PEPPOL eDelivery Network – An Overview

PEPPOL eDelivery Network – An Overview

PEPPOL uses the eDelivery Network to connect different eProcurement systems by establishing a set of common business processes and technical standards. This provides an interoperable and secure network connecting all Access Points using the same electronic messaging protocol and formats and applying digital signature technologies to secure message content.

Once connected to the PEPPOL eDelivery Network (via a PEPPOL Access Point), public agencies and private enterprises can quickly and easily reach any other trading partner, also using PEPPOL.

 

In this context, PEPPOL provides:

– Technical specifications and sample software (open source)

–  PEPPOL Transport Infrastructure Agreements – a legal framework for many-to-many interoperability

 

PEPPOL eDelivery Network overview:

 

PEPPOL SMPs (publishing the capabilities of PEPPOL participants)

All PEPPOL participating organizations (such as contracting authorities or suppliers) publish their receiving capabilities (delivery addresses, business processes and document types supported, etc.) using a separate service called a Service Metadata Publisher (SMP).

The purpose of the SMP is similar to an address book or business registry containing details of participants within a specific eProcurement community.

Typically, an SMP is provided to complement an Access Point, because they publish details for customers of the Access Point. But an SMP can also be provided as an independent service by a third party organization.

 

The PEPPOL SML (central registration system for addressing)

In order to deliver electronic documents from a sender to the correct recipient, all PEPPOL Access Points need to know about each other and the participants they support.

To do this PEPPOL maintains one centralized service, called the Service Metadata Locator (SML). The PEPPOL SML defines which Service Metadata Publisher (SMP) to use for finding out the delivery details of any PEPPOL participant. This is a similar approach to how the World Wide Web is able to find websites based on their domain names.  The PEPPOL SML is a core service that identifies all PEPPOL trusted Access Points and SMPs.

 

PEPPOL PKI (security and trust)

Security and integrity of the business transactions through the PEPPOL eDelivery Network relies on using a Public Key Infrastructure (PKI) to establish a trusted network.

When Access Point or SMP providers sign the PEPPOL Transport Infrastructure Agreements they are provided with a PEPPOL Digital Certificate. This certificate contains the key information for validating all communications on the PEPPOL network. The certificate is valid as long as the Transport Infrastructure Agreement is valid and can be revoked if service providers are in breach of the Agreement. This ensures only known and trusted providers provide services on the eDelivery Network.

 

PEPPOL Governance (agreement structure)

The PEPPOL eDelivery Network requires that a number of actors work together in a trusted environment. To achieve this, two levels of governance are required as follows:

The PEPPOL Coordinating Authority has authority over all of the central components of the PEPPOL eDelivery Network (the technical and service specifications, the Service Metadata Locator, the Transport Infrastructure Agreements and its annexes) and will delegate authority over the implementation and use of the infrastructure within a defined domain to a PEPPOL Authority. The PEPPOL Authority Agreement defines the general principles of cooperation between these two parties. As of 1st of September 2012, the role as PEPPOL Coordinating Authority is held by OpenPEPPOL AISBL.

The PEPPOL Authority must ensure Access Point (AP) and Service Metadata Publisher (SMP) services are provided in conformance to the technical standards and service specifications by entering into separate AP and SMP agreements with each of the respective providers within their domain. These providers also have the option of signing the AP/SMP agreements with the Coordinating Authority directly.

 

The PEPPOL Transport Infrastructure Agreements (TIA) includes three types of agreements:

  • PEPPOL Authority Agreement
  • PEPPOL Access Point (AP) Provider Agreement
  • PEPPOL Service Metadata Publisher (SMP) Provider Agreement

 

The regime of agreements and the governance structure ensure that:

  • The role and responsibilities of each actor are clearly described and openly available, making PEPPOL an open and transparent community;
    sufficient information is made available through the SML/SMP, allowing a Participant to make this its sole source of information for conducting e-procurement with its trading partners.
  • Through these measures, a set of minimum requirements and criteria will be established and consistently applied throughout the full PEPPOL eDelivery Network.

 

For more information, including technical specifications, sample software implementations, etc. – please go to the eDelivery Network Specifications.