Effective as of January 13, 2017

Technical Declaration

This Technical Declaration is the integral part of Terms of Use of RoksNet Services and was developed to provide Users with detailed information on the principles and conditions of operation of the Services.

Terminology:

Adapter (as well as “Adapter server”, “Plug”) - is a software solution for adjusting User’s information system for work with Services;

AUTH certificate is safety certificate for server authentication complying with RoksNet requirements;

CA is a certificate authority or certification authority;

Content Service Consumer is a User that consumes the other Users Content Services;

Content Service Directory is a service registry provided by the User through RoksNet;

Content Service is a predefined service by User that enables online data exchange;

Content Service Provider is a User that provides Content Services to other Users;

Development Environment is the Content Services environment in which the User adjusts and tests interaction of Subsystem, Adapter, Security Server and Portal with the Services;

EU E-stamp is a batch of electronic data that conforms to the European Parliament regulation (EU) No. 910/2014 for e-identification and e-transaction regarding trust services in domestic market and that cancels out directive 1999/93/EC (ELT L 257, 28.08.2014, p. 73–114) (hereinafter European Parliament and Council regulation (EU) No. 910/2014) for improved or qualified e-stamp requirements;

Monitoring is a complete package of technical solutions and measures for early recognition and avoidance of faults;

OCSP is the The Online Certificate Status Protocol;

Portal is the interface for Content Services usage and interaction with the Content Provider to ensure RoskNet message protocol;

Production Environment - is the Content Services environment in which exchange of User’s Content takes place;

Test Certificate – SIGN or/and AUTH certificates for development purposes in Development Environment;

RA is a Registration Authority in a network that verifies User requests for a digital certificate and tells the CA to issue it;

RoksNet (as well as «we», «us» or «our») - Roksnet Solutions OÜ, Services Administrator;

RoksNet basic protocol is a stack of rules that ensures safe data exchange through a computer network;

RoksNet message protocol is a part of RoksNet basic protocol that enables Users to process messages;

RoksNet Services or Services is the technology, applications, services, functions, software and www.roksnet.com website for safe User Content exchange via the Internet;

RoksNet- or RN e-Stamp is a bundle of technical solutions to ensure integrity of User’s content. In the Services Users can apply RN e-Stamp or EU e-stamp. RN e-Stamp is provided by RoksNet;

RoksNet- or RN Trust Service is a bundle of standards, rules and solutions for User identification, e-Stamp and Timestamp for Services, provided by RoksNet;

Security Server is a software solution that follows RoksNet basic protocol;

SIGN certificate is a certificate for RN e-Stamp functioning;

Subsystem is a technologically and organizationally defined part of the user information system for providing or using Content Services;

Support is any activity that is needed to make the Service accessible and usable for the User;

Timestamp is a sequence of characters or encoded information identifying when a certain event occurred, usually giving date and time of day, sometimes accurate to a small fraction of a second;

TSA is a Time Stamp Authority;

User (as well as «you», «your») is a natural person or entity using Services;

User Code (as well as “Member Code”) is unique code for User;

User Contnet – formatted content, data, messages, information, files, orders messages transferred and received by the Users;

User Registry is the user registry that provides to the User an opportunity to find another User for the exchange of User’s content;

Services administration. Principles of Services control

RoksNet applies the following principles of Services control:

  • Independence from platform and architecture provides the Users an option to exchange User Content regardless of what information platforms Users are using in their internal information systems;

  • Universal multi-user structure. Makes sure that any User can exchange User Content with another User (one or several, simultaneously or sequentially);

  • Openness and standardization. Where possible, the Services use international standards and protocols;

  • Safety. User Content exchange through Services do not affect User Content integrity, availability or confidentiality.

Services administration and control
RoksNet:
  • Provides the User with Security Server and Portal software under the license of open initial code of Massachusetts Institute of Technology initiative (MIT);

  • Controls Development Environment and Production Environment, registers User’s Security Server and Subsystem of the Services for creating protected User Content exchange channel;

  • Controls User Registry and ensures continuous availability of it;

  • Controls Content Service Directory;

  • Performs Monitoring (24/7);

  • Organizes the work and handles inquiries from Security Server and Subsystem;

  • Controls usage of Services and collects statistics;

  • Processes security incidents (connected to our rules);

  • Restricts Users’ rights for access to Services in the cases stipulated in the Terms of Use;

  • Provides paid Support services and special features to the Users;

  • Manages and handles integration of the Services with other technological platforms;

  • Ensures availability of Free Standard features of the Services;

  • Manages and implements the projects for development of infrastructure of the Services and ensures integrity of architecture of the Services;

  • Provides the Users with the RN Trust Service.

Use of Services
  • Connection to the Services is provided on the website www.roksnet.com.

  • When using the Services the User is obliged to:

    • Guarantee consistency, control, development as well as safe and reliable operation of User’s Subsystem;

    • Apply safe and standardized elements of information systems for User Content exchange, and adjust Subsystem (including Adapter) in the proper way to ensure connectivity with the Services;

    • Use methods that guarantee data integrity, confidentiality and availability for mitigation of safety risks, and provide independent audit of these methods once in every 4 years;

    • Follow instructions of RoksNetin order to be compliant with the rules and to ensure smooth operation of the Service;

    • Provide RoksNet with reliable and up-to-date information of the Users and Subsystems for publication on the website www.roksnet.com, Data Service Directory and in the User Registry. On extraordinary occasions (for example, for purposes of confidentiality) upon the request of the entity if the User requires additional confidentiality (hiding the data in User Registry and Data Service Directory), RoksNet can register the User in Productions Services without User identification or with hidden User’s data;

    • Promptly notify RoksNet about any problems in connection with operation of the Services and circumstances that can hinder work of Services or Users;

    • Promptly notify RoksNet about security incidents and any threats resulting from such incidents;

    • Upon the request of RoksNet, provide necessary information, safety instructions and description of the measures implemented for assessment of reliability of Security Server.

Safe and standardized elements of information systems for User content exchange
  • Safe and standardized User content exchange in Services is ensured when the following conditions are fulfilled:

    • protected channel of User Content exchange is created;

    • registration of Subsystem.

    • application of e-stamp;

Creation of protected channel for User Content exchange
  • To create protected channel for User content exchange it is necessary for the User to install the Security Server software in his information system and register AUTH certificate in the Services according to requirements of RoksNet. The Services provide the opportunity to use Security Server software which complies with the Basic Protocol of RoksNet.

  • When using the Security Server, the User shall:

    • Ensure archiving and availability of e-Stamped logs of User Content transactions;

    • Define the persons who (and under what conditions) can access archived transaction logs on the Security Server;

    • Provide the same requirements for confidentiality in the process of handling the archived messages applied to User Content transactions;

    • Use the Security Server in accordance with the instructions;

    • Update the Security Server software not later than in 2 months after RoksNet publishes software updates;

    • Provide the same requirements for confidentiality in the process of handling the archived messages applied to Data service;

Ensuring integrity of the User Content exchange through e-Stamp application
  • Integrity of the User Content exchange is ensured by the User’s e-Stamp. Each transaction of the User Content is protected by the User’s e-Stamp. e-Stamp has to be in conformity with requirements of RoksNet.

  • It is not allowed to handle User Content that cannot be confirmed with an e-Stamp.

Subsystem
  • Only Subsystems registered in the User Registry can be used for Content Service providing and consuming in the Services. The User registers the Subsystem on RoksNet website. After registration, the User shall ensure safe and reliable operation of the Subsystem.

Content Service requirements

The Content Service must comply with the following requirements:

  • RoksNet Message Protocol;

  • Be available in the Development Environment.

Providing and using the User Content
  • The User Content is provided and used according to the agreement between the Users.

  • The User Content Provider shall:

    • Register the Content Services together with the technical descriptions of the User Content on the Security Server and keep the description on the Security Server and RoksNet website in correct and up-to-date form;

    • Ensure (before agreeing with the User Content Service User), that the User uses methods that ensure integrity, confidentiality and availability of the data as well as reduced security risks;

    • Ensure compliance of RoksNet Service access with the User Content agreement concluded between Users.

The Content Service is possible in the subsystem that has been granted access right for use of specific User Content.

The User Content User and Provider are obliged to:

  • Follow the User Content usage agreement;

  • Link Content Service transactions in Security Server with Time-stamps.