4. Interoperability & Integration
4.1 Architecture — Connecting to Government Shared Services
The Real Estate Platform deploys its own KRG-Road Security Server to participate in the federated government data exchange network. We do not build KRG-Road — we connect to it.
graph TD
subgraph RE["🏗️ Real Estate Platform (our system)"]
PROP["🏠 Property\nRegistry"]
PERMIT["📋 Building\nPermits"]
GIS["🗺️ GIS\nEngine"]
end
RE --> SS_RE["🔒 Security Server\n(Real Estate)"]
SS_RE <--> SS_CIVIL["🔒 Security Server\n(Civil Status)"]
SS_RE <--> SS_TAX["🔒 Security Server\n(Tax Authority)"]
SS_RE <--> SS_NOTARY["🔒 Security Server\n(Notary Public)"]
SS_RE <--> SS_UTIL["🔒 Security Server\n(Utilities)"]
SS_CIVIL --> CIVIL["👤 Civil Status\nRegistry"]
SS_TAX --> TAX["💰 Tax\nAuthority"]
SS_NOTARY --> NOTARY["📝 Notary\nPublic"]
SS_UTIL --> UTIL["⚡ Utility\nProviders"]
SS_RE --> CS["🏛️ KRG-Road\nCentral Services"]
4.2 Integration Points
| External System | Data We Query | Data We Provide | Use Case |
| Civil Status Registry | Citizen identity, family relations, death status | N/A | Verify buyer/seller identity, check deceased status, inheritance cases |
| Tax Authority | Outstanding tax debts, transfer tax rates | Property valuation updates, ownership changes | Calculate transfer tax, block transfers for tax debts |
| Notary Public | Notarization status, legal validations | Transaction details for notarization | Property transfers requiring notarial acts |
| Courts / Justice | Court orders, liens, injunctions | N/A | Block property transfers under court order |
| Utility Providers | Connection status, outstanding bills | New property registrations, ownership changes | Utility connections for new buildings, transfer billing |
| Banks / Financial Institutions | Mortgage status | Lien registrations, property valuations | Mortgage registration, property as collateral |
| Cadastral / Survey Authority | Official survey data | Updated parcel boundaries | Land subdivision, boundary disputes |
4.3 Our Security Server Configuration
| Component | Detail |
| Software | KRG-Road Security Server (X-Road 8 compatible) |
| Deployment | Kubernetes pod within our namespace, Sulaymaniyah DC |
| Authentication | mTLS certificate issued by government CA (EJBCA) |
| Services Registered | Property ownership query, encumbrance check, valuation lookup, permit status |
| Services Consumed | Civil status verification, tax debt check, notary validation, court injunction check |
| Logging | Every inbound/outbound query logged to immutable audit trail |
| SLA | <500ms response time for standard queries |
4.4 Data Exchange Rules (Inherited from KRG-Road)
- No system accesses another system's database directly. Ever.
- All requests go through Security Servers with mTLS.
- Every request includes: caller identity, legal basis, data requested, purpose.
- Every response is logged in the immutable audit trail.
- Data encrypted in transit (TLS 1.3) and signed (digital signatures).
- Citizens can see who accessed their property data, when, and why.
4.5 Legacy System Integration
| Legacy System | Current State | Integration Method |
| Paper deed archives | Physical files in municipality offices | OCR pipeline → structured data → PostgreSQL |
| Existing property ledgers | Manual Excel / Access databases | ETL pipeline via Apache Camel → validated import |
| Municipal tax records | Standalone systems per governorate | API adapter or file-based batch import |
| Survey/cadastral records | Paper maps + AutoCAD files | QGIS digitization → PostGIS import |
4.6 API Standards
| Standard | Usage |
| OpenAPI 3.1 | All REST APIs published with Swagger/Redoc documentation |
| AsyncAPI 3.0 | Event-driven APIs (Kafka topics) |
| OAuth 2.1 / OIDC | API authentication via Keycloak |
| OGC WMS/WFS/WMTS | GIS data services via GeoServer |
| GeoJSON | Spatial data interchange |
| JSON | Default data format |
| Protocol Buffers | High-throughput internal communication |