A National e-Authentication Service

Slides:

Advertisements

Similar presentations

HCQ P MEDICARES HEALTH CARE QUALITY IMPROVEMENT PROGRAM QualityNet Exchange Dennis Stricker Director, Information Systems Group Office of Clinical Standards.

Advertisements

Secure Single Sign-On Across Security Domains

Using PHINMS and Web-Services for Interoperability The findings and conclusions in this presentation are those of the author and do not necessarily represent.

McAfee One Time Password

NRL Security Architecture: A Web Services-Based Solution

Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.

- 1 - Defense Security Service Background: During the Fall of 2012 Defense Security Service will be integrating ISFD with the Identity Management (IdM)

Eunice Mondésir Pierre Weill-Tessier 1 Federated Identity with Ping Federate Project Supervisor: M. Maknavicius-Laurent ASR Coordinator: G. Bernard ASR.

Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.

WSO2 Identity Server Road Map

©Centre for Development of Advanced Computing 1 State e-governance Service Delivery Gateway (SSDG)‏ A Messaging Middleware for.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dr. Sarbari Gupta Electrosoft Services Tel: (703) Security Characteristics of Cryptographic.

Jeevan Pramaan (Digital Life Certificate for Pensioner)

Esri UC2013. Technical Workshop. Technical Workshop 2013 Esri International User Conference July 8–12, 2013 | San Diego, California Building Secure Applications.

Public Key Infrastructure from the Most Trusted Name in e-Security.

Author of Record Digital Identity Management Sub-Workgroup October 24, 2012.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

Distributed Web Security for Science Gateways Jim Basney In collaboration with: Rion Dooley Jeff Gaynor

Identity Management in Education. Welcome Scott Johnson, NetProf, Inc. Creator of OmnID Identity Management for Education

© NeoAccel, Inc. TWO FACTOR AUTHENTICATION Corporate Presentation.

Identity Management Report By Jean Carreon and Marlon Gonzales.

Payment Gateways for e-Government services 24 May 2007

FIspace SPT Seyhun Futaci. Technology behind FIspace Authentication and Authorization IDM service of Fispace provides SSO solution for web apps, mobile.

ArcGIS Server and Portal for ArcGIS An Introduction to Security

Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin

Meteor & Mapping Your Future: Leveraging Technology to Provide Enhanced Services 3 rd Annual Conference on Technology & Standards May 2, 2006.

Using Enterprise Logins in Portal for ArcGIS via SAML Greg Ponto & Tom Shippee.

Government of India Department of Electronics and Information Technology Ministry of Communications and Information Technology.

SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.

Insert Your Name Insert Your Title Insert Date Client Registration Open Issues Update 5/27/2011 Denis Pochuev (original proposal by Alan Frindell)

NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.

Biometrics Authentication Technology

Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.

February, TRANSCEND SHIRO-CAS INTEGRATION ANALYSIS.

Esri UC 2014 | Demo Theater | Using ArcGIS Online App Logins in Node.js James Tedrick.

Unique Identification Authority of India Aadhaar Authentication Feb’

Enrollment to Authentication Client and Station Overview UIDAI Sanjay Jain Jagadish.

F5 APM & Security Assertion Markup Language ‘sam-el’

J EEVAN P RAMAAN P ATRA / D IGITAL L IFE C ERTIFICATE (DLC)

Office of Information Technology GT Identity and Access Management JA-SIG CAS project (introducing login.gatech.edu) April 29th,

Access Policy - Federation March 23, 2016

visit : – Existing User Login

Secure Single Sign-On Across Security Domains

Using Your Own Authentication System with ArcGIS Online

Jeevan Pramaan Pensioner Login

NATIONAL ACADEMIC DEPOSITORY

ESign Aashutosh.

Munix for Education Content Filter, Bandwidth Control, Location Mapping, Movement Analysis, User Self Management Portal, Time Analysis, and much more ….

Microsoft Passport and Windows Hello Developer’s Guide to Windows 10 Build SDK Update Andy Wigley

Single Sign-On Led by Terrice McClain, Jen Paulin, & Leighton Wingerd

Federation made simple

Prime Service Catalog 12.0 SAML 2.0 Single Sign-On Support

Authentication.

Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)

NATIONAL ACADEMIC DEPOSITORY

Addressing the Beast: Single Sign-On II

ESA Single Sign On (SSO) and Federated Identity Management

BY: SHIVI AGRAWAL ( ) CSE-(6)C

NAAS 2.0 Features and Enhancements

Public Key Infrastructure from the Most Trusted Name in e-Security

HIMSS National Conference New Orleans Convention Center

K!M SAA LOGICAL SECURITY Strong Adaptive Authentication

Community AAI with Check-In

BPOS to Office 365 Transition for Existing BPOS Customers

Presentation transcript:

A National e-Authentication Service e-Pramaan A National e-Authentication Service

State of Art Disparate methods of authentication across e-Gov Services Unsecured communication channel for credential exchange in multiple cases Non-availability of standard for e-Authentication for public services Need for multi-factor authentication Increase in online services leads to multiple login credentials Possibility of phishing attacks

e-Pramaan e-Pramaan is envisaged by Ministry of Electronics and Information Technology (MeitY) to provide a uniform standard based secured authentication mechanisms for all government departments. e-Pramaan offers - secure authentication with four levels (password, OTP, Digital Certificate, Biometrics) of assurances ; credentials of users using different e-Governance services; SAML 2.0 (Security Assertion Markup Language) based SSO (Single-Sign On) implementation; and much more….

e-Pramaan e-Pramaan Authenticate user Services User Successful authentication Login

e-Pramaan Password One Time Password Digital Certificate Biometric Basic authentication with username and password; Image password also available Email, Mobile or Mobile app based OTP Digital Certificate Biometric Authentication via hardware or software token Aadhaar based finger print / iris authentication

Features skoch order of merit 7 Standard based multifactor strong e-Authentication development Java, PHP, Dotnet Support Single Sign On (SSO) – SAML 2.0 feature across all integrated services Flexible Authentication Chaining for Services Secure communication channel Seamless upgrade to new technologies Two way authentication Role based First Level of Authorization skoch order of merit Support for Aadhaar based Authentication 7

User Registration Options - - - - - - - - - - - - - - - - - - - - - - - - - - A - - -> - - -> Without Id Proof Driving Licence UIDAI CBDT ECI PASSPORT

Integration as multiple services Department / SP Service I Service ID: 10001 Auth Level: Pwd + OTP e-Pramaan Authentication Framework Service II Service ID: 10002 Auth Level: OTP + DSC Service n Service ID: 1000x Auth Level: BIO + OTP e-Pramaan Connector, Connector might be Java/.Net/PHP depending on services

Single portal with multiple services Department / SP Service I Service ID: 10001 Auth Level: Pwd + OTP e-Pramaan Authentication Framework Connector Service II Service ID: 10002 Auth Level: OTP + DSC Service n Service ID: 1000x Auth Level: BIO + OTP One time integration effort across multiple services Independent authentication options for each services Can be used where single connector (Java / PHP/ .Net) is used for multiple services.

Login through e-Pramaan Integration Process Service Portal Username Password Login Login through e-Pramaan User Service Portal e-Pramaan Portal Service Portal User Login SSO Request creation Authentication SSO token & User Logged IN Service Portal e-Pramaan Portal Service Portal User Log out SLO Request creation Session clear Session clear & Successful Logout

Current User ID Mapping Options Departments can mandate if they want users with only valid Aadhaar (a particular ID proof) Three levels of mapping of users is supported: Aadhaar based Service User ID based e-Pramaan ID based The services can select any of these for mapping their users depending upon the requirements of the service. Support for Role based user mapping A

Integration Setups Integration & Testing Service e-Pramaan Staging server On Successful Completion Integration Service e-Pramaan Production server

C-DAC ASA / AUA Aadhaar Ecosystem e-Pramaan Service AUA UIDAI Data Centre ASA Government Departments/ Private Organizations Authentication Service (demographic, biometric) Best Finger Detection (BFD) One Time Password (OTP) Aadhaar Mobile Update e-KYC Service

C-DAC ASA / AUA Activities ASA-AUA /e-KYC Set-up up and running in production Connectivity to SDC Bangalore Established ASA Migration from TLS 1.0 to TLS 1.2 Mobile Update Application ASA-AUA Activities Connectivity to Manesar DC 33 Departments integrated with more than 1 Cr transactions so far Client Portal

New Features Mobile App of e-Pramaan Image Password Automation URLs filling during SP registration In Progress- IRIS based authentication Integration with Driving Licence Authority for ID

Statistics Department 49 3,872 33 1,31,52,192 Transactions e-Pramaan ASA-AUA ASA-AUA

Thank You!