In fiscal 2025, we launched the first public offering for the promotion of shared use systems and verification of inter-system cooperation among multi-vendors (for business operators)
- Published:
The first public offering was launched for the promotion of shared use schemes for business operators and the verification of cooperation between systems of multi-vendors.
Overview
1. Affected Vendors
Vendors who wish to continue participating in this project in FY 2025 and are selected for the project in FY 2024, or who wish to start using the Government Cloud between May and September 2025 and are able to stop the environment and systems used and delete data by March 31, 2026, when the verification period ends. Vendors who wish to continue participating in this project in FY 2025 and are selected for the project in FY 2024 are allowed to continue using the built environment and data.
*In this project, in order to efficiently verify the linkage between systems, joint application by multiple vendors is also allowed.
*In this project, dummy information that does not correspond to sensitive information is assumed to be used. Therefore, it is possible to connect to the Government Cloud via internet virtual private network.
2. Target Business System
- Standard compliance system
A core business system that conforms to the standardization standards (*); provided, however, that this shall not preclude the application of the system prior to standard compliance on the premise that the system will be compliant with the standards in the future.
* Standards necessary for standardization prescribed in Article 6, Paragraph 1 and Article 7, Paragraph 1 of the Standardization Act - Associated system
In addition to a system that links business data files with standard compliance system, a system for which the vendor determines that it is efficient to build it in the government cloud as in standard compliance system.
*The data used in this project shall be dummy data.
3. Content of Verification
In this project, the following verification items will be selected and verified to promote the use of Government Cloud.
- Conduct verification on the assumption of a use environment (joint use system) of Government Cloud by multiple organizations.
- The SESC will verify data linkage between systems in a multi-vendor government cloud environment.
- As verification contributing to cloud optimization, we will examine the standard configuration at the time of government cloud migration and verify the efficiency of infrastructure construction using IaC.
4. Verification Items
A vendor selected for public offering shall select one or more of the following items from A to K and conduct verification.
1. Items for verification of shared use schemes and verification of multi-vendor inter-system collaboration
- A. Verification of data linkage methods when using Government Cloud
- Items to be discussed and set for data linkage with other companies' systems, and verification of file linkage and API linkage
- Verification of cooperation between on-pre-environment, standard compliance system built on Government Cloud and specified transition support system, or original measure system
- Examination of configuration and verification of cooperation using authentication and authorization infrastructure
- B. Verification of multi-CSP communication environment
- Verification of GMCN's communication environment
- C. Verification of encryption key management and deletion
- Verification of Key Management during Encryption and Data Erasure for Data Confidentiality Preservation on Government Cloud
- D. Verification of the application management system
- E. Verification of the use of Government Cloud by private sector
- Summary of Contract Conditions
- Arrangement of problems in administrative procedures
2. Items contributing to cloud optimization
- F. Verification of failure response automation
- Validate automation of both system and operational response processes in the event of a failure (single failure, server failure, zone-level failure, etc.).
- Organizing primary and secondary response items in the event of a failure (organizing the operation process)
- Identify corrective actions that can be automated
- Review and validate automated methods such as automatic reboot, failover, and notification
- Organize and implement automation triggers (health check results, metrics alarms, etc.)
- Validate automation of both system and operational response processes in the event of a failure (single failure, server failure, zone-level failure, etc.).
- G. Verification of standard monitoring operation during government cloud migration
- Using the quantitative measurement template for local areas provided by Digital Agency or its own mechanism, verify the following.
- Validate system KPI definitions and visualization
- Define key KPIs for the system (e.g., concurrent sessions and number of registrations) and validate visibility in the dashboard included in the template
- Define the data required for the KPI and validate the collection method
- Define system data (metrics, logs, traces, etc.) that will be defined as KPIs, and consider and verify a method of collecting data while utilizing the services included in the template.
- Defining Alarms
- Carefully select indicators that can directly affect services and users, and focus on actions to be taken
- A traffic generator (included in the template) and a managed service that reproduces a failure are used to give a simulated failure or a high load to the system, and the following are verified:
- Can you see the service impact on the dashboard?
- Can you respond appropriately when you perceive a significant impact on the service?
- Operation flow verification to continuously improve costs, security, etc., using the dashboard as a starting point
- Validate system KPI definitions and visualization
- Using the quantitative measurement template for local areas provided by Digital Agency or its own mechanism, verify the following.
- H. IaC (Infrastructure as Code), Verification of Operational Efficiency by Utilizing CI/CD Pipeline
- Verify the following while referring to and utilizing the IaC Usage Guide and the CI/CD environment construction template provided by Digital Agency
- Validate CI/CD pipeline to automate build, test, approve, and deploy processes
- Automated validation, including syntax checking of IaC tools, unit testing, verification of environmental differences, and approval processes
- Validate non-disruptive deployment strategy to production
- Examination of deployment methods and rollback methods such as Rolling Update and Blue-Green, and verification of implementation
- Operational Process Validation with IaC Change Management
- Define branch strategies for each environment in a purpose-built repository and verify the operation flow from development to modification and deployment based on the branch strategies
- Estimation of Cost Reduction Effect of Operation Work Cost by IaC Utilization
- Quantitative evaluation of man-hour reduction effect compared with manual operation, efficiency improvement through integrated management of multiple local governments and multiple environments, etc.
- Validate CI/CD pipeline to automate build, test, approve, and deploy processes
- Verify the following while referring to and utilizing the IaC Usage Guide and the CI/CD environment construction template provided by Digital Agency
- E. Application stateless validation
- Validate migration to stateless Architecture for autoscaling and automated disaster recovery in server containers as follows:
- Analysis of Current Situation and Arrangement of
- Examination of state information (session, etc.) held by application server and extraction of problems
- Stateless Design and Implementation
- Realization of statelessness through external storage of session information and utilization of object storage
- Application Remediation Validation
- Review and implementation of application program modifications required for statelessness
- Verification of the scaling scheme
- Scaling Policy Design and Resource Optimization Validation
- Assess Operating Costs
- Optimization of resource usage and arrangement of charging models such as licenses
- Analysis of Current Situation and Arrangement of
- Validate migration to stateless Architecture for autoscaling and automated disaster recovery in server containers as follows:
- C. Validate batch processing modernization
- Examine the following for the purpose of reducing operating costs and improving system efficiency by modernizing schedule-initiated batch processing by shifting to event-driven processing
- Analysis of current state of batch processing and selection of targets for modernization
- Arrangement of requirements for existing batch processing (business requirements, operation work, cost issues, etc.) and selection of targets for modernization
- Architecture design and implementation verification
- Design of event-driven and managed service utilization method, and implementation and verification of processing flow
- Evaluation of the transition effect
- Quantitative effect measurement of processing time, operation work, infrastructure cost, etc.
- Analysis of current state of batch processing and selection of targets for modernization
- Examine the following for the purpose of reducing operating costs and improving system efficiency by modernizing schedule-initiated batch processing by shifting to event-driven processing
3. Others
- K. Other verifications that are deemed useful in consultation with the Digital Agency
Public offering period
- First Public Offering Period: From March 12, 2025 to March 26, 2025 at 17:00