have also been built into our data exchange solution to ensure secure and reliable exchange of mission critical data.
Our work in data exchange has taken us from Estonia to USA, UK, Japan, Ukraine, Haiti, Namibia, Tunisia, Benin, Greenland to name a few. Development and improvement of our data exchange product, the UXP is a continuous process and we are determined to provide secure data exchange to governments and businesses across the globe.