http://www.spinellis.gr/pubs/conf/2005-eChallenge-Praxis/html/AKGSC05.html
This is an HTML rendering of a working paper draft that led to a publication. The publication should always be cited in preference to this draft using the following reference:
  • Stephanos Androutsellis-Theotokis, Vassilios Karakoidas, Georgios Gousios, Diomidis Spinellis, and Yannis Charalambidis. Building an e-business platform: An experience report. In Paul Cunningham and Miriam Cunningham, editors, Innovation and the knowledge Economy — Issues, Applications Case Studies. Proceedings of the eChallenges 2005 conference, volume 1, pages 199–206, Amsterdam, Netherlands, October 2005. IOS Press.

Citation(s): 3 (selected).

This document is also available in PDF format.

The document's metadata is available in BibTeX format.

Find the publication on Google Scholar

This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.

Diomidis Spinellis Publications

Building an e-Business Platform: An Experience Report

Stephanos Androutsellis-Theotokis1, Vassilios Karakoidas1, Georgios Gousios1, Diomidis Spinellis1 and Yannis Charalambidis2

 

1Athens University of Economics and Business, 76 Patission Str., Athens, 10434, Greece

Tel: +30 210 8203370, Fax: +30 2108203664, 

Email: {stheotok, bkarak, gousiosg, dds}@aueb.gr

 

2Singular Software S.A., 23rd Km Athens-Lamia Road, Ag. Stefanos, 14565, Greece

Tel: +30 210 6267400, Fax: + 30 210 6267410, Email: yannisx@singular.gr

 

Abstract: The PRAXIS project has been designed to facilitate the interchange of data between government and business entities through direct enterprise application interconnection. The system architecture has been entirely based on emerging technologies, including web services and XML, allowing independent client systems to operate asynchronously with a central server orchestrating and controlling the workflow. An original business document exchange protocol has been developed from the ground up in order to address the specific needs of business to government transactions in the Greek business sector. This paper elaborates on the methodologies and tools used for the development of the project’s coordination point (the server) and its clients, and present the experiences gained during the system’s design, as well as results obtained from the preliminary integration and testing phases.

1        Introduction

In recent years, significant technological advances have been made in the field of e-business, both at the European and international level. The penetration of such technologies in the business world, however, has been limited, especially in countries where the majority of businesses are small or medium. At the same time, the greater part of the effort to adopt e-business technologies and solutions has targeted the end consumer (Business-to-Consumer / B2C), and more rarely takes into account real application to application interconnection (A2A), a field that is bound to make an impact in terms of speed, security and accuracy of business transactions, and will ultimately boost the adoption of e-business solutions.

      Despite the rising pace at which Information Technology means are being deployed, the majority of several millions of daily transactions among the above entities are still carried out in the traditional manner: typically sending the various transaction documents through mail or fax, manually inserting data in Enterprise Resource Planning (ERP) or Customer Relationship Management (CRM) applications or, at best, manually filling in on-line web pages offered by Banks or Governmental Agencies. Based on the above inadequacy and on the absence of enlightening new approaches at the SME level, most of the companies waste significant effort and resources while not entrusting the Internet and current B2B (or even B2C) applications for their transactions. 

      It took the entire industry several years of development (and a crisis) to achieve reliable, secure, convenient, and efficient B2C transactions through the Web. Business application interconnection is a far more difficult task; how can different, mostly proprietary, internal systems for accounting, order processing, and supply-chain management be modified to exchange data through the Web reliably, securely, and in a standard, open way so that a custom solution for each business relationship is not required?

      To address these issues, and in many ways the market needs whether present or future,  we present the PRAXIS project [3,4], a research project aiming to develop a standardised way of doing transactions safely and efficiently between business entities and also interconnect them with government information systems. The main innovation of our approach lies in the study and comparison of existing standards for B2B transactions and the proposal of a new, adaptable and compatible one, and the design of a system that covers the needs of large enterprises as well SMEs with minimal IT infrastructure.

2        The PRAXIS Project

PRAXIS aims at the research, development and pilot deployment of the necessary methodologies, technologies, infrastructures, business processes and setups that will allow the average European SME to carry out a significant portion of its business transactions over the internet, through the interconnection of Enterprise Resource Planning (ERP) applications between enterprises, banking institutions and the public sector.

      More specifically, the general PRAXIS aims are:

 

·       The design and development of an easily adoptable and financially attractive solution for the average Greek or European small and medium enterprise, by hiding the complexity of the system from the regular user, and developing a low cost product.

·       The study of and emphasis on the particularly important issue of data and transaction security, as well as the protection of interchanging parties through modern security infrastructures.

·       The adoption of the current statutory and legislator framework, and the interaction with it in the form of proposals and insight directed towards the responsible authorities. This is particularly important, as PRAXIS will be one of the very few complete integrated solutions in the area of B2B/A2S e-business.

2.1        Participants

A consortium of SME’s, university research centres and public sector institutions forms the backbone of the PRAXIS project.  Several other companies and institutions are participating in the prototype implementation of the system:

 

·       Three commercial private companies are adapting their information systems to include the PRAXIS client in order to perform business transactions, such as VAT payments and order placement, with financial organizations and the public sector. These companies provide valuable know-how and experience, while also participating as users of the system.

·       One of the major banks of Greece is connected to the PRAXIS server to carry out financial transactions with the SMEs and the public sector. The bank provides consulting services regarding the types and details of transactions carried out between banks and enterprises, and also participates as a user of the system.

·       The General Secretariat of Information Systems of the Greek Ministry of Finance provides a web services interface to the country’s taxing information system. They dictate the B2G transactions initially supported by the system.

 

3        Choosing between XML Standards

Central to the design of the PRAXIS B2B transaction processing system, was the decision on what document and process description standard should be adopted. A survey of the currently used (typically XML-based) B2B standards was carried out.

3.1        B2B Standards

Table 1 provides a list of the dominant B2B standards.

 

UN / EDIFACT

[5]

Based on the EDI (Electronic Data Interchange) protocols, EDIFACT is the result of a series of attempts to reduce the number of different variations of the EDI standard in use. EDIFACT includes complete syntax rules for the formation of business messages. Other variations of the EDI standard include the UN/GTDI, ANSI X12 EDI, and TRADACOMS

UN / CEFACT

[6]

UN/CEFACT is the United Nation’s body responsible for the international policies and technological advances in eCommerce. In an attempt to modernise the EDI standard, they proposed an XML based  version, which uses the ebXML standard for the description of the document exchange methods.

ebis-XML

[8]

ebis-XML is the standard developed by BASDA (the Business and Accountantcy Software Developers’ Association), and international body representing 370 of the worlds largest business software developers, based in the United Kingdom. ebis-XML allows the exchange of various business documents, and supports communication through the internet or email. The structure of the ebis-XML messages is based on the W3C XML standard.

ebXML

[9,11]

ebXML is an international initiative originating from the UN/CEFACT and OASIS organizations. ebXML define a set of specifications that allow enterprises to perform business transactions through the internet, by using standardized processes for exchanging business messages and defining business processes. ebXML is targeted towards all business sizes, including SMEs.

RosettaNet

[12]

RosettaNet is a non-profit organization with over 500 member companies, whose aim is to propose methods for document exchange and process specification for eBusiness transactions. It supports a mode of operation for direct interactions between the transacting parties, as well as an indirect, server-mediated mode, which is however not encouraged. The message communication is based on technologies such as HTTP (or HTTPS), SMTP, SSL, and S/MIME encoding.

xCBL

[13]

The xCBL standard is the result of the cooperation of companies including Microsoft, SAP, and Commerce One, and essentially consists of a basic collection of electronic documents for business transactions. It does not focus particularly on the definition of processes for document exchanges or business transactions.

XBRL

[15]

XMRL (eXtensible Business Reporting Language) aims at the definition of a standard that will allow companies to create, exchange and compare company data, including financial information. It is an extension of the XFRML (eXtensible Financial Reporting Markup Language), and focuses on the development of tools for business and accounting transactions. It only concerns the representation of information, and not ways of exchanging it.

GCI

[16]

GCI (the Global Commerce Initiative) was formed in 1999 by a coalition of manufacturing and trading companies and professional bodies, in an attempt to provide solutions to the supply chain management practices through standards for interoperability and business transactions. Their proposed standards mainly focused on the description of documents for business transactions, but also proposed business process model guidelines.

OAGIS

[17]

The Open Applications Group Integration Specification (OAGIS) is an open, XML-based attempt to define “Business Object Documents” (BODs, e-business transaction messages) as well as business process scenarios, based on integrating information between different types of enterprises. Currently more than 200 BODs and 60 business process scenarios are defined. OAGIS encourages the use of other technological standards (such as ebXML) for the interchange of information between companies.

UBL

[18]

The Universal Business Language (UBL) is an attempt to define a library of XML-based electronic business documents. UBS is open and designed so as to be easily integrated in current business IT infrastructures, focusing exclusively on the description of documents. UBL is developed by and property of the OASIS organization.

Table 1 : Dominant B2B Standards

3.2        Comparison Criteria

Our analysis of the above standards was based on the ISO/IEC 9126-1 Software Product Quality model [19, 20] which we adapted to a set of criteria specific to B2B transaction processing systems, which were in turn derived during the research and design stages of the PRAXIS project. Figure 1 shows the relation between the generic software quality indices identified and described in [19], and the case-specific criteria that we assembled for ebusiness transaction processing systems, and in particular the PRAXIS system.

 

Figure 1: Comparison criteria for B2B standards. The columns of the table correspond to generic software quality indices (see [19]) that are used to evaluate software products. The rows of the table correspond to specific criteria that apply to B2B transaction processing systems. These are the criteria by which the various B2B standards were evaluated and compared. The dark cells in the table indicate the way in which the generic criteria relate to the case-specific ones, and thus provide the mapping between our original comparison work and the (generally accepted) IEEE Software Quality Model.

3.3        Comparison Results

The details of the comparison and analysis are available in the deliverables of the PRAXIS project[1] (see also [3]). The conclusions reached were that the standards more appropriate to the goals of the PRAXIS system were: (1) UN / CEFACT, (2) UN/ EDIFACT, (3) xCBL and (4) ebis-XML.

The above standards mainly focus on documents, rather than processes. EDIFACT was however rejected due its outdated underlying technological basis and CEFACT because it is still considered immature.

      While xCBL and ebis-XML were both very good candidates, of the processes the PRAXIS system is required to support very few are actually covered by these standards in a complete way. It was therefore ultimately decided to define an original standard for the PRAXIS system, closely based on them, and with care to allow the potential of collaboration between them, through the implementation of simple filters or translators.

4        Technological Infrastructure

4.1        The PRAXIS Architecture

Figure 2 illustrates the PRAXIS Server architecture.

Figure 2 : The PRAXIS Architecture

The PRAXIS Server consists of three distinct modules:

 

 

 

There are two types of clients in the current system:

·       Web (thin) Client: A web application that only provides a limited set of the PRAXIS system functions. The user can send and receive messages, search for potential customers, print, export or import business related data. These services can be very useful to organizations that are relatively small and do not have an ERP system.

 

·       PRAXIS Enabled Application: The PRAXIS consortium offers the possibility to 3rd party organizations to integrate the PRAXIS system services to it. To do so, a shared library (the Universal Praxis Connector (UPC)) is provided, which exports this functionality. In our typical scenarios (Figure 2), an organization modifies its ERP server and client software to provide access to the PRAXIS system.

4.2        Technology and Interoperability Considerations

Interoperability was a very important issue in the design of the PRAXIS system, and it was taken it into consideration during the very early stages of our design and requirements analysis. We based our analysis into the IEEE related Standard for software requirements and specifications [14].

      The PRAXIS server is based on the .NET platform and the PRAXIS Basic Protocol is based on SOAP. At the transport layer, the HTTPS protocol is used and mutual server and client authentication is performed through certificates. The PRAXIS server stores its data into a relational database, which is deployed on an SQL server.

      We didn’t select to implement our system in the J2EE platform due to performance reasons. We also tested other B2B implementation frameworks, such as BizTalk etc, but we rejected them in order to avoid royalties and other licensing issues. We have to note that in order to choose the base platform we performed a research upon candidate technologies based on a series of criteria, which are detailed listed in our project deliverables.

      The UPC shared library is a COM Object which currently is tightly bounded to the Windows platform. In the future, a Java version will be implemented.

      The web client was implemented into using ASP.NET with the IIS in the role of the HTTP server. For authentication and key management we used Microsoft’s Certificate Server.

Figure 3: PRAXIS Test Bed Topology and Technologies

       Other partners of our consortium developed or are currently developing various solutions to provide interoperability with the PRAXIS system, resulting to an ecosystem of distinct solutions exchanging business data. In detail:

·       Business-to-Business: For each SME we developed an ERP-level integration using the UPC shared library. In addition, the project coordinator, who is one of the biggest software vendors in Greece, is developing a PRAXIS enabled version of their commercial ERP system. Most of our participants SME’s are using version of it for testing, while other are developing custom based UPC based application for integration with their systems.

 

·       Business-to-Government: The General Secretariat of Information Systems (GSIS) uses J2EE based applications with Oracle as their database. Their client chose to override the UPC and re-implement an implementation of their SOAP based client in Java.

 

·       Business-to-Financial institutions: Our financial institution is a Bank. They already have deployed a range of e-Banking services, and the consortium is currently trying to implement a bridge with their authentication system and the PRAXIS authentication service. Their services are exposed as Web Services and are implemented in Java. In order to join the PRAXIS network, the Bank will implement a PRAXIS client using the UPC.

5        Results of the Trials

The initial testing of the PRAXIS system was performed on a setup including the PRAXIS server and various web-based clients (Figure 3). A tool was developed to automatically produce the web-based client forms based on the corresponding document schemata.

      A Public Key Infrastructure approach was used to implement security [7]. To simplify the prototype implementation, the certificate authority was chosen to be the server itself. A certificate is issued per client, who also contains the client’s PRAXIS identification number (PraxisID), and the client’s public key is stored on the PRAXIS server. The secure socket layer (SSL) protocol is used to maintain the integrity and confidentiality of the communication channel, while the client certificate is used for authentication purposes.

      The server itself was implemented as a web service, which exports its functionality to authenticated clients. For the test setup, a web browser client was used to hit the web service. The messages exchanged included both system-level message containers (envelopes) and invoicing, ordering and packing-slip messages. The server software was installed on a single workstation machine, which also runs the database server.

      The tests that were run were mainly proof-of-concept tests, since only a small part of the server was implemented by the time of write-up of this paper. Nevertheless, the initial results are very encouraging; the system was able to sustain a significant number of concurrent transactions coming from a network of clients operated by human users.

6        Conclusions and Future Work

The first conclusions from the operation of the PRAXIS system suggest that the adoption of an open and flexible standard for modelling the B2B documents and processes is essential, as it allowed the seamless integration of new types of transactions. The store-and-forward architecture, coupled with the web client feature, allowed small enterprises, including personal enterprises or accountants with minimal or indeed no IT infrastructure to utilise some of the facilities provided by the system. Finally the use of the UPC (Universal Praxis Connector) module allowed the relatively straight-forward integration of large, in some cases legacy ERP and other systems into the PRAXIS network.

It is our impression that these are the main characteristics upon which the future adoption and success of the PRAXIS system relies.

It was also an interesting finding that, of all the B2B standards currently available, very few are actually in a position to provide the required support for a system targeting a horizontal cross-domain solution.

The PRAXIS system is currently in the process of being deployed. A market validation study is being carried out, and different exploitation models are being studied. Due to the open and extendible architecture of the system, it is expected that deployment in other countries or for other types of transactions will be straight-forward.

The PRAXIS system design, just as all currently implemented and deployed on-line business transaction processing systems, is based on centralized n-tier architecture. Our team is already in the process of investigating alternative approaches. It is our firm belief–and it has also been recognized by the research and industrial community that such systems may also be based on the constantly evolving decentralized peer-to-peer architectures [10]. Based on our experiences with the PRAXIS system, we are working on such a detailed requirements definition and analysis [2], pertaining to the phase preceding the actual transactions (such as support for discovery of services, merchandise or trading parties, authentication and access control, and negotiation of transaction parameters); requirements referring to the actual transaction phases (such as support for workflow and collaboration orchestration, logging and non-repudiation); and requirements following the transaction (such as user ranking and reputation management).

      Furthermore, the experience gained in the design of the PRAXIS project is used as a case to explore the potential of applying Model Driven Architecture approaches for enterprise application interoperability [1].

      Based on the findings of our initial experiments, we are also planning to elaborate on the system’s design in order to efficiently address important non-functional requirements, mainly security and availability.

7        References

[1]

Vassilios Karakoidas, Stephanos Androutsellis-Theotokis, Diomidis Spinellis, and Yannis Charalabidis. Applying MDA in Enterprise Application Interoperability: The PRAXIS project. In 5th International Conference on Practical Aspects of Knowledge Management (PAKM 04). The Association of European Operational Research Societies, December 2004.

[2]

Stephanos Androutsellis-Theotokis, Diomidis Spinellis, and Vassilios Karakoidas. Performing peer-to-peer e-business transactions: A requirements analysis and preliminary design proposal. In IADIS International e-Commerce 2004 Conference, December 2004.

[3]

Yannis Charalabidis, Vassilios Karakoidas, Stephanos Androutsellis-Theotokis, and Diomidis Spinellis. Enabling B2B transactions over the internet through application interconnection: The PRAXIS project. In Proceedings of the e-Challenges Conference, October 2004.

[4]

Diomidis Spinellis, Yannis Charalabidis and Vassilios Karakoidas. Application interconnection and execution of Business to Business transactions over the Internet. In 20th European Conference on Operational Research (EURO-XX). The Association of European Operational Research Societies, July 2004. Poster.

[5]

United Nations Electronic Commision for Europe. UN / EDIFACT: United Nations directories for Electronic Data Interchange for administration, commerce and transport.Available online at http://www.unece.org/trade/untdid/texts/d100_d.html

[6]

UN / CEFACT: United Nations centre for trade facilitation and electronic business. Available online at http://www.unece.org/cefact/

[7]

Dimitrios Lekkas, Sokratis K. Katsikas, Diomidis Spinellis, Pavel Gladychev, and Ahmed Patel. User requirements of trusted third parties in Europe. In Simone Fisher-Hübner, Gerald Quirchmayr, and Louise Yngström, editors, User Identification & Privacy Protection:

Applications in Public Administration & Electronic Commerce, pages 229–242. IFIP WG 8.5 and WS 9.6, June 1999

[8]

BASDA, eBIS-XML. Available online at http://www.basda.org/pub_img/uploads/BASDA\%20eBIS.ppt

[9]

ebXML web site. Available online at http://www.ebxml.org/

[10]

Stephanos Androutsellis-Theotokis and Diomidis Spinellis. A survey of peer-to-peer content distribution technologies. ACM Computing Surveys, 36(4):335–371, December 2004

[11]

Mathew MacKenzie. ebXML messaging services specification v2.1. Draft, ebXML, March 2004. Available online at http://www.oasis-open.org/committees/download.php/6130/wd-ebMS-2_1-04.pdf

[12]

Rosetta Implementation Framework (RNIF): Core specification. Technical report, RosettaNet, March 2002. Available online at http://www.rosettanet.org/

[13]

XCBL (XML Common Business Language). Available online at http://www.xcbl.org/xcbl40/xcbl40.html

[14]

IEEE Guide for Developing System Requirements Specifications Std 1233, IEEE Standards Software Engineering: Volume One Customer and Terminology standards 1999 Edition

[15]

Phillip Engel, Walter Hamscher, Geoffrey Shuetrim, David vun Kannon, and Hugh Wallis. Extensible business reporting language v2.1. Draft, XBRL, December 2003. Available online at http://www.xbrl.org/

[16]

Global Commerce Initiative (GCI) ,EAN·UCC – The Global Language of Business,

http://www.ccg.de/ecr/englisch/Content/e42/e308

[17]

The OAGIS web site: http://www.openapplications.org/

[18]

Universal Business Language 1.0, cd-UBL-1.0. Available online at

http://docs.oasis-open.org/ubl/cd-UBL-1.0/

[19]

International Organization for Standardization, Geneva, Switzerland. Software Engineering — Product Quality — Part 1:Quality Model, 2001. ISO/IEC 9126-1:2001(E)

[20]

Ho-Won Jung, Seung-Gweon Kim, and Chang-Sin Chung. Measuring software product quality: A survey of ISO/IEC 9126. IEEE Software, 21(5):10–13, September/October 2004

*



[1]