The UK's major pensions providers send monthly reports to The Pensions Regulator (TPR) detailing late payment and non-payment of pension contributions and employers who do not have a record of payments due in place. The Pensions Regulator were receiving thousands of reports in different formats, none of which they could process. NTD were asked to research a method to facilitate electronic reporting.
The key areas were identified as:
- Standardized data formats using the emerging XML Schema (XSD) standard
- Data encryption
- Secure data transmission via web and TCP protocols
- A Portal for data reporters
Throughout the lifetime of the pilot several key requirements were identified:
- Data standards based on the work of the eGovernment Schema working group
- A full Public Key Infrastructure
- Certificates and data signing
- TPR administration portal
On the back of the original pilot and the new requirements the TPR Gateway was developed and successfully rolled out to TPR's reporters and TPR administration staff. The management of the project was guided by the principles outlined in Prince 2, following strictly scheduled milestones and deliverables.
Less succinctly, NTD provided:
- Data formats defined using XML Schemas (XSD) and built around the e-Government schema initiatives
- Full Public Key Infrastructure (PKI) providing Code Signing, Secure Socket Layer (SSL) over HTTP and SSL and Client Certificates for XML Digital Signatures
- Secure portal for Reporters for sending Signed, Encrypted and XML Enveloped data
- Client side automation components (ActiveX, .NET and Java) to sign, encrypt and send data via a secure TCP connection
- Administration portal enabling report tracking and reporter security credential administration
Based on these key requirements an initial pilot was developed. The pilot proved so robust that it was used to service a number of providers for a little over a year whilst the full production model was developed.
NTD continue to host and maintain a secure hosting facility on the Isle of Dogs. Our servers have run faultlessly with no downtime whatsoever since it went live and all reporters continue to report successfully.
- Web server framework infrastructure for data virus scanning, identification, validation and packaging for delivery, via secure TCP, to the TPR servers
- Distribution service, based on XML enveloping of the incoming data to the TPR servers