Few applications need to comply with such exacting requirements as eGovernment portals. They must be highly available and performant, abide by strict statutory regulations and also provide secure access for very large and very heterogeneous target groups such as official institutions, businesses, and members of the public. Portal pages and interactions must satisfy modern Web standards and be pleasantly intuitive, graphically attractive and fully accessible. How can high levels of user satisfaction and security and stability in the widest sense of the term be ensured in equal measure? We summarize the most important principles.
Web Application Security from the Start
Security is not an extra that can be added to a Web portal after the event, as it were. Penetration tests after project completion may be able to identify many leaks, but they do not provide lasting security. To protect eGovernment portals lastingly from attacks, security must be anchored from the outset in the design and the development process – such as by means of stringent coding guidelines and thorough source code analyses.
Quality Assurance During Development
Analogous to Web application security a crucial requirement for the correctness and reliable availability of public-sector service portals is that quality assurance must be embedded from the outset as an integral part of the development process. mgm has here relied for many years on its tried and trusted Very Early Testing[1] concept. Quality assurance starts with requirements analysis. This methodology ensures high quality of releases by means of concept and code reviews, automated expert regression tests of nightly-built environments and iteratively planned early integration and user tests of development results as they take shape. It does so by early identification of concept or implementation errors and prevention of follow-on errors. Comprehensive highly automated integration tests ensure the accuracy of all expert scenarios prior to every release. Well before the release date the robustness and scalability of the portal and its services are ensured in the course of development via automated performance and load tests.
Ensure Load Stability
Load and performance tests are cornerstones of Very Early Testing. Where load stability is concerned the motto is frequently that “the hardware will do the trick,” but without good software design even the most powerful hardware reaches its limits. As a part of quality assurance during development, load tests for each release ensure that the system can withstand the constantly growing burden in peak periods, such as submission deadlines for various tax returns with several million calls, in live operation.
Fig. 1: Load assessment accompanies the entire development cycle
Tried and Tested Technology and Architecture to Match
eGovernment portals should rely only on mature, tried and tested technology, as indicated by a large developer community and a stable basis that has been in place for a number of years. On the client side the JavaScript ecosystem currently poses an especially serious challenge. There is a seemingly endless number of frameworks and tools, many of which disappear after a year or two. This applies in particular to open source products, which are very popular with the public sector.
Both the architecture and the choice of technology and products must be specified by experienced software engineers on the basis of their own lengthy, hands-on experience with the profile of requirements for the project and sustainable future use for the project scenario in mind. At every level a build or buy decision will be required. What matters is not to make these decisions solely on the basis of feature tables on paper but on the basis of specific experience from other projects to arrive at the decisions yourself by means of proof of concept development, vertical prototyping and verification.
Wide-ranging Access Options and Secure Authentication
e-Government applications cater for millions of households and companies. Confirming the legitimacy of each and every user requires secure authentication procedures that can cope with the wide range of browsers and versions without impacting on usability and accessibility. A high level of coverage by means of automated tests is indispensable.
Fig. 2: The users of e-government solutions differ according to life situations, internet affinity and previous experiences.
Usability Tests and Accessibility
Where user interfaces are concerned a phenomenon arises that is similar to the strategic alignment of a football team. Millions of viewers or, in this case, users of eGovernment portals see themselves as experts. Everybody thinks they know how it should be and wants to have a say in the design of interfaces, navigation, and controls. Methodical usability tests with a representative selection of user target group representatives will help to arrive at a reasonably objective assessment of what is best for the users. Using processes such as eye tracking and comprehensive observation of user behavior, you can check whether the user’s attention is drawn to the key controls on the page. In this way the ergonomic objective of an application that can be used effectively and comfortably by the target user groups can be achieved.
Statutory provisions require websites to be readily accessible by means of, say, reading devices for the blind and visually impaired. This limits in many ways the framework conditions for interface and interaction design of eGovernment portal websites and must be taken into consideration at the design stage for websites and navigations.
Due to security aspects further restrictions frequently apply to interaction design. Many users are highly sensitive when it comes to permitting JavaScript components on a website. That is why eGovernment portals with large user numbers, such as Mein ELSTER, still prefer to offer users the option of using the portal with deactivated JavaScript support for modern graphic elements and comfortable functions.
[1] Cf. the specialist articles Efficient QA through “Very Early Testing” – mgm’s Secret of Successful Early Testing, Part 1 and ERiC Files the Tax Report – mgm’s Secret of Successful Early Testing, Part 2
