Overview

DIGIT is an open-source platform licensed under the MIT license (https://opensource.org/licenses/MIT) compliant with the NUIS digital blueprint.

The detailed mapping of DIGIT’s capabilities with the core requirements mentioned in the NUIS digital blueprint is mentioned below:

Interoperability

Data specifications/models are available for domain entities. DIGIT is designed as an API-first platform wherein data specs/models are created for all key entities, thus ensuring interoperability through open APIs and open standards. Taxonomies are available for the key domain entities/registries. These can later be harmonised with standard taxonomies in the domain as and when they are made available. DIGIT data models and APIs are published as open APIs freely available to everyone in the ecosystem. Currently, DIGIT provides at least three key distinct APIs for all domain entities: Create, update and search. Deactivation/cancellation of key entities in DIGIT is achieved through updating their status to inactive as per their defined specification/API contracts. Given the API-first and micro-services-driven nature of DIGIT, current APIs and models can be quickly harmonised with national standards as and when they are made available. DIGIT strives to leverage established domain standards (national/international), wherever available.

Data Privacy And Security By Design

Data Privacy

Data privacy capabilities are available to mark and protect sensitive data. The core service layer of DIGIT includes signing and encryption service as one of the core services that provide capabilities to sign/encrypt/mask sensitive data. It is designed such that it can work against software key stores and can be extended to integrate with any kind of hardware key store to store and protect signing and encryption keys. Encryption requirements can be defined and adhered to for the storage of sensitive data. DIGIT requires the user PII data to be stored in its user service, which is, by default, enabled for encryption of sensitive data as user data vault. All other services in DIGIT are required to access PII data by explicitly calling the user service, which, in turn, audits all access to PII. In addition, individual services in DIGIT can leverage DIGIT’s signing and encryption service (this is what the user service leverages to create user data vault) to further protect additional sensitive data available with the services. DIGIT provides the capability to define workflows for data modification that can be configured to have approval steps to get the needed consent for any data modification activities. DIGIT currently provides RBAC (Role-Based Access Control)-based access control for access (search) to data.

Security

Appropriate access controls can be defined in the APIs to ensure authorised access to sensitive data. DIGIT is designed to handle authentication and authorisation as a perimeter control at its API gateway layer to ensure that unauthorised calls are not allowed to contact the respective micro-services. DIGIT provides an RBAC mechanism where users are explicitly provided access to relevant resources by assigning them appropriate roles. By default, DIGIT supports OAUTH-based authentication for individual users and APIs. However, the authentication and authorisation filter in DIGIT is designed to be easily extendable to support any further authorisation and authentication needs. The perimeter security mechanism in DIGIT also helps developers in focusing on the functional developments for further services and offloading the access control requirements for new resources and their APIs to the API gateway using simple configurations. DIGIT also ensures that risks like the following are taken care of:

• Privilege escalation – form field manipulation

• Failure to restrict URL access

• Insecure direct object references (IDOR)

• Malicious file upload leads to cross-site scripting

• Improper authentication

• Missing account lockout

• Request throttling attack

• Weak encoding mechanism

• Sensitive information in URL

• Lack of automatic session expiration

• Insecure banner implementation

• Concurrent session

• Clickjacking

• Improper error handling

Transparency and Accountability Through Data

DIGIT has the capability to define key registries in OpenAPI 3.0 specs formats. It can easily achieve key APIs like create/update/search using its building blocks in core services, mainly through configurations and using lightweight extensions on a needs basis. DIGIT has the capability to protect person-specific sensitive data by encrypting them in the user data vault (user registry), which allows configuration-based protection of sensitive PII. DIGIT requires additional registries to reference PII using this mechanism. In addition, registries in DIGIT can leverage its data protection (signing and encryption) core service to provide additional protection to registry-specific attributes. The registry data in DIGIT can be signed for tamper-proofing, using its signing and encryption core service. A proof-of-concept for this has already been done on the ePass module that was built on the DIGT platform. All key data modifications in DIGIT are access logged to provide an audit trail, which can be accessed through the APIs. The upcoming version of DIGIT is planning to bring in the concept of immutable event logs to further strengthen this capability. DIGIT leverages open-source telemetry to provide the ability to gather telemetry data and extends it for the DIGIT-specific processing pipeline. This framework allows for additional event definitions and contextual extension of the telemetry processing pipeline thereby future-proofing this capability in DIGIT.

Reusability and Extensibility

The DIGIT platform is designed as a collection of more than 50-plus atomic micro-services which are bundled together in a given context to provide end solutions. The micro-services in DIGIT can be divided into three main categories: data services (registries, reference master data management, etc.), tech infrastructure services (authentication, authorisation, notification engine, etc.) and domain services (assessment, NOC, etc.). Citizen, employee and administrative interfaces in DIGIT use these micro-services to achieve the needed functionality. Data models and APIs in DIGIT are defined as OpenAPI 3.0 specifications and can be extended by using a combination of configuration and extension techniques. For example, if the additional attributes are only needed to be stored with format validation, it can be a simple schema extension, while if the additional business checks/functionality need to be implemented using the extended attributes, then it can be achieved using pre/post request filters or extending underlying micro-services. DIGIT allows the extension of existing capabilities without needing architectural interventions. As described above, the extension of existing functionality on DIGIT can be achieved using additional configurations, additional extension services, or request/response filters. Several partners have extended DIGIT modules to cater to new use cases. For instance, the DIGIT mCollect module caters to the collection of fees for over 50 services on the counter, but it does not have a citizen interface for the payment of these services online. The Directorate General Defence Estates (DGDE) wanted to introduce this interface for the citizen’s of cantonment boards in India, and were able to easily enhance the mCollect module to include this capability. DIGIT supports single-instance multi-tenancy to enable sharing of the underlying infrastructure. All DIGIT data models and services are designed to be multi-tenanted. DIGIT uses an API-first approach in its design and development to ensure loose coupling between its various components. These APIs are clearly defined using OpenAPI 3.0 specifications to ensure clear documentation.

Evolvability and Scale

A new functionality can be added by re-bundling existing building blocks in the context of new use cases and implementing only additionally-required services without requiring any architectural overhaul. Additionally, due to its loosely coupled API-driven design, DIGIT allows for new components to be implemented in the technology that is most useful for that use case. The API-driven, micro-services-based architecture of DIGIT enables its components to evolve separately. On DIGIT, individual components can evolve separately to enable the heterogeneous evolution of the system. DIGIT uses SemVer 2.0 for the versioning of its micro-services and interfaces. Semantic versioning is a formal convention for specifying compatibility using a three-part version number: major version; minor version; and patch. More details on this can be found on this link: https://semver.org/. DIGIT is designed to be horizontally scalable. The micro-services-based architecture of DIGIT also enables it to scale only needed components/services, thereby providing resource efficiency. For example, the billing and collection services can be scaled separately during a financial year closing if the load pattern indicates increasing volume of bill payments during that period. DIGIT is designed to be hardwarec agnostic and can be run on any hardware. It has been tested on multiple commercial clouds and state-sponsored bare metal infrastructure. Components of DIGIT that need to use underlying hardware have been carefully chosen (in case where DIGIT is using other open source components) or designed (DIGIT’s own components) to provide a layer of abstraction that can be extended for any types of hardware.

Multi-Channel Access

DIGIT is designed using an API-first approach, therefore enabling any user interface channel to leverage it. DIGIT’s own user interfaces (web/mobile app, WhatsApp, Chatbot) are implemented using its APIs to ensure that the offered platform capabilities and data are accessible to any delivery channel based on configured policies. DIGIT’s access control mechanism can be configured to provide different levels of access based on channels and roles.

Ecosystem-Driven

The DIGIT platform and its user interfaces are completely open source. All external components used in DIGIT are also open source. Due to its API-based and event-driven architecture, DIGIT can be integrated with any existing stack. Wherever appropriate, DIGIT also provides out-of-the-box integrations with crucial stacks/platforms. The most common integrations are to payment gateways, SMS providers and SMTP email servers for a typical implementation. More than 14 organisations have already partnered with us to implement DIGIT across multiple implementations in India, and have built over 20 new solutions on top of the platform. DIGIT also provides the capability to gather feedback from the ecosystem in a digital manner. The feedback capability in DIGIT can be looked at the following levels:

• Service delivery feedback on services offered through DIGIT: DIGIT provides a highly configurable and extensible public grievance module to enable this kind of feedback/redressal for functional users (such as citizens, and employees).

• Service usage feedback: The DIGIT user interfaces include a telemetry SDK which is backed by telemetry infrastructure in DIGIT platform. Coupled with API access logs, this enables DIGIT to gather usage feedback through live action and can be used for fine tuning interfaces and APIs

• Design/feature feedback: As an open source project on Github, DIGIT provides a mechanism to provide comments/feedback on its various components using Github. This feedback can be leveraged to create a point of view on the future roadmap for the platform.