Unified eXchange Platform (UXP)

Simply put, the UXP is a centrally governed data exchange platform that facilitates secure and legally valid exchange of information between sovereign organisations. On an organisational level, there is one single organisation with a mandate to run the platform and an unrestricted number of organisations that can connect with each other in a decentralised way. Thanks to built-in security measures, the connections between independent organisations are standardised, secure, and seamless.

On a technical level, the UXP is a service-based solution: organisations can develop and publish their services on the UXP platform, and these services can then be consumed by other organisations. The UXP keeps the owner of the services in full control: they can
decide and monitor which organisations can use their services. The UXP can be used by any organisation, public or private, to provide and consume services. The UXP applies asymmetric cryptography, digital signatures, and PKI in order to provide the security,
scalability, and legality of the system. The UXP is fully compliant with the EU eIDAS directive, and Cybernetica’s add-on privacy tools also support GDPR compliance. The UXP archives all the exchanged messages in a digitally signed form that is valid in court, if digital signatures are defined as legally binding in the local legislation.

Interoperability and data exchange are often used as buzzwords. It is therefore important to define what these terms mean in the context of our solution.

Cybernetica’s UXP follows the European Interoperability Framework (EIF). The EIF defines interoperability as “the ability of organisations to interact towards mutually beneficial goals” and suggests that interoperability consists of four different layers. Out of these, the UXP enables building technical interoperability by providing technical standards and tools for different parties to share information in order to work together.

The other three layers of the EIF - organisational, legal, and semantic interoperability are not automatically achieved by the UXP solution.

In other words, the UXP enables achievement of technical interoperability by providing a platform for organisations to communicate with each other and share information over secure and trusted channels. In more technical terms, the UXP enables the exchange of business-critical data between sovereign information systems while keeping each transaction secure and legally valid.

The UXP is domain-independent technology that can be used vertically within a single domain or horizontally across different domains. It can be used in small-scale singledomain instances with few requirements (e.g., among universities in the education domain) or in society-level multi-domain instances that have high availability and strict security requirements (e.g., government organisations sharing data with private companies and NGOs). The real value of UXP becomes apparent in the latter due to the gains from avoiding a large number of point-to-point integrations and the compound positive network effects that a large connected ecosystem can propel.

The UXP is a powerful enabler of cost-efficient and seamless digital services. UXP provides a secure and standardised platform to exchange data between different organisations, enabling them to leverage this data and develop online services. The UXP not only allows organisations to retain sovereignty of all participating parties but also to maintain confidentiality and integrity of data thanks to its built-in security principles. By replacing point-to-point integrations with standardised ones, the UXP increases work efficiency and achieves significant reductions in overheads. The UXP also contributes to simplifying data governance: data is stored and distributed across different organisations, allowing organisations to better define data ownership and control and avoid the creation of a costly and highly risky "super-database."

Compared to traditional integration tools, the UXP is infinitely scalable and highly performant. The UXP can be used for securely connecting different organisations together on society level. It offers a unique set of information exchange, organisation governance, provenance, and privacy features required when a large number of organisations need to interoperate together in a digital environment. This allows the creation of an ecosystem where both the public and private sectors are interconnected.

The UXP is a proven interoperability solution already implemented by more than 10 governments around the world in mission-critical applications. It is developed by Cybernetica, an Estonian-based ICT company, with 25 years of experience in developing and deploying information security, interoperability, and digital identity solutions. UXP is developed and maintained by a dedicated and highly experienced product, as well as a DevOps team, who follow wider industry trends as well as the more specific needs of our customers.

The UXP architecture aspires to be future-proof by anticipating the scalability and availability needs of tomorrow. As a result, each UXP deployment can be built step-bystep with society-level full interoperability as a long-term goal. The UXP is also highly secure. The built-in security features allow UXP to address the whole spectrum of information security and data sovereignty related concerns in mission-critical environments. The UXP is also fully compliant with the EU eIDAS directive, and its out-ofthe-box privacy tools, Access Tracking and Consent Management, support compliance with the data protection and privacy requirements of GDPR and other data privacy regulations.

At a high level of abstraction, integration technologies can be divided into enterprisegrade integration technologies (e.g., API Gateways, ESB, IPAAS, and HIP) and societylevel integration software platforms (e.g., UXP). The former are useful to help organisations access various data sources and services within an entity, and the latter help a large number of autonomous organisations interoperate with each other in a trusted digital environment. On a societal level, trust is paramount, and the UXP achieves it using standardised security, PKI-based authentication, governance, and privacy features.

In addition to the differences in the scope of their primary use cases, enterprise-grade and society-level integration technologies also differ in terms of architecture and size. While enterprise-grade integration technologies have a centralised architecture, societylevel integration technologies have a decentralised architecture. This is due to the fact that society-level integration happens on a much larger scale, calling for greater scalability and availability. The UXP's distributed software architecture helps achieve both goals. Without a central node, the digital society can scale infinitely without performance problems. Decentralised architecture means that the digital society is also much less vulnerable to technical problems or debilitating cyber-attacks.

The UXP is already used in a variety of different locations across the world. More than 10 governments, from Malaysia to Ukraine, from Benin to Tunisia and Greenland, have adopted the UXP as a foundation for digital service provision. Altogether, more than hundreds of millions of people rely on UXP technology as part of their daily lives when interacting with the government or private sector. In Japan, solely private sector actors are deploying the UXP in a quest to innovate their business models.

The UXP has a proven track record of operating in adverse environments while remaining secure and available at all times. This has been possible thanks to its distributed architecture that avoids central points of failure or attacks, as well as its other built-in security features. Security-by-design principles are also reinforced with additional features like elliptic curve cryptography, trust services, and strong authentication of organisations for each information exchange. The high security level of the system makes the UXP suitable for mission-critical infrastructure that deals with sensitive information.

Contact our sales team to learn more about how the UXP can help you achieve your goals and what the implementation specifics are in your case. As a standard, implementation is done in phases, where the first phase normally consists of a thorough assessment period followed by technical deployment and training. We also compile a context-specific and customised strategy for the gradual deployment of the full-scale solution that will inform the future phases. We offer the possibility to first pilot the UXP solution on a small scale before wider adoption. Our fully managed interoperability-as-a-service offering allows organisations to pilot the UXP in conditions of time as well as resource constraints.

The estimated duration of any UXP implementation depends on the scope of work (e.g., the number of organisations to be connected) as well as other non-technical factors around stakeholder alignment, change management processes, and legal aspects. While the interoperability pilot can be completed within a matter of a few months, achieving fullscale interoperability needs to be seen as a long-term endeavour, requiring a far-reaching strategic commitment. Contact our sales team to understand the implementation timeline
and specifics in your case.

Cybernetica has earned a reputation as a key player in the design and implementation of some of the world’s most advanced e-Government solutions. Our deep knowledge of e-Government and mission-critical software, earned over decades of successful projects completed to the highest security standards, makes us a valuable asset for those governments or organisations looking to create or improve digital systems in relevant domains.

Building in-house requires significant resources for development and continuous maintenance and upgrading of the system. Instead of finding in-house resources to reinvent the wheel, governments around the world are outsourcing to use proven building blocks from trusted players, such as Cybernetica. This way, the government can then focus their resources on more value-added activities and projects that need to be pursued on top of the technical infrastructure.

Cybernetica was the technical architect of the X-Road interoperability solution that is currently the backbone of Estonia’s digital state. The UXP was developed as the successor to the X-Road and built specifically with export markets in mind. The UXP encompasses close to 20 years of work on the X-Road technology and by now surpasses it in terms of security and scalability. Instead of building a data exchange platform inhouse and from scratch, the UXP technology, its out-of-the-box add-ons, and our seasoned team can help you jump-start your digital transformation journey.