With increasing reliance by Government on the data captured by eGovernance solutions for major policy decisions, the data quality has assumed prime importance. It is increasingly driving the policy decisions, benefits are transferred to beneficiaries based on data captured by eGovernance applications and performance of government functionaries and field offices and of the government itself is being judged based on the data captured by eGovernance applications. It is, therefore, imperative that sufficient attention is given to ensuring quality of data captured by these applications. In this context, this section provides guidelines to arrive at common data standards and interfaces to be used to take care for data, its user interfaces and data quality parameters.
- Data ElementA data element, also called a data item or field, is the smallest piece of data that has meaning, which need not be broken further. Often a data element is self defining such as Student name, enrolment number. The attributes of data element includes name/label, type, length, output format etc. Follwoing points can futher be elaborated on data element
- Data Identification
- Data Size
- Data Domain
- Data Availability
- User Interface
- Metadata Standards
- Record Identification
- Record Level Validation
- Data Functions
- Record Element
This section deliberates on group of related data elements termed as record i.e. a record is a meaningful combination of related data elements that is included in a data flow or retained in a data store.
- Record Identification
- Record Level Validation
- Data Functions
This section deliberates on issues related to data stores generally referred as tables or entities or data functions. A data function represents functionality provided to the user to meet internal and external data storage requirements. It is a user recognizable group of logically related data or control information maintained in the form of database tables.
- Data Function/Table Identification
- Referential Integrity
Following points should be dicussed along with criteria for defining identifiers.
- Criteria for Defining of New Identifier
- Common Identifiers
- Indian Financial System Code (IFSC)
- Guidelines for Common Data Elements
For specification of data common data elements, Snake Case (Lower Case Embedded Underscore) has been chosen as naming convention. For more details of this point Guidelines PDF can be referred.
The ways in which someone may be authenticated fall into three categories, based on what are known as the factors of authentication:
- Something the user knows,
- Something the user has, and
- Something the user is.
Each authentication factor covers a range of elements used to authenticate or verify a person’s identity prior to being granted access, approving a transaction request, signing a document or other work product, granting authority to others, and establishing a chain of authority.It is suggested that for positive authentication, elements from at least two, and preferably all three, factors should be verified. The three factors (classes) and some of elements of each factor are:
- the knowledge factors: Something the user knows (e.g., a password, Partial Password, pass phrase, or personal identification number (PIN), challenge response (the user must answer a question, or pattern), Security question etc.
- the ownership factors: Something the user has (e.g., wrist band, ID card, security token, cell phone with built-in hardware token, software token, or cell phone holding a software token)
- the inherence factors: Something the user is or does (e.g., fingerprint, retinal pattern, DNA sequence (there are assorted definitions of what is sufficient), signature, face, voice, unique bio-electric signals, or other biometric identifier).
In a web application it is easy to confuse authentication and session management (dealt with in a later section). Users are typically authenticated by a username and password or similar mechanism. When authenticated, a session token is usually placed into the user’s browser (stored in a cookie). This allows the browser to send a token each time a request is being made, thus performing entity authentication on the browser. The act of user authentication usually takes place only once per session, but entity authentication takes place with every request.
- Authentication Levels
Authentictation level can be divided into three categories
- Single-factor authentication
- Two-factor authentication [2FA]
- Multi-factor authentication
- Authentication Types
The authentication type in web applications can be based on the sensitivity of the application. This can be categorized in following
- HTTP Basic Authentication
- Form Based Authentication
- Digital Certificates (SSL and TLS)
- One Time Password
- Biometric Authentication
- Implementation of Authentication
Authentication can be implemented in following depending on application need.
- HTTP Basic/ Form Based Authentication
- Authentication using Database
- Authentication using LDAP
- Certificate based Authentication
- One Time Password Based Authentication
- Custom Application generated OTP
- Aadhaar Based OTP.
- Time Based One Time Password (TOTP)
- Biometric Based Authentication
- Sign-up/login Processes
A typical sign-up form contains a couple of fields, the objective is to identify a person to whom we are going to provide access for using the application and facilitate with single sign-on.Ways to recall Sign-up Credentials are
- Sign-up using Application Specific User-id/Password
- Sign-up using Official User-id/Password (e.g. NIC Email)
- Sign-up using Social Networking User-id/Password
- Additional Best Practices
We can use following best practices to higher level of security.
- Stop Auto User Creation
- Using Captcha
- Context Based Authentication
- Additional image based profile verification
- Using Forgot Password
- Using Profile/Transactional Password
- Security Questions
- New Account Activation links
- Account Locking 10. Account Audit Policy
The e-governance applications support large range of activities from provding information like location of RTO to providng intelligent GPS based accident reporting and support services. The effective implementation of e-Governance solutions requires hassel free interaction between e-governance application and its users. The “Form” is one of the most important element used in these systems/applications for interaction and collection of data. The effectiveness, efficiency and user satisfaction can be improved by developing applications with well-designed forms. To improve the usability of e-Governance Applications, it is important that sufficient attention is given to design and development of these web forms. This section provides practical guidelines and best practices for design of web forms as part of e-governance applications to provide effectiveness, efficiency, and a pleasant and satisfying experience to the users who use them. The application of these guidelines will also help in reducing on design efforts and keep the consistency for end-user with more predictable and standardized user interface.
- Design Principles – Considerations for Form Design
While designing a form, we should look outside-in means the User should be kept in mind while designing the form. The primary goal while designing a form need to be “Speed” and “Accuracy”.
- Structuring of Form
A form is a conversation. And like any conversation, it should be represented by a logical communication between two parties— User and the Owner of the Application. While developing the form we can keep the following points in mind 1. Only Ask What’s Required 2. Order the Form Logically and 3. Group Related Information
- Form Elements
The Web Form is made up of elements. Every Web Form has at least three basicelements: labels, input fields, and actions. We can follow the standard given in guidelines while choosing these elements.
- Form Validations
It is important that the quality of data is ensured. As mostly the data captured is further used for policy planning and decision making, the poor quality of data can results in ill-informed decisions and policies. Validations are very important tool to ensure quality of data captured as part of our applications.
- Document Upload, Storage and Management
Documents, images uploaded on a web application become integral part of the application work-flow with multiple users with different roles accessing them at different stages of the document life-cycle (creation, uploading, storage, tracking, retrieval, disposal etc). Keeping in view the limitation of bandwidth and need for faster upload/ retrieval speed, document size, formats etc need to be carefully planned and controlled.
When we begin to build an application, the focus is naturally on designing input screens for capturing data and designing the database which is optimized for data entry. However, the main purpose of any application is not just to capture data but to use it to monitor performance, use it as a guide in decision making and developing future policy guidelines. The management primarily concentrates on what the stored data can reveal about a programme or performance of an entity and how they can use that information to improve the performance so that the overall governance objective is effectively met. Reporting and analytics are two areas which fulfil these aspirations of the decision makers. This document gives you a few guidelines and checklist for preparation of reports for yur application. The first step obviously understands the user requirements. The first section identifies a set of questions you should ask your client or the end user and also yourself before you build report. Rest of the sections elaborate on the questions by giving you simple guidelines for generating useful and user-friendly reports.
- Conduct a thorough analysis of user scenarios
You should prepare a list of question to ask from user. To Know your user and their requirement. Reports can be categorized a) MIS Reports b) Moniotring Reports c) Performance Reports d) Exceptional Reports
- Report Design
Before making report design team should thoroughly brain stormed about the following point 1. Setting up a Report – The Query Filter 2. Report Layout 3. Emphasize Important Information 4. Format and Paginate 5. Make the report distributable 6. Design Database specifically for Reports
- Reporting Frameworks
Reporting Frameworks provide the much needed facilities to quickly turn out great looking reports. Frameworks are available for Java, .NET and PHP. Frameworks for Java include BIRT, JasperReport, Pentaho etc. Microsoft provides the Microsoft Reporting Server.
APPLICATION DEVELOPMENT FRAMEWORKS
The expectations of government to deliver more services and to deliver them better presents a challenge for NIC. Well-engineered automated solutions can only increase productivity in service delivery to help in meeting these expectations.The anticipation towards rapid implementation of e-Governance applications has necessitated the improvements in developer productivity along with quality, reliability and robustness of software. The frequent changes in requirements are also need of the hour. It is therefore, essential to focus on the unique requirements of applications instead of spending time on application infrastructure (“plumbing”), so there is a need to have a framework with a set of objects and methods that can be customized/configured for faster delivery of robust applications.A framework is often a layered structure indicating what kind of programs can or should be built and how they would interrelate. A framework is a set of common and prefabricated software building blocks that programmers can use, extend or customize for specific application. With frameworks, developers do not have to start from scratch each time they write an application. This section provides various alternatives available that can be used as framework to ensure an integrated, coordinated and standards-based effort. In the absence of such a uniting fabric, it is likely that there would be avoidable duplication, incompatibility, delay and inefficiency in delivery of efficient ICT projects.
- Framework Design Pattern
Consider the following point 1. Inversion of control 2. Extensibility 3. Non-modifiable framework code
- Framework Components/Parameters
While chossing the Packages/Wrappers 6.2.2 Architecture 6.2.3 Methodology
- Java based Frameworks
Few of the popular java based frameworks, with an objective to provide clear, comprehensive information to ensure rapid development and implementation of applications, are 1. Apache Struts 2. Spring 3. JSF
- PHP Based Framework
Most Popular PHP Frameworks are Laravel, Symfony, CodeIgniter, CakePHP and Slim