National Informatics Center

Slides:



Advertisements
Similar presentations
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Advertisements

Gareth Ellis Senior Solutions Consultant Session 5a Key and PIN Management.
Chapter 14 – Authentication Applications
1 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 “draft-urien-eap-smartcard-type-00.txt” EAP Smart Card Protocol (EAP-SC)
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
CTO Office Reliability & Security Distinctions and Interactions Hal Lockhart BEA Systems.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Chapter 8 Web Security.
1 Mon. December 3, 2001A Secure National ID Card Group 8 Chris Marinak Mike Cuvelier Adam Sowers Saud Bangash.
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
System Design/Implementation and Support for Build 2 PDS Management Council Face-to-Face Mountain View, CA Nov 30 - Dec 1, 2011 Sean Hardman.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Secure Electronic Transaction (SET)
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
Kerberos: An Authentication Service for Open Network Systems Jennifer G. Steiner Clifford Neuman Jeffrey I. Schiller.
SECURITY MANAGEMENT Key Management in the case of public-key cryptosystems, we assumed that a sender of a message had the public key of the receiver at.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.
PAWS: Security Considerations Yizhuang WU, Yang CUI PAWS WG
Security in ebXML Messaging CPP/CPA Elements. Elements of Security P rivacy –Protect against information being disclosed or revealed to any entity not.
DIGITAL SIGNATURE.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Rashtriya Swasthya Bima Yojna. Framework Introduction Genesis Unique Features Robust Monitoring and Evaluvation How it works?
Student Name USN NO Guide Name H.O.D Name Name Of The College & Dept.
VPN. CONFIDENTIAL Agenda Introduction Types of VPN What are VPN Tokens Types of VPN Tokens RSA How tokens Work How does a user login to VPN using VPN.
11/18/2003 Smart Card Authentication Mechanism Tim W. Baldridge, CISSP Marshall Space Flight Center Office of the Chief Information Officer.
6.033 Quiz3 Review Spring How can we achieve security? Authenticate agent’s identity Verify the integrity of the request Check the agent’s authorization.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Mar 18, 2003Mårten Trolin1 Agenda Parts that need to be secured Card authentication Key management.
1 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 draft-urien-eap-smartcard-06.txt “EAP-Support in Smartcard”
Guided by : VIPUL GAJJAR Prepared by: JIGAR KAKADIYA.
 Introduction  History  What is Digital Signature  Why Digital Signature  Basic Requirements  How the Technology Works  Approaches.
TAG Presentation 18th May 2004 Paul Butler
The Secure Sockets Layer (SSL) Protocol
Transaction Flow end-end
NATIONAL ACADEMIC DEPOSITORY
Using Technology to provide an innovative sustainable model for delivery of Cashless Health Insurance                              r r r r r y y g s s.
ESign Aashutosh.
Cryptography and Network Security
Grid Security.
TAG Presentation 18th May 2004 Paul Butler
Hardware Cryptographic Coprocessor
Radius, LDAP, Radius used in Authenticating Users
Module 8: Securing Network Traffic by Using IPSec and Certificates
NATIONAL ACADEMIC DEPOSITORY
Understanding the OSI Reference Model
Cloud Computing By P.Mahesh
1 Results Background RSBY – What is the Scheme?
RASHTRIYA SWASTHAY BIMA YOJANA (RSBY)
Bonne Santé 16.
Cryptography and Network Security
Security in ebXML Messaging
Secure Electronic Transaction (SET) University of Windsor
RKL Remote key loading.
The Secure Sockets Layer (SSL) Protocol
Chapter 4 Cryptography / Encryption
Best Digital Signature Service in Noida. Electronic Record 1.Very easy to make copies 2.Very fast distribution 3.Easy archiving and retrieval 4.Copies.
Module 8: Securing Network Traffic by Using IPSec and Certificates
Module 2 OBJECTIVE 14: Compare various security mechanisms.
PKI (Public Key Infrastructure)
Security in SDR & cognitive radio
Cryptography and Network Security
National Trust Platform
Presentation transcript:

National Informatics Center Key Management System for RSBY Smart Card National Informatics Center

Why with Smart Card ? Basic purpose for induction of Smart Cards as RSBY card is to provide, Capability to store data on-board into the chip for field usage Capability to perform authentic field transactions Providing correct entitlement details for service delivery Ease of handling Inbuilt mechanism to verify the authenticity of card after issuance, thereby checking the fake duplication

National Informatics Center How above is achieved ? Using intelligent processing capability of smart card. Possible to run complex encryption algorithms on the chip. Encryption technology is the basis of smart card security Encryption technology requires complex mathematical algorithms and key for encryption. National Informatics Center

National Informatics Center Key Management System KMS is the basic requirement for implementing Smart Card Security. It provides following Establishing Authenticity of Card that verifies the authenticity of card at field. Protection against un-authorized tampering of data which means provide a mechanism for card modification only by authorized agencies or persons. National Informatics Center

National Informatics Center How KMS Works ? Authority Card Master Key Health Card Derived Key Random Data Encrypt Decrypt and Match Original Data Cryptogram Interface Device National Informatics Center

Three Tier Structure of KMS The KMS will consist of three levels of operation for generation and Management of Keys and related Cards:- Central Key Generation Authority District Key Manager Field Key Officer Issuer Kiosk Hospital National Informatics Center

National Informatics Center Hierarchy of Levels CKGA District Level District level FKO Issuer Hospital Kiosk RSBY Cards National Informatics Center

National Informatics Center CKGA (Central Key Generation Authority) Parent Keys and Master Key Derivation C-NOC P1 P2 P3 P4 P5 MK1 MK2 MK3 MK4 National Informatics Center Master Key Cards

Central Key Generation Level All Authority Cards are produced at Central Key Generation Level. Any three trusted agents need to come together with Parent key cards in order to generate required type and numbers of Authority Cards. It must be within MoL&E. Custodian of Upper layers of Keys (Parent Keys) Generation and Keeping All Master Keys derived from Parent Keys shall be generated at CKGA Physical Security of premise is required. Ministry to appoint CKGA Nodal Officer. National Informatics Center

National Informatics Center Master Key Cards Generated at CKGA Used for field operations Issuance Card (MIC) Kiosk Card (MKC) Hospital Card (MHC) National Informatics Center

National Informatics Center District Key Manager Responsible for distribution of Master Key cards among various FKO’s within the district. Maintains the database of all the Master Key cards issued. Receive request for Master Key cards , personalize them and distribute it to various FKO’s Sends request for fresh Master Key Cards to CKGA Recharging of Master Issuance Cards, which have exhausted their issuance limit. These processes also require a secure infrastructure for performing various KMS related operations. Issuance of Master Key Cards Modification of Master Key Cards PIN Unblocking of Master Key Cards Data Download from MIC Card for Cards issued. National Informatics Center

National Informatics Center ISSUANCE OF RSBY CARD Rashtriya Swasthya Bima Yojna Cards are generated with the help of Master Issuance cards (MIC). is the ultimate point of usage of Master Issuance card for issuance . FKO is the entity which is responsible for safe keeping and safe usage of these cards, while they are in use. responsibility is to ensure and see to it that all the defined security guidelines are strictly being followed at the field by various trusted authorities which are using authority cards for various functionalities. National Informatics Center

National Informatics Center Card Issuance at Field Key Derivation FKMA URN Master Key Health Card Derived Key beneficiary National Informatics Center

FKO (Field Key Officer) Issuance Field Level KMS Authority Must be part of Government Performs the key Derivation at the Issuance of Card Can performs authorized card modifications Usage protected by PIN National Informatics Center

FKO (Field Key Officer) Hospital Issued by DKM Performs card Modifications authorized at Hospital Usage protected by PIN National Informatics Center

FKO (Field Key Officer) Kiosk Perform Kiosk Operations Can Issue New Card Can Modify existing Card Usage similar to Issuance Card Usage Protected by PIN Can be programmed for Limited number of usage National Informatics Center

National Informatics Center Thanks ! National Informatics Center

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.